Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/D4OxCqvzFSbfYaCXgHI9qWqhyVY.roa
File:                     D4OxCqvzFSbfYaCXgHI9qWqhyVY.roa (raw, json)
Hash identifier:          VYSkwyAb6cxuS2kwnQ+PabV4ykaVuUCQRt3DsGWmzMQ=
Subject key identifier:   0F:83:B1:0A:AB:F3:15:26:DF:61:A0:97:80:72:3D:A9:6A:A1:C9:56
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018F384C9FFBEA784EB649A6ECB3A515E338
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/D4OxCqvzFSbfYaCXgHI9qWqhyVY.roa
Signing time:             Thu 02 May 2024 07:54:56 +0000
ROA not before:           Thu 02 May 2024 07:54:56 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     197737
IP address blocks:        79.99.76.0/24 maxlen: 24
                          89.213.97.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 07 May 2024 07:18:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:38:4c:9f:fb:ea:78:4e:b6:49:a6:ec:b3:a5:15:e3:38
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: May  2 07:54:56 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=0f83b10aabf31526df61a09780723da96aa1c956
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ef:ac:23:e4:41:8d:cf:69:68:1b:32:5a:fa:1d:
                    91:f0:e8:a8:20:54:8b:15:67:03:8c:57:34:5a:12:
                    da:6a:ca:a9:c0:bb:d8:aa:3d:15:3a:1a:5a:28:67:
                    63:7c:c0:65:6e:90:ff:78:13:e4:84:4f:fb:49:6e:
                    9d:79:24:25:c0:e3:ad:d1:0d:0f:11:e0:7c:d0:07:
                    e4:b7:51:25:5c:04:bf:f9:eb:72:62:25:4d:d2:6e:
                    f3:b3:52:b7:10:69:f8:2c:00:ce:ea:00:a5:59:61:
                    2f:84:e2:d7:b8:e6:5d:71:db:5d:ac:e6:1b:d1:24:
                    b4:e0:66:5d:36:f0:3c:55:00:e7:bf:f8:bb:48:f3:
                    43:56:2e:b2:af:f2:91:6d:11:2f:bb:b2:79:65:ee:
                    0f:ac:6c:6e:88:6d:3b:07:01:f1:c8:ba:0d:aa:a5:
                    a4:47:12:b5:0b:7a:0c:0f:b9:11:9e:e3:8a:d5:49:
                    5d:e1:d1:56:65:c3:b5:20:d9:33:61:80:46:27:1e:
                    3c:03:7a:2a:b0:e7:49:a4:b1:5b:96:1d:fc:a8:80:
                    48:d5:e8:a2:07:20:eb:a2:07:75:fd:8a:13:21:b1:
                    5b:78:4f:31:f3:b5:af:9e:3b:2e:da:0e:d8:9b:91:
                    e3:f2:f9:c2:20:dd:ef:10:ed:19:6b:36:ae:b2:ee:
                    ba:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:83:B1:0A:AB:F3:15:26:DF:61:A0:97:80:72:3D:A9:6A:A1:C9:56
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/D4OxCqvzFSbfYaCXgHI9qWqhyVY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  79.99.76.0/24
                  89.213.97.0/24

    Signature Algorithm: sha256WithRSAEncryption
         04:a3:0c:44:e3:7a:ce:6f:f9:89:1e:01:87:da:76:65:99:85:
         be:96:14:aa:cd:4d:37:94:e4:db:6d:2b:c9:54:91:10:d9:2d:
         0b:79:90:d4:67:a5:40:75:6f:b9:4a:3b:cf:a2:d1:8b:fd:8a:
         a6:4f:70:26:87:85:8f:0b:b7:cf:3c:aa:f7:1a:1a:3c:d8:56:
         a7:95:5a:10:20:c8:d1:7b:ac:f3:f3:6b:a0:99:5e:25:1e:d8:
         7b:35:93:78:c8:a1:22:cf:23:06:73:a6:f7:3b:30:cc:25:ce:
         1e:66:af:3a:32:a8:58:5e:95:4c:d2:8d:b1:61:b4:25:a0:92:
         a9:f8:bc:b2:bf:9f:32:e7:39:3a:b6:74:d2:d7:63:60:da:46:
         9e:b1:28:06:37:70:64:7d:18:84:5f:e4:8a:29:df:ec:b8:79:
         bd:de:33:4c:bf:a1:43:7d:0b:02:ad:64:c7:0e:e9:fd:fd:81:
         7a:3a:c0:ce:a9:89:c9:04:e1:50:18:9d:58:5c:de:98:fe:2e:
         19:2a:e5:77:6c:1c:4c:a9:90:14:5a:74:87:c8:26:e3:b3:3e:
         52:70:b0:8d:7f:a1:7e:6d:1f:d8:45:4e:c6:37:10:f6:9f:6a:
         7c:49:06:64:83:45:ac:38:da:e2:7c:30:f7:8e:d2:e7:41:45:
         8e:4b:70:bc
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY84TJ/76nhOtkmm7LOlFeM4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNTAyMDc1NDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjgzYjEwYWFiZjMxNTI2ZGY2MWEwOTc4MDcyM2RhOTZhYTFjOTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA76wj5EGNz2loGzJa+h2R8OioIFSL
FWcDjFc0WhLaasqpwLvYqj0VOhpaKGdjfMBlbpD/eBPkhE/7SW6deSQlwOOt0Q0P
EeB80Afkt1ElXAS/+etyYiVN0m7zs1K3EGn4LADO6gClWWEvhOLXuOZdcdtdrOYb
0SS04GZdNvA8VQDnv/i7SPNDVi6yr/KRbREvu7J5Ze4PrGxuiG07BwHxyLoNqqWk
RxK1C3oMD7kRnuOK1Uld4dFWZcO1INkzYYBGJx48A3oqsOdJpLFblh38qIBI1eii
ByDrogd1/YoTIbFbeE8x87Wvnjsu2g7Ym5Hj8vnCIN3vEO0Zazausu66KwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFA+DsQqr8xUm32Ggl4ByPalqoclWMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvRDRPeENxdnpGU2JmWWFDWGdISTlxV3FoeVZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAT2NMAwQA
WdVhMA0GCSqGSIb3DQEBCwUAA4IBAQAEowxE43rOb/mJHgGH2nZlmYW+lhSqzU03
lOTbbSvJVJEQ2S0LeZDUZ6VAdW+5SjvPotGL/YqmT3Amh4WPC7fPPKr3Gho82Fan
lVoQIMjRe6zz82ugmV4lHth7NZN4yKEizyMGc6b3OzDMJc4eZq86MqhYXpVM0o2x
YbQloJKp+Lyyv58y5zk6tnTS12Ng2kaesSgGN3BkfRiEX+SKKd/suHm93jNMv6FD
fQsCrWTHDun9/YF6OsDOqYnJBOFQGJ1YXN6Y/i4ZKuV3bBxMqZAUWnSHyCbjsz5S
cLCNf6F+bR/YRU7GNxD2n2p8SQZkg0WsONrifDD3jtLnQUWOS3C8
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:21 2024 by rpki-client on console-ams.rpki-client.org