Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/BnmAd-UKm8acUszqhZaev5aHBp0.roa
File:                     BnmAd-UKm8acUszqhZaev5aHBp0.roa (raw, json)
Hash identifier:          iSNsyLRWeLC3Qx+33obasxYAC0I4Fbc+dtx1UZj+4dU=
Subject key identifier:   06:79:80:77:E5:0A:9B:C6:9C:52:CC:EA:85:96:9E:BF:96:87:06:9D
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018EC82BB97AC8C3BACA35C0B4749EC88E77
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/BnmAd-UKm8acUszqhZaev5aHBp0.roa
Signing time:             Wed 10 Apr 2024 13:21:32 +0000
ROA not before:           Wed 10 Apr 2024 13:21:32 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     63150
IP address blocks:        89.213.150.0/24 maxlen: 24
                          213.218.228.0/24 maxlen: 24
                          213.218.255.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 01 May 2024 15:31:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:c8:2b:b9:7a:c8:c3:ba:ca:35:c0:b4:74:9e:c8:8e:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Apr 10 13:21:32 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=06798077e50a9bc69c52ccea85969ebf9687069d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:0f:d9:94:c7:a3:2e:43:7b:58:34:b3:b5:9d:
                    ae:3a:ba:46:8c:a0:4f:c4:a0:10:66:fa:11:15:7c:
                    29:82:a8:64:29:68:e9:51:5f:84:58:93:52:96:21:
                    19:d5:6d:ba:52:42:e0:62:92:8f:99:e0:43:2b:a7:
                    ad:2e:40:04:28:9e:42:a5:e8:31:4c:c1:70:e1:f9:
                    7b:4f:7d:0b:cc:08:10:02:c5:fa:f0:ce:19:90:70:
                    90:67:cb:65:e7:37:40:cc:63:bb:14:6a:3a:93:05:
                    9f:fc:95:94:69:db:d9:89:7e:68:84:0f:92:c5:3d:
                    a7:00:c2:0d:25:45:62:e8:fa:8f:d5:75:c7:d7:b2:
                    ea:b4:fa:5e:1c:1b:8c:09:bb:b0:0d:ba:5e:37:e5:
                    b5:9c:a9:ef:56:23:e2:1a:1f:b5:02:23:b5:9c:08:
                    ea:08:5e:02:59:55:8c:01:c5:a2:8c:f0:1a:75:7a:
                    94:fb:07:7c:c6:23:45:d9:10:e6:29:a2:3d:df:a1:
                    ce:21:96:b0:cd:61:73:05:67:bd:06:fd:d7:bd:84:
                    13:63:a5:22:70:5e:b7:39:d9:b2:bb:d4:01:f5:aa:
                    8d:1d:26:89:9b:3c:18:b3:f1:54:d3:b6:bc:a7:99:
                    18:c0:eb:4a:e6:5e:8e:a8:ec:da:f8:c9:12:d7:26:
                    9f:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                06:79:80:77:E5:0A:9B:C6:9C:52:CC:EA:85:96:9E:BF:96:87:06:9D
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/BnmAd-UKm8acUszqhZaev5aHBp0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.213.150.0/24
                  213.218.228.0/24
                  213.218.255.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a4:4b:90:ac:c0:ce:2f:3b:b3:fc:f1:21:31:7a:76:4a:2d:84:
         36:1d:e3:97:8d:6b:84:ed:b6:93:20:ef:0a:87:92:23:ea:67:
         25:5a:94:f4:77:23:cc:f4:85:fc:0d:47:2e:3b:af:50:b1:e8:
         be:55:2c:52:3d:1e:31:ca:3e:87:dd:e9:13:ab:ff:f4:93:03:
         5a:17:f4:70:08:05:c0:04:89:18:2a:01:1f:05:2f:ff:e4:51:
         14:ae:ba:77:39:61:89:89:32:ba:96:c2:5d:70:6d:ef:d8:00:
         34:12:fe:fb:e4:b9:84:0a:ee:5f:35:dc:ce:9c:30:bd:db:63:
         f8:6a:30:22:63:82:31:01:bb:35:09:fa:73:24:ed:8a:f7:8b:
         cc:b5:a6:58:49:c5:7d:43:39:80:78:d4:d3:50:e6:e8:fa:97:
         d3:57:1d:93:8b:e1:81:56:16:6c:bb:02:73:01:6d:e1:47:d4:
         98:43:f2:21:0e:d8:d7:10:50:86:9d:bd:58:b3:fa:52:74:bf:
         57:d2:fa:98:af:f6:fd:b3:c3:88:29:73:6e:c9:17:b0:6e:f8:
         ee:8c:b7:79:a9:35:a4:57:d2:eb:f6:89:e8:dd:48:4c:5c:20:
         03:eb:96:ae:b8:d8:68:cd:cf:81:3d:20:49:e6:d9:03:2d:bd:
         c9:23:6c:86
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY7IK7l6yMO6yjXAtHSeyI53MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNDEwMTMyMTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjc5ODA3N2U1MGE5YmM2OWM1MmNjZWE4NTk2OWViZjk2ODcwNjlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkQ/ZlMejLkN7WDSztZ2uOrpGjKBP
xKAQZvoRFXwpgqhkKWjpUV+EWJNSliEZ1W26UkLgYpKPmeBDK6etLkAEKJ5Cpegx
TMFw4fl7T30LzAgQAsX68M4ZkHCQZ8tl5zdAzGO7FGo6kwWf/JWUadvZiX5ohA+S
xT2nAMINJUVi6PqP1XXH17LqtPpeHBuMCbuwDbpeN+W1nKnvViPiGh+1AiO1nAjq
CF4CWVWMAcWijPAadXqU+wd8xiNF2RDmKaI936HOIZawzWFzBWe9Bv3XvYQTY6Ui
cF63Odmyu9QB9aqNHSaJmzwYs/FU07a8p5kYwOtK5l6OqOza+MkS1yafNQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAZ5gHflCpvGnFLM6oWWnr+WhwadMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvQm5tQWQtVUttOGFjVXN6cWhaYWV2NWFIQnAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWdWWAwQA
1drkAwQA1dr/MA0GCSqGSIb3DQEBCwUAA4IBAQCkS5CswM4vO7P88SExenZKLYQ2
HeOXjWuE7baTIO8Kh5Ij6mclWpT0dyPM9IX8DUcuO69Qsei+VSxSPR4xyj6H3ekT
q//0kwNaF/RwCAXABIkYKgEfBS//5FEUrrp3OWGJiTK6lsJdcG3v2AA0Ev775LmE
Cu5fNdzOnDC922P4ajAiY4IxAbs1CfpzJO2K94vMtaZYScV9QzmAeNTTUObo+pfT
Vx2Ti+GBVhZsuwJzAW3hR9SYQ/IhDtjXEFCGnb1Ys/pSdL9X0vqYr/b9s8OIKXNu
yRewbvjujLd5qTWkV9Lr9ono3UhMXCAD65auuNhozc+BPSBJ5tkDLb3JI2yG
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:21 2024 by rpki-client on console-ams.rpki-client.org