Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/AjzpVok52m2nvtaWk8CYr2uNVPk.roa
File:                     AjzpVok52m2nvtaWk8CYr2uNVPk.roa (raw, json)
Hash identifier:          h7wksszqEZFeFWtix20w8l+yBEyhAyFJ++6IzegVKW0=
Subject key identifier:   02:3C:E9:56:89:39:DA:6D:A7:BE:D6:96:93:C0:98:AF:6B:8D:54:F9
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       01890CD1EB0B42B7578F784A7A0EE8BE47D8
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/AjzpVok52m2nvtaWk8CYr2uNVPk.roa
Signing time:             Fri 30 Jun 2023 15:00:31 +0000
ROA not before:           Fri 30 Jun 2023 15:00:31 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     62109
IP address blocks:        89.213.143.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 24 Dec 2023 14:53:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:0c:d1:eb:0b:42:b7:57:8f:78:4a:7a:0e:e8:be:47:d8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jun 30 15:00:31 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=023ce9568939da6da7bed69693c098af6b8d54f9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:f5:53:83:c9:1a:85:c7:25:62:c5:e5:30:64:
                    dc:06:19:27:a9:09:bf:26:d7:b1:e2:bb:52:ab:7d:
                    71:9d:33:81:34:75:26:0a:bb:c5:d8:9e:87:ce:86:
                    b8:d5:d4:30:13:08:24:8a:83:4a:0e:c8:9a:b2:c5:
                    1f:b7:8b:35:98:af:b7:90:69:45:32:56:0e:d7:10:
                    e3:a9:92:d3:47:59:5c:8c:40:e5:ac:c4:fe:9c:62:
                    54:e3:60:aa:dc:cb:aa:7a:86:52:4b:75:d5:09:bb:
                    7c:f6:72:3c:26:21:1c:fe:06:8f:35:04:ff:75:6c:
                    5f:41:e3:79:41:be:66:bb:f8:9e:3d:55:a5:23:cd:
                    00:ee:cc:5f:dc:49:42:3b:2a:67:75:9c:52:f1:fb:
                    3d:7a:95:64:e9:6d:a8:5e:c4:7d:4f:cc:2b:82:c3:
                    67:ab:06:4c:4b:88:08:90:e9:ab:d1:80:5e:47:f7:
                    2d:e0:40:e3:50:92:10:9e:fa:50:2a:16:ed:be:63:
                    8b:cf:1b:86:aa:56:52:b4:94:57:c3:9d:5e:9f:3a:
                    5d:ad:39:51:38:0e:cf:73:b5:69:83:bf:cf:0c:2d:
                    22:c5:49:01:14:60:34:30:78:41:7d:a8:79:20:04:
                    da:81:6a:77:42:9d:91:0c:6e:45:f1:f3:8e:8b:27:
                    29:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:3C:E9:56:89:39:DA:6D:A7:BE:D6:96:93:C0:98:AF:6B:8D:54:F9
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/AjzpVok52m2nvtaWk8CYr2uNVPk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.213.143.0/24

    Signature Algorithm: sha256WithRSAEncryption
         50:92:61:85:df:21:9c:66:c4:92:8b:7b:cc:d8:30:a5:03:f2:
         70:e3:2f:c2:3b:a7:0d:2a:64:66:50:26:ef:ba:f7:cd:6c:6d:
         e0:e2:43:aa:0b:64:b3:7d:36:5b:b7:8d:04:4b:64:60:11:4a:
         80:cb:da:4c:18:71:fb:a8:54:42:ac:7d:67:db:eb:0a:b7:21:
         bd:02:62:19:e0:0a:38:99:8e:a7:e3:6f:6b:2b:8e:f6:ec:e3:
         a1:04:d0:5b:a0:2a:aa:20:9d:ad:22:a0:22:ed:ed:52:d0:7e:
         17:e4:46:c9:8c:ab:15:57:2d:7e:7e:8a:29:49:0a:52:52:16:
         37:4e:3d:2e:b9:e5:be:ac:cd:a5:6c:bb:cb:e2:6b:1f:ff:b6:
         c4:47:b4:47:cd:dc:e5:1b:af:cf:4c:43:59:fa:23:b8:f2:58:
         94:d9:36:a8:d1:ed:0a:fe:61:71:7b:b5:14:e1:f1:a9:1c:9b:
         63:74:0e:75:db:ef:d7:21:1b:a9:16:5b:48:07:90:49:5a:e8:
         65:0a:f1:1d:6c:3d:c3:87:4e:d1:97:b3:e6:dc:92:da:67:c2:
         bb:be:d2:da:27:50:a0:e2:87:ab:b8:fd:84:5b:6b:d1:35:d2:
         8d:d3:2f:b0:c2:19:6d:d7:6f:e7:5a:bf:a8:13:5c:d0:c7:82:
         75:62:05:e2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYkM0esLQrdXj3hKeg7ovkfYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNjMwMTUwMDMxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjNjZTk1Njg5MzlkYTZkYTdiZWQ2OTY5M2MwOThhZjZiOGQ1NGY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmvVTg8kahcclYsXlMGTcBhknqQm/
Jtex4rtSq31xnTOBNHUmCrvF2J6Hzoa41dQwEwgkioNKDsiassUft4s1mK+3kGlF
MlYO1xDjqZLTR1lcjEDlrMT+nGJU42Cq3MuqeoZSS3XVCbt89nI8JiEc/gaPNQT/
dWxfQeN5Qb5mu/iePVWlI80A7sxf3ElCOypndZxS8fs9epVk6W2oXsR9T8wrgsNn
qwZMS4gIkOmr0YBeR/ct4EDjUJIQnvpQKhbtvmOLzxuGqlZStJRXw51enzpdrTlR
OA7Pc7Vpg7/PDC0ixUkBFGA0MHhBfah5IATagWp3Qp2RDG5F8fOOiycpKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAI86VaJOdptp77WlpPAmK9rjVT5MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvQWp6cFZvazUybTJudnRhV2s4Q1lyMnVOVlBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWdWPMA0G
CSqGSIb3DQEBCwUAA4IBAQBQkmGF3yGcZsSSi3vM2DClA/Jw4y/CO6cNKmRmUCbv
uvfNbG3g4kOqC2SzfTZbt40ES2RgEUqAy9pMGHH7qFRCrH1n2+sKtyG9AmIZ4Ao4
mY6n429rK4727OOhBNBboCqqIJ2tIqAi7e1S0H4X5EbJjKsVVy1+foopSQpSUhY3
Tj0uueW+rM2lbLvL4msf/7bER7RHzdzlG6/PTENZ+iO48liU2Tao0e0K/mFxe7UU
4fGpHJtjdA512+/XIRupFltIB5BJWuhlCvEdbD3Dh07Rl7Pm3JLaZ8K7vtLaJ1Cg
4oeruP2EW2vRNdKN0y+wwhlt12/nWr+oE1zQx4J1YgXi
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:14 2024 by rpki-client on console-fra.rpki-client.org