Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/GmfKxr75AEWLFijioOG9pCmPFg8.roa
File:                     GmfKxr75AEWLFijioOG9pCmPFg8.roa (raw, json)
Hash identifier:          ZbeYyoJROe2cDhOeoGev5nCEWG+thGllqHTOkWfUuc0=
Subject key identifier:   1A:67:CA:C6:BE:F9:00:45:8B:16:28:E2:A0:E1:BD:A4:29:8F:16:0F
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018A5FFC4BD99218E8702630165BBF7EED8B
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/GmfKxr75AEWLFijioOG9pCmPFg8.roa
Signing time:             Mon 04 Sep 2023 11:38:04 +0000
ROA not before:           Mon 04 Sep 2023 11:38:04 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     8220
IP address blocks:        89.213.44.0/23 maxlen: 24
                          109.176.242.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:30:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:5f:fc:4b:d9:92:18:e8:70:26:30:16:5b:bf:7e:ed:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Sep  4 11:38:04 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1a67cac6bef900458b1628e2a0e1bda4298f160f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:c2:43:82:25:7a:22:c8:0a:b0:5e:a2:ad:18:
                    9c:3d:c0:78:0b:a3:c7:5c:e9:ec:b1:a7:fc:8c:e4:
                    60:e2:f3:bf:d5:e3:90:67:9c:fc:cb:c6:aa:84:70:
                    24:1b:16:b7:8c:02:02:9b:1c:5a:39:b1:be:6e:5c:
                    5a:58:7c:a4:d6:31:9f:76:ee:c1:96:79:6f:4e:79:
                    81:9f:f3:66:21:cb:b3:46:69:1c:d9:24:b5:21:8a:
                    dc:55:7f:7b:cd:41:09:49:59:2f:08:19:f1:40:d4:
                    98:94:a1:ed:5f:31:a2:9c:1e:91:75:01:ee:10:6f:
                    d1:28:20:7c:b2:fc:9d:1f:81:3b:c8:63:4d:3b:d8:
                    92:61:58:36:10:78:0b:6f:d6:97:be:ae:63:72:ad:
                    90:2c:38:ec:64:cf:61:cf:58:f7:c4:f0:ea:83:61:
                    f2:9a:7f:49:03:df:65:c6:60:9c:50:22:08:16:28:
                    ab:a3:5f:d9:32:42:2e:0f:74:71:ae:ed:d3:f9:96:
                    ca:2d:08:12:c7:ab:8f:8d:c8:90:92:8d:c0:73:15:
                    64:48:96:f7:1d:61:57:33:29:07:a2:7e:09:9d:9b:
                    ee:93:7b:82:ff:2e:26:57:a3:46:f1:ba:96:3f:bd:
                    b7:6b:3e:57:75:3a:44:55:6b:40:1b:73:6c:51:0a:
                    41:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:67:CA:C6:BE:F9:00:45:8B:16:28:E2:A0:E1:BD:A4:29:8F:16:0F
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/GmfKxr75AEWLFijioOG9pCmPFg8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.213.44.0/23
                  109.176.242.0/23

    Signature Algorithm: sha256WithRSAEncryption
         94:9c:6e:97:c3:1b:fb:51:0e:5b:4d:65:c1:41:ec:22:6a:27:
         f4:0d:19:bf:ed:26:de:9f:29:79:d7:3f:a7:82:3e:f1:8a:c6:
         84:31:df:cc:69:8b:76:e1:d9:b7:52:49:75:e0:39:b8:fa:62:
         06:0e:a9:62:3f:ff:40:15:22:c1:f5:85:36:94:a5:7d:3b:c0:
         f9:e5:27:cd:0b:13:d9:9e:f2:c0:b5:a3:4c:70:9b:8e:fc:10:
         17:05:b0:2f:59:da:01:e5:53:0e:6c:85:d4:89:18:56:ea:3b:
         e1:a2:37:6c:00:7b:9b:0d:29:94:44:e8:c9:22:18:f9:17:e0:
         bb:5c:75:bd:54:89:b8:dd:fe:ba:5b:a4:71:f8:d5:5c:a0:57:
         59:a5:2c:bf:55:5e:88:53:fd:95:fc:e2:c7:03:1d:0c:a3:9e:
         c1:bc:2e:cc:a4:87:f0:ba:08:91:ef:9d:d0:03:04:23:99:ff:
         7c:87:03:c3:28:e3:d1:82:49:4b:83:93:ef:2c:8e:e4:fc:b1:
         c2:e2:e2:3b:17:c2:ec:0d:82:6a:75:ef:e8:e2:9a:cf:fa:6f:
         48:fe:2a:bd:11:2d:0c:8a:5b:3a:57:9a:85:e4:ae:e7:ba:1c:
         1d:d6:10:34:70:6b:4f:d0:8d:9f:fe:80:e5:47:43:91:5a:8b:
         66:53:f3:20
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYpf/EvZkhjocCYwFlu/fu2LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwOTA0MTEzODA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTY3Y2FjNmJlZjkwMDQ1OGIxNjI4ZTJhMGUxYmRhNDI5OGYxNjBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoMJDgiV6IsgKsF6irRicPcB4C6PH
XOnssaf8jORg4vO/1eOQZ5z8y8aqhHAkGxa3jAICmxxaObG+blxaWHyk1jGfdu7B
lnlvTnmBn/NmIcuzRmkc2SS1IYrcVX97zUEJSVkvCBnxQNSYlKHtXzGinB6RdQHu
EG/RKCB8svydH4E7yGNNO9iSYVg2EHgLb9aXvq5jcq2QLDjsZM9hz1j3xPDqg2Hy
mn9JA99lxmCcUCIIFiiro1/ZMkIuD3Rxru3T+ZbKLQgSx6uPjciQko3AcxVkSJb3
HWFXMykHon4JnZvuk3uC/y4mV6NG8bqWP723az5XdTpEVWtAG3NsUQpBWQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBpnysa++QBFixYo4qDhvaQpjxYPMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvR21mS3hyNzVBRVdMRmlqaW9PRzlwQ21QRmc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBWdUsAwQB
bbDyMA0GCSqGSIb3DQEBCwUAA4IBAQCUnG6Xwxv7UQ5bTWXBQewiaif0DRm/7Sbe
nyl51z+ngj7xisaEMd/MaYt24dm3Ukl14Dm4+mIGDqliP/9AFSLB9YU2lKV9O8D5
5SfNCxPZnvLAtaNMcJuO/BAXBbAvWdoB5VMObIXUiRhW6jvhojdsAHubDSmUROjJ
Ihj5F+C7XHW9VIm43f66W6Rx+NVcoFdZpSy/VV6IU/2V/OLHAx0Mo57BvC7MpIfw
ugiR753QAwQjmf98hwPDKOPRgklLg5PvLI7k/LHC4uI7F8LsDYJqde/o4prP+m9I
/iq9ES0Mils6V5qF5K7nuhwd1hA0cGtP0I2f/oDlR0ORWotmU/Mg
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:14 2024 by rpki-client on console-fra.rpki-client.org