Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Omnt0FXRG-z-_E_B_O_6h_lEzyc.roa
File:                     Omnt0FXRG-z-_E_B_O_6h_lEzyc.roa (raw, json)
Hash identifier:          9YykvtiZt70HioWETHLrt2HuFOyzhlsozjynIAsRgzk=
Subject key identifier:   3A:69:ED:D0:55:D1:1B:EC:FE:FC:4F:C1:FC:EF:FA:87:F9:44:CF:27
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018CC349575B57EC4341B8D50FEE401E98BD
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Omnt0FXRG-z-_E_B_O_6h_lEzyc.roa
Signing time:             Mon 01 Jan 2024 04:30:12 +0000
ROA not before:           Mon 01 Jan 2024 04:30:12 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     62390
IP address blocks:        89.213.40.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 18 Feb 2024 08:34:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:49:57:5b:57:ec:43:41:b8:d5:0f:ee:40:1e:98:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jan  1 04:30:12 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=3a69edd055d11becfefc4fc1fceffa87f944cf27
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:62:6e:23:88:b7:d3:9b:a0:65:d1:e8:90:88:
                    87:40:2d:9c:10:0f:24:ea:f1:f0:15:40:0d:51:87:
                    22:78:b5:b9:e6:e1:fb:07:ba:a2:34:ff:ea:98:ab:
                    74:e8:28:a2:47:a2:47:5d:b8:e9:38:3e:02:d7:3f:
                    65:54:7c:a5:cc:f1:96:40:73:1d:4e:bc:63:39:af:
                    5d:5f:9b:fc:a1:7e:5e:48:ef:8f:4a:9b:67:86:b7:
                    23:da:e8:8e:58:df:2f:ff:cd:a7:df:82:4d:d6:e6:
                    c9:be:1f:08:3e:b5:4e:92:87:34:74:64:f5:9d:f2:
                    61:a2:c9:b5:d0:05:fa:93:8b:b9:e2:de:24:99:94:
                    b4:31:3b:e4:4c:34:4b:2f:12:46:1e:5e:0b:ad:84:
                    87:05:6b:ac:39:a8:2a:1c:bd:1f:55:f8:97:36:0a:
                    7f:1f:46:0f:ac:c6:da:eb:09:f2:e4:0e:5b:9f:1a:
                    63:97:9e:d1:38:c7:5a:9c:75:cb:27:56:d0:e2:3e:
                    bc:35:4e:0c:22:5f:b5:e9:0a:ff:db:b5:2b:fb:80:
                    7c:b6:3b:6f:14:d0:c7:36:87:a3:96:f5:d2:0b:fc:
                    e3:ec:de:0e:90:cd:b1:82:09:a9:99:65:b4:f9:1f:
                    1c:7d:66:a9:82:72:6d:84:7d:7a:1e:78:7a:e8:b1:
                    e2:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:69:ED:D0:55:D1:1B:EC:FE:FC:4F:C1:FC:EF:FA:87:F9:44:CF:27
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Omnt0FXRG-z-_E_B_O_6h_lEzyc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.213.40.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1c:0f:3b:54:d6:fd:b9:15:47:cc:78:73:a0:8d:7e:8a:93:d9:
         6b:83:ee:64:40:ba:15:10:bb:45:9e:27:ba:cf:12:44:db:29:
         af:d7:2f:3d:f8:34:47:5f:de:ed:e3:75:b7:95:b2:43:ae:49:
         c5:58:05:4f:2d:d5:7a:86:71:0f:01:5c:8d:41:21:72:fc:0c:
         d2:d2:06:d5:e2:b5:bb:3a:df:6d:a0:ef:79:04:4d:d3:0d:19:
         f4:32:ca:fd:25:fd:4a:c4:53:72:a5:42:f4:81:6e:1a:e6:3e:
         1f:f2:58:2e:6c:9e:ff:c6:73:1b:79:8e:c5:9d:b0:e6:c8:9a:
         2f:fb:ca:72:9f:a7:9c:1e:6c:bd:8a:54:a3:d5:d9:1b:0c:2c:
         27:57:f2:50:9a:47:34:02:a5:a3:b9:80:14:eb:93:23:96:44:
         92:7e:a6:c2:79:33:5f:45:1a:79:3c:1e:32:98:2e:de:35:27:
         68:5f:0a:89:33:84:f3:33:56:2c:1f:f1:4a:e2:ae:b9:89:e3:
         c4:47:59:2e:56:50:45:55:8e:e6:46:88:c6:db:18:38:59:d4:
         1d:c3:42:9b:97:96:3e:74:e2:43:53:92:6c:c1:d2:16:12:5c:
         7d:33:0e:52:28:a7:63:9c:2c:89:6e:e9:8c:c1:2c:d4:7f:3d:
         37:88:77:fa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSVdbV+xDQbjVD+5AHpi9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMTAxMDQzMDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTY5ZWRkMDU1ZDExYmVjZmVmYzRmYzFmY2VmZmE4N2Y5NDRjZjI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtmJuI4i305ugZdHokIiHQC2cEA8k
6vHwFUANUYcieLW55uH7B7qiNP/qmKt06CiiR6JHXbjpOD4C1z9lVHylzPGWQHMd
TrxjOa9dX5v8oX5eSO+PSptnhrcj2uiOWN8v/82n34JN1ubJvh8IPrVOkoc0dGT1
nfJhosm10AX6k4u54t4kmZS0MTvkTDRLLxJGHl4LrYSHBWusOagqHL0fVfiXNgp/
H0YPrMba6wny5A5bnxpjl57ROMdanHXLJ1bQ4j68NU4MIl+16Qr/27Ur+4B8tjtv
FNDHNoejlvXSC/zj7N4OkM2xggmpmWW0+R8cfWapgnJthH16Hnh66LHiTQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDpp7dBV0Rvs/vxPwfzv+of5RM8nMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvT21udDBGWFJHLXotX0VfQl9PXzZoX2xFenljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWdUoMA0G
CSqGSIb3DQEBCwUAA4IBAQAcDztU1v25FUfMeHOgjX6Kk9lrg+5kQLoVELtFnie6
zxJE2ymv1y89+DRHX97t43W3lbJDrknFWAVPLdV6hnEPAVyNQSFy/AzS0gbV4rW7
Ot9toO95BE3TDRn0Msr9Jf1KxFNypUL0gW4a5j4f8lgubJ7/xnMbeY7FnbDmyJov
+8pyn6ecHmy9ilSj1dkbDCwnV/JQmkc0AqWjuYAU65MjlkSSfqbCeTNfRRp5PB4y
mC7eNSdoXwqJM4TzM1YsH/FK4q65iePER1kuVlBFVY7mRojG2xg4WdQdw0Kbl5Y+
dOJDU5JswdIWElx9Mw5SKKdjnCyJbumMwSzUfz03iHf6
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:23 2024 by rpki-client on console-ams.rpki-client.org