Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/TVguooIRDhSjUWOAh66_gYKYY0c.roa
File:                     TVguooIRDhSjUWOAh66_gYKYY0c.roa (raw, json)
Hash identifier:          HzK81RiQEV9i6NeA7joWb/Hi8KxykyXE1eS8VS6M3kk=
Subject key identifier:   4D:58:2E:A2:82:11:0E:14:A3:51:63:80:87:AE:BF:81:82:98:63:47
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       0189D3FFB98BE5C38A1F63B493C2FA6B8420
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/TVguooIRDhSjUWOAh66_gYKYY0c.roa
Signing time:             Tue 08 Aug 2023 07:14:58 +0000
ROA not before:           Tue 08 Aug 2023 07:14:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     49999
IP address blocks:        213.152.61.0/24 maxlen: 24
                          109.176.209.0/24 maxlen: 24
                          109.176.208.0/24 maxlen: 24
                          89.213.170.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 09 Aug 2023 16:19:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:d3:ff:b9:8b:e5:c3:8a:1f:63:b4:93:c2:fa:6b:84:20
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Aug  8 07:14:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4d582ea282110e14a351638087aebf8182986347
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:b2:0b:0b:98:e5:40:33:82:8d:7c:04:89:fa:
                    c8:c2:d2:68:7e:b2:b1:86:e5:e8:79:b0:d7:3d:c4:
                    96:c4:ac:fb:8d:cf:47:b0:f3:9a:ce:b7:2a:3e:6e:
                    83:e2:c6:59:7e:e1:0b:08:31:ab:2a:9b:bf:11:89:
                    cc:0f:e3:ee:af:2f:ba:fa:7b:13:83:26:36:bd:7d:
                    f4:d7:6b:49:f4:1b:ff:8c:7f:f9:fe:6e:1e:15:2d:
                    86:87:27:a6:52:42:aa:50:55:11:59:b8:29:29:83:
                    8a:a8:ea:3e:1e:85:b6:4e:af:4b:af:c3:68:70:43:
                    47:f0:8a:42:4a:94:56:f6:89:33:c4:21:1a:bc:db:
                    d6:49:93:bd:b7:21:b7:6e:45:40:47:63:c6:19:59:
                    35:b8:10:f3:a3:7f:35:7f:0b:6b:28:60:01:87:90:
                    e6:75:5f:08:63:79:82:69:80:0d:4f:ff:b0:17:93:
                    14:cd:b5:90:0b:22:76:f4:8a:86:94:f0:d1:5f:45:
                    fb:83:4b:44:c6:e1:e8:dc:11:7b:26:9c:b2:b9:6f:
                    a6:d4:5e:7b:3e:e2:f9:e8:e5:8f:d7:ef:03:5d:ae:
                    53:35:e6:97:9e:c0:54:c8:2f:4f:b8:7a:90:41:4a:
                    bf:48:91:cb:1b:cd:b4:8d:04:e1:77:06:07:81:e1:
                    c9:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:58:2E:A2:82:11:0E:14:A3:51:63:80:87:AE:BF:81:82:98:63:47
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/TVguooIRDhSjUWOAh66_gYKYY0c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.213.170.0/24
                  109.176.208.0/23
                  213.152.61.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6c:48:6a:c7:54:39:81:33:07:b4:74:0d:22:66:5f:23:70:8f:
         f5:da:64:5f:1e:77:ee:ae:bf:04:08:1e:f6:00:0b:88:18:43:
         26:bd:04:86:1c:7c:fd:76:bf:6c:cb:9e:31:bb:02:d3:21:12:
         a1:2b:48:3b:e6:6d:2b:66:3d:86:bd:a3:45:de:33:a8:91:ba:
         c7:b6:41:59:27:6e:bb:cf:17:86:04:de:33:0f:a2:d4:50:12:
         7a:9c:e8:2b:57:e0:e5:99:9e:8b:1e:9c:54:7f:24:ae:14:57:
         92:c4:43:73:3d:3a:08:63:b2:75:dc:ab:61:1e:4a:e8:ae:b8:
         7e:06:16:73:54:d9:58:37:ae:30:b6:c8:f2:75:97:ee:03:04:
         52:e6:c9:5f:f9:97:5e:a7:e9:03:80:3e:8c:47:c1:d8:42:5d:
         2d:ab:5c:e9:5f:46:bf:2d:7d:01:55:93:45:04:71:e1:e3:54:
         c1:54:20:11:6b:2e:2e:a6:51:cf:95:26:d1:1f:c7:60:ef:55:
         06:50:52:9e:db:18:15:c9:70:75:83:d8:a2:67:8a:d3:d2:db:
         d6:81:89:90:77:60:90:cd:31:e3:2b:bf:3c:11:86:c0:42:74:
         10:4d:0f:12:e0:17:f9:16:93:cb:ba:9d:75:49:8c:59:91:ab:
         d3:7e:22:43
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYnT/7mL5cOKH2O0k8L6a4QgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwODA4MDcxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDU4MmVhMjgyMTEwZTE0YTM1MTYzODA4N2FlYmY4MTgyOTg2MzQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArrILC5jlQDOCjXwEifrIwtJofrKx
huXoebDXPcSWxKz7jc9HsPOazrcqPm6D4sZZfuELCDGrKpu/EYnMD+Pury+6+nsT
gyY2vX3012tJ9Bv/jH/5/m4eFS2GhyemUkKqUFURWbgpKYOKqOo+HoW2Tq9Lr8No
cENH8IpCSpRW9okzxCEavNvWSZO9tyG3bkVAR2PGGVk1uBDzo381fwtrKGABh5Dm
dV8IY3mCaYANT/+wF5MUzbWQCyJ29IqGlPDRX0X7g0tExuHo3BF7JpyyuW+m1F57
PuL56OWP1+8DXa5TNeaXnsBUyC9PuHqQQUq/SJHLG820jQThdwYHgeHJFQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFE1YLqKCEQ4Uo1FjgIeuv4GCmGNHMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvVFZndW9vSVJEaFNqVVdPQWg2Nl9nWUtZWTBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWdWqAwQB
bbDQAwQA1Zg9MA0GCSqGSIb3DQEBCwUAA4IBAQBsSGrHVDmBMwe0dA0iZl8jcI/1
2mRfHnfurr8ECB72AAuIGEMmvQSGHHz9dr9sy54xuwLTIRKhK0g75m0rZj2GvaNF
3jOokbrHtkFZJ267zxeGBN4zD6LUUBJ6nOgrV+DlmZ6LHpxUfySuFFeSxENzPToI
Y7J13KthHkrorrh+BhZzVNlYN64wtsjydZfuAwRS5slf+Zdep+kDgD6MR8HYQl0t
q1zpX0a/LX0BVZNFBHHh41TBVCARay4uplHPlSbRH8dg71UGUFKe2xgVyXB1g9ii
Z4rT0tvWgYmQd2CQzTHjK788EYbAQnQQTQ8S4Bf5FpPLup11SYxZkavTfiJD
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:23 2024 by rpki-client on console-ams.rpki-client.org