Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/PAHeEMyyUg0hZghQ2hhaZotbUVE.roa
File:                     PAHeEMyyUg0hZghQ2hhaZotbUVE.roa (raw, json)
Hash identifier:          fGhwj/2joC5ExQKHSgymJM04Q08b5Scsaj7z1wr9roA=
Subject key identifier:   3C:01:DE:10:CC:B2:52:0D:21:66:08:50:DA:18:5A:66:8B:5B:51:51
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018F34C8AA059D87D7DA3D5F27CEFE318F44
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/PAHeEMyyUg0hZghQ2hhaZotbUVE.roa
Signing time:             Wed 01 May 2024 15:31:56 +0000
ROA not before:           Wed 01 May 2024 15:31:56 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     63150
IP address blocks:        89.213.150.0/24 maxlen: 24
                          194.105.89.0/24 maxlen: 24
                          213.218.228.0/24 maxlen: 24
                          213.218.255.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 04 May 2024 13:03:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:34:c8:aa:05:9d:87:d7:da:3d:5f:27:ce:fe:31:8f:44
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: May  1 15:31:56 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=3c01de10ccb2520d21660850da185a668b5b5151
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:8b:4d:49:d3:17:17:f4:7d:54:45:70:e0:8e:
                    ad:9f:36:c3:c8:96:82:ff:93:4c:90:20:62:df:08:
                    df:ad:19:7f:b0:e7:1a:fb:37:fa:77:e2:02:aa:c4:
                    59:20:38:cc:00:3a:09:6d:73:12:68:82:5e:db:be:
                    fc:f9:b0:4e:30:d1:58:dc:88:82:11:eb:67:90:2a:
                    ef:6b:63:cd:89:76:b0:b1:83:d6:c0:39:7d:42:bd:
                    e9:0a:8b:c2:77:dc:54:bc:ce:ce:2b:b6:67:21:9c:
                    dc:53:4f:de:2e:6d:94:fe:9e:d3:ac:e6:e0:4c:be:
                    09:da:74:17:df:17:cf:5d:bf:b1:c2:8d:45:3c:bb:
                    10:74:76:82:83:5e:d8:85:9d:a2:40:60:b5:b6:6b:
                    a0:03:41:59:9a:19:36:88:53:91:35:e5:f9:0f:34:
                    f7:54:87:ec:7d:c6:be:2f:48:ff:ac:b1:c5:c0:87:
                    a6:82:2d:9e:2e:f1:0b:80:b5:c0:9f:78:02:d9:89:
                    eb:0d:3a:2f:97:a9:cd:3a:7d:f2:9a:7e:37:b7:7c:
                    1f:3b:fb:6d:a2:aa:0a:fc:eb:86:75:10:81:10:6d:
                    60:bc:1e:45:80:a8:ba:7d:e3:05:a9:8d:91:07:4e:
                    85:a8:f0:45:f3:91:b6:b7:50:cb:16:fd:ce:b1:57:
                    ec:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:01:DE:10:CC:B2:52:0D:21:66:08:50:DA:18:5A:66:8B:5B:51:51
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/PAHeEMyyUg0hZghQ2hhaZotbUVE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.213.150.0/24
                  194.105.89.0/24
                  213.218.228.0/24
                  213.218.255.0/24

    Signature Algorithm: sha256WithRSAEncryption
         23:38:3d:3c:c1:32:13:82:bf:94:20:41:b4:a9:f2:5d:ac:61:
         ee:47:76:e1:39:56:1b:e3:44:7f:e4:dd:e8:39:aa:f9:95:84:
         32:b0:83:51:a2:83:92:1b:54:c5:a9:f6:08:d8:58:72:ec:ff:
         94:12:2a:ac:8e:7a:e1:b3:06:60:72:a5:d8:86:95:ff:65:75:
         84:75:25:56:a9:4c:67:53:53:d8:30:62:6c:ab:a5:e7:9d:1e:
         89:ef:5d:ba:ed:4f:c2:ce:ff:e1:e0:38:5e:24:8a:df:e2:2c:
         21:6f:4f:03:e0:88:15:34:f0:ee:2b:e3:d6:3e:8e:a9:fd:15:
         08:38:b8:46:64:38:2e:eb:24:57:67:dd:dd:d9:91:87:f3:60:
         f9:08:dd:02:20:a5:9b:6b:3a:c3:11:34:ea:c8:8b:03:bb:57:
         21:fc:10:27:3e:25:ba:1d:93:a9:5b:54:36:86:a8:13:b6:62:
         40:26:f4:75:e0:4d:53:4b:1d:8b:46:ce:92:17:bb:3e:68:28:
         9c:35:e7:79:f4:f4:ed:84:23:d1:f1:d9:f3:71:9b:ef:d0:e9:
         0f:a1:d8:67:9d:8e:a4:d8:25:ca:ea:7f:90:70:c9:c3:0b:d0:
         f9:2b:6c:c4:9a:de:fe:a5:32:6b:db:e2:00:53:15:9c:01:c4:
         66:0c:be:28
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY80yKoFnYfX2j1fJ87+MY9EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNTAxMTUzMTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzAxZGUxMGNjYjI1MjBkMjE2NjA4NTBkYTE4NWE2NjhiNWI1MTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlItNSdMXF/R9VEVw4I6tnzbDyJaC
/5NMkCBi3wjfrRl/sOca+zf6d+ICqsRZIDjMADoJbXMSaIJe2778+bBOMNFY3IiC
EetnkCrva2PNiXawsYPWwDl9Qr3pCovCd9xUvM7OK7ZnIZzcU0/eLm2U/p7TrObg
TL4J2nQX3xfPXb+xwo1FPLsQdHaCg17YhZ2iQGC1tmugA0FZmhk2iFORNeX5DzT3
VIfsfca+L0j/rLHFwIemgi2eLvELgLXAn3gC2YnrDTovl6nNOn3ymn43t3wfO/tt
oqoK/OuGdRCBEG1gvB5FgKi6feMFqY2RB06FqPBF85G2t1DLFv3OsVfsawIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDwB3hDMslINIWYIUNoYWmaLW1FRMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvUEFIZUVNeXlVZzBoWmdoUTJoaGFab3RiVVZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAWdWWAwQA
wmlZAwQA1drkAwQA1dr/MA0GCSqGSIb3DQEBCwUAA4IBAQAjOD08wTITgr+UIEG0
qfJdrGHuR3bhOVYb40R/5N3oOar5lYQysINRooOSG1TFqfYI2Fhy7P+UEiqsjnrh
swZgcqXYhpX/ZXWEdSVWqUxnU1PYMGJsq6XnnR6J71267U/Czv/h4DheJIrf4iwh
b08D4IgVNPDuK+PWPo6p/RUIOLhGZDgu6yRXZ93d2ZGH82D5CN0CIKWbazrDETTq
yIsDu1ch/BAnPiW6HZOpW1Q2hqgTtmJAJvR14E1TSx2LRs6SF7s+aCicNed59PTt
hCPR8dnzcZvv0OkPodhnnY6k2CXK6n+QcMnDC9D5K2zEmt7+pTJr2+IAUxWcAcRm
DL4o
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:23 2024 by rpki-client on console-ams.rpki-client.org