Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/CJrNV86aFYaxqh7VveOlD4kWi7s.roa
File:                     CJrNV86aFYaxqh7VveOlD4kWi7s.roa (raw, json)
Hash identifier:          RoWfesjDHQVmxmDjIZutQrIjDUw0SvxZN+P2LFbcaYI=
Subject key identifier:   08:9A:CD:57:CE:9A:15:86:B1:AA:1E:D5:BD:E3:A5:0F:89:16:8B:BB
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018E625CAF837AC23BCC8EB8A784C0E8BA5A
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/CJrNV86aFYaxqh7VveOlD4kWi7s.roa
Signing time:             Thu 21 Mar 2024 18:53:45 +0000
ROA not before:           Thu 21 Mar 2024 18:53:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     140208
IP address blocks:        213.218.249.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 07 Apr 2024 11:05:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:62:5c:af:83:7a:c2:3b:cc:8e:b8:a7:84:c0:e8:ba:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Mar 21 18:53:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=089acd57ce9a1586b1aa1ed5bde3a50f89168bbb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:ed:f1:d8:31:cd:90:f4:3a:5c:19:9a:e5:62:
                    a3:ef:72:30:4a:23:a5:3b:f6:03:f2:d6:3a:59:fe:
                    a0:fa:91:11:d9:10:6c:ef:3b:44:c8:e5:20:fb:9d:
                    e0:e7:20:4e:23:e8:12:f6:4b:19:a5:a3:c2:27:3a:
                    78:91:02:a2:1f:34:04:a2:f2:c4:a5:7a:8b:7d:29:
                    ec:10:8b:fe:44:d7:19:0c:cb:53:87:c4:ce:3a:94:
                    0a:1d:37:60:b9:bd:e1:ce:d2:70:21:42:f6:f2:1b:
                    3e:e4:11:1c:6b:b1:33:6e:6e:66:56:42:3b:c9:9b:
                    dd:1a:2e:cb:47:ed:f5:bc:ed:de:96:dc:34:d1:fe:
                    6b:54:a2:f4:15:3e:e3:60:e1:47:72:93:68:e2:1c:
                    4d:54:ae:4d:bf:f8:24:46:87:7b:be:38:4a:3c:e2:
                    74:bf:61:68:41:3a:bd:17:ee:97:1d:55:34:3f:5f:
                    58:74:50:35:57:16:20:6c:e0:ce:55:ff:c8:78:26:
                    6c:d8:d8:3e:bb:ae:c6:3c:37:fe:44:0f:47:9e:bd:
                    d7:8a:9d:19:1b:2f:7c:56:46:17:8b:75:5a:25:c9:
                    66:b5:24:5f:44:c5:d9:7f:cc:97:8f:24:a4:5a:be:
                    1d:e9:ab:db:62:07:2b:23:d4:b0:46:0c:10:05:43:
                    0a:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:9A:CD:57:CE:9A:15:86:B1:AA:1E:D5:BD:E3:A5:0F:89:16:8B:BB
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/CJrNV86aFYaxqh7VveOlD4kWi7s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.218.249.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1f:fa:45:04:dc:b5:ce:80:fc:a8:e9:ca:42:ff:e8:36:73:52:
         9d:ac:a2:0a:51:a4:31:21:62:68:f3:b8:92:5d:ee:05:79:d5:
         da:5a:e8:d4:cc:dd:15:76:dc:2f:17:c1:90:e6:a7:f4:27:22:
         0d:fb:0f:99:89:71:b8:85:99:76:b5:70:1b:b0:d1:84:02:c3:
         1c:a3:3f:01:fe:9a:fc:6e:0c:a9:8e:92:8f:5c:65:4d:6d:ed:
         7c:c7:9c:88:00:f7:5e:07:69:83:00:36:c7:26:89:92:63:bf:
         50:f9:0a:60:92:af:98:ea:d6:b7:76:b8:c4:ef:31:97:8c:0a:
         94:1a:50:0e:39:8f:f5:89:da:a5:1a:3b:e5:7d:0c:89:39:01:
         f7:15:26:30:ee:dd:a7:8b:fd:a5:47:53:a9:fd:fa:db:0e:c7:
         3d:eb:c4:3d:4b:10:10:47:85:f1:8f:8f:3b:ae:93:7c:16:be:
         ed:8a:57:0b:13:9c:67:6a:2f:1a:99:ad:f9:0b:4f:76:26:c6:
         0f:ad:e6:b5:b0:42:51:6e:7d:78:f5:55:dd:3b:47:39:a4:f7:
         a6:ce:30:81:9e:84:93:5c:60:f7:3d:05:9d:cc:76:e7:7b:ad:
         f4:72:42:c0:b0:a8:8d:0c:7a:d6:c8:d8:bb:e8:da:71:38:c3:
         9b:3f:7a:96
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY5iXK+DesI7zI64p4TA6LpaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMzIxMTg1MzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODlhY2Q1N2NlOWExNTg2YjFhYTFlZDViZGUzYTUwZjg5MTY4YmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv+3x2DHNkPQ6XBma5WKj73IwSiOl
O/YD8tY6Wf6g+pER2RBs7ztEyOUg+53g5yBOI+gS9ksZpaPCJzp4kQKiHzQEovLE
pXqLfSnsEIv+RNcZDMtTh8TOOpQKHTdgub3hztJwIUL28hs+5BEca7Ezbm5mVkI7
yZvdGi7LR+31vO3eltw00f5rVKL0FT7jYOFHcpNo4hxNVK5Nv/gkRod7vjhKPOJ0
v2FoQTq9F+6XHVU0P19YdFA1VxYgbODOVf/IeCZs2Ng+u67GPDf+RA9Hnr3Xip0Z
Gy98VkYXi3VaJclmtSRfRMXZf8yXjySkWr4d6avbYgcrI9SwRgwQBUMKFQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAiazVfOmhWGsaoe1b3jpQ+JFou7MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvQ0pyTlY4NmFGWWF4cWg3VnZlT2xENGtXaTdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1dr5MA0G
CSqGSIb3DQEBCwUAA4IBAQAf+kUE3LXOgPyo6cpC/+g2c1KdrKIKUaQxIWJo87iS
Xe4FedXaWujUzN0VdtwvF8GQ5qf0JyIN+w+ZiXG4hZl2tXAbsNGEAsMcoz8B/pr8
bgypjpKPXGVNbe18x5yIAPdeB2mDADbHJomSY79Q+Qpgkq+Y6ta3drjE7zGXjAqU
GlAOOY/1idqlGjvlfQyJOQH3FSYw7t2ni/2lR1Op/frbDsc968Q9SxAQR4Xxj487
rpN8Fr7tilcLE5xnai8ama35C092JsYPrea1sEJRbn149VXdO0c5pPemzjCBnoST
XGD3PQWdzHbne630ckLAsKiNDHrWyNi76NpxOMObP3qW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:14 2024 by rpki-client on console-fra.rpki-client.org