Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ETcfEYxA6TWuCGnGFZ-9GNevmnE.roa
File:                     ETcfEYxA6TWuCGnGFZ-9GNevmnE.roa (raw, json)
Hash identifier:          mglffNjHiI45Ysvb/RBY24FLxiA1I2XpZ6hPozMCHxo=
Subject key identifier:   11:37:1F:11:8C:40:E9:35:AE:08:69:C6:15:9F:BD:18:D7:AF:9A:71
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       0189D09E8B871FC925414777BA49223199E0
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ETcfEYxA6TWuCGnGFZ-9GNevmnE.roa
Signing time:             Mon 07 Aug 2023 15:29:58 +0000
ROA not before:           Mon 07 Aug 2023 15:29:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     147291
IP address blocks:        89.213.135.0/24 maxlen: 24
                          89.213.133.0/24 maxlen: 24
                          89.213.134.0/24 maxlen: 24
                          89.213.138.0/24 maxlen: 24
                          89.213.137.0/24 maxlen: 24
                          89.213.153.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 08 Aug 2023 11:21:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:d0:9e:8b:87:1f:c9:25:41:47:77:ba:49:22:31:99:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Aug  7 15:29:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=11371f118c40e935ae0869c6159fbd18d7af9a71
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:ff:3b:77:23:62:5c:a4:f7:50:2c:6a:98:c9:
                    8b:7b:ef:5f:48:3b:59:c4:fe:c4:b1:20:46:68:a1:
                    ad:ca:eb:26:55:40:8e:a7:b9:f6:03:6b:42:9c:10:
                    c3:6b:45:03:5f:c2:63:8d:a7:1d:3e:27:f0:95:44:
                    c3:a7:0d:f1:de:47:80:a6:80:26:03:a0:2e:02:95:
                    05:9d:55:d2:db:96:79:4f:c0:7f:b1:93:bf:41:35:
                    cd:27:db:56:c3:3d:ac:f4:52:f5:1d:b2:c0:d2:ab:
                    48:27:46:01:10:fb:ad:56:a4:9e:a4:c1:e3:b6:69:
                    e7:7d:89:60:2e:9e:65:fb:75:98:a6:a6:d3:3b:80:
                    0d:b6:d7:d4:6d:33:ad:29:e6:38:6c:c7:cf:31:dc:
                    6b:53:a2:e0:1e:ee:74:42:f1:dc:a9:c7:f1:71:01:
                    0d:99:fe:c1:9d:86:c5:40:86:2f:50:ce:41:07:42:
                    0d:75:2b:25:3b:60:9d:da:dc:77:e2:22:5f:92:81:
                    16:31:1a:02:e6:90:78:ca:ac:e3:29:03:68:b7:6c:
                    39:9c:f5:d2:4b:71:44:6a:3d:c4:65:d9:17:45:11:
                    6e:eb:ea:b4:54:0c:cc:2c:44:2d:04:cd:6e:ea:04:
                    82:f8:a3:94:fd:b2:72:49:a3:d7:b6:83:9c:8f:53:
                    1e:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:37:1F:11:8C:40:E9:35:AE:08:69:C6:15:9F:BD:18:D7:AF:9A:71
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ETcfEYxA6TWuCGnGFZ-9GNevmnE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.213.133.0-89.213.135.255
                  89.213.137.0-89.213.138.255
                  89.213.153.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6e:b8:59:02:0c:31:62:d0:85:19:ca:e4:62:5f:fd:10:5c:15:
         3b:3a:a3:b1:06:81:f0:68:03:21:88:b9:da:53:03:63:b1:2f:
         f8:18:7e:7d:de:83:c2:6b:e3:0a:c7:7c:7a:e1:90:07:c0:da:
         66:8e:b3:1f:74:28:01:77:40:14:f1:e0:66:e0:5b:4c:b3:90:
         d7:c5:f8:2b:d5:21:68:1b:f7:1e:87:e1:0e:af:dd:b1:4d:61:
         bb:29:a8:87:fb:92:59:3e:7d:67:b5:39:f6:c7:7e:aa:bc:34:
         b5:6d:93:76:00:27:ea:78:cb:fc:01:5d:fe:12:b8:05:05:01:
         5c:36:9e:9c:0b:5d:1e:3c:a4:3c:bc:ad:15:96:8b:49:da:c3:
         6e:15:0b:4f:fa:14:ff:21:f8:be:f5:fc:66:fc:30:2b:5a:63:
         1d:84:3d:63:ef:d5:10:b4:bb:ec:d2:68:80:93:c5:10:80:7f:
         b0:46:90:3d:b7:20:97:4d:26:25:91:a4:b9:20:c0:9f:e0:03:
         71:a9:61:9f:ec:3a:d9:e4:be:29:25:1c:12:ca:77:4d:dd:91:
         7d:71:bb:45:3a:25:fd:04:d6:ed:16:ec:7b:bb:62:18:08:5e:
         71:f5:ce:5f:45:36:d3:9b:66:fc:27:05:d7:29:ee:68:a8:8b:
         0f:92:6c:46
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYnQnouHH8klQUd3ukkiMZngMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwODA3MTUyOTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTM3MWYxMThjNDBlOTM1YWUwODY5YzYxNTlmYmQxOGQ3YWY5YTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiP87dyNiXKT3UCxqmMmLe+9fSDtZ
xP7EsSBGaKGtyusmVUCOp7n2A2tCnBDDa0UDX8JjjacdPifwlUTDpw3x3keApoAm
A6AuApUFnVXS25Z5T8B/sZO/QTXNJ9tWwz2s9FL1HbLA0qtIJ0YBEPutVqSepMHj
tmnnfYlgLp5l+3WYpqbTO4ANttfUbTOtKeY4bMfPMdxrU6LgHu50QvHcqcfxcQEN
mf7BnYbFQIYvUM5BB0INdSslO2Cd2tx34iJfkoEWMRoC5pB4yqzjKQNot2w5nPXS
S3FEaj3EZdkXRRFu6+q0VAzMLEQtBM1u6gSC+KOU/bJySaPXtoOcj1MerQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFBE3HxGMQOk1rghpxhWfvRjXr5pxMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvRVRjZkVZeEE2VFd1Q0duR0ZaLTlHTmV2bW5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiMAwDBABZ1YUD
BANZ1YAwDAMEAFnViQMEAFnVigMEAFnVmTANBgkqhkiG9w0BAQsFAAOCAQEAbrhZ
AgwxYtCFGcrkYl/9EFwVOzqjsQaB8GgDIYi52lMDY7Ev+Bh+fd6DwmvjCsd8euGQ
B8DaZo6zH3QoAXdAFPHgZuBbTLOQ18X4K9UhaBv3HofhDq/dsU1huymoh/uSWT59
Z7U59sd+qrw0tW2TdgAn6njL/AFd/hK4BQUBXDaenAtdHjykPLytFZaLSdrDbhUL
T/oU/yH4vvX8ZvwwK1pjHYQ9Y+/VELS77NJogJPFEIB/sEaQPbcgl00mJZGkuSDA
n+ADcalhn+w62eS+KSUcEsp3Td2RfXG7RTol/QTW7Rbse7tiGAhecfXOX0U205tm
/CcF1ynuaKiLD5JsRg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:14 2024 by rpki-client on console-fra.rpki-client.org