Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/CsUHobkqwwKqvz-QGiVNyApcDEE.roa
File:                     CsUHobkqwwKqvz-QGiVNyApcDEE.roa (raw, json)
Hash identifier:          ABEvNM1G4hC8xQX0c+eN5C+5tmtJZusYltOACd7nUpc=
Subject key identifier:   0A:C5:07:A1:B9:2A:C3:02:AA:BF:3F:90:1A:25:4D:C8:0A:5C:0C:41
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018945A8B588D0704073F4E12AA141B980FF
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/CsUHobkqwwKqvz-QGiVNyApcDEE.roa
Signing time:             Tue 11 Jul 2023 15:53:51 +0000
ROA not before:           Tue 11 Jul 2023 15:53:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     20473
IP address blocks:        89.213.4.0/24 maxlen: 24
                          109.176.253.0/24 maxlen: 24
                          89.213.167.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 12 Jul 2023 14:20:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:45:a8:b5:88:d0:70:40:73:f4:e1:2a:a1:41:b9:80:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jul 11 15:53:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0ac507a1b92ac302aabf3f901a254dc80a5c0c41
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:c5:a2:fb:1d:d3:12:d8:47:36:d2:45:48:7a:
                    2b:de:8b:06:1b:c8:7f:21:4f:12:6d:4c:15:a7:c3:
                    30:6a:b4:84:77:42:52:9c:38:09:35:9c:54:0d:2d:
                    7f:e0:80:a5:67:00:46:ed:59:a4:b2:da:a8:a7:69:
                    58:e3:25:62:bd:2c:22:60:75:ec:cd:a9:38:8d:c3:
                    89:aa:b4:33:1c:11:73:75:16:a0:40:bc:fa:e1:68:
                    ba:14:58:b8:e3:13:03:22:be:18:2f:e9:4d:d7:a0:
                    ac:37:52:54:72:f8:02:e5:c5:88:54:7d:5b:b4:12:
                    c2:8c:75:49:de:53:af:ac:bc:81:0a:30:15:c4:72:
                    1b:0d:32:54:93:81:7a:7a:4e:76:76:85:b1:63:d2:
                    7d:9c:1b:ed:85:ec:e8:ea:43:3d:f6:16:2a:2e:6e:
                    f9:a9:77:54:54:6a:cd:0a:f0:45:95:73:2c:f9:5d:
                    67:e0:03:df:94:4c:93:42:d7:89:e0:28:6e:a9:4c:
                    29:28:8d:8e:df:60:8c:e9:cc:6d:f3:f3:72:b9:02:
                    e6:14:d8:2d:e5:2d:a0:8d:d8:0d:50:9b:fc:37:e1:
                    23:5e:bf:24:f0:dd:89:c1:31:af:58:c3:14:3e:79:
                    4f:fb:05:43:27:fc:05:7a:dd:e4:ba:f4:4e:17:f8:
                    02:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:C5:07:A1:B9:2A:C3:02:AA:BF:3F:90:1A:25:4D:C8:0A:5C:0C:41
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/CsUHobkqwwKqvz-QGiVNyApcDEE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.213.4.0/24
                  89.213.167.0/24
                  109.176.253.0/24

    Signature Algorithm: sha256WithRSAEncryption
         44:c7:d0:d0:10:d8:2c:0a:9c:9f:33:43:22:89:29:cb:10:50:
         a9:d4:0e:86:df:65:aa:9e:9f:f2:89:e3:7c:93:a7:95:1a:2b:
         ee:68:ca:ff:e0:50:7f:92:4a:a2:54:21:1c:64:21:eb:7b:17:
         fa:6c:85:44:c7:de:9b:1f:a3:84:69:50:12:70:50:83:25:95:
         4d:e3:6a:f9:07:09:bb:fc:17:e7:0b:a4:5f:52:fa:01:0d:57:
         1a:4c:b9:8a:9c:91:20:23:55:73:7c:6f:64:a6:74:e8:a5:cb:
         66:22:51:5e:7c:b7:21:1d:ab:38:06:40:03:07:f8:71:b9:30:
         97:35:92:3b:1d:54:70:4d:e2:f5:66:fa:5a:4c:74:24:0f:14:
         b9:f7:ed:b6:78:e0:eb:98:ff:e3:22:01:99:54:a4:75:57:50:
         45:79:d5:2e:a9:28:9a:da:2a:36:ca:81:3e:85:96:05:be:d6:
         07:d0:57:4b:f1:74:bd:7d:82:90:55:69:0a:ce:a8:bb:c3:68:
         1d:9e:85:d4:75:4b:3c:93:24:ea:51:76:90:1d:af:7f:a6:e5:
         68:a8:d8:eb:9f:14:a4:1f:27:39:e6:09:7a:07:a1:a5:19:d5:
         85:b9:3a:a3:0b:3a:8e:15:ac:7e:4b:6a:76:d9:7c:da:e8:6a:
         8b:21:0a:de
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYlFqLWI0HBAc/ThKqFBuYD/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNzExMTU1MzUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWM1MDdhMWI5MmFjMzAyYWFiZjNmOTAxYTI1NGRjODBhNWMwYzQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtcWi+x3TEthHNtJFSHor3osGG8h/
IU8SbUwVp8MwarSEd0JSnDgJNZxUDS1/4IClZwBG7Vmkstqop2lY4yVivSwiYHXs
zak4jcOJqrQzHBFzdRagQLz64Wi6FFi44xMDIr4YL+lN16CsN1JUcvgC5cWIVH1b
tBLCjHVJ3lOvrLyBCjAVxHIbDTJUk4F6ek52doWxY9J9nBvthezo6kM99hYqLm75
qXdUVGrNCvBFlXMs+V1n4APflEyTQteJ4ChuqUwpKI2O32CM6cxt8/NyuQLmFNgt
5S2gjdgNUJv8N+EjXr8k8N2JwTGvWMMUPnlP+wVDJ/wFet3kuvROF/gCxQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFArFB6G5KsMCqr8/kBolTcgKXAxBMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvQ3NVSG9ia3F3d0txdnotUUdpVk55QXBjREVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWdUEAwQA
WdWnAwQAbbD9MA0GCSqGSIb3DQEBCwUAA4IBAQBEx9DQENgsCpyfM0MiiSnLEFCp
1A6G32Wqnp/yieN8k6eVGivuaMr/4FB/kkqiVCEcZCHrexf6bIVEx96bH6OEaVAS
cFCDJZVN42r5Bwm7/BfnC6RfUvoBDVcaTLmKnJEgI1VzfG9kpnTopctmIlFefLch
Has4BkADB/hxuTCXNZI7HVRwTeL1ZvpaTHQkDxS59+22eODrmP/jIgGZVKR1V1BF
edUuqSia2io2yoE+hZYFvtYH0FdL8XS9fYKQVWkKzqi7w2gdnoXUdUs8kyTqUXaQ
Ha9/puVoqNjrnxSkHyc55gl6B6GlGdWFuTqjCzqOFax+S2p22Xza6GqLIQre
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:21 2024 by rpki-client on console-ams.rpki-client.org