Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/LuRFz1zz0K5SknsWeHui7_SeMrY.roa
File:                     LuRFz1zz0K5SknsWeHui7_SeMrY.roa (raw, json)
Hash identifier:          Yt7Kaw+Q/i6++OdxisetpxkHKdptNAj7ZFCWrkbbH0I=
Subject key identifier:   2E:E4:45:CF:5C:F3:D0:AE:52:92:7B:16:78:7B:A2:EF:F4:9E:32:B6
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       0189C16B8F5BF1894E05600E6BA2FCADBF3F
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/LuRFz1zz0K5SknsWeHui7_SeMrY.roa
Signing time:             Fri 04 Aug 2023 16:39:59 +0000
ROA not before:           Fri 04 Aug 2023 16:39:59 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     48106
IP address blocks:        89.213.145.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 04 Sep 2023 11:41:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:c1:6b:8f:5b:f1:89:4e:05:60:0e:6b:a2:fc:ad:bf:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Aug  4 16:39:59 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2ee445cf5cf3d0ae52927b16787ba2eff49e32b6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:8d:77:8a:89:db:0c:64:a3:71:17:44:f6:4c:
                    11:76:f6:b4:f0:ca:d8:3c:63:9d:67:62:12:0b:27:
                    71:0d:ec:4f:3a:07:1f:d7:ff:21:b0:14:82:1f:5a:
                    00:e4:17:7b:f0:fc:60:74:ec:1a:31:be:f6:39:96:
                    28:87:4d:2a:db:92:92:cc:97:64:58:88:38:8d:3a:
                    07:69:c3:e1:3c:d2:4e:c2:2c:d2:87:bc:ca:8f:d0:
                    fb:89:c5:4b:90:56:82:54:8c:f9:33:0b:3a:d0:0c:
                    74:4a:e9:31:94:a4:17:32:7d:0e:97:c4:67:a7:36:
                    71:88:74:c2:d2:93:f9:b7:cd:e9:0d:38:ce:f9:57:
                    20:60:7b:cf:6d:dc:58:8a:1b:38:df:4f:49:14:1c:
                    f4:a7:e5:ea:8e:16:c3:11:60:cd:6f:1d:c9:3f:ab:
                    c9:8d:90:b7:ff:a6:f6:ff:f3:39:de:5e:98:88:ce:
                    11:55:ee:dc:9b:59:a0:f4:07:71:24:30:83:8e:e4:
                    8a:cd:94:34:9a:07:79:72:20:ee:97:0d:6b:96:23:
                    50:7a:22:5e:84:a8:70:57:c9:6c:5f:db:e1:e2:b9:
                    c5:6f:11:30:0c:f7:d9:1f:46:21:d7:2f:ee:31:a2:
                    96:d0:27:29:2f:6b:1b:33:9c:56:dc:fa:80:8b:83:
                    3a:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2E:E4:45:CF:5C:F3:D0:AE:52:92:7B:16:78:7B:A2:EF:F4:9E:32:B6
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/LuRFz1zz0K5SknsWeHui7_SeMrY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.213.145.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2e:c9:c5:5b:56:c7:e4:36:8f:78:6a:b3:11:de:27:7c:4c:f2:
         9f:66:d3:73:db:31:45:77:58:20:3c:20:5e:7f:11:03:74:5f:
         3d:ef:cd:48:ef:0c:02:66:ed:aa:37:2d:6a:70:f8:81:3c:ea:
         fc:58:72:0c:a6:e8:62:c2:ff:0d:d2:0f:d8:75:a9:06:8f:5a:
         1c:81:0c:58:fb:2c:c3:3f:8d:e3:60:ba:d8:67:01:13:d8:85:
         23:d3:05:75:36:ec:85:ca:8d:4a:47:47:f8:3a:25:c9:68:9c:
         de:04:3f:14:d2:cb:46:d4:23:3f:1b:fe:5b:cb:7b:eb:55:02:
         0c:46:21:47:60:54:27:54:da:d2:c8:bd:2e:51:e9:cf:ef:94:
         d6:c1:1d:0b:c1:19:f9:1b:46:f1:76:c7:97:28:81:bc:e4:1e:
         3c:52:f3:64:d7:62:16:ab:8a:23:1d:e4:c4:8a:b7:f0:6c:d3:
         6f:84:a4:84:49:a0:27:6b:36:e1:54:ee:d5:d6:ca:3a:dc:84:
         c0:fa:e6:32:55:ba:18:22:83:29:95:01:99:25:41:38:18:7e:
         df:c3:de:6f:74:71:41:72:2a:f6:22:5d:e4:65:2e:50:7e:27:
         f5:e4:8d:51:79:aa:4c:b2:cd:22:e5:70:b0:5f:f7:e6:95:8f:
         2f:55:6b:93
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYnBa49b8YlOBWAOa6L8rb8/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwODA0MTYzOTU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWU0NDVjZjVjZjNkMGFlNTI5MjdiMTY3ODdiYTJlZmY0OWUzMmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj413ionbDGSjcRdE9kwRdva08MrY
PGOdZ2ISCydxDexPOgcf1/8hsBSCH1oA5Bd78PxgdOwaMb72OZYoh00q25KSzJdk
WIg4jToHacPhPNJOwizSh7zKj9D7icVLkFaCVIz5Mws60Ax0SukxlKQXMn0Ol8Rn
pzZxiHTC0pP5t83pDTjO+VcgYHvPbdxYihs4309JFBz0p+XqjhbDEWDNbx3JP6vJ
jZC3/6b2//M53l6YiM4RVe7cm1mg9AdxJDCDjuSKzZQ0mgd5ciDulw1rliNQeiJe
hKhwV8lsX9vh4rnFbxEwDPfZH0Yh1y/uMaKW0CcpL2sbM5xW3PqAi4M6GwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC7kRc9c89CuUpJ7Fnh7ou/0njK2MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvTHVSRnoxenowSzVTa25zV2VIdWk3X1NlTXJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWdWRMA0G
CSqGSIb3DQEBCwUAA4IBAQAuycVbVsfkNo94arMR3id8TPKfZtNz2zFFd1ggPCBe
fxEDdF89781I7wwCZu2qNy1qcPiBPOr8WHIMpuhiwv8N0g/YdakGj1ocgQxY+yzD
P43jYLrYZwET2IUj0wV1NuyFyo1KR0f4OiXJaJzeBD8U0stG1CM/G/5by3vrVQIM
RiFHYFQnVNrSyL0uUenP75TWwR0LwRn5G0bxdseXKIG85B48UvNk12IWq4ojHeTE
irfwbNNvhKSESaAnazbhVO7V1so63ITA+uYyVboYIoMplQGZJUE4GH7fw95vdHFB
cir2Il3kZS5Qfif15I1ReapMss0i5XCwX/fmlY8vVWuT
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:22 2024 by rpki-client on console-ams.rpki-client.org