Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/A1j0YFFqE5GVgN59zk3Fq6iJNyc.roa
File:                     A1j0YFFqE5GVgN59zk3Fq6iJNyc.roa (raw, json)
Hash identifier:          3nZIvwUcFDzMO7dUyudD9vljA28Ue3Ke7053nlJuN6Y=
Subject key identifier:   03:58:F4:60:51:6A:13:91:95:80:DE:7D:CE:4D:C5:AB:A8:89:37:27
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       01896DCB4B24D789AFA8CC56E3BA830273E7
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/A1j0YFFqE5GVgN59zk3Fq6iJNyc.roa
Signing time:             Wed 19 Jul 2023 10:56:26 +0000
ROA not before:           Wed 19 Jul 2023 10:56:26 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     20473
IP address blocks:        89.213.4.0/24 maxlen: 24
                          82.152.49.0/24 maxlen: 24
                          89.213.167.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 21 Jul 2023 16:12:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:6d:cb:4b:24:d7:89:af:a8:cc:56:e3:ba:83:02:73:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jul 19 10:56:26 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0358f460516a13919580de7dce4dc5aba8893727
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:2a:f6:d9:d9:33:d7:9c:7a:84:98:c3:a8:ac:
                    f1:8a:77:b7:d3:bb:e6:96:d9:1c:e5:f5:12:98:a1:
                    da:1e:ff:27:34:3a:68:c8:8f:f1:1d:4f:59:0b:d2:
                    27:6f:77:40:82:64:6a:f9:e7:7a:dd:db:8e:56:93:
                    a5:02:19:55:45:f0:3c:fa:da:df:fc:e2:23:c8:92:
                    2d:1c:06:79:e6:45:d2:27:a4:c8:8f:e1:1e:b9:30:
                    a9:e2:33:c9:b8:53:bd:30:8e:a3:05:08:00:82:da:
                    60:46:b8:b5:ad:f7:27:41:96:93:fe:d2:5c:f0:fe:
                    ec:fd:78:b5:15:d1:72:1b:17:d7:c6:1d:f5:f1:4e:
                    cb:a6:a5:e6:09:41:20:1a:07:b0:02:f6:34:e3:8b:
                    a6:ff:4b:63:af:05:22:24:2a:d1:25:d1:bd:57:f9:
                    49:ae:b4:eb:ed:42:bc:39:09:51:c8:ae:39:03:c8:
                    b7:6c:5c:2c:65:46:aa:74:61:45:e3:8e:45:94:2f:
                    bf:a9:d5:d4:47:d1:ad:20:29:e0:58:fe:d5:c2:33:
                    ea:ee:78:e5:b7:28:05:e7:b4:48:19:d6:b7:98:7f:
                    ca:1b:ba:39:35:ee:9c:be:79:d3:bf:44:8c:32:56:
                    08:de:71:3c:e4:9d:5f:20:19:a1:4f:b9:82:49:1d:
                    fd:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:58:F4:60:51:6A:13:91:95:80:DE:7D:CE:4D:C5:AB:A8:89:37:27
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/A1j0YFFqE5GVgN59zk3Fq6iJNyc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.152.49.0/24
                  89.213.4.0/24
                  89.213.167.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3c:e2:c5:63:61:a9:e1:80:e0:34:c3:79:da:72:3e:4c:aa:89:
         1f:7d:0b:90:79:02:80:44:7f:4b:5e:9c:aa:30:3e:6c:27:31:
         e3:5f:62:91:d1:ae:8f:88:36:35:69:45:5c:e2:df:d9:f5:60:
         ee:98:24:d8:01:9a:e8:d2:5f:70:fd:35:be:17:24:ae:ad:31:
         54:d2:4e:36:cf:96:c4:f5:75:57:ca:da:68:bc:55:12:e1:73:
         57:ba:f4:b2:7d:88:bc:5c:cb:ba:75:e4:40:6a:db:5c:c7:5b:
         60:6e:b1:0a:71:69:2d:29:52:01:bc:35:8d:38:22:9d:31:b0:
         b4:e7:a4:76:6b:93:c2:67:38:86:02:fd:0a:c4:29:dd:20:ae:
         c8:a7:54:ed:e0:14:e6:55:57:32:5b:46:71:79:7c:91:1e:70:
         19:f4:7e:b7:13:90:35:38:74:3f:4b:93:4d:4a:24:9f:cb:5d:
         8a:5e:6c:55:93:46:24:c6:8c:b8:37:f5:5f:4b:da:73:3a:a3:
         bd:bb:73:15:b1:a9:7b:04:9e:2d:70:29:58:78:d4:fe:75:9f:
         7a:eb:94:8d:20:a1:c4:13:62:73:04:bb:e2:cf:55:34:3a:f3:
         84:94:fb:d5:fc:22:d1:11:1d:8e:9e:4e:7b:90:30:eb:30:43:
         c9:f6:1c:fc
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYlty0sk14mvqMxW47qDAnPnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNzE5MTA1NjI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzU4ZjQ2MDUxNmExMzkxOTU4MGRlN2RjZTRkYzVhYmE4ODkzNzI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgyr22dkz15x6hJjDqKzxine307vm
ltkc5fUSmKHaHv8nNDpoyI/xHU9ZC9Inb3dAgmRq+ed63duOVpOlAhlVRfA8+trf
/OIjyJItHAZ55kXSJ6TIj+EeuTCp4jPJuFO9MI6jBQgAgtpgRri1rfcnQZaT/tJc
8P7s/Xi1FdFyGxfXxh318U7LpqXmCUEgGgewAvY044um/0tjrwUiJCrRJdG9V/lJ
rrTr7UK8OQlRyK45A8i3bFwsZUaqdGFF445FlC+/qdXUR9GtICngWP7VwjPq7njl
tygF57RIGda3mH/KG7o5Ne6cvnnTv0SMMlYI3nE85J1fIBmhT7mCSR395wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFANY9GBRahORlYDefc5NxauoiTcnMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvQTFqMFlGRnFFNUdWZ041OXprM0ZxNmlKTnljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUpgxAwQA
WdUEAwQAWdWnMA0GCSqGSIb3DQEBCwUAA4IBAQA84sVjYanhgOA0w3nacj5Mqokf
fQuQeQKARH9LXpyqMD5sJzHjX2KR0a6PiDY1aUVc4t/Z9WDumCTYAZro0l9w/TW+
FySurTFU0k42z5bE9XVXytpovFUS4XNXuvSyfYi8XMu6deRAattcx1tgbrEKcWkt
KVIBvDWNOCKdMbC056R2a5PCZziGAv0KxCndIK7Ip1Tt4BTmVVcyW0ZxeXyRHnAZ
9H63E5A1OHQ/S5NNSiSfy12KXmxVk0Ykxoy4N/VfS9pzOqO9u3MVsal7BJ4tcClY
eNT+dZ9665SNIKHEE2JzBLviz1U0OvOElPvV/CLRER2Onk57kDDrMEPJ9hz8
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:14 2024 by rpki-client on console-fra.rpki-client.org