Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/CpXQSclEyHx00ze4WsjcQmWCZ_Y.roa
File:                     CpXQSclEyHx00ze4WsjcQmWCZ_Y.roa (raw, json)
Hash identifier:          jbjbIcCCEpX9mN7HEvYgFYN5lrPtTWGmPDyUUtQfT10=
Subject key identifier:   0A:95:D0:49:C9:44:C8:7C:74:D3:37:B8:5A:C8:DC:42:65:82:67:F6
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018CC349557AC510DC55ACB1A36F657172F8
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/CpXQSclEyHx00ze4WsjcQmWCZ_Y.roa
Signing time:             Mon 01 Jan 2024 04:30:12 +0000
ROA not before:           Mon 01 Jan 2024 04:30:12 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     60504
IP address blocks:        89.213.0.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Wed 03 Apr 2024 07:29:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:49:55:7a:c5:10:dc:55:ac:b1:a3:6f:65:71:72:f8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jan  1 04:30:12 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=0a95d049c944c87c74d337b85ac8dc42658267f6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:bc:45:fc:1c:ea:71:a7:82:33:84:99:2e:7a:
                    b8:87:f2:0b:e7:bc:cd:0f:35:1f:44:4a:36:e8:79:
                    54:29:97:78:7e:47:d6:1e:30:cd:ca:f9:18:cc:2a:
                    ab:24:af:8d:58:83:f3:50:d0:4d:05:fc:4e:10:c6:
                    6f:dc:6d:f8:42:b8:ae:fb:d4:cd:ed:db:80:3a:41:
                    5e:07:fa:4b:ae:e1:14:54:4d:d9:22:1b:a9:0e:4c:
                    03:cd:06:18:6a:4a:b4:f3:fd:4b:8e:f8:ba:c1:bc:
                    2a:10:29:98:b8:98:81:d1:1d:ed:51:7a:5a:40:36:
                    f2:a1:62:59:3e:cb:a2:55:a3:65:32:80:5e:b1:b5:
                    6e:35:83:ed:9d:95:e4:da:45:79:48:68:0d:28:e8:
                    00:48:e0:a9:98:94:ad:b8:36:46:51:d7:0e:7a:05:
                    86:3b:bd:16:65:48:34:98:d8:11:eb:af:bf:c3:32:
                    14:ff:40:4f:33:b3:c2:86:78:29:db:9e:b8:bc:7c:
                    c1:52:72:87:17:5d:08:f9:84:db:55:4f:93:75:20:
                    63:41:c0:d1:b5:23:22:99:5a:65:51:ab:24:04:ad:
                    ce:34:ae:b5:c2:53:e0:4c:f2:2f:30:4b:22:3e:8e:
                    d2:be:fa:b3:09:dd:45:79:b1:8d:d8:96:51:33:79:
                    53:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:95:D0:49:C9:44:C8:7C:74:D3:37:B8:5A:C8:DC:42:65:82:67:F6
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/CpXQSclEyHx00ze4WsjcQmWCZ_Y.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.213.0.0/22

    Signature Algorithm: sha256WithRSAEncryption
         3a:7b:d0:74:51:80:53:c9:a2:59:18:6c:20:98:61:bb:ab:5d:
         f4:31:3e:d1:b2:5e:de:46:64:ba:03:5f:ce:69:74:e2:39:c5:
         18:55:9e:0a:3a:ed:c8:de:a0:b7:3b:dc:52:d7:1d:0f:4e:f1:
         37:9f:7a:0c:5e:d5:9e:82:57:18:e8:7a:fa:e3:b4:92:be:36:
         4f:90:41:df:5c:f6:51:2c:f6:ff:da:00:21:eb:6d:41:2a:33:
         67:78:f4:5b:80:13:85:20:7f:0b:89:46:7c:c9:d7:8a:e1:6b:
         09:ae:65:1e:ca:1c:ab:7e:a1:69:df:0e:c4:cb:45:4b:b6:a5:
         21:96:8c:df:c7:65:f8:9d:e2:36:e2:0c:17:b3:9d:c9:46:f0:
         59:44:d8:fb:a1:e9:82:be:0a:b1:c7:bd:21:d8:03:07:75:8f:
         58:0e:f4:09:cf:70:da:ea:2f:36:85:74:08:a9:5a:88:fc:02:
         1c:47:4f:69:13:64:35:69:18:55:77:38:51:fd:aa:75:ec:f7:
         a8:a0:8b:cb:6b:85:8c:28:0c:02:70:21:19:83:49:50:d1:b4:
         18:a4:1c:0f:63:d7:f7:e3:d2:1c:43:3e:8a:5f:93:8c:c5:9b:
         88:02:65:3a:4c:54:53:da:0d:ea:1d:0c:f7:9d:c4:90:88:10:
         3e:15:90:d6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSVV6xRDcVayxo29lcXL4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMTAxMDQzMDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTk1ZDA0OWM5NDRjODdjNzRkMzM3Yjg1YWM4ZGM0MjY1ODI2N2Y2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAurxF/BzqcaeCM4SZLnq4h/IL57zN
DzUfREo26HlUKZd4fkfWHjDNyvkYzCqrJK+NWIPzUNBNBfxOEMZv3G34Qriu+9TN
7duAOkFeB/pLruEUVE3ZIhupDkwDzQYYakq08/1Ljvi6wbwqECmYuJiB0R3tUXpa
QDbyoWJZPsuiVaNlMoBesbVuNYPtnZXk2kV5SGgNKOgASOCpmJStuDZGUdcOegWG
O70WZUg0mNgR66+/wzIU/0BPM7PChngp2564vHzBUnKHF10I+YTbVU+TdSBjQcDR
tSMimVplUaskBK3ONK61wlPgTPIvMEsiPo7SvvqzCd1FebGN2JZRM3lTLQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAqV0EnJRMh8dNM3uFrI3EJlgmf2MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvQ3BYUVNjbEV5SHgwMHplNFdzamNRbVdDWl9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCWdUAMA0G
CSqGSIb3DQEBCwUAA4IBAQA6e9B0UYBTyaJZGGwgmGG7q130MT7Rsl7eRmS6A1/O
aXTiOcUYVZ4KOu3I3qC3O9xS1x0PTvE3n3oMXtWeglcY6Hr647SSvjZPkEHfXPZR
LPb/2gAh621BKjNnePRbgBOFIH8LiUZ8ydeK4WsJrmUeyhyrfqFp3w7Ey0VLtqUh
lozfx2X4neI24gwXs53JRvBZRNj7oemCvgqxx70h2AMHdY9YDvQJz3Da6i82hXQI
qVqI/AIcR09pE2Q1aRhVdzhR/ap17PeooIvLa4WMKAwCcCEZg0lQ0bQYpBwPY9f3
49IcQz6KX5OMxZuIAmU6TFRT2g3qHQz3ncSQiBA+FZDW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:14 2024 by rpki-client on console-fra.rpki-client.org