Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/9AwFrRPGN5wlGXq1aj6Oe6ThjNM.roa
File:                     9AwFrRPGN5wlGXq1aj6Oe6ThjNM.roa (raw, json)
Hash identifier:          jrL3SrLq8Bjxyw7okxJ/9G1ryTh4PjtyrIb/p0jVgp8=
Subject key identifier:   F4:0C:05:AD:13:C6:37:9C:25:19:7A:B5:6A:3E:8E:7B:A4:E1:8C:D3
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018EA815D0037CA6776477E851168EF51967
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/9AwFrRPGN5wlGXq1aj6Oe6ThjNM.roa
Signing time:             Thu 04 Apr 2024 07:49:45 +0000
ROA not before:           Thu 04 Apr 2024 07:49:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     20473
IP address blocks:        81.5.189.0/24 maxlen: 24
                          82.152.49.0/24 maxlen: 24
                          82.153.65.0/24 maxlen: 24
                          89.213.152.0/24 maxlen: 24
                          89.213.176.0/24 maxlen: 24
                          89.213.183.0/24 maxlen: 24
                          213.130.138.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 05 Apr 2024 08:02:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:a8:15:d0:03:7c:a6:77:64:77:e8:51:16:8e:f5:19:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Apr  4 07:49:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=f40c05ad13c6379c25197ab56a3e8e7ba4e18cd3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:1e:0d:41:f5:a3:ef:29:a6:b7:9a:ae:c1:d1:
                    24:53:f0:28:1b:79:e3:80:e4:2a:f9:9e:9f:ae:9f:
                    b7:03:3a:5b:fd:13:87:ec:fb:f9:b1:33:22:ef:8f:
                    69:e3:a8:e5:5c:df:e9:83:83:01:3a:4d:40:38:65:
                    b1:7c:a8:7a:82:e5:22:86:36:71:b2:d0:6d:be:d7:
                    3a:57:e1:c5:96:20:96:ad:d0:2b:48:70:97:99:36:
                    ce:82:ba:2e:72:b0:2c:57:bd:3c:26:df:8c:d5:d7:
                    a4:18:68:78:21:2d:09:fb:5c:21:85:05:82:4a:ff:
                    9d:36:e5:37:ce:92:eb:5e:51:32:fd:0d:b1:47:b2:
                    1e:50:26:58:82:60:f0:1a:4f:ec:3e:c4:52:fd:4a:
                    91:7f:41:c3:be:0c:27:6f:fb:d4:10:7d:28:de:d7:
                    7d:bb:97:c5:17:87:08:16:23:c9:d1:0c:e9:bf:01:
                    20:3a:fb:0f:1f:5a:af:86:41:42:a5:8c:4a:00:e3:
                    06:57:0b:f8:7c:86:d5:26:85:55:88:2f:3b:8d:72:
                    7a:e9:e7:6f:be:eb:17:b5:8a:c6:9e:af:98:ee:a0:
                    7a:2c:a6:74:7e:11:3e:74:cf:29:0b:be:cb:53:5f:
                    ff:23:c7:91:f9:05:73:eb:cf:9a:13:1e:32:4c:81:
                    db:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:0C:05:AD:13:C6:37:9C:25:19:7A:B5:6A:3E:8E:7B:A4:E1:8C:D3
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/9AwFrRPGN5wlGXq1aj6Oe6ThjNM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.5.189.0/24
                  82.152.49.0/24
                  82.153.65.0/24
                  89.213.152.0/24
                  89.213.176.0/24
                  89.213.183.0/24
                  213.130.138.0/24

    Signature Algorithm: sha256WithRSAEncryption
         87:ef:ef:d6:6a:93:03:34:b8:57:5e:fb:d4:49:43:d7:19:17:
         35:40:1a:47:10:f6:39:5c:0b:fd:24:1d:25:25:af:19:c9:a2:
         27:90:5a:fd:96:46:a2:02:ea:eb:4e:aa:e9:7a:87:fa:3c:f1:
         9f:2c:f0:29:ed:f2:20:1c:70:6c:0c:20:14:87:1e:42:92:17:
         cc:56:cb:42:a6:13:51:fa:81:66:0a:db:ee:e3:32:ed:62:b2:
         dd:f2:51:83:9c:82:fb:d6:2c:2c:b1:7c:71:f2:fd:d0:fc:96:
         3f:51:f1:c0:75:cb:28:c6:9b:cc:dd:7d:82:4a:3c:6f:79:33:
         40:f4:f5:1d:93:2b:e5:c3:38:72:e8:86:72:54:59:36:69:31:
         45:a5:f4:7e:0e:fe:be:97:bd:b7:c4:45:a9:e9:1b:2b:73:0b:
         d2:80:01:d6:ac:15:55:b0:8b:00:27:8c:e4:10:fa:e1:da:e6:
         ab:32:19:19:25:f5:34:03:8b:38:8e:d8:b6:c7:86:67:e4:49:
         97:7a:cb:92:fd:1c:01:08:a7:76:5d:a4:8d:3f:53:b0:d8:42:
         19:3e:90:3b:01:53:69:de:d9:b9:78:1a:b9:d8:e4:75:39:2a:
         57:54:e4:bd:ce:d3:eb:e9:df:0f:07:7d:17:30:41:df:eb:47:
         7a:8d:24:12
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY6oFdADfKZ3ZHfoURaO9RlnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNDA0MDc0OTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDBjMDVhZDEzYzYzNzljMjUxOTdhYjU2YTNlOGU3YmE0ZTE4Y2QzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArh4NQfWj7ymmt5quwdEkU/AoG3nj
gOQq+Z6frp+3Azpb/ROH7Pv5sTMi749p46jlXN/pg4MBOk1AOGWxfKh6guUihjZx
stBtvtc6V+HFliCWrdArSHCXmTbOgroucrAsV708Jt+M1dekGGh4IS0J+1whhQWC
Sv+dNuU3zpLrXlEy/Q2xR7IeUCZYgmDwGk/sPsRS/UqRf0HDvgwnb/vUEH0o3td9
u5fFF4cIFiPJ0QzpvwEgOvsPH1qvhkFCpYxKAOMGVwv4fIbVJoVViC87jXJ66edv
vusXtYrGnq+Y7qB6LKZ0fhE+dM8pC77LU1//I8eR+QVz68+aEx4yTIHbnQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFPQMBa0TxjecJRl6tWo+jnuk4YzTMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvOUF3RnJSUEdONXdsR1hxMWFqNk9lNlRoak5NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAUQW9AwQA
UpgxAwQAUplBAwQAWdWYAwQAWdWwAwQAWdW3AwQA1YKKMA0GCSqGSIb3DQEBCwUA
A4IBAQCH7+/WapMDNLhXXvvUSUPXGRc1QBpHEPY5XAv9JB0lJa8ZyaInkFr9lkai
AurrTqrpeof6PPGfLPAp7fIgHHBsDCAUhx5CkhfMVstCphNR+oFmCtvu4zLtYrLd
8lGDnIL71iwssXxx8v3Q/JY/UfHAdcsoxpvM3X2CSjxveTNA9PUdkyvlwzhy6IZy
VFk2aTFFpfR+Dv6+l723xEWp6RsrcwvSgAHWrBVVsIsAJ4zkEPrh2uarMhkZJfU0
A4s4jti2x4Zn5EmXesuS/RwBCKd2XaSNP1Ow2EIZPpA7AVNp3tm5eBq52OR1OSpX
VOS9ztPr6d8PB30XMEHf60d6jSQS
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:14 2024 by rpki-client on console-fra.rpki-client.org