Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Pg5ELsV8J9IKzzv0VVXf5YCqysk.roa
File:                     Pg5ELsV8J9IKzzv0VVXf5YCqysk.roa (raw, json)
Hash identifier:          XgS12TE7amRHjo8nv8AHQEpyj3U0MXz0yz6JH8a6fkY=
Subject key identifier:   3E:0E:44:2E:C5:7C:27:D2:0A:CF:3B:F4:55:55:DF:E5:80:AA:CA:C9
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018E8AB86931248E9EE98C0E79418FB91AD0
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Pg5ELsV8J9IKzzv0VVXf5YCqysk.roa
Signing time:             Fri 29 Mar 2024 14:58:45 +0000
ROA not before:           Fri 29 Mar 2024 14:58:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     16125
IP address blocks:        89.213.254.0/23 maxlen: 32

Validation:               Failed, certificate revoked on Fri 29 Mar 2024 16:34:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:8a:b8:69:31:24:8e:9e:e9:8c:0e:79:41:8f:b9:1a:d0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Mar 29 14:58:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=3e0e442ec57c27d20acf3bf45555dfe580aacac9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:e8:ee:4d:b2:fc:2f:74:ca:d0:2f:d8:33:74:
                    4a:a9:80:33:cc:e4:dc:78:c5:13:5d:94:ce:7f:1f:
                    12:2c:75:0c:cc:5e:df:2d:2d:f5:19:b1:e5:f1:a8:
                    48:22:85:fe:19:30:4a:2b:e9:a5:9a:3b:25:ee:ca:
                    29:3e:0e:c7:22:2c:23:64:38:93:a7:d1:42:8c:c5:
                    af:01:b7:b4:37:3c:66:9f:37:e0:61:bd:8f:df:89:
                    cc:9c:8c:13:f6:02:b4:62:9f:b1:27:2d:8c:d6:96:
                    96:4a:e6:bd:ec:71:2a:77:40:25:9d:7b:0f:14:0b:
                    18:dc:52:80:56:f9:77:4b:5a:84:e4:4f:0d:78:e0:
                    80:b1:32:50:7e:6d:4f:74:cc:e1:db:b2:bc:97:ce:
                    a7:2e:03:18:4c:a0:36:de:20:04:3c:44:a9:59:49:
                    fb:de:f9:fa:55:d7:a1:31:ac:3a:7d:9e:49:1b:8e:
                    78:d4:ef:b1:8b:e1:4d:61:ce:a6:1c:0f:dd:73:d2:
                    b2:f4:fc:a5:0d:9f:a8:6d:7a:9b:1c:c8:79:d4:a1:
                    bb:37:ab:4c:18:4e:87:bb:eb:e4:d4:80:06:78:bf:
                    70:c0:40:92:2e:96:9e:75:80:3d:e3:d6:de:63:34:
                    4d:67:34:70:38:32:ba:2d:1f:08:78:25:65:00:6f:
                    e1:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:0E:44:2E:C5:7C:27:D2:0A:CF:3B:F4:55:55:DF:E5:80:AA:CA:C9
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Pg5ELsV8J9IKzzv0VVXf5YCqysk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.213.254.0/23

    Signature Algorithm: sha256WithRSAEncryption
         3a:4a:96:fc:b2:97:e7:d6:72:59:44:18:4b:d1:61:55:80:f7:
         1e:3e:96:5f:01:37:48:d0:41:ce:4f:c0:0e:4c:26:03:42:e0:
         76:b5:8f:7b:1b:77:b4:a9:3e:be:ed:d9:4b:82:37:0b:71:76:
         72:e0:96:25:2e:bb:76:ae:81:89:c1:55:3c:17:a5:e1:57:83:
         32:94:8d:c9:2f:39:cf:23:ea:98:fc:0b:97:70:72:7f:8d:73:
         b4:0d:35:91:15:12:9d:a1:b1:e3:cc:54:27:d6:04:9d:a5:77:
         4f:34:19:ed:cc:8d:b1:7e:48:40:6e:7f:0b:28:32:79:68:b3:
         a7:2f:e0:00:40:d9:88:34:7f:f6:57:72:96:10:7c:54:27:eb:
         1a:4d:bb:88:71:28:75:d9:c1:a3:fb:53:23:3d:59:ce:49:9e:
         e7:30:d7:39:9d:bf:e6:06:8e:b6:62:82:45:ff:8b:7d:da:06:
         04:07:25:e0:d0:75:b2:8a:7a:23:83:76:41:3a:c9:34:6c:ea:
         f5:ed:94:99:c6:8b:29:91:23:dc:80:2f:7e:e5:c3:a7:40:66:
         2b:a3:35:6f:77:95:cf:32:b0:83:6a:49:76:1f:e1:da:9b:44:
         a5:8f:c9:ae:99:9b:5b:69:a8:52:6b:02:2d:f2:58:7e:f3:4f:
         fd:55:9d:8a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY6KuGkxJI6e6YwOeUGPuRrQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMzI5MTQ1ODQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTBlNDQyZWM1N2MyN2QyMGFjZjNiZjQ1NTU1ZGZlNTgwYWFjYWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhujuTbL8L3TK0C/YM3RKqYAzzOTc
eMUTXZTOfx8SLHUMzF7fLS31GbHl8ahIIoX+GTBKK+mlmjsl7sopPg7HIiwjZDiT
p9FCjMWvAbe0NzxmnzfgYb2P34nMnIwT9gK0Yp+xJy2M1paWSua97HEqd0AlnXsP
FAsY3FKAVvl3S1qE5E8NeOCAsTJQfm1PdMzh27K8l86nLgMYTKA23iAEPESpWUn7
3vn6VdehMaw6fZ5JG4541O+xi+FNYc6mHA/dc9Ky9PylDZ+obXqbHMh51KG7N6tM
GE6Hu+vk1IAGeL9wwECSLpaedYA949beYzRNZzRwODK6LR8IeCVlAG/hZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD4ORC7FfCfSCs879FVV3+WAqsrJMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvUGc1RUxzVjhKOUlLenp2MFZWWGY1WUNxeXNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBWdX+MA0G
CSqGSIb3DQEBCwUAA4IBAQA6Spb8spfn1nJZRBhL0WFVgPcePpZfATdI0EHOT8AO
TCYDQuB2tY97G3e0qT6+7dlLgjcLcXZy4JYlLrt2roGJwVU8F6XhV4MylI3JLznP
I+qY/AuXcHJ/jXO0DTWRFRKdobHjzFQn1gSdpXdPNBntzI2xfkhAbn8LKDJ5aLOn
L+AAQNmINH/2V3KWEHxUJ+saTbuIcSh12cGj+1MjPVnOSZ7nMNc5nb/mBo62YoJF
/4t92gYEByXg0HWyinojg3ZBOsk0bOr17ZSZxospkSPcgC9+5cOnQGYrozVvd5XP
MrCDakl2H+Ham0Slj8mumZtbaahSawIt8lh+80/9VZ2K
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:23 2024 by rpki-client on console-ams.rpki-client.org