Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/VTzYlqoclONJJ7Pifodqs03cmNU.roa
File:                     VTzYlqoclONJJ7Pifodqs03cmNU.roa (raw, json)
Hash identifier:          LlO4eH/QhbmWilX8yxt7/BF+VtZtIcEspGS0irrFypk=
Subject key identifier:   55:3C:D8:96:AA:1C:94:E3:49:27:B3:E2:7E:87:6A:B3:4D:DC:98:D5
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018D560143DCE02C3BAF9E0AA35AD50A98BE
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/VTzYlqoclONJJ7Pifodqs03cmNU.roa
Signing time:             Mon 29 Jan 2024 16:15:39 +0000
ROA not before:           Mon 29 Jan 2024 16:15:39 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     216075
IP address blocks:        89.213.140.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 05 Mar 2024 09:53:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:56:01:43:dc:e0:2c:3b:af:9e:0a:a3:5a:d5:0a:98:be
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jan 29 16:15:39 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=553cd896aa1c94e34927b3e27e876ab34ddc98d5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:58:62:0f:92:20:d8:e0:3b:2a:19:59:52:94:
                    7e:2a:2f:d2:d4:c5:d5:b6:32:47:be:cd:55:13:5f:
                    d4:28:45:1c:23:0b:bc:c8:9e:82:c0:84:8b:f9:a1:
                    2d:9f:d3:00:f4:cb:58:08:d7:cd:3c:c0:d6:3f:55:
                    b5:bd:05:0a:4b:7e:15:4e:f2:c8:7c:7b:7e:bb:f7:
                    aa:89:f7:05:c6:2b:aa:da:2e:e3:6c:20:0c:bb:c0:
                    36:ce:e5:30:0a:b1:45:01:e4:ed:e6:4e:2d:87:74:
                    bc:c5:0b:c1:7e:16:05:2d:e8:97:c4:f1:a4:45:2a:
                    ba:57:a0:5b:b7:5a:87:c3:19:da:53:de:43:e5:b4:
                    c2:6e:2b:88:10:fa:75:0e:e5:0d:58:0a:ab:0a:fe:
                    de:e4:a7:b0:49:92:26:c7:c5:c4:06:a0:46:5b:a3:
                    a7:c2:95:f8:1e:a9:19:fd:01:90:53:1b:88:61:fd:
                    a6:39:da:6d:67:18:c3:1e:28:bc:d9:4d:37:87:ca:
                    c4:0c:3b:5a:c7:c4:c0:98:97:89:b6:00:ef:c2:0d:
                    18:8f:bc:46:d6:64:27:25:90:c6:5b:c6:fa:15:e8:
                    8f:5e:e4:dc:1d:d3:71:4b:01:65:62:1b:ff:4e:c4:
                    a6:27:8f:88:fb:fc:92:20:ba:08:53:e8:ea:94:13:
                    16:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:3C:D8:96:AA:1C:94:E3:49:27:B3:E2:7E:87:6A:B3:4D:DC:98:D5
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/VTzYlqoclONJJ7Pifodqs03cmNU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.213.140.0/24

    Signature Algorithm: sha256WithRSAEncryption
         44:83:2f:b3:5c:7b:9d:77:b4:f3:e2:95:3a:e1:b2:cd:bb:73:
         dc:bb:bb:a3:06:6b:81:41:a9:3d:8e:26:13:50:c0:e1:76:b3:
         d6:03:bc:3a:55:32:16:9a:85:d3:c5:ca:86:90:1b:6d:0f:cf:
         1b:9d:cb:dc:e6:f2:c2:ef:ef:36:03:85:ff:d3:4f:c0:a8:68:
         ba:c2:3b:78:57:8f:9b:df:11:8d:f1:a0:5e:9a:f1:43:04:92:
         30:0b:d8:24:c1:97:31:9e:da:ba:2d:4d:7e:4b:b0:a2:fe:e8:
         10:3e:c0:ea:00:b8:2d:3d:b2:e8:11:68:48:09:4d:50:78:e2:
         51:41:d4:61:36:12:4a:50:94:f8:35:de:f4:72:3d:7b:3e:f6:
         34:f2:ea:ee:e6:0b:ea:8b:b4:53:36:fb:40:1f:ca:b5:38:13:
         79:fa:22:d3:95:10:e5:19:fb:77:ed:28:11:32:09:6f:93:15:
         e2:9a:09:7b:1c:e4:6a:b8:31:a4:8a:f1:21:b2:b5:be:cf:50:
         ab:13:d4:29:34:41:55:0d:2c:cd:2b:a2:c3:e1:97:f2:c4:c3:
         aa:fe:72:c5:1b:4d:89:33:79:58:fa:78:0e:32:8c:89:98:6b:
         4c:88:b4:c8:7a:58:78:14:7a:47:9f:60:a4:50:c7:bd:e5:9d:
         d0:53:32:01
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY1WAUPc4Cw7r54Ko1rVCpi+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMTI5MTYxNTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTNjZDg5NmFhMWM5NGUzNDkyN2IzZTI3ZTg3NmFiMzRkZGM5OGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAklhiD5Ig2OA7KhlZUpR+Ki/S1MXV
tjJHvs1VE1/UKEUcIwu8yJ6CwISL+aEtn9MA9MtYCNfNPMDWP1W1vQUKS34VTvLI
fHt+u/eqifcFxiuq2i7jbCAMu8A2zuUwCrFFAeTt5k4th3S8xQvBfhYFLeiXxPGk
RSq6V6Bbt1qHwxnaU95D5bTCbiuIEPp1DuUNWAqrCv7e5KewSZImx8XEBqBGW6On
wpX4HqkZ/QGQUxuIYf2mOdptZxjDHii82U03h8rEDDtax8TAmJeJtgDvwg0Yj7xG
1mQnJZDGW8b6FeiPXuTcHdNxSwFlYhv/TsSmJ4+I+/ySILoIU+jqlBMWbwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFU82JaqHJTjSSez4n6HarNN3JjVMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvVlR6WWxxb2NsT05KSjdQaWZvZHFzMDNjbU5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWdWMMA0G
CSqGSIb3DQEBCwUAA4IBAQBEgy+zXHudd7Tz4pU64bLNu3Pcu7ujBmuBQak9jiYT
UMDhdrPWA7w6VTIWmoXTxcqGkBttD88bncvc5vLC7+82A4X/00/AqGi6wjt4V4+b
3xGN8aBemvFDBJIwC9gkwZcxntq6LU1+S7Ci/ugQPsDqALgtPbLoEWhICU1QeOJR
QdRhNhJKUJT4Nd70cj17PvY08uru5gvqi7RTNvtAH8q1OBN5+iLTlRDlGft37SgR
MglvkxXimgl7HORquDGkivEhsrW+z1CrE9QpNEFVDSzNK6LD4ZfyxMOq/nLFG02J
M3lY+ngOMoyJmGtMiLTIelh4FHpHn2CkUMe95Z3QUzIB
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:23 2024 by rpki-client on console-ams.rpki-client.org