Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/UYkOkSRgkxE0y4tGLOMrFJ83sM0.roa
File:                     UYkOkSRgkxE0y4tGLOMrFJ83sM0.roa (raw, json)
Hash identifier:          qGrwDTDCFVgjEy+K6iNuUBMtjg8RqrzLFYdghXwKIC4=
Subject key identifier:   51:89:0E:91:24:60:93:11:34:CB:8B:46:2C:E3:2B:14:9F:37:B0:CD
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018B661DE1BCEE8FCEC2ECE72AA26E0867DD
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/UYkOkSRgkxE0y4tGLOMrFJ83sM0.roa
Signing time:             Wed 25 Oct 2023 09:15:16 +0000
ROA not before:           Wed 25 Oct 2023 09:15:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     272833
IP address blocks:        89.213.159.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:30:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:66:1d:e1:bc:ee:8f:ce:c2:ec:e7:2a:a2:6e:08:67:dd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Oct 25 09:15:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=51890e912460931134cb8b462ce32b149f37b0cd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:0d:83:7e:c6:dc:42:a8:37:f1:d9:d3:2a:b9:
                    e5:fc:0c:92:4a:4b:e1:b2:49:7a:c1:40:e6:ee:80:
                    eb:9b:87:10:2e:c8:38:68:8f:c4:2b:ad:f9:9d:33:
                    53:75:56:c2:d0:8f:ce:08:b2:9d:77:b3:c5:a0:cf:
                    e1:b3:74:eb:7b:d0:ba:77:87:9d:1e:56:06:4a:d5:
                    08:7a:90:65:29:d2:fe:ad:9e:b0:e0:bb:3d:12:58:
                    d3:79:6d:07:52:10:f9:1f:a2:ae:6d:67:ba:14:02:
                    d7:5d:6b:1f:ed:75:d4:e5:dc:3a:b4:e9:9f:88:c7:
                    73:e6:cb:18:95:f5:1b:a6:e1:9d:5d:74:95:d3:3d:
                    a1:5e:78:bd:bf:f5:2a:83:f4:22:c1:d4:8c:a1:b0:
                    0b:05:e0:ce:6a:24:b6:c9:8a:42:7b:28:1d:12:b7:
                    37:81:69:91:56:56:12:2c:3a:ba:77:f3:0f:fc:30:
                    49:62:69:67:1b:8a:00:64:3d:f8:ba:d8:17:f0:e0:
                    10:06:d3:8f:fa:90:8c:9c:07:1f:39:65:b1:7b:c9:
                    bb:60:a8:f8:5f:b8:49:53:01:5c:9a:5d:c6:dc:b4:
                    e5:3b:05:e6:41:34:38:44:10:8f:a7:b4:82:01:2f:
                    e6:87:7e:1a:90:35:30:8a:d1:fd:77:c6:ae:f9:32:
                    ff:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:89:0E:91:24:60:93:11:34:CB:8B:46:2C:E3:2B:14:9F:37:B0:CD
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/UYkOkSRgkxE0y4tGLOMrFJ83sM0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.213.159.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9c:f3:7b:f2:fd:b4:71:1f:f2:ad:23:fe:8e:74:df:c3:83:82:
         86:b4:39:be:f5:bc:17:8e:19:2a:0f:2f:62:a1:8a:2f:c0:ed:
         94:fd:35:14:33:1a:4d:8e:c8:6a:4d:3a:66:bf:58:1a:85:6f:
         14:fc:02:41:7e:40:05:b3:37:2c:65:92:7e:82:31:d1:01:31:
         3f:8a:8f:d9:68:b7:fb:6a:d0:ba:9c:cc:04:8c:64:ce:8e:00:
         ee:62:02:5c:80:53:35:43:b5:e3:74:36:fc:fc:08:21:3f:ee:
         aa:47:4e:a0:86:a8:2e:37:88:a1:53:b0:55:91:c7:c7:27:a6:
         12:02:95:39:3a:8a:a3:38:96:ac:ff:f5:ac:61:15:d1:69:18:
         7e:9a:d0:d2:fc:86:6d:d3:0b:e4:2f:5f:c7:aa:ed:34:79:72:
         32:d4:cb:40:f3:96:fd:67:15:02:e9:0d:a0:e3:93:2f:7f:77:
         6a:af:3c:ff:4b:d6:9c:6f:d8:0e:73:65:9d:8c:66:45:c3:77:
         05:9d:58:5f:d3:51:ff:98:1b:72:a2:85:f3:3d:d3:09:0c:65:
         0f:7a:5f:ce:62:b5:00:aa:e4:ed:8c:b1:f2:c2:1e:c6:b8:d2:
         7b:ad:d4:0d:77:f4:08:ba:ff:1d:6f:9a:59:82:2f:83:ba:6f:
         df:df:71:fa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYtmHeG87o/OwuznKqJuCGfdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMxMDI1MDkxNTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTg5MGU5MTI0NjA5MzExMzRjYjhiNDYyY2UzMmIxNDlmMzdiMGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Q2DfsbcQqg38dnTKrnl/AySSkvh
skl6wUDm7oDrm4cQLsg4aI/EK635nTNTdVbC0I/OCLKdd7PFoM/hs3Tre9C6d4ed
HlYGStUIepBlKdL+rZ6w4Ls9EljTeW0HUhD5H6KubWe6FALXXWsf7XXU5dw6tOmf
iMdz5ssYlfUbpuGdXXSV0z2hXni9v/Uqg/QiwdSMobALBeDOaiS2yYpCeygdErc3
gWmRVlYSLDq6d/MP/DBJYmlnG4oAZD34utgX8OAQBtOP+pCMnAcfOWWxe8m7YKj4
X7hJUwFcml3G3LTlOwXmQTQ4RBCPp7SCAS/mh34akDUwitH9d8au+TL/TQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFGJDpEkYJMRNMuLRizjKxSfN7DNMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvVVlrT2tTUmdreEUweTR0R0xPTXJGSjgzc00wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWdWfMA0G
CSqGSIb3DQEBCwUAA4IBAQCc83vy/bRxH/KtI/6OdN/Dg4KGtDm+9bwXjhkqDy9i
oYovwO2U/TUUMxpNjshqTTpmv1gahW8U/AJBfkAFszcsZZJ+gjHRATE/io/ZaLf7
atC6nMwEjGTOjgDuYgJcgFM1Q7XjdDb8/AghP+6qR06ghqguN4ihU7BVkcfHJ6YS
ApU5OoqjOJas//WsYRXRaRh+mtDS/IZt0wvkL1/Hqu00eXIy1MtA85b9ZxUC6Q2g
45Mvf3dqrzz/S9acb9gOc2WdjGZFw3cFnVhf01H/mBtyooXzPdMJDGUPel/OYrUA
quTtjLHywh7GuNJ7rdQNd/QIuv8db5pZgi+Dum/f33H6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:16 2024 by rpki-client on console-fra.rpki-client.org