Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/UrqtOgJuJgElCC5LAzWpkvV-RVE.roa
File:                     UrqtOgJuJgElCC5LAzWpkvV-RVE.roa (raw, json)
Hash identifier:          wAFDD7e7LSDIcS0FdHo6vcKRLsvRN95Zh84mpJqiVPU=
Subject key identifier:   52:BA:AD:3A:02:6E:26:01:25:08:2E:4B:03:35:A9:92:F5:7E:45:51
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       0189B03BF583B2A1CF909CBF455958865FAA
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/UrqtOgJuJgElCC5LAzWpkvV-RVE.roa
Signing time:             Tue 01 Aug 2023 08:34:26 +0000
ROA not before:           Tue 01 Aug 2023 08:34:26 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204843
IP address blocks:        89.213.158.0/24 maxlen: 24
                          89.213.157.0/24 maxlen: 24
                          89.213.156.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 07 Aug 2023 07:23:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:b0:3b:f5:83:b2:a1:cf:90:9c:bf:45:59:58:86:5f:aa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Aug  1 08:34:26 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=52baad3a026e260125082e4b0335a992f57e4551
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:a0:c5:c3:31:60:c1:0f:5e:92:3d:ef:b0:c5:
                    55:24:63:ea:bc:4f:c9:47:02:9e:6a:94:39:11:8f:
                    2f:10:ea:89:b4:d9:ab:ea:2d:61:2e:b9:39:27:6c:
                    86:e1:22:49:96:74:2a:31:14:01:5d:18:f7:a1:ae:
                    22:14:bf:28:2c:0a:ce:39:2c:89:cc:fb:4f:df:9b:
                    77:15:5b:a5:f4:8a:9a:43:fb:dc:70:5e:ba:51:97:
                    af:a2:23:ec:1a:83:33:da:f0:48:39:c3:5e:d0:75:
                    ff:0d:c7:aa:36:e7:d2:61:95:41:35:73:07:ed:5f:
                    98:25:ee:01:a1:41:fe:95:88:a0:aa:88:b2:43:ed:
                    c7:77:75:7b:ef:67:e2:c9:29:09:11:c5:3e:c6:d0:
                    a6:68:8f:29:9c:32:6d:e4:0d:d8:87:48:4b:63:59:
                    65:c1:5b:dc:ce:b5:91:33:5d:76:7f:8b:8b:92:11:
                    a5:10:4d:dd:fd:5a:8d:20:2e:33:88:0a:6a:c8:21:
                    a2:41:9c:be:7b:c5:2c:3c:db:16:7d:8f:6e:b6:bc:
                    f6:91:5a:28:c0:a2:5a:db:d7:d2:c9:31:6f:33:ba:
                    e8:fa:5c:71:97:f5:16:79:7a:52:0a:45:08:01:2e:
                    d7:fb:c8:9c:22:14:56:fd:c3:60:69:be:bd:91:05:
                    05:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:BA:AD:3A:02:6E:26:01:25:08:2E:4B:03:35:A9:92:F5:7E:45:51
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/UrqtOgJuJgElCC5LAzWpkvV-RVE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.213.156.0-89.213.158.255

    Signature Algorithm: sha256WithRSAEncryption
         04:a2:76:fb:f0:40:34:e0:09:ba:94:86:35:c2:65:9d:55:8f:
         46:1b:37:99:8c:b3:21:a5:65:fa:fb:8b:c8:0d:10:6d:88:1f:
         39:ec:b5:44:70:50:94:b7:c5:20:9e:30:a6:83:0e:ce:af:fa:
         1b:65:13:7e:6c:51:9c:10:c5:9b:90:76:f8:c6:07:40:16:af:
         1e:32:1d:da:9e:a7:b5:54:81:83:a9:f4:33:41:f5:11:37:55:
         7a:cf:b4:ad:59:b1:2f:c3:f1:a9:c1:05:48:8c:6f:31:8f:d2:
         3b:96:7f:81:fe:6f:b5:e7:ee:cd:91:b7:4b:0a:e2:61:1a:61:
         6f:c3:ad:39:4a:dc:d7:29:e0:68:53:ea:cc:20:e1:ae:5c:2a:
         90:65:19:58:ce:8a:07:f8:ff:ce:2f:c4:14:1c:8c:ad:52:d6:
         5f:1c:a7:ca:2b:1c:3a:f2:e1:07:e7:a2:df:34:49:fc:ab:4a:
         5f:b3:fd:90:af:97:36:c0:51:d0:cc:6d:0e:03:57:c8:48:c0:
         8d:d1:a8:4f:68:0d:7e:21:b6:2f:db:e7:3a:78:89:8c:c2:93:
         0b:77:97:69:83:f8:16:c0:d9:6c:ea:4c:29:ac:10:d0:77:ac:
         6e:8a:2c:93:3d:b9:c9:cd:ae:b4:38:c2:62:0d:75:05:c8:08:
         5c:66:18:4e
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYmwO/WDsqHPkJy/RVlYhl+qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwODAxMDgzNDI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmJhYWQzYTAyNmUyNjAxMjUwODJlNGIwMzM1YTk5MmY1N2U0NTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh6DFwzFgwQ9ekj3vsMVVJGPqvE/J
RwKeapQ5EY8vEOqJtNmr6i1hLrk5J2yG4SJJlnQqMRQBXRj3oa4iFL8oLArOOSyJ
zPtP35t3FVul9IqaQ/vccF66UZevoiPsGoMz2vBIOcNe0HX/DceqNufSYZVBNXMH
7V+YJe4BoUH+lYigqoiyQ+3Hd3V772fiySkJEcU+xtCmaI8pnDJt5A3Yh0hLY1ll
wVvczrWRM112f4uLkhGlEE3d/VqNIC4ziApqyCGiQZy+e8UsPNsWfY9utrz2kVoo
wKJa29fSyTFvM7ro+lxxl/UWeXpSCkUIAS7X+8icIhRW/cNgab69kQUFuQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFFK6rToCbiYBJQguSwM1qZL1fkVRMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvVXJxdE9nSnVKZ0VsQ0M1TEF6V3BrdlYtUlZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAJZ1ZwD
BABZ1Z4wDQYJKoZIhvcNAQELBQADggEBAASidvvwQDTgCbqUhjXCZZ1Vj0YbN5mM
syGlZfr7i8gNEG2IHznstURwUJS3xSCeMKaDDs6v+htlE35sUZwQxZuQdvjGB0AW
rx4yHdqep7VUgYOp9DNB9RE3VXrPtK1ZsS/D8anBBUiMbzGP0juWf4H+b7Xn7s2R
t0sK4mEaYW/DrTlK3Ncp4GhT6swg4a5cKpBlGVjOigf4/84vxBQcjK1S1l8cp8or
HDry4Qfnot80SfyrSl+z/ZCvlzbAUdDMbQ4DV8hIwI3RqE9oDX4hti/b5zp4iYzC
kwt3l2mD+BbA2WzqTCmsENB3rG6KLJM9ucnNrrQ4wmINdQXICFxmGE4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:23 2024 by rpki-client on console-ams.rpki-client.org