Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/K_1KYrpUOy8S9LYTrvoRRZXuSXU.roa
File:                     K_1KYrpUOy8S9LYTrvoRRZXuSXU.roa (raw, json)
Hash identifier:          vbi7YczxPdT3omAsWCKr+YCg+XXgQjvBVUeSuPT6wAM=
Subject key identifier:   2B:FD:4A:62:BA:54:3B:2F:12:F4:B6:13:AE:FA:11:45:95:EE:49:75
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018E5B09AF71858972FC23A1C70EFD5B06D2
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/K_1KYrpUOy8S9LYTrvoRRZXuSXU.roa
Signing time:             Wed 20 Mar 2024 08:45:45 +0000
ROA not before:           Wed 20 Mar 2024 08:45:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     200373
IP address blocks:        89.213.228.0/22 maxlen: 24
                          89.213.232.0/22 maxlen: 24
                          89.213.236.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Wed 20 Mar 2024 16:48:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:5b:09:af:71:85:89:72:fc:23:a1:c7:0e:fd:5b:06:d2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Mar 20 08:45:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=2bfd4a62ba543b2f12f4b613aefa114595ee4975
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:7e:58:1a:0b:a0:f3:12:6b:89:ef:f9:f3:33:
                    64:d1:43:ca:78:19:6f:dc:95:68:5b:76:11:42:29:
                    ad:d9:ab:e6:da:63:56:85:7e:f7:a7:a1:b4:1d:3b:
                    d2:54:db:02:25:06:67:9e:90:a9:4d:ef:66:2b:0a:
                    02:37:11:0f:3d:b0:76:6a:62:db:2a:1a:9d:6b:42:
                    54:40:1c:a8:74:42:04:cd:aa:79:df:40:92:11:98:
                    52:e3:cc:ed:91:2f:8d:ca:5e:cb:cd:59:f0:9d:8d:
                    32:38:c8:ea:2f:49:60:f5:95:e5:b4:3b:fe:79:14:
                    48:13:5c:e1:5a:bb:25:14:51:95:18:29:15:13:dd:
                    af:9a:67:99:79:0f:41:0c:7c:94:4e:0b:c9:57:ad:
                    8a:97:40:68:ee:16:da:0e:17:9a:fb:70:47:9b:c4:
                    9f:d3:c2:68:ff:ee:37:cb:44:b9:2e:f2:1d:c0:7e:
                    94:35:c2:49:00:83:3a:27:e7:f8:ca:9e:11:c8:0b:
                    69:42:63:4e:bd:9d:6d:54:c8:b2:22:a7:27:ee:e1:
                    18:09:e7:32:92:d2:a3:ad:16:a9:9d:c4:43:ef:6c:
                    52:9d:c7:bb:3b:d4:54:8c:dc:e5:e8:0b:57:93:b0:
                    f3:ae:b8:aa:6c:d8:a8:eb:16:14:85:6b:d1:69:0b:
                    80:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:FD:4A:62:BA:54:3B:2F:12:F4:B6:13:AE:FA:11:45:95:EE:49:75
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/K_1KYrpUOy8S9LYTrvoRRZXuSXU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.213.228.0-89.213.239.255

    Signature Algorithm: sha256WithRSAEncryption
         45:43:74:80:bf:22:d9:7b:e3:25:90:d2:24:69:29:2e:be:a9:
         60:43:67:3f:94:1a:98:b4:d6:8b:5f:e8:cb:62:31:ce:86:53:
         6d:38:ad:d3:b1:a0:1a:3f:a7:e8:f1:15:3b:59:da:2d:89:95:
         1f:55:c7:d5:1a:97:d2:8a:bd:82:a4:65:0f:e8:e6:20:c7:5f:
         16:92:f9:7f:62:9b:19:a6:59:9d:39:e4:4e:5a:0e:0f:0f:7f:
         29:f6:61:ad:02:a1:fd:e4:dd:81:db:73:30:53:e3:da:ff:11:
         c7:67:3a:cd:e5:73:da:9c:33:96:6a:ca:98:76:74:e9:fc:e8:
         0f:2f:ce:98:d7:8e:a5:da:88:e2:db:c1:c9:06:b0:88:81:54:
         ae:d0:a5:5f:df:7c:cb:ee:94:fd:8e:ee:74:26:b2:c3:7c:72:
         8a:7d:4f:62:68:11:f4:a7:38:c4:fe:18:89:3f:77:83:9b:33:
         85:e8:5a:38:96:a5:76:c6:ce:29:e9:f5:c3:ec:e1:41:90:96:
         4d:ea:b0:36:38:e3:84:e5:fb:74:25:3f:df:50:b5:46:50:7a:
         96:34:d9:67:fa:66:3f:80:cb:d5:c4:59:04:3d:6d:f3:7e:51:
         ec:0b:7b:c1:e8:a9:bb:9b:c9:5e:21:98:db:a4:66:3f:8b:d8:
         6c:f4:29:e4
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY5bCa9xhYly/COhxw79WwbSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMzIwMDg0NTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmZkNGE2MmJhNTQzYjJmMTJmNGI2MTNhZWZhMTE0NTk1ZWU0OTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7X5YGgug8xJrie/58zNk0UPKeBlv
3JVoW3YRQimt2avm2mNWhX73p6G0HTvSVNsCJQZnnpCpTe9mKwoCNxEPPbB2amLb
Khqda0JUQByodEIEzap530CSEZhS48ztkS+Nyl7LzVnwnY0yOMjqL0lg9ZXltDv+
eRRIE1zhWrslFFGVGCkVE92vmmeZeQ9BDHyUTgvJV62Kl0Bo7hbaDhea+3BHm8Sf
08Jo/+43y0S5LvIdwH6UNcJJAIM6J+f4yp4RyAtpQmNOvZ1tVMiyIqcn7uEYCecy
ktKjrRapncRD72xSnce7O9RUjNzl6AtXk7DzrriqbNio6xYUhWvRaQuAVwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFCv9SmK6VDsvEvS2E676EUWV7kl1MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvS18xS1lycFVPeThTOUxZVHJ2b1JSWlh1U1hVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAJZ1eQD
BARZ1eAwDQYJKoZIhvcNAQELBQADggEBAEVDdIC/Itl74yWQ0iRpKS6+qWBDZz+U
Gpi01otf6MtiMc6GU204rdOxoBo/p+jxFTtZ2i2JlR9Vx9Ual9KKvYKkZQ/o5iDH
XxaS+X9imxmmWZ055E5aDg8Pfyn2Ya0Cof3k3YHbczBT49r/EcdnOs3lc9qcM5Zq
yph2dOn86A8vzpjXjqXaiOLbwckGsIiBVK7QpV/ffMvulP2O7nQmssN8cop9T2Jo
EfSnOMT+GIk/d4ObM4XoWjiWpXbGzinp9cPs4UGQlk3qsDY444Tl+3QlP99QtUZQ
epY02Wf6Zj+Ay9XEWQQ9bfN+UewLe8HoqbubyV4hmNukZj+L2Gz0KeQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:15 2024 by rpki-client on console-fra.rpki-client.org