Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/GNs7NwszqLcdjfDrQ4_gZ4coSu8.roa
File:                     GNs7NwszqLcdjfDrQ4_gZ4coSu8.roa (raw, json)
Hash identifier:          /kt2vEmaZGNNnlKeepjvfN5U7ause8ywOn5n/XNlgVM=
Subject key identifier:   18:DB:3B:37:0B:33:A8:B7:1D:8D:F0:EB:43:8F:E0:67:87:28:4A:EF
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018A076F3A3F53B46C2502AA427143F08932
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/GNs7NwszqLcdjfDrQ4_gZ4coSu8.roa
Signing time:             Fri 18 Aug 2023 06:57:24 +0000
ROA not before:           Fri 18 Aug 2023 06:57:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     5065
IP address blocks:        89.213.40.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Mon 18 Sep 2023 07:37:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:07:6f:3a:3f:53:b4:6c:25:02:aa:42:71:43:f0:89:32
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Aug 18 06:57:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=18db3b370b33a8b71d8df0eb438fe06787284aef
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:53:80:cf:9a:24:15:6f:02:32:15:7b:a3:ac:
                    ae:bc:73:e7:f0:13:fa:8e:c0:be:96:d8:2f:2a:7f:
                    ec:72:1a:4a:2f:5b:7a:b2:d0:8c:ef:73:af:07:87:
                    7b:9d:ff:18:86:fb:1d:a5:c0:ef:22:a3:1e:ff:da:
                    8f:ec:28:85:5f:d5:c7:ec:14:7a:8e:58:6d:db:3f:
                    ed:fa:13:ca:77:11:4a:1d:dd:45:b6:6f:98:97:9a:
                    38:5e:91:ab:51:61:be:a8:1e:05:b5:0e:60:a0:4d:
                    6b:7b:69:bb:6a:a6:7c:43:12:6d:0f:cc:db:e9:40:
                    70:3a:e5:1d:14:79:dc:86:6a:37:23:f1:90:1a:15:
                    d6:9f:bb:8c:80:63:6d:d1:41:5d:c3:17:8f:d9:5c:
                    cf:d4:6f:85:26:a8:90:a0:ca:09:3b:02:11:08:e2:
                    78:9a:95:5b:e2:49:dd:95:63:33:c9:6e:15:bf:cc:
                    5a:5f:e5:f2:13:b3:a8:56:ee:7b:f2:85:89:62:7b:
                    10:fc:5f:71:a0:2a:78:10:3a:e7:6f:17:2f:79:c8:
                    de:f5:60:06:69:dd:21:5b:d4:50:bd:a8:f5:fa:a3:
                    a7:63:48:6c:29:10:e4:7c:4f:11:56:5c:44:8d:e7:
                    69:d5:28:39:53:ae:82:d8:70:0c:e5:92:93:17:5d:
                    71:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:DB:3B:37:0B:33:A8:B7:1D:8D:F0:EB:43:8F:E0:67:87:28:4A:EF
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/GNs7NwszqLcdjfDrQ4_gZ4coSu8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.213.40.0/22

    Signature Algorithm: sha256WithRSAEncryption
         4f:a0:3d:ee:39:a8:15:24:a2:47:ce:34:90:77:3a:58:e2:a2:
         a6:ee:05:7a:fd:62:22:14:fe:e7:40:45:59:02:b2:ee:3c:76:
         86:5a:4e:c4:e4:6e:a0:30:34:14:97:ea:fd:71:8d:e1:00:10:
         b1:58:5c:be:13:6a:f7:a1:03:97:76:31:e4:98:dd:24:21:45:
         1a:15:51:7f:75:f2:aa:3f:ed:f6:b0:58:b6:13:63:de:53:11:
         de:83:4e:bc:db:11:77:64:24:69:08:02:b0:88:76:b6:29:d4:
         f2:dc:1e:aa:e1:b5:c1:55:04:b8:5e:db:67:46:b6:1a:24:83:
         91:81:69:f7:ea:7a:e0:03:4a:b4:54:40:8c:af:25:67:9c:d0:
         4b:43:64:fa:97:29:74:6a:65:ab:7e:77:ff:e5:b7:ca:d2:6c:
         cc:8d:b4:4f:5f:eb:c6:84:41:ad:4f:dc:aa:6e:cf:28:9e:4d:
         1c:1b:c9:e8:47:65:03:03:60:a1:d6:b5:74:09:be:97:42:ce:
         f7:18:e3:0d:9b:af:1a:b3:1f:7b:4d:3b:45:e1:27:7b:a3:bd:
         6a:3a:9d:d2:7c:6b:99:22:95:27:42:1e:76:92:72:b4:72:cd:
         4d:26:44:f4:6a:85:ef:e4:02:fd:66:1c:e3:16:ba:1f:b6:f0:
         32:91:38:2b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYoHbzo/U7RsJQKqQnFD8IkyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwODE4MDY1NzI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOGRiM2IzNzBiMzNhOGI3MWQ4ZGYwZWI0MzhmZTA2Nzg3Mjg0YWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqFOAz5okFW8CMhV7o6yuvHPn8BP6
jsC+ltgvKn/schpKL1t6stCM73OvB4d7nf8YhvsdpcDvIqMe/9qP7CiFX9XH7BR6
jlht2z/t+hPKdxFKHd1Ftm+Yl5o4XpGrUWG+qB4FtQ5goE1re2m7aqZ8QxJtD8zb
6UBwOuUdFHnchmo3I/GQGhXWn7uMgGNt0UFdwxeP2VzP1G+FJqiQoMoJOwIRCOJ4
mpVb4kndlWMzyW4Vv8xaX+XyE7OoVu578oWJYnsQ/F9xoCp4EDrnbxcvecje9WAG
ad0hW9RQvaj1+qOnY0hsKRDkfE8RVlxEjedp1Sg5U66C2HAM5ZKTF11xpwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBjbOzcLM6i3HY3w60OP4GeHKErvMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvR05zN053c3pxTGNkamZEclE0X2daNGNvU3U4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCWdUoMA0G
CSqGSIb3DQEBCwUAA4IBAQBPoD3uOagVJKJHzjSQdzpY4qKm7gV6/WIiFP7nQEVZ
ArLuPHaGWk7E5G6gMDQUl+r9cY3hABCxWFy+E2r3oQOXdjHkmN0kIUUaFVF/dfKq
P+32sFi2E2PeUxHeg0682xF3ZCRpCAKwiHa2KdTy3B6q4bXBVQS4XttnRrYaJIOR
gWn36nrgA0q0VECMryVnnNBLQ2T6lyl0amWrfnf/5bfK0mzMjbRPX+vGhEGtT9yq
bs8onk0cG8noR2UDA2Ch1rV0Cb6XQs73GOMNm68asx97TTtF4Sd7o71qOp3SfGuZ
IpUnQh52knK0cs1NJkT0aoXv5AL9ZhzjFroftvAykTgr
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:21 2024 by rpki-client on console-ams.rpki-client.org