Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P5oQXXH3MJd2SjgtKS_Cb0UlZ9c.roa
File:                     P5oQXXH3MJd2SjgtKS_Cb0UlZ9c.roa (raw, json)
Hash identifier:          QbO0i9S7Qwr4NY6VFsg922lUxGS7JR9vt2AzpnRRFWA=
Subject key identifier:   3F:9A:10:5D:71:F7:30:97:76:4A:38:2D:29:2F:C2:6F:45:25:67:D7
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018C1B652235C871DF1641783FE132AF4828
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P5oQXXH3MJd2SjgtKS_Cb0UlZ9c.roa
Signing time:             Wed 29 Nov 2023 14:04:21 +0000
ROA not before:           Wed 29 Nov 2023 14:04:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61135
IP address blocks:        89.213.140.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:30:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:1b:65:22:35:c8:71:df:16:41:78:3f:e1:32:af:48:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Nov 29 14:04:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3f9a105d71f73097764a382d292fc26f452567d7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:d3:92:d9:20:ae:77:f8:e6:02:ab:75:ca:0a:
                    bf:87:2c:5e:b2:a7:6b:d0:38:1c:b2:1c:be:2c:aa:
                    0e:16:35:85:f8:6e:1c:d6:01:8d:20:e0:5c:c5:b2:
                    2b:07:00:2c:22:39:ce:6d:a6:9c:b9:6c:57:32:10:
                    dd:16:2e:8d:42:71:76:46:e7:df:60:49:e4:4d:39:
                    1f:a4:2a:1e:d9:1a:b6:da:04:3f:fd:7b:1b:c0:e4:
                    e2:15:5a:26:60:61:78:8d:58:cb:d5:a4:ef:3f:8b:
                    2a:25:4d:22:dc:20:91:52:1c:fd:c7:75:03:70:3a:
                    8c:ec:0b:a0:8d:f4:f0:cb:59:c1:c8:e5:a9:5b:ca:
                    88:53:73:bc:d5:a4:15:c9:f5:92:b3:8f:a4:44:61:
                    50:68:f0:76:77:36:75:00:cf:12:c3:82:80:fd:e8:
                    ac:64:2d:44:20:f7:db:5a:3b:53:c7:9c:9c:85:77:
                    27:40:97:93:fa:d5:d5:fd:d1:16:72:1d:24:6c:f3:
                    40:62:30:91:13:86:9d:30:cd:b5:de:1f:a1:2a:23:
                    74:24:d7:0b:75:73:5f:1b:ff:93:a1:c1:72:d8:73:
                    c9:19:7f:1f:b8:60:5c:63:cb:7e:f3:10:34:33:77:
                    a1:4f:fc:ea:a9:ad:f3:5f:c2:62:c4:98:da:25:7d:
                    32:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:9A:10:5D:71:F7:30:97:76:4A:38:2D:29:2F:C2:6F:45:25:67:D7
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P5oQXXH3MJd2SjgtKS_Cb0UlZ9c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.213.140.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7f:c4:13:5f:53:6c:68:74:cd:50:82:38:6f:0f:2e:d3:ff:39:
         68:b9:14:cd:9a:c4:b3:db:bb:ed:88:d9:86:df:1e:39:40:d8:
         93:98:16:f1:24:a7:7e:7e:a1:a9:08:ef:47:83:62:97:86:f7:
         3e:8c:fd:fb:fc:7a:06:c0:52:f8:85:d0:a1:cb:8f:06:3c:67:
         51:0c:98:0a:b2:10:cf:d6:64:8d:ac:13:5a:18:aa:3c:72:1e:
         b5:90:9e:4b:a4:17:a8:90:7a:15:bb:73:59:d5:09:7e:9a:a0:
         b3:19:82:17:b7:e0:e4:00:20:3e:b4:a1:2c:4c:0d:c8:9a:3e:
         cb:9e:ea:c6:bd:92:f2:de:04:75:3c:96:a7:12:33:2c:f7:59:
         da:71:60:1a:3f:a0:e6:c9:a3:04:26:b9:50:4e:6b:e1:49:a7:
         09:49:71:d8:cc:e1:23:b3:b9:26:07:9c:c4:f8:04:5b:55:5e:
         8f:37:ea:2c:38:fd:d3:d3:1b:2c:c4:f3:29:75:e1:83:3a:30:
         8a:80:f4:c0:73:34:c6:46:36:72:3f:f2:89:c1:72:4b:9d:f9:
         46:01:dc:aa:7f:aa:f5:df:76:fc:5d:49:4c:60:bd:78:87:8d:
         2f:51:86:c8:14:a9:09:37:16:d7:44:4f:d9:c0:eb:ba:63:b3:
         3d:2d:32:e9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYwbZSI1yHHfFkF4P+Eyr0goMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMxMTI5MTQwNDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjlhMTA1ZDcxZjczMDk3NzY0YTM4MmQyOTJmYzI2ZjQ1MjU2N2Q3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjNOS2SCud/jmAqt1ygq/hyxesqdr
0Dgcshy+LKoOFjWF+G4c1gGNIOBcxbIrBwAsIjnObaacuWxXMhDdFi6NQnF2Ruff
YEnkTTkfpCoe2Rq22gQ//XsbwOTiFVomYGF4jVjL1aTvP4sqJU0i3CCRUhz9x3UD
cDqM7AugjfTwy1nByOWpW8qIU3O81aQVyfWSs4+kRGFQaPB2dzZ1AM8Sw4KA/eis
ZC1EIPfbWjtTx5ychXcnQJeT+tXV/dEWch0kbPNAYjCRE4adMM213h+hKiN0JNcL
dXNfG/+TocFy2HPJGX8fuGBcY8t+8xA0M3ehT/zqqa3zX8JixJjaJX0ydQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD+aEF1x9zCXdko4LSkvwm9FJWfXMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvUDVvUVhYSDNNSmQyU2pndEtTX0NiMFVsWjljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWdWMMA0G
CSqGSIb3DQEBCwUAA4IBAQB/xBNfU2xodM1QgjhvDy7T/zlouRTNmsSz27vtiNmG
3x45QNiTmBbxJKd+fqGpCO9Hg2KXhvc+jP37/HoGwFL4hdChy48GPGdRDJgKshDP
1mSNrBNaGKo8ch61kJ5LpBeokHoVu3NZ1Ql+mqCzGYIXt+DkACA+tKEsTA3Imj7L
nurGvZLy3gR1PJanEjMs91nacWAaP6DmyaMEJrlQTmvhSacJSXHYzOEjs7kmB5zE
+ARbVV6PN+osOP3T0xssxPMpdeGDOjCKgPTAczTGRjZyP/KJwXJLnflGAdyqf6r1
33b8XUlMYL14h40vUYbIFKkJNxbXRE/ZwOu6Y7M9LTLp
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:15 2024 by rpki-client on console-fra.rpki-client.org