Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/A_GVo97L_bDb49awsj3eVXo5UQ8.roa
File:                     A_GVo97L_bDb49awsj3eVXo5UQ8.roa (raw, json)
Hash identifier:          /kNbb8uwFmavhVRKhBgSWNwCD+mqLxIaGsaAVpGTsvc=
Subject key identifier:   03:F1:95:A3:DE:CB:FD:B0:DB:E3:D6:B0:B2:3D:DE:55:7A:39:51:0F
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       0189D4E1189B8B8C34BCF4BEE9A38584E02D
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/A_GVo97L_bDb49awsj3eVXo5UQ8.roa
Signing time:             Tue 08 Aug 2023 11:21:08 +0000
ROA not before:           Tue 08 Aug 2023 11:21:08 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     147291
IP address blocks:        89.213.135.0/24 maxlen: 24
                          89.213.133.0/24 maxlen: 24
                          89.213.134.0/24 maxlen: 24
                          89.213.138.0/24 maxlen: 24
                          89.213.137.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 11 Aug 2023 09:41:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:d4:e1:18:9b:8b:8c:34:bc:f4:be:e9:a3:85:84:e0:2d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Aug  8 11:21:08 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=03f195a3decbfdb0dbe3d6b0b23dde557a39510f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:de:33:0b:78:b5:56:24:f3:08:81:55:e2:90:
                    40:5f:73:87:c3:80:6a:c1:31:34:30:06:8c:79:be:
                    ba:37:46:32:5c:2a:18:f2:0a:da:da:9d:cb:ad:64:
                    f5:c2:07:a0:b1:ce:eb:a8:84:a4:54:07:38:fd:31:
                    2b:35:8f:1e:76:18:ad:de:96:9a:1f:c6:e4:4b:db:
                    17:08:e8:eb:9f:34:70:92:ca:f9:a0:82:e5:9e:d6:
                    61:7a:e7:1e:35:10:16:c3:e5:99:c4:ac:9d:5c:77:
                    59:ce:d5:53:c0:1c:f9:67:11:78:35:c9:2c:dd:ee:
                    96:8a:4f:d9:0f:9a:1c:6c:4f:97:90:54:fe:1e:ed:
                    17:5e:72:db:82:94:04:21:32:67:7d:ee:fb:97:4e:
                    19:91:14:96:a6:2a:9d:5e:d4:c0:d4:fd:e8:1c:8f:
                    2b:a1:21:ee:2e:bd:92:c4:cb:3d:6f:89:35:2d:23:
                    1c:a7:89:98:ca:fa:6a:22:bb:12:e9:06:33:3a:65:
                    09:68:4c:a4:65:04:f7:4d:08:65:c1:fb:1f:1d:55:
                    2f:49:fe:23:d8:c6:3f:c3:6d:1d:91:51:26:d5:36:
                    3f:46:c9:aa:2d:4b:2e:b6:b5:76:b7:79:b4:73:4c:
                    ca:de:78:4c:de:8f:74:50:62:cc:6a:7a:b2:57:a4:
                    3d:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:F1:95:A3:DE:CB:FD:B0:DB:E3:D6:B0:B2:3D:DE:55:7A:39:51:0F
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/A_GVo97L_bDb49awsj3eVXo5UQ8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.213.133.0-89.213.135.255
                  89.213.137.0-89.213.138.255

    Signature Algorithm: sha256WithRSAEncryption
         2c:51:71:b3:3b:27:7f:ce:56:27:41:bc:ed:9c:6a:1c:6e:ed:
         45:d1:db:c9:79:51:39:29:cb:a0:e0:4d:e4:20:b6:2f:7f:7c:
         7c:5b:53:b0:3b:4a:6a:3c:19:eb:9e:5a:91:81:b5:9a:a1:e1:
         df:03:d9:dd:a3:63:f2:c1:14:cf:13:3e:34:45:a3:17:5b:63:
         4b:a7:8b:b9:60:e9:56:2f:bd:e4:93:a9:6a:0e:e2:57:c0:95:
         dc:74:0b:8a:4b:ea:25:ed:cc:42:b6:59:87:60:0b:37:bf:45:
         96:83:c5:ef:09:46:f7:dc:38:cc:af:10:b5:b9:17:25:9d:b6:
         a7:3a:4b:7c:8a:88:50:dd:a6:2e:8e:08:c2:05:71:39:89:75:
         1c:00:bc:26:5e:2c:64:f1:4d:c5:01:4b:6d:3c:72:87:20:65:
         8d:55:57:ea:5f:d1:79:a1:f7:d6:0f:0d:90:49:bd:f7:83:75:
         4c:e8:9d:5f:ea:22:9d:90:45:5e:cf:47:27:22:86:de:f9:c9:
         5c:6c:c8:9e:5a:07:da:34:3c:84:cc:5c:12:ab:37:e1:0e:0c:
         98:b3:68:97:af:48:a2:c9:0c:c6:61:4d:87:47:fc:4d:08:f0:
         52:39:8e:6e:5a:57:27:22:ec:2a:e9:90:de:98:99:7d:49:49:
         91:c3:e8:c5
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYnU4Ribi4w0vPS+6aOFhOAtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwODA4MTEyMTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2YxOTVhM2RlY2JmZGIwZGJlM2Q2YjBiMjNkZGU1NTdhMzk1MTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjt4zC3i1ViTzCIFV4pBAX3OHw4Bq
wTE0MAaMeb66N0YyXCoY8gra2p3LrWT1wgegsc7rqISkVAc4/TErNY8edhit3paa
H8bkS9sXCOjrnzRwksr5oILlntZheuceNRAWw+WZxKydXHdZztVTwBz5ZxF4Ncks
3e6Wik/ZD5ocbE+XkFT+Hu0XXnLbgpQEITJnfe77l04ZkRSWpiqdXtTA1P3oHI8r
oSHuLr2SxMs9b4k1LSMcp4mYyvpqIrsS6QYzOmUJaEykZQT3TQhlwfsfHVUvSf4j
2MY/w20dkVEm1TY/RsmqLUsutrV2t3m0c0zK3nhM3o90UGLManqyV6Q9PwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFAPxlaPey/2w2+PWsLI93lV6OVEPMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvQV9HVm85N0xfYkRiNDlhd3NqM2VWWG81VVE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBABZ1YUD
BANZ1YAwDAMEAFnViQMEAFnVijANBgkqhkiG9w0BAQsFAAOCAQEALFFxszsnf85W
J0G87ZxqHG7tRdHbyXlROSnLoOBN5CC2L398fFtTsDtKajwZ655akYG1mqHh3wPZ
3aNj8sEUzxM+NEWjF1tjS6eLuWDpVi+95JOpag7iV8CV3HQLikvqJe3MQrZZh2AL
N79FloPF7wlG99w4zK8QtbkXJZ22pzpLfIqIUN2mLo4IwgVxOYl1HAC8Jl4sZPFN
xQFLbTxyhyBljVVX6l/ReaH31g8NkEm994N1TOidX+oinZBFXs9HJyKG3vnJXGzI
nloH2jQ8hMxcEqs34Q4MmLNol69IoskMxmFNh0f8TQjwUjmOblpXJyLsKumQ3piZ
fUlJkcPoxQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:14 2024 by rpki-client on console-fra.rpki-client.org