Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/QKemPLA4GY-uQmmCI1LuscJj2Rk.roa
File:                     QKemPLA4GY-uQmmCI1LuscJj2Rk.roa (raw, json)
Hash identifier:          LKqZnV4ALvsoVMAi35YSTBk6C2Mw9XSsWkPKLWDvcXA=
Subject key identifier:   40:A7:A6:3C:B0:38:19:8F:AE:42:69:82:23:52:EE:B1:C2:63:D9:19
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018C812491168B227FF5CB18CD604FF20074
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/QKemPLA4GY-uQmmCI1LuscJj2Rk.roa
Signing time:             Tue 19 Dec 2023 08:15:06 +0000
ROA not before:           Tue 19 Dec 2023 08:15:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     58955
IP address blocks:        89.213.177.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:30:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:81:24:91:16:8b:22:7f:f5:cb:18:cd:60:4f:f2:00:74
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Dec 19 08:15:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=40a7a63cb038198fae4269822352eeb1c263d919
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:2b:2a:41:6d:83:d1:b6:44:f8:28:ab:79:7a:
                    87:2a:f4:b4:d4:87:69:bf:0b:eb:25:44:84:2b:65:
                    73:31:2e:9d:85:47:88:6e:c6:2e:c7:1c:58:96:77:
                    90:a3:50:f8:c0:74:63:07:26:ea:2a:0c:68:e9:a9:
                    cb:f9:c0:4e:ef:dc:29:23:44:5f:d1:81:23:7e:8d:
                    70:75:14:ab:e5:f9:1f:40:c0:b9:b0:a7:be:54:b4:
                    99:48:b8:e9:a6:e5:7d:a1:d2:90:48:33:08:a9:c1:
                    76:f2:f3:6f:90:06:3b:f7:2a:f7:3a:36:74:ae:57:
                    83:d8:c6:02:4c:1d:b6:9f:57:d7:ad:17:55:25:c6:
                    bd:e1:64:65:20:8b:84:12:4c:d3:d9:9b:68:19:19:
                    3b:cd:8a:f3:6b:fd:32:0e:a7:dc:e7:12:b6:f4:88:
                    6d:be:dd:98:ac:73:92:e1:65:ef:80:c8:c1:df:fc:
                    d4:d9:6c:73:b1:23:e7:8a:ae:0e:e4:b0:58:fe:38:
                    51:33:e8:8f:c5:ea:04:01:de:ac:6e:f6:bc:77:e8:
                    1c:38:de:91:c2:61:e5:6b:90:a7:66:36:f9:c5:ba:
                    31:a9:da:57:c9:62:14:1f:08:92:97:ea:62:01:a3:
                    f2:39:59:dc:58:83:f9:3f:d8:41:e8:0c:2d:85:77:
                    f4:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:A7:A6:3C:B0:38:19:8F:AE:42:69:82:23:52:EE:B1:C2:63:D9:19
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/QKemPLA4GY-uQmmCI1LuscJj2Rk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.213.177.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5d:f9:ac:f3:79:9c:02:2d:32:58:74:13:35:7d:ed:90:cd:45:
         f1:25:ec:d5:90:51:b4:b3:22:91:38:29:22:ad:39:93:11:1a:
         4c:97:5b:92:1b:c3:a6:4c:86:85:82:d4:b2:3c:95:e3:ba:61:
         04:16:9d:df:3b:4f:19:ab:94:16:28:76:ae:dc:74:ef:ca:93:
         4d:36:9d:82:5d:ed:89:9e:96:47:8d:bb:67:ed:2f:b0:f6:4b:
         f1:48:99:4b:2c:75:40:54:8d:3a:e1:f2:9f:76:3a:e2:d9:3a:
         9c:04:3f:a5:09:cc:7c:2e:a8:d9:a1:c4:2b:72:0c:d4:11:bf:
         c3:6a:02:64:6f:1a:61:ea:8c:f5:b9:31:2d:78:59:7c:0b:3d:
         e2:4f:f7:c6:38:94:73:99:75:38:8e:9c:0b:d2:3e:e8:1b:22:
         43:6e:1f:20:2b:97:7f:e8:be:09:1e:51:c9:1e:32:37:d0:a3:
         51:8c:17:0e:25:89:52:b0:71:2a:b7:ba:38:02:90:ad:c8:4b:
         32:f2:b1:b4:7c:e4:ee:2f:3a:06:be:ae:f2:d7:86:d0:37:41:
         43:04:76:85:4c:48:eb:bf:67:65:b5:1a:3f:ba:55:16:df:5a:
         b8:5c:e3:9e:42:1b:d8:ed:df:a7:83:fb:a1:63:bf:cd:ff:48:
         1d:b0:fd:f0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYyBJJEWiyJ/9csYzWBP8gB0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMxMjE5MDgxNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGE3YTYzY2IwMzgxOThmYWU0MjY5ODIyMzUyZWViMWMyNjNkOTE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmysqQW2D0bZE+CireXqHKvS01Idp
vwvrJUSEK2VzMS6dhUeIbsYuxxxYlneQo1D4wHRjBybqKgxo6anL+cBO79wpI0Rf
0YEjfo1wdRSr5fkfQMC5sKe+VLSZSLjppuV9odKQSDMIqcF28vNvkAY79yr3OjZ0
rleD2MYCTB22n1fXrRdVJca94WRlIIuEEkzT2ZtoGRk7zYrza/0yDqfc5xK29Iht
vt2YrHOS4WXvgMjB3/zU2WxzsSPniq4O5LBY/jhRM+iPxeoEAd6sbva8d+gcON6R
wmHla5CnZjb5xboxqdpXyWIUHwiSl+piAaPyOVncWIP5P9hB6AwthXf0xwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFECnpjywOBmPrkJpgiNS7rHCY9kZMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvUUtlbVBMQTRHWS11UW1tQ0kxTHVzY0pqMlJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWdWxMA0G
CSqGSIb3DQEBCwUAA4IBAQBd+azzeZwCLTJYdBM1fe2QzUXxJezVkFG0syKROCki
rTmTERpMl1uSG8OmTIaFgtSyPJXjumEEFp3fO08Zq5QWKHau3HTvypNNNp2CXe2J
npZHjbtn7S+w9kvxSJlLLHVAVI064fKfdjri2TqcBD+lCcx8LqjZocQrcgzUEb/D
agJkbxph6oz1uTEteFl8Cz3iT/fGOJRzmXU4jpwL0j7oGyJDbh8gK5d/6L4JHlHJ
HjI30KNRjBcOJYlSsHEqt7o4ApCtyEsy8rG0fOTuLzoGvq7y14bQN0FDBHaFTEjr
v2dltRo/ulUW31q4XOOeQhvY7d+ng/uhY7/N/0gdsP3w
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:15 2024 by rpki-client on console-fra.rpki-client.org