Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/M9FNTSUyJ-N3PJnhThQv4qEBF1g.roa
File:                     M9FNTSUyJ-N3PJnhThQv4qEBF1g.roa (raw, json)
Hash identifier:          Gu1Hwlbh57XR39yd4nllfVCEfqnPyZT+9/mzOPpTfhM=
Subject key identifier:   33:D1:4D:4D:25:32:27:E3:77:3C:99:E1:4E:14:2F:E2:A1:01:17:58
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018B60D5CB0D6D03D0A0E545089EAD5539A7
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/M9FNTSUyJ-N3PJnhThQv4qEBF1g.roa
Signing time:             Tue 24 Oct 2023 08:38:25 +0000
ROA not before:           Tue 24 Oct 2023 08:38:25 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     396982
IP address blocks:        89.213.152.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 17 Nov 2023 10:27:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:60:d5:cb:0d:6d:03:d0:a0:e5:45:08:9e:ad:55:39:a7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Oct 24 08:38:25 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=33d14d4d253227e3773c99e14e142fe2a1011758
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:89:c5:17:82:53:89:3c:63:49:46:f2:3f:f4:
                    1d:3c:cb:80:3a:e6:87:4d:4b:c8:ad:50:4f:0a:63:
                    99:b4:ac:ea:f2:95:df:37:fe:c8:71:9e:e1:74:15:
                    b2:84:a1:47:b8:b4:d5:2e:0d:de:8e:57:4a:c7:66:
                    f6:28:49:8b:44:f3:27:99:3a:60:d8:83:b1:94:29:
                    4f:59:40:fe:ed:a5:d8:d2:98:a2:a2:86:2d:90:20:
                    57:9b:83:fc:d2:b0:8d:36:81:0f:70:2a:ea:cd:63:
                    04:c3:f5:8a:23:63:83:fc:40:54:81:99:4e:dc:fa:
                    26:56:c3:41:fe:61:75:94:3b:d3:94:d9:29:3f:07:
                    97:54:ba:20:f2:4a:e0:7b:d3:67:e8:bf:0f:c4:86:
                    4a:74:0a:1c:75:cc:25:20:4d:8e:f6:49:b2:eb:ef:
                    e6:f1:15:79:e4:c1:5f:d0:d2:69:ed:7c:0d:c6:93:
                    ac:3b:05:98:37:f2:3d:d6:dc:09:38:8f:4d:1e:5b:
                    dc:49:bf:cc:07:f1:29:48:3c:c3:e7:e2:30:c7:f5:
                    c4:13:39:d7:ed:cf:41:b6:77:73:c1:8a:b5:97:f6:
                    39:9e:3d:88:65:52:53:1b:20:2a:7e:c3:f3:1f:75:
                    fb:37:98:ee:11:31:49:e3:90:21:68:c2:24:89:be:
                    0e:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:D1:4D:4D:25:32:27:E3:77:3C:99:E1:4E:14:2F:E2:A1:01:17:58
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/M9FNTSUyJ-N3PJnhThQv4qEBF1g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.213.152.0/24

    Signature Algorithm: sha256WithRSAEncryption
         76:69:0a:6d:d4:16:23:57:aa:9e:65:5e:fd:39:b8:7c:1b:13:
         cb:61:1b:62:98:cd:b6:e6:11:f8:db:b0:95:40:1d:0d:d0:eb:
         1f:17:1a:17:5a:7d:5d:21:78:82:5d:f0:86:2e:29:48:29:2c:
         67:6e:85:86:5c:6c:b9:ba:01:c3:0c:d0:54:58:f5:73:4e:85:
         59:0b:4a:b8:95:bd:b7:17:7f:cb:1e:6e:ad:05:99:f2:22:71:
         44:1a:2c:9a:b4:08:dd:41:9e:61:0f:3f:d4:a4:60:dd:3f:16:
         54:84:fe:f6:d6:c7:d4:3d:13:00:bd:ce:2a:43:62:45:c4:b3:
         3c:10:ba:a0:2f:8c:75:9e:fd:03:05:19:03:5e:83:7d:88:8a:
         5c:3d:94:51:5f:16:be:9f:55:fa:86:95:37:de:05:53:35:b0:
         5d:b9:1d:a2:34:39:04:b9:bd:0a:02:cd:99:d8:da:bc:6d:6c:
         9a:6c:9f:37:d2:77:13:39:d3:69:0e:fb:11:66:4a:39:3b:04:
         8b:79:58:15:24:21:f2:bf:23:8f:d9:b7:b0:dc:63:c0:96:58:
         11:35:21:15:d0:74:83:62:a5:42:c5:7e:f5:d5:20:a9:f2:56:
         ba:41:99:ba:77:66:b0:d8:2e:bc:94:c1:80:40:e7:b9:34:1c:
         d8:af:c2:aa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYtg1csNbQPQoOVFCJ6tVTmnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMxMDI0MDgzODI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2QxNGQ0ZDI1MzIyN2UzNzczYzk5ZTE0ZTE0MmZlMmExMDExNzU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhInFF4JTiTxjSUbyP/QdPMuAOuaH
TUvIrVBPCmOZtKzq8pXfN/7IcZ7hdBWyhKFHuLTVLg3ejldKx2b2KEmLRPMnmTpg
2IOxlClPWUD+7aXY0piiooYtkCBXm4P80rCNNoEPcCrqzWMEw/WKI2OD/EBUgZlO
3PomVsNB/mF1lDvTlNkpPweXVLog8krge9Nn6L8PxIZKdAocdcwlIE2O9kmy6+/m
8RV55MFf0NJp7XwNxpOsOwWYN/I91twJOI9NHlvcSb/MB/EpSDzD5+Iwx/XEEznX
7c9BtndzwYq1l/Y5nj2IZVJTGyAqfsPzH3X7N5juETFJ45AhaMIkib4ODQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDPRTU0lMifjdzyZ4U4UL+KhARdYMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvTTlGTlRTVXlKLU4zUEpuaFRoUXY0cUVCRjFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWdWYMA0G
CSqGSIb3DQEBCwUAA4IBAQB2aQpt1BYjV6qeZV79Obh8GxPLYRtimM225hH427CV
QB0N0OsfFxoXWn1dIXiCXfCGLilIKSxnboWGXGy5ugHDDNBUWPVzToVZC0q4lb23
F3/LHm6tBZnyInFEGiyatAjdQZ5hDz/UpGDdPxZUhP721sfUPRMAvc4qQ2JFxLM8
ELqgL4x1nv0DBRkDXoN9iIpcPZRRXxa+n1X6hpU33gVTNbBduR2iNDkEub0KAs2Z
2Nq8bWyabJ830ncTOdNpDvsRZko5OwSLeVgVJCHyvyOP2bew3GPAllgRNSEV0HSD
YqVCxX711SCp8la6QZm6d2aw2C68lMGAQOe5NBzYr8Kq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:15 2024 by rpki-client on console-fra.rpki-client.org