Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/LkjJQv_ISlO4OrdjAYnkY-eT0h0.roa
File:                     LkjJQv_ISlO4OrdjAYnkY-eT0h0.roa (raw, json)
Hash identifier:          yQWDJiSlPy2BihNu6vj4EizRzmoPoK/YpmAS8y21g3A=
Subject key identifier:   2E:48:C9:42:FF:C8:4A:53:B8:3A:B7:63:01:89:E4:63:E7:93:D2:1D
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018BDC72EF418BB90AA6645E3623C2E5AE3D
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/LkjJQv_ISlO4OrdjAYnkY-eT0h0.roa
Signing time:             Fri 17 Nov 2023 08:43:21 +0000
ROA not before:           Fri 17 Nov 2023 08:43:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     63023
IP address blocks:        89.213.144.0/24 maxlen: 24
                          89.213.150.0/24 maxlen: 24
                          82.153.10.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 21 Nov 2023 12:19:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:dc:72:ef:41:8b:b9:0a:a6:64:5e:36:23:c2:e5:ae:3d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Nov 17 08:43:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2e48c942ffc84a53b83ab7630189e463e793d21d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:14:6e:6b:0d:fb:be:4e:3f:98:64:28:d2:de:
                    6f:d2:82:5e:94:33:6d:9e:de:19:ab:e2:5f:57:b6:
                    41:a1:9b:40:63:1e:97:57:2e:74:15:e1:c8:25:63:
                    98:45:ed:a1:0d:b9:b0:9c:b5:81:f5:21:bf:54:88:
                    95:7a:78:8a:76:aa:fa:9d:33:68:0e:93:3f:5b:d3:
                    1d:a9:3f:82:1e:ab:2d:0b:bc:20:55:a3:88:bd:15:
                    a5:ac:48:ff:03:88:93:05:af:f4:0c:ec:d5:d6:d9:
                    19:fe:40:43:b6:cd:c6:57:bd:3e:1f:12:40:e3:4b:
                    db:10:3f:31:e2:15:59:0f:9c:6d:c3:18:4b:10:2e:
                    6c:c7:d5:31:2a:c0:fa:91:16:10:ca:95:f1:55:70:
                    7e:86:ed:c8:b5:cf:0f:3d:7c:db:a8:53:1b:3e:86:
                    4f:7f:0b:ce:cd:39:3a:bb:28:7d:62:8b:41:ba:e6:
                    90:a2:20:94:b1:49:c8:5c:4c:77:61:1c:d8:95:f4:
                    78:dc:0c:da:33:f1:70:7c:5d:3a:9c:12:9c:ed:3d:
                    38:85:12:53:e5:4d:cd:83:e3:a4:6c:69:e2:23:65:
                    70:c0:98:46:c3:db:20:e8:5f:8e:c3:72:cc:8f:42:
                    7f:5e:17:fc:27:41:96:cf:0a:60:50:1a:55:a8:10:
                    c0:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2E:48:C9:42:FF:C8:4A:53:B8:3A:B7:63:01:89:E4:63:E7:93:D2:1D
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/LkjJQv_ISlO4OrdjAYnkY-eT0h0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.10.0/24
                  89.213.144.0/24
                  89.213.150.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4b:55:e2:f2:4e:f3:9d:f3:dc:56:50:b5:19:c3:a6:8f:b0:db:
         75:8f:00:b8:5a:4d:28:94:9a:4f:0d:25:70:a8:58:ef:bc:34:
         c0:70:d4:68:e0:00:28:4b:9d:b8:40:24:71:4a:52:86:48:d0:
         1b:af:56:14:87:16:31:14:f8:c7:c2:12:03:02:d8:e2:2d:1f:
         a5:12:ce:ff:bd:49:72:b5:14:ee:9f:7c:a6:b9:1a:8b:9b:07:
         01:79:54:66:fc:22:48:4e:09:65:7e:d1:eb:b3:2d:e0:89:b0:
         61:67:da:8f:a0:c3:ec:b8:3f:3f:a1:cd:44:ba:f1:ea:b4:0c:
         67:0b:07:9a:2e:18:6a:72:90:2c:44:8b:b6:52:31:71:3e:8f:
         75:92:0d:87:e0:46:41:53:b9:f3:7f:4d:63:7f:d0:80:a6:f0:
         3f:9b:2c:4a:45:4f:86:11:87:66:20:2b:b7:69:67:b9:40:f0:
         95:95:5c:a2:01:52:ec:08:d9:cb:da:13:c9:4b:b0:bb:5c:b9:
         67:96:2b:1c:0f:7c:df:35:80:88:e6:34:55:2c:07:25:fe:b5:
         76:a7:76:2d:31:da:ec:b3:10:82:f3:15:c6:8e:84:9a:13:81:
         28:2b:01:bd:61:41:1a:0e:b1:82:22:51:65:94:75:15:d0:8f:
         dd:fd:a3:18
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYvccu9Bi7kKpmReNiPC5a49MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMxMTE3MDg0MzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTQ4Yzk0MmZmYzg0YTUzYjgzYWI3NjMwMTg5ZTQ2M2U3OTNkMjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApBRuaw37vk4/mGQo0t5v0oJelDNt
nt4Zq+JfV7ZBoZtAYx6XVy50FeHIJWOYRe2hDbmwnLWB9SG/VIiVeniKdqr6nTNo
DpM/W9MdqT+CHqstC7wgVaOIvRWlrEj/A4iTBa/0DOzV1tkZ/kBDts3GV70+HxJA
40vbED8x4hVZD5xtwxhLEC5sx9UxKsD6kRYQypXxVXB+hu3Itc8PPXzbqFMbPoZP
fwvOzTk6uyh9YotBuuaQoiCUsUnIXEx3YRzYlfR43AzaM/FwfF06nBKc7T04hRJT
5U3Ng+OkbGniI2VwwJhGw9sg6F+Ow3LMj0J/Xhf8J0GWzwpgUBpVqBDApwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFC5IyUL/yEpTuDq3YwGJ5GPnk9IdMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvTGtqSlF2X0lTbE80T3JkakFZbmtZLWVUMGgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUpkKAwQA
WdWQAwQAWdWWMA0GCSqGSIb3DQEBCwUAA4IBAQBLVeLyTvOd89xWULUZw6aPsNt1
jwC4Wk0olJpPDSVwqFjvvDTAcNRo4AAoS524QCRxSlKGSNAbr1YUhxYxFPjHwhID
AtjiLR+lEs7/vUlytRTun3ymuRqLmwcBeVRm/CJITgllftHrsy3gibBhZ9qPoMPs
uD8/oc1EuvHqtAxnCweaLhhqcpAsRIu2UjFxPo91kg2H4EZBU7nzf01jf9CApvA/
myxKRU+GEYdmICu3aWe5QPCVlVyiAVLsCNnL2hPJS7C7XLlnliscD3zfNYCI5jRV
LAcl/rV2p3YtMdrssxCC8xXGjoSaE4EoKwG9YUEaDrGCIlFllHUV0I/d/aMY
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:22 2024 by rpki-client on console-ams.rpki-client.org