Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/QQQISFVUcsiT6Tu07SMN0gJhhjc.roa
File:                     QQQISFVUcsiT6Tu07SMN0gJhhjc.roa (raw, json)
Hash identifier:          q1fShL5+qdjjPp7a2rUVKTQWQbpbGRi08m9/f7HSNog=
Subject key identifier:   41:04:08:48:55:54:72:C8:93:E9:3B:B4:ED:23:0D:D2:02:61:86:37
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       0189CEF128AE5272AD542B9FDA01DB11C560
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/QQQISFVUcsiT6Tu07SMN0gJhhjc.roa
Signing time:             Mon 07 Aug 2023 07:40:58 +0000
ROA not before:           Mon 07 Aug 2023 07:40:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     35409
IP address blocks:        89.213.159.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 10 Aug 2023 07:23:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:ce:f1:28:ae:52:72:ad:54:2b:9f:da:01:db:11:c5:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Aug  7 07:40:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=41040848555472c893e93bb4ed230dd202618637
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:44:34:70:9a:4b:ac:18:f0:a1:ed:ce:83:7b:
                    83:4c:fb:db:93:6f:3a:e3:d1:f8:85:d6:d5:bb:81:
                    21:35:25:1a:fd:ed:4a:cf:65:ad:cf:fd:3e:fd:12:
                    c7:01:3f:c9:ee:10:19:5b:c9:49:6a:65:38:3f:e3:
                    61:16:f7:de:a4:1b:67:ce:53:a6:7e:a9:ba:d8:38:
                    ee:62:d4:02:a3:17:3a:6f:db:70:21:8d:80:80:2b:
                    9b:16:82:d0:72:25:33:a7:4a:27:d9:ea:b1:76:ab:
                    bb:b0:9f:71:e3:cd:23:ca:27:64:dd:87:e2:c3:d0:
                    70:70:95:61:e3:c8:31:2e:ba:9e:8a:d1:80:f5:a3:
                    08:d6:47:15:29:12:f6:91:3a:93:6c:56:36:8b:6e:
                    85:4d:78:95:b5:fb:b2:1f:76:8e:c3:d4:fc:1a:1b:
                    d7:93:93:8d:88:59:c3:90:83:d4:ec:3d:f2:45:2b:
                    c4:29:62:84:42:34:92:05:31:42:85:90:6b:53:e0:
                    b6:ba:87:e6:45:99:99:48:87:cf:b8:fd:61:aa:80:
                    7f:71:06:8b:b5:cf:18:c5:a1:b8:f4:9f:7f:64:e7:
                    5b:dc:f2:cb:79:66:38:77:6a:78:2a:f1:fc:0d:60:
                    d6:5d:2a:24:79:a8:58:1d:db:7a:1e:f8:4e:ac:1c:
                    39:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:04:08:48:55:54:72:C8:93:E9:3B:B4:ED:23:0D:D2:02:61:86:37
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/QQQISFVUcsiT6Tu07SMN0gJhhjc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.213.159.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3f:9b:47:42:b5:77:9a:55:3c:15:22:9a:32:49:41:18:d6:e4:
         2b:5c:47:ec:d4:9b:ea:c7:c3:62:ef:2d:9f:82:bb:58:5c:ff:
         c3:a4:2d:20:13:cd:0b:36:1f:e5:f1:f8:62:1e:af:c2:41:0d:
         02:2a:cf:b4:93:5e:79:e2:52:5b:34:e8:dc:22:63:12:9c:f2:
         be:45:5c:90:26:e2:7f:d9:74:d6:f7:a2:4f:b6:11:19:e6:5d:
         c9:0e:dc:14:51:e8:e1:03:89:31:92:ce:e8:c3:7d:75:d2:66:
         9a:1f:6b:f5:fb:07:61:84:7a:16:93:68:e0:c6:7c:aa:90:87:
         2a:7e:8a:50:e3:b6:47:4e:80:f2:92:df:49:4d:b4:6e:ae:07:
         0f:6f:3c:97:60:5e:75:16:99:46:eb:fb:8c:7f:b6:c4:7d:c0:
         c0:31:bc:1a:4f:5e:d0:79:f2:0a:e1:12:d4:01:3b:04:c6:e8:
         ff:2d:a6:9f:3d:11:ff:06:78:03:9e:06:8a:b1:0d:bf:22:08:
         58:48:ce:b6:67:39:a4:55:f3:e7:8c:1d:92:9f:00:11:1b:08:
         56:5e:d9:27:2d:7a:02:7d:70:18:03:bc:4f:d8:40:94:84:60:
         ae:a0:7b:31:3b:ab:17:de:13:7d:87:b1:b7:39:5a:9b:53:a6:
         84:d0:1f:94
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYnO8SiuUnKtVCuf2gHbEcVgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwODA3MDc0MDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTA0MDg0ODU1NTQ3MmM4OTNlOTNiYjRlZDIzMGRkMjAyNjE4NjM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj0Q0cJpLrBjwoe3Og3uDTPvbk286
49H4hdbVu4EhNSUa/e1Kz2Wtz/0+/RLHAT/J7hAZW8lJamU4P+NhFvfepBtnzlOm
fqm62DjuYtQCoxc6b9twIY2AgCubFoLQciUzp0on2eqxdqu7sJ9x480jyidk3Yfi
w9BwcJVh48gxLrqeitGA9aMI1kcVKRL2kTqTbFY2i26FTXiVtfuyH3aOw9T8GhvX
k5ONiFnDkIPU7D3yRSvEKWKEQjSSBTFChZBrU+C2uofmRZmZSIfPuP1hqoB/cQaL
tc8YxaG49J9/ZOdb3PLLeWY4d2p4KvH8DWDWXSokeahYHdt6HvhOrBw52QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEEECEhVVHLIk+k7tO0jDdICYYY3MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvUVFRSVNGVlVjc2lUNlR1MDdTTU4wZ0poaGpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWdWfMA0G
CSqGSIb3DQEBCwUAA4IBAQA/m0dCtXeaVTwVIpoySUEY1uQrXEfs1Jvqx8Ni7y2f
grtYXP/DpC0gE80LNh/l8fhiHq/CQQ0CKs+0k1554lJbNOjcImMSnPK+RVyQJuJ/
2XTW96JPthEZ5l3JDtwUUejhA4kxks7ow3110maaH2v1+wdhhHoWk2jgxnyqkIcq
fopQ47ZHToDykt9JTbRurgcPbzyXYF51FplG6/uMf7bEfcDAMbwaT17QefIK4RLU
ATsExuj/LaafPRH/BngDngaKsQ2/IghYSM62ZzmkVfPnjB2SnwARGwhWXtknLXoC
fXAYA7xP2ECUhGCuoHsxO6sX3hN9h7G3OVqbU6aE0B+U
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:15 2024 by rpki-client on console-fra.rpki-client.org