Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/93eGCpyDCXVHksl72gjjQdluKVo.roa
File:                     93eGCpyDCXVHksl72gjjQdluKVo.roa (raw, json)
Hash identifier:          +MPaIgMrtu19kUCfe6VbL4r6LAaKR4huDhzlZJ3xRcE=
Subject key identifier:   F7:77:86:0A:9C:83:09:75:47:92:C9:7B:DA:08:E3:41:D9:6E:29:5A
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       01890616B29D2AEFCD89F076D30FBFD45421
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/93eGCpyDCXVHksl72gjjQdluKVo.roa
Signing time:             Thu 29 Jun 2023 07:38:18 +0000
ROA not before:           Thu 29 Jun 2023 07:38:18 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     51847
IP address blocks:        89.213.129.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:30:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:06:16:b2:9d:2a:ef:cd:89:f0:76:d3:0f:bf:d4:54:21
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jun 29 07:38:18 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f777860a9c8309754792c97bda08e341d96e295a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:2a:dc:e7:a9:9e:a8:6d:d3:6c:6d:94:9e:dd:
                    54:1e:e1:a6:bb:df:83:de:f5:30:9b:2b:80:64:4f:
                    39:3a:d6:65:00:8f:12:af:7c:7e:f9:2c:c0:ef:c1:
                    b1:f5:85:8c:db:ef:c1:05:e7:49:bb:de:07:50:1f:
                    c3:57:db:0d:bf:c1:da:fa:bf:cc:80:86:a0:72:17:
                    1b:d4:bc:8e:4c:8b:b5:80:47:18:4a:2e:bf:00:43:
                    7b:76:79:3f:92:cd:51:8a:da:3e:9c:78:af:ff:c4:
                    d7:f5:1d:71:be:f5:52:dd:41:a6:70:1d:84:f4:b9:
                    37:91:76:db:dd:b0:a3:52:16:8b:8d:93:98:79:c2:
                    c6:b0:e2:47:90:b5:e4:92:fc:20:be:a9:44:da:b3:
                    d5:69:85:4e:15:ad:2d:50:6d:09:53:c3:33:aa:c1:
                    65:9e:14:41:01:82:38:4f:a4:46:b3:a5:3a:bd:0f:
                    48:1f:ba:2e:8b:16:bb:92:e9:88:38:d6:40:2c:ea:
                    7d:d7:14:03:bd:db:77:1d:5b:3a:38:e1:3a:ac:b6:
                    43:9e:30:06:ec:df:3a:9f:a0:7d:70:20:9c:a6:86:
                    57:f1:0d:25:64:07:0c:b4:72:98:20:5e:81:c7:68:
                    5e:08:b4:e9:95:f5:7d:c0:fe:d5:06:cb:34:d1:cf:
                    b4:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:77:86:0A:9C:83:09:75:47:92:C9:7B:DA:08:E3:41:D9:6E:29:5A
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/93eGCpyDCXVHksl72gjjQdluKVo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.213.129.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2d:9e:44:1e:ab:85:4e:e2:f5:a9:97:82:c1:da:ad:76:c7:50:
         ce:3e:f5:51:61:45:d0:a9:7f:ec:12:5d:91:9d:f1:6b:5c:f0:
         3a:76:dc:30:62:a5:3b:34:36:b9:a4:3b:69:d9:41:35:28:51:
         6d:45:02:e2:8f:c6:c6:05:20:8d:d6:96:c4:92:86:fb:08:fa:
         6f:dc:6b:c6:12:f8:e7:f5:41:be:28:9d:48:ec:b1:23:dc:95:
         32:17:28:dc:77:2e:6f:df:18:80:16:79:08:88:f2:69:07:22:
         ab:86:52:f6:d6:f0:35:c8:04:d3:f2:ab:34:d9:91:55:00:a7:
         f9:c0:84:57:2a:1e:5b:6f:60:10:2e:c6:05:e6:6e:6f:fb:03:
         4d:80:bf:d8:49:11:62:4c:66:40:70:1a:59:f6:1d:14:55:27:
         d2:8a:60:1c:d8:0b:14:14:23:83:65:5d:02:af:8c:0a:01:d2:
         5e:b7:0e:c6:ff:7c:a8:c7:df:ae:e2:c1:66:7c:96:63:4b:9a:
         be:5e:ee:e6:73:b9:b8:4a:15:ae:0f:49:65:3e:2a:96:27:e8:
         d8:02:a3:79:15:28:6d:86:f4:7b:15:84:75:01:1d:b4:fc:fd:
         64:d8:18:0e:25:14:a3:50:2a:a4:2a:aa:ee:5d:95:f6:d1:e0:
         62:20:4d:36
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYkGFrKdKu/NifB20w+/1FQhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNjI5MDczODE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzc3ODYwYTljODMwOTc1NDc5MmM5N2JkYTA4ZTM0MWQ5NmUyOTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjCrc56meqG3TbG2Unt1UHuGmu9+D
3vUwmyuAZE85OtZlAI8Sr3x++SzA78Gx9YWM2+/BBedJu94HUB/DV9sNv8Ha+r/M
gIagchcb1LyOTIu1gEcYSi6/AEN7dnk/ks1Rito+nHiv/8TX9R1xvvVS3UGmcB2E
9Lk3kXbb3bCjUhaLjZOYecLGsOJHkLXkkvwgvqlE2rPVaYVOFa0tUG0JU8MzqsFl
nhRBAYI4T6RGs6U6vQ9IH7ouixa7kumIONZALOp91xQDvdt3HVs6OOE6rLZDnjAG
7N86n6B9cCCcpoZX8Q0lZAcMtHKYIF6Bx2heCLTplfV9wP7VBss00c+0iwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPd3hgqcgwl1R5LJe9oI40HZbilaMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvOTNlR0NweURDWFZIa3NsNzJnampRZGx1S1ZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWdWBMA0G
CSqGSIb3DQEBCwUAA4IBAQAtnkQeq4VO4vWpl4LB2q12x1DOPvVRYUXQqX/sEl2R
nfFrXPA6dtwwYqU7NDa5pDtp2UE1KFFtRQLij8bGBSCN1pbEkob7CPpv3GvGEvjn
9UG+KJ1I7LEj3JUyFyjcdy5v3xiAFnkIiPJpByKrhlL21vA1yATT8qs02ZFVAKf5
wIRXKh5bb2AQLsYF5m5v+wNNgL/YSRFiTGZAcBpZ9h0UVSfSimAc2AsUFCODZV0C
r4wKAdJetw7G/3yox9+u4sFmfJZjS5q+Xu7mc7m4ShWuD0llPiqWJ+jYAqN5FSht
hvR7FYR1AR20/P1k2BgOJRSjUCqkKqruXZX20eBiIE02
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:14 2024 by rpki-client on console-fra.rpki-client.org