Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/CS1OD9qPisdCZ6FBvjmX6t6vMZ0.roa
File:                     CS1OD9qPisdCZ6FBvjmX6t6vMZ0.roa (raw, json)
Hash identifier:          /ipqQe4uHq2DWQKceFiHe+QySNs9sccj0wU9vluv2K4=
Subject key identifier:   09:2D:4E:0F:DA:8F:8A:C7:42:67:A1:41:BE:39:97:EA:DE:AF:31:9D
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018CC349665670D0C746697A4EDBBEDBC99E
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/CS1OD9qPisdCZ6FBvjmX6t6vMZ0.roa
Signing time:             Mon 01 Jan 2024 04:30:16 +0000
ROA not before:           Mon 01 Jan 2024 04:30:16 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     262287
IP address blocks:        89.213.41.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 29 Jan 2024 10:08:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:49:66:56:70:d0:c7:46:69:7a:4e:db:be:db:c9:9e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jan  1 04:30:16 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=092d4e0fda8f8ac74267a141be3997eadeaf319d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:2e:8f:c6:0f:7c:f4:c8:51:4d:70:27:a7:c9:
                    02:d8:83:f1:a0:7d:dd:91:d0:1d:8c:e1:25:68:73:
                    2f:e8:da:84:8f:13:f4:b4:01:74:08:29:62:cb:93:
                    9d:bc:7b:2f:32:fe:e3:36:82:ac:67:87:9d:9c:2d:
                    66:f8:b9:40:d5:b3:ad:2e:5b:46:ad:56:04:fc:2e:
                    07:3e:ee:0e:68:84:5c:9d:60:de:ea:37:a9:a5:40:
                    1a:01:ab:47:ba:21:16:08:39:49:a7:4b:08:90:eb:
                    81:83:1c:72:31:1c:5b:41:5c:58:7b:ca:e0:f8:21:
                    4a:67:3c:51:de:20:6a:fa:fc:90:2f:d7:33:3f:5b:
                    7b:14:24:a7:96:ff:9f:79:23:82:60:03:7a:fb:97:
                    d6:b7:29:66:87:41:75:f6:34:84:8c:5d:7a:2f:01:
                    e9:7f:74:8b:41:cb:bd:12:e9:1e:b8:7e:43:d9:ed:
                    db:f6:ab:44:fb:81:ff:a0:61:b0:3f:65:60:58:d8:
                    ef:66:30:4c:f9:f9:17:5f:3c:f6:75:4b:68:da:aa:
                    41:cc:f7:e3:8d:eb:2a:d0:d2:b4:bd:b0:7a:3f:0d:
                    65:fe:7e:8c:8d:5a:ce:0d:6e:4c:d1:5b:1e:6d:1f:
                    a6:26:85:8c:9a:d0:db:dc:ba:0a:41:36:4f:c6:8a:
                    78:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:2D:4E:0F:DA:8F:8A:C7:42:67:A1:41:BE:39:97:EA:DE:AF:31:9D
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/CS1OD9qPisdCZ6FBvjmX6t6vMZ0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.213.41.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ac:8f:a2:c8:2b:01:d3:56:d9:b7:e3:33:b8:e6:7f:69:76:f7:
         63:12:ac:cd:38:90:02:1b:02:f5:e8:e7:1f:9e:02:6c:4e:e4:
         1b:6e:2f:32:02:4f:47:66:79:d6:6b:5f:33:d8:9d:3f:d0:c5:
         f8:2f:db:97:1c:f7:94:be:45:78:b9:b3:43:09:01:99:5f:13:
         4b:b7:49:f6:50:0e:4c:4d:e9:2d:6c:31:90:a2:13:6c:44:05:
         f3:b2:7f:c8:25:1d:e9:8c:12:96:6d:85:07:76:6e:33:82:2c:
         19:ba:16:44:04:a3:cb:dd:ce:68:96:a8:c9:6c:6c:c5:f2:d1:
         72:72:e7:4e:fc:7c:4a:04:10:70:42:19:cb:e4:a5:84:5e:70:
         36:37:d1:81:ac:26:2e:50:54:24:55:5f:7e:dd:b5:49:e4:7b:
         fa:d7:e8:1e:03:94:8e:a4:87:e0:93:d5:ac:61:0b:61:96:cd:
         50:7a:6e:ff:a6:1a:5a:7e:cd:d1:97:4b:3b:48:aa:e9:44:46:
         4a:83:4a:16:d6:37:5a:2e:ba:c7:b6:8d:b6:10:b9:76:39:07:
         5e:26:96:f5:df:15:e8:56:3a:b8:e5:67:24:eb:8c:2d:57:41:
         9e:69:6c:18:cd:7f:54:7d:87:13:39:8c:57:b3:d5:1e:ba:9d:
         9d:69:f3:dd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSWZWcNDHRml6Ttu+28meMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMTAxMDQzMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTJkNGUwZmRhOGY4YWM3NDI2N2ExNDFiZTM5OTdlYWRlYWYzMTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArS6Pxg989MhRTXAnp8kC2IPxoH3d
kdAdjOElaHMv6NqEjxP0tAF0CCliy5OdvHsvMv7jNoKsZ4ednC1m+LlA1bOtLltG
rVYE/C4HPu4OaIRcnWDe6jeppUAaAatHuiEWCDlJp0sIkOuBgxxyMRxbQVxYe8rg
+CFKZzxR3iBq+vyQL9czP1t7FCSnlv+feSOCYAN6+5fWtylmh0F19jSEjF16LwHp
f3SLQcu9EukeuH5D2e3b9qtE+4H/oGGwP2VgWNjvZjBM+fkXXzz2dUto2qpBzPfj
jesq0NK0vbB6Pw1l/n6MjVrODW5M0VsebR+mJoWMmtDb3LoKQTZPxop4/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAktTg/aj4rHQmehQb45l+rerzGdMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvQ1MxT0Q5cVBpc2RDWjZGQnZqbVg2dDZ2TVowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWdUpMA0G
CSqGSIb3DQEBCwUAA4IBAQCsj6LIKwHTVtm34zO45n9pdvdjEqzNOJACGwL16Ocf
ngJsTuQbbi8yAk9HZnnWa18z2J0/0MX4L9uXHPeUvkV4ubNDCQGZXxNLt0n2UA5M
TektbDGQohNsRAXzsn/IJR3pjBKWbYUHdm4zgiwZuhZEBKPL3c5olqjJbGzF8tFy
cudO/HxKBBBwQhnL5KWEXnA2N9GBrCYuUFQkVV9+3bVJ5Hv61+geA5SOpIfgk9Ws
YQthls1Qem7/phpafs3Rl0s7SKrpREZKg0oW1jdaLrrHto22ELl2OQdeJpb13xXo
Vjq45Wck64wtV0GeaWwYzX9UfYcTOYxXs9Ueup2dafPd
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:21 2024 by rpki-client on console-ams.rpki-client.org