Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/S6hzryEQEtiUnLTJrwt5GsWpkog.roa
File:                     S6hzryEQEtiUnLTJrwt5GsWpkog.roa (raw, json)
Hash identifier:          PaP8qxfl27QtF82au/DaWuu4EP/ePHhWTrrpJFJIdI8=
Subject key identifier:   4B:A8:73:AF:21:10:12:D8:94:9C:B4:C9:AF:0B:79:1A:C5:A9:92:88
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018EA2DD236AB3D39847808456944F7DCDBF
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/S6hzryEQEtiUnLTJrwt5GsWpkog.roa
Signing time:             Wed 03 Apr 2024 07:29:45 +0000
ROA not before:           Wed 03 Apr 2024 07:29:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     60504
IP address blocks:        89.213.0.0/22 maxlen: 24
                          213.130.140.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Wed 10 Apr 2024 08:12:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:a2:dd:23:6a:b3:d3:98:47:80:84:56:94:4f:7d:cd:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Apr  3 07:29:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=4ba873af211012d8949cb4c9af0b791ac5a99288
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:42:d8:c0:65:2c:96:df:4e:e0:a0:be:0e:cd:
                    cd:9e:9b:a9:d1:78:0b:15:2e:9e:8c:b6:42:b1:72:
                    26:17:0d:60:fb:56:12:74:52:eb:fa:0e:32:3f:98:
                    e0:e3:84:aa:e5:71:3b:28:35:04:ab:a0:f4:3d:ba:
                    db:d7:5e:b8:bc:d2:c2:1b:de:2b:00:a4:a1:89:43:
                    48:c6:01:5c:78:a6:04:86:d5:62:7a:63:8f:cc:f7:
                    d4:f4:e2:ab:70:a9:7d:ef:fe:2a:91:e7:56:5f:b7:
                    01:ce:e2:cc:f5:9d:2f:a8:d2:86:26:3f:62:fd:9e:
                    80:96:75:d8:1b:e8:77:26:5b:fe:4c:ef:11:d5:02:
                    f0:dc:6d:fb:25:67:d8:0b:2c:49:e1:11:05:4b:dd:
                    1d:e1:d4:15:7d:b7:92:29:f0:15:81:11:22:73:5f:
                    38:d7:7f:9a:ec:af:16:7f:e2:e6:53:3b:14:4c:82:
                    6c:0a:1a:34:c4:2e:d2:59:b7:ee:6a:ff:cb:08:01:
                    ab:f4:0b:37:87:17:ba:c3:8f:72:9d:36:5c:52:0f:
                    10:62:42:98:8e:64:66:e8:cc:62:8d:41:a8:53:21:
                    79:fc:f0:fb:3e:7e:16:02:f4:cb:46:ed:78:83:de:
                    5b:d4:dc:0e:5f:2a:98:d1:22:fe:5c:0a:89:71:bb:
                    5a:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:A8:73:AF:21:10:12:D8:94:9C:B4:C9:AF:0B:79:1A:C5:A9:92:88
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/S6hzryEQEtiUnLTJrwt5GsWpkog.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.213.0.0/22
                  213.130.140.0/22

    Signature Algorithm: sha256WithRSAEncryption
         4f:68:6e:89:84:64:a6:28:df:f0:c9:5d:52:4c:43:3f:38:c3:
         b9:9d:ab:99:8b:09:25:f7:ec:db:48:b1:f3:3f:6a:a5:66:38:
         4c:fb:e9:7b:55:0f:2e:4f:f4:b2:e3:c7:db:52:ba:e8:43:a3:
         05:f6:90:9b:1c:20:d7:08:36:e4:b9:c2:9b:8d:58:99:e9:75:
         91:7e:12:af:99:7e:9a:dd:b7:28:b9:b1:2f:95:2e:d4:1a:56:
         e1:2a:81:1c:53:75:28:98:e6:21:49:86:d4:a3:cf:e8:9d:3f:
         41:40:c5:32:01:28:dc:4a:75:7b:6b:6f:17:2a:80:7a:e2:1e:
         90:85:43:2f:c4:f5:09:38:5d:57:94:e4:1e:80:83:b3:41:7b:
         78:23:b2:52:b6:d1:22:4f:76:52:56:9e:6a:9b:05:d7:59:89:
         92:f2:28:84:94:7d:60:6a:08:ac:fa:07:0e:b7:54:35:d2:4d:
         d5:74:38:65:a1:44:58:38:2b:b1:8a:72:a7:4f:36:53:1c:e0:
         f0:1d:c3:8f:e9:87:91:f5:a9:c0:ff:d3:c5:09:06:97:30:ba:
         14:8e:78:39:51:67:d9:22:84:8d:c6:72:2e:1c:fc:98:84:30:
         dc:51:c6:5c:70:4a:63:94:6a:4d:84:7a:81:8a:91:7b:a6:6c:
         fb:4b:f7:67
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY6i3SNqs9OYR4CEVpRPfc2/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNDAzMDcyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmE4NzNhZjIxMTAxMmQ4OTQ5Y2I0YzlhZjBiNzkxYWM1YTk5Mjg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt0LYwGUslt9O4KC+Ds3Nnpup0XgL
FS6ejLZCsXImFw1g+1YSdFLr+g4yP5jg44Sq5XE7KDUEq6D0Pbrb1164vNLCG94r
AKShiUNIxgFceKYEhtViemOPzPfU9OKrcKl97/4qkedWX7cBzuLM9Z0vqNKGJj9i
/Z6AlnXYG+h3Jlv+TO8R1QLw3G37JWfYCyxJ4REFS90d4dQVfbeSKfAVgREic184
13+a7K8Wf+LmUzsUTIJsCho0xC7SWbfuav/LCAGr9As3hxe6w49ynTZcUg8QYkKY
jmRm6MxijUGoUyF5/PD7Pn4WAvTLRu14g95b1NwOXyqY0SL+XAqJcbtaoQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEuoc68hEBLYlJy0ya8LeRrFqZKIMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvUzZoenJ5RVFFdGlVbkxUSnJ3dDVHc1dwa29nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCWdUAAwQC
1YKMMA0GCSqGSIb3DQEBCwUAA4IBAQBPaG6JhGSmKN/wyV1STEM/OMO5nauZiwkl
9+zbSLHzP2qlZjhM++l7VQ8uT/Sy48fbUrroQ6MF9pCbHCDXCDbkucKbjViZ6XWR
fhKvmX6a3bcoubEvlS7UGlbhKoEcU3UomOYhSYbUo8/onT9BQMUyASjcSnV7a28X
KoB64h6QhUMvxPUJOF1XlOQegIOzQXt4I7JSttEiT3ZSVp5qmwXXWYmS8iiElH1g
agis+gcOt1Q10k3VdDhloURYOCuxinKnTzZTHODwHcOP6YeR9anA/9PFCQaXMLoU
jng5UWfZIoSNxnIuHPyYhDDcUcZccEpjlGpNhHqBipF7pmz7S/dn
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:16 2024 by rpki-client on console-fra.rpki-client.org