Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/BR0ILZVWwmFmVi6ezCKYCpKEuAs.roa
File:                     BR0ILZVWwmFmVi6ezCKYCpKEuAs.roa (raw, json)
Hash identifier:          Jpxm+Wx3JzKfhcsWvLFWu6w/JbkFFzVMjcnL0EYe1cc=
Subject key identifier:   05:1D:08:2D:95:56:C2:61:66:56:2E:9E:CC:22:98:0A:92:84:B8:0B
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       01892C10C3EEE241BDCD8064BC63B875FB39
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/BR0ILZVWwmFmVi6ezCKYCpKEuAs.roa
Signing time:             Thu 06 Jul 2023 16:37:23 +0000
ROA not before:           Thu 06 Jul 2023 16:37:23 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     147291
IP address blocks:        89.213.5.0/24 maxlen: 24
                          89.213.135.0/24 maxlen: 24
                          89.213.136.0/24 maxlen: 24
                          89.213.133.0/24 maxlen: 24
                          89.213.134.0/24 maxlen: 24
                          89.213.138.0/24 maxlen: 24
                          89.213.139.0/24 maxlen: 24
                          89.213.137.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 07 Jul 2023 15:36:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:2c:10:c3:ee:e2:41:bd:cd:80:64:bc:63:b8:75:fb:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jul  6 16:37:23 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=051d082d9556c26166562e9ecc22980a9284b80b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:e9:80:70:38:c1:d0:c3:de:63:6d:de:da:0b:
                    13:b6:f1:77:08:be:90:15:1d:af:fb:15:46:88:9e:
                    af:d8:4d:46:30:d2:b9:0e:06:ca:b6:63:ac:29:c0:
                    bd:8a:86:78:a6:c4:0b:a6:2a:14:9c:9c:f5:50:fb:
                    e8:14:6b:b4:78:84:78:8c:34:ea:3e:f6:da:03:6a:
                    f8:1c:ec:1f:ba:6e:df:0b:55:80:e5:8b:a0:f9:20:
                    01:17:f5:dc:8f:57:60:73:bc:64:8f:69:5f:9d:cf:
                    8b:7c:84:1e:62:5f:be:fd:08:78:1c:e5:9e:15:1a:
                    d5:b8:d6:47:42:b9:0a:b8:88:57:f8:34:51:45:5b:
                    b6:64:2b:ea:8a:5e:96:a4:b2:20:6e:56:1f:06:46:
                    d5:d2:c6:ac:53:78:2e:0f:18:76:29:6f:52:78:ca:
                    55:23:89:9b:b9:02:13:49:5c:66:7e:fc:ed:3e:28:
                    cd:d0:aa:fc:f8:a1:51:35:d8:37:0d:14:2c:01:10:
                    78:86:1d:1c:70:31:39:07:a5:be:5d:cd:54:b9:6c:
                    8b:e8:55:22:b9:5a:92:1e:56:b5:db:4f:51:63:6b:
                    c4:7d:e8:b6:1f:03:7c:8e:a1:eb:37:a2:c3:11:9b:
                    c4:c0:af:59:0c:df:7a:66:82:38:e4:a6:31:48:e6:
                    bc:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:1D:08:2D:95:56:C2:61:66:56:2E:9E:CC:22:98:0A:92:84:B8:0B
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/BR0ILZVWwmFmVi6ezCKYCpKEuAs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.213.5.0/24
                  89.213.133.0-89.213.139.255

    Signature Algorithm: sha256WithRSAEncryption
         ad:c2:d8:cf:be:62:39:0c:5c:96:ac:ce:a0:ae:4f:c6:ba:4c:
         3d:d5:6f:cf:b4:b0:98:b2:4a:b0:0b:41:c4:77:7e:20:13:bb:
         57:64:09:e5:5f:39:5e:79:d3:c2:8f:52:1c:1e:cf:eb:9a:ff:
         86:83:e9:22:47:aa:22:55:05:b4:93:ea:f6:d7:53:d7:ce:eb:
         39:49:e1:50:a6:40:47:c7:29:7b:47:06:63:0c:ee:57:41:f5:
         af:92:02:e6:5c:f0:9b:db:e6:46:b5:3f:60:d5:99:bf:10:ae:
         27:ca:20:f1:3b:2a:6c:4b:4c:fc:76:e9:a0:38:c8:cf:b7:ed:
         f7:4a:e8:e9:bf:b8:b2:e9:f0:18:9c:74:7c:60:2b:b0:9d:a7:
         92:a9:7c:91:0d:b7:a5:be:ad:03:f9:d2:29:7e:9b:2b:aa:2b:
         92:ed:c8:b9:b7:6b:40:a1:7a:20:29:4d:b3:59:05:5c:37:0b:
         18:69:e8:02:86:7a:64:a3:b8:dd:07:c5:4a:49:eb:fd:0a:0a:
         8c:03:f3:b4:65:5e:51:4f:b2:15:31:d7:0c:d0:6e:9d:28:c7:
         63:ec:bc:76:6e:35:09:cb:66:cd:87:47:9b:40:0c:58:46:0f:
         f4:a4:ec:62:72:4b:4f:c0:5d:ec:dc:24:af:a2:3e:b2:68:5c:
         8c:bc:23:90
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYksEMPu4kG9zYBkvGO4dfs5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNzA2MTYzNzIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTFkMDgyZDk1NTZjMjYxNjY1NjJlOWVjYzIyOTgwYTkyODRiODBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgOmAcDjB0MPeY23e2gsTtvF3CL6Q
FR2v+xVGiJ6v2E1GMNK5DgbKtmOsKcC9ioZ4psQLpioUnJz1UPvoFGu0eIR4jDTq
PvbaA2r4HOwfum7fC1WA5Yug+SABF/Xcj1dgc7xkj2lfnc+LfIQeYl++/Qh4HOWe
FRrVuNZHQrkKuIhX+DRRRVu2ZCvqil6WpLIgblYfBkbV0sasU3guDxh2KW9SeMpV
I4mbuQITSVxmfvztPijN0Kr8+KFRNdg3DRQsARB4hh0ccDE5B6W+Xc1UuWyL6FUi
uVqSHla1209RY2vEfei2HwN8jqHrN6LDEZvEwK9ZDN96ZoI45KYxSOa8QQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFAUdCC2VVsJhZlYunswimAqShLgLMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvQlIwSUxaVld3bUZtVmk2ZXpDS1lDcEtFdUFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAWdUFMAwD
BABZ1YUDBAJZ1YgwDQYJKoZIhvcNAQELBQADggEBAK3C2M++YjkMXJaszqCuT8a6
TD3Vb8+0sJiySrALQcR3fiATu1dkCeVfOV5508KPUhwez+ua/4aD6SJHqiJVBbST
6vbXU9fO6zlJ4VCmQEfHKXtHBmMM7ldB9a+SAuZc8Jvb5ka1P2DVmb8QrifKIPE7
KmxLTPx26aA4yM+37fdK6Om/uLLp8BicdHxgK7Cdp5KpfJENt6W+rQP50il+myuq
K5LtyLm3a0CheiApTbNZBVw3Cxhp6AKGemSjuN0HxUpJ6/0KCowD87RlXlFPshUx
1wzQbp0ox2PsvHZuNQnLZs2HR5tADFhGD/Sk7GJyS0/AXezcJK+iPrJoXIy8I5A=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:21 2024 by rpki-client on console-ams.rpki-client.org