Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/N-3elXOBgXN06xBKV7FSYnene6Y.roa
File:                     N-3elXOBgXN06xBKV7FSYnene6Y.roa (raw, json)
Hash identifier:          fNqTd7Z5M/PGgOH+7W+T4oKfWE2DHOmaEkxAz55VbHM=
Subject key identifier:   37:ED:DE:95:73:81:81:73:74:EB:10:4A:57:B1:52:62:77:A7:7B:A6
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018DBCCFA862D40E793A43A9AA010145A2EB
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/N-3elXOBgXN06xBKV7FSYnene6Y.roa
Signing time:             Sun 18 Feb 2024 15:22:22 +0000
ROA not before:           Sun 18 Feb 2024 15:22:22 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     151106
IP address blocks:        89.213.154.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 02 May 2024 07:49:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:bc:cf:a8:62:d4:0e:79:3a:43:a9:aa:01:01:45:a2:eb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Feb 18 15:22:22 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=37edde957381817374eb104a57b1526277a77ba6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:73:57:e2:9f:5c:a4:c1:3c:d7:43:fb:c7:75:
                    d6:5f:dd:83:22:01:8b:57:d0:25:be:7b:e1:49:31:
                    e6:2a:88:05:18:c6:98:b4:32:fb:53:fd:94:12:54:
                    b0:c3:1d:cf:00:a6:7b:5c:78:73:77:6f:d6:1b:4b:
                    c8:5d:56:44:59:12:85:c3:f7:a5:d4:19:35:23:28:
                    8c:f8:c3:64:ce:03:ce:5f:59:02:44:30:c2:d4:f3:
                    fa:59:14:a4:c5:9d:e4:94:24:f3:cc:6d:82:43:48:
                    3c:bc:6a:90:04:be:7c:e0:5c:22:21:95:9f:10:da:
                    a7:4b:33:1a:fa:bd:85:8b:18:22:8f:5b:18:66:c7:
                    47:2b:63:82:6d:90:0c:6a:02:2a:90:54:05:d9:67:
                    e0:22:84:ef:24:e0:91:cb:be:e1:ca:49:9f:7d:a9:
                    f6:b0:0b:02:85:10:bd:7a:68:cf:85:90:bc:21:c0:
                    41:1d:00:3d:b8:8c:52:c9:32:04:99:9b:df:48:bb:
                    df:02:e5:5f:e8:1e:c3:83:d9:1c:53:5d:9a:8a:55:
                    88:86:2a:37:7c:bc:7c:3a:fe:b1:e7:8d:d1:cc:ec:
                    47:7e:a1:14:cc:25:8c:21:b3:97:06:4f:c2:07:2f:
                    cd:36:df:3e:db:40:e4:d8:31:d4:1d:9a:9f:93:cd:
                    36:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:ED:DE:95:73:81:81:73:74:EB:10:4A:57:B1:52:62:77:A7:7B:A6
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/N-3elXOBgXN06xBKV7FSYnene6Y.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.213.154.0/24

    Signature Algorithm: sha256WithRSAEncryption
         95:db:d9:fd:9f:1a:ec:3b:97:8c:c6:40:1b:48:83:3b:46:cd:
         ad:44:0a:fd:4c:4a:6e:63:fa:31:2d:50:35:d6:12:62:e5:e6:
         8a:a3:6d:6e:44:f5:e7:8c:f4:8c:87:cb:35:62:5f:ab:50:eb:
         55:47:50:af:3e:31:d8:71:0c:f8:dc:55:c5:06:68:11:78:14:
         73:74:c2:4c:d1:10:b0:f2:23:5f:fb:5a:84:45:3d:68:35:4c:
         ad:58:88:2d:f6:04:52:a1:c6:ec:3b:b6:b6:d5:df:ba:52:de:
         f1:5d:94:9b:f4:17:95:04:75:a9:b4:4b:c2:e6:e1:43:bb:f0:
         b3:0f:3e:e5:3d:10:33:a0:25:13:fb:27:f0:4b:c3:f4:23:d6:
         81:13:7d:31:00:bc:81:ef:f9:8a:ee:18:6a:ce:9e:9a:b4:08:
         68:63:fe:6d:a2:05:bc:c7:a7:7f:c7:ab:85:4e:46:8f:dd:fd:
         47:60:85:c7:b6:25:7b:cb:63:4b:b7:6f:b4:d7:62:c3:a1:86:
         9b:ef:f6:02:0f:05:57:4d:e3:a3:5a:90:e3:e2:bf:d9:2c:a5:
         d0:c2:6b:e2:9e:01:c4:41:cc:4e:6c:6b:88:65:7b:74:e3:de:
         58:b6:fb:4c:16:b1:00:b6:40:52:04:a9:00:f0:71:f1:31:e5:
         a0:dc:04:64
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY28z6hi1A55OkOpqgEBRaLrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMjE4MTUyMjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2VkZGU5NTczODE4MTczNzRlYjEwNGE1N2IxNTI2Mjc3YTc3YmE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAonNX4p9cpME810P7x3XWX92DIgGL
V9AlvnvhSTHmKogFGMaYtDL7U/2UElSwwx3PAKZ7XHhzd2/WG0vIXVZEWRKFw/el
1Bk1IyiM+MNkzgPOX1kCRDDC1PP6WRSkxZ3klCTzzG2CQ0g8vGqQBL584FwiIZWf
ENqnSzMa+r2Fixgij1sYZsdHK2OCbZAMagIqkFQF2WfgIoTvJOCRy77hykmffan2
sAsChRC9emjPhZC8IcBBHQA9uIxSyTIEmZvfSLvfAuVf6B7Dg9kcU12ailWIhio3
fLx8Ov6x543RzOxHfqEUzCWMIbOXBk/CBy/NNt8+20Dk2DHUHZqfk802wwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDft3pVzgYFzdOsQSlexUmJ3p3umMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvTi0zZWxYT0JnWE4wNnhCS1Y3RlNZbmVuZTZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWdWaMA0G
CSqGSIb3DQEBCwUAA4IBAQCV29n9nxrsO5eMxkAbSIM7Rs2tRAr9TEpuY/oxLVA1
1hJi5eaKo21uRPXnjPSMh8s1Yl+rUOtVR1CvPjHYcQz43FXFBmgReBRzdMJM0RCw
8iNf+1qERT1oNUytWIgt9gRSocbsO7a21d+6Ut7xXZSb9BeVBHWptEvC5uFDu/Cz
Dz7lPRAzoCUT+yfwS8P0I9aBE30xALyB7/mK7hhqzp6atAhoY/5togW8x6d/x6uF
TkaP3f1HYIXHtiV7y2NLt2+012LDoYab7/YCDwVXTeOjWpDj4r/ZLKXQwmvingHE
QcxObGuIZXt0495YtvtMFrEAtkBSBKkA8HHxMeWg3ARk
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:22 2024 by rpki-client on console-ams.rpki-client.org