Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/FI9kF6n-gnBXITYdXBK0PUFzIUU.roa
File:                     FI9kF6n-gnBXITYdXBK0PUFzIUU.roa (raw, json)
Hash identifier:          FwPQVh4JynnqeeUWURn2j4SdoynOCnfwMLWx1VFJNO0=
Subject key identifier:   14:8F:64:17:A9:FE:82:70:57:21:36:1D:5C:12:B4:3D:41:73:21:45
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018A97BB68043E1D9237C37845FE228F5DD3
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/FI9kF6n-gnBXITYdXBK0PUFzIUU.roa
Signing time:             Fri 15 Sep 2023 07:25:56 +0000
ROA not before:           Fri 15 Sep 2023 07:25:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     7018
IP address blocks:        89.213.162.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 14 Nov 2023 07:08:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:97:bb:68:04:3e:1d:92:37:c3:78:45:fe:22:8f:5d:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Sep 15 07:25:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=148f6417a9fe82705721361d5c12b43d41732145
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:0c:0a:a4:47:1e:8b:7e:70:93:35:c9:8b:92:
                    2f:18:8b:cf:6a:1e:dc:88:23:21:4d:d7:3f:02:df:
                    a3:6d:94:12:d1:12:09:2c:80:64:2d:df:a5:51:36:
                    2e:d1:f1:17:6e:18:a0:6c:3f:77:b8:a3:de:c3:f5:
                    a5:c0:a4:f2:0f:55:da:e3:76:27:04:d6:cf:b9:4f:
                    61:99:2b:6f:09:6a:e0:8b:92:01:f0:0f:8a:16:ba:
                    98:6b:d1:0b:f6:36:07:5b:0e:33:9b:73:61:93:d4:
                    9a:dc:b4:66:97:1b:98:05:fd:bf:d3:f6:14:11:8a:
                    12:a9:64:04:b5:d4:d2:a9:b4:2f:1c:f8:e2:7f:0c:
                    4e:08:06:68:c8:e2:79:c4:84:4d:db:f8:25:45:4d:
                    05:98:02:14:12:62:e7:98:39:47:67:59:4a:69:a2:
                    6a:42:9b:23:69:ef:c1:44:18:22:be:ac:e6:ad:44:
                    08:fc:54:ad:15:53:79:1e:fb:0d:51:96:a7:2a:87:
                    99:dd:54:45:58:ff:37:0c:ce:ee:e9:49:b1:ce:64:
                    36:ad:1d:05:7c:ca:00:17:12:1e:7e:0d:6a:cc:bb:
                    63:3a:00:0e:69:0f:fd:18:d8:45:09:d9:3a:cf:47:
                    50:cb:92:31:cb:76:35:64:cc:16:a7:46:d4:45:01:
                    09:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:8F:64:17:A9:FE:82:70:57:21:36:1D:5C:12:B4:3D:41:73:21:45
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/FI9kF6n-gnBXITYdXBK0PUFzIUU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.213.162.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1c:f9:58:8b:33:7a:64:17:58:b1:cc:96:7d:3f:af:6d:a3:78:
         29:07:c7:12:3c:d6:9a:95:16:2a:df:e4:5c:9d:97:4a:cd:a4:
         45:76:64:e3:bc:1d:a8:96:c0:77:60:af:65:5f:b0:57:42:2a:
         37:a9:09:ff:f0:e1:93:68:d6:4a:98:a4:fa:54:be:f8:6a:13:
         50:98:0a:2c:82:a2:dc:af:01:1b:15:f3:7b:9d:85:79:29:bf:
         59:f3:b5:38:d1:5e:d3:5a:ec:f3:3d:12:42:e0:a5:a2:c8:23:
         43:f0:ad:ad:b6:cc:13:c5:56:19:59:a5:9a:f1:1e:36:30:62:
         cf:5a:18:e7:65:ef:7a:8c:12:f7:7f:96:a5:64:98:2b:50:6c:
         2a:92:e6:99:96:6f:4a:32:2c:84:e7:70:73:a8:46:54:f4:e2:
         9d:be:76:8f:28:27:ac:85:73:57:ba:58:37:e5:38:9b:cf:b8:
         43:21:7f:92:23:ed:39:03:bb:ab:20:7e:85:63:1e:90:be:fc:
         cf:44:f6:5b:04:0e:46:0e:76:06:a3:16:d4:89:dd:e0:b2:0a:
         1b:3a:4f:48:0f:32:fb:28:c8:ac:2a:50:f0:7b:52:cb:a4:86:
         91:28:e2:a7:d7:f0:a1:fc:e3:0e:a5:d6:e3:27:d9:73:e5:fa:
         12:d1:96:91
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYqXu2gEPh2SN8N4Rf4ij13TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwOTE1MDcyNTU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDhmNjQxN2E5ZmU4MjcwNTcyMTM2MWQ1YzEyYjQzZDQxNzMyMTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnQwKpEcei35wkzXJi5IvGIvPah7c
iCMhTdc/At+jbZQS0RIJLIBkLd+lUTYu0fEXbhigbD93uKPew/WlwKTyD1Xa43Yn
BNbPuU9hmStvCWrgi5IB8A+KFrqYa9EL9jYHWw4zm3Nhk9Sa3LRmlxuYBf2/0/YU
EYoSqWQEtdTSqbQvHPjifwxOCAZoyOJ5xIRN2/glRU0FmAIUEmLnmDlHZ1lKaaJq
Qpsjae/BRBgivqzmrUQI/FStFVN5HvsNUZanKoeZ3VRFWP83DM7u6UmxzmQ2rR0F
fMoAFxIefg1qzLtjOgAOaQ/9GNhFCdk6z0dQy5Ixy3Y1ZMwWp0bURQEJPQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBSPZBep/oJwVyE2HVwStD1BcyFFMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvRkk5a0Y2bi1nbkJYSVRZZFhCSzBQVUZ6SVVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWdWiMA0G
CSqGSIb3DQEBCwUAA4IBAQAc+ViLM3pkF1ixzJZ9P69to3gpB8cSPNaalRYq3+Rc
nZdKzaRFdmTjvB2olsB3YK9lX7BXQio3qQn/8OGTaNZKmKT6VL74ahNQmAosgqLc
rwEbFfN7nYV5Kb9Z87U40V7TWuzzPRJC4KWiyCND8K2ttswTxVYZWaWa8R42MGLP
WhjnZe96jBL3f5alZJgrUGwqkuaZlm9KMiyE53BzqEZU9OKdvnaPKCeshXNXulg3
5Tibz7hDIX+SI+05A7urIH6FYx6QvvzPRPZbBA5GDnYGoxbUid3gsgobOk9IDzL7
KMisKlDwe1LLpIaRKOKn1/Ch/OMOpdbjJ9lz5foS0ZaR
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:21 2024 by rpki-client on console-ams.rpki-client.org