Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/WKuP-Iy-HcF0u-5wsygJspXuKJs.roa
File:                     WKuP-Iy-HcF0u-5wsygJspXuKJs.roa (raw, json)
Hash identifier:          gI7RhFh9CJXU/n3W40Aomns8vLsGjpoLAR0x9r5Yy5w=
Subject key identifier:   58:AB:8F:F8:8C:BE:1D:C1:74:BB:EE:70:B3:28:09:B2:95:EE:28:9B
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018A6104E2A0632A5B6440C753779482DCBA
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/WKuP-Iy-HcF0u-5wsygJspXuKJs.roa
Signing time:             Mon 04 Sep 2023 16:27:04 +0000
ROA not before:           Mon 04 Sep 2023 16:27:04 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     399073
IP address blocks:        89.213.176.0/22 maxlen: 24
                          89.213.180.0/22 maxlen: 24
                          89.213.148.0/22 maxlen: 24
                          89.213.152.0/22 maxlen: 24
                          89.213.148.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 13 Sep 2023 07:50:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:61:04:e2:a0:63:2a:5b:64:40:c7:53:77:94:82:dc:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Sep  4 16:27:04 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=58ab8ff88cbe1dc174bbee70b32809b295ee289b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f2:ad:f3:9d:48:bb:b5:eb:d2:15:9e:6a:c3:be:
                    a8:cd:d2:92:da:30:a8:a3:89:9a:bc:c0:5e:04:56:
                    d9:57:f2:a4:74:d9:cb:e2:77:0e:15:a5:a2:6a:eb:
                    5e:2c:f7:26:1c:80:a2:f7:0b:77:c6:7c:be:00:62:
                    f9:bb:84:8a:ee:63:5c:25:0a:91:86:42:6c:38:36:
                    6e:26:23:29:a7:ca:65:08:ae:8c:89:13:d3:75:df:
                    bf:0a:8d:4f:c1:56:27:c9:7a:36:5b:47:b4:16:c1:
                    59:6e:98:8f:09:86:4f:c5:0c:69:40:51:5b:12:bf:
                    ed:9f:d4:7f:45:b5:a2:3e:60:f2:60:88:93:88:5a:
                    b7:d6:71:2f:50:80:02:63:3d:c5:eb:0f:94:20:fc:
                    c1:2a:50:1e:bd:e0:2a:d7:e3:aa:67:90:a7:aa:c6:
                    db:a2:03:00:f5:df:ed:83:af:e6:1c:8a:e0:98:48:
                    9f:dd:84:fe:ef:23:1f:a3:6b:d6:d8:a0:eb:79:9b:
                    af:fd:aa:6c:72:80:91:d2:10:1f:63:eb:09:81:93:
                    49:27:aa:73:13:23:ab:d4:2e:61:fe:3a:37:96:72:
                    75:de:08:3d:76:ce:ca:86:d0:80:0b:fc:4e:f5:8d:
                    8e:72:a2:b7:58:b8:81:e8:ec:6a:32:1d:fb:8c:85:
                    e2:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:AB:8F:F8:8C:BE:1D:C1:74:BB:EE:70:B3:28:09:B2:95:EE:28:9B
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/WKuP-Iy-HcF0u-5wsygJspXuKJs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.213.148.0-89.213.155.255
                  89.213.176.0/21

    Signature Algorithm: sha256WithRSAEncryption
         a5:ac:6d:20:e1:d4:77:a7:8a:61:3a:0f:2c:41:2a:49:f6:65:
         42:bc:03:95:cd:f1:6e:f6:a5:8f:20:93:b9:84:21:be:e9:5b:
         8c:4a:c9:c5:d8:72:b6:1c:ab:07:ba:8f:f1:cf:4a:9f:c1:80:
         fb:69:7e:26:60:cf:c1:1e:1e:83:79:d8:22:ab:50:6c:b3:97:
         6f:1a:bc:83:2e:8a:61:ea:7b:87:cb:b3:24:20:80:a9:9c:ef:
         d4:92:96:98:4e:60:02:33:02:62:df:71:3d:00:47:b6:91:1d:
         d7:8d:c0:08:c1:02:4d:33:05:2b:d1:9f:49:b3:2e:a8:e0:ab:
         11:28:28:68:e7:08:a2:01:eb:ff:5d:36:83:d2:e3:f3:20:7d:
         0b:3f:73:15:36:ff:57:0f:07:6a:0e:76:c1:e7:97:6d:e6:e3:
         11:82:f1:60:30:39:29:99:5f:f0:68:e1:c1:25:ee:d3:4b:46:
         82:da:d1:4e:66:6f:bb:43:c2:6e:89:e8:a4:cf:0e:d3:be:05:
         fa:09:39:90:15:41:d7:69:82:e2:f2:0a:8f:46:77:c1:2c:d5:
         64:a8:84:f8:8d:b9:b2:80:22:07:51:d1:28:75:c3:43:1e:48:
         a2:c2:30:99:7e:c7:58:7e:20:eb:a3:29:79:ee:28:68:dc:12:
         11:80:9a:18
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYphBOKgYypbZEDHU3eUgty6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwOTA0MTYyNzA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OGFiOGZmODhjYmUxZGMxNzRiYmVlNzBiMzI4MDliMjk1ZWUyODliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8q3znUi7tevSFZ5qw76ozdKS2jCo
o4mavMBeBFbZV/KkdNnL4ncOFaWiauteLPcmHICi9wt3xny+AGL5u4SK7mNcJQqR
hkJsODZuJiMpp8plCK6MiRPTdd+/Co1PwVYnyXo2W0e0FsFZbpiPCYZPxQxpQFFb
Er/tn9R/RbWiPmDyYIiTiFq31nEvUIACYz3F6w+UIPzBKlAeveAq1+OqZ5Cnqsbb
ogMA9d/tg6/mHIrgmEif3YT+7yMfo2vW2KDreZuv/apscoCR0hAfY+sJgZNJJ6pz
EyOr1C5h/jo3lnJ13gg9ds7KhtCAC/xO9Y2OcqK3WLiB6OxqMh37jIXiBwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFFirj/iMvh3BdLvucLMoCbKV7iibMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvV0t1UC1JeS1IY0YwdS01d3N5Z0pzcFh1S0pzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAJZ1ZQD
BAJZ1ZgDBANZ1bAwDQYJKoZIhvcNAQELBQADggEBAKWsbSDh1HenimE6DyxBKkn2
ZUK8A5XN8W72pY8gk7mEIb7pW4xKycXYcrYcqwe6j/HPSp/BgPtpfiZgz8EeHoN5
2CKrUGyzl28avIMuimHqe4fLsyQggKmc79SSlphOYAIzAmLfcT0AR7aRHdeNwAjB
Ak0zBSvRn0mzLqjgqxEoKGjnCKIB6/9dNoPS4/MgfQs/cxU2/1cPB2oOdsHnl23m
4xGC8WAwOSmZX/Bo4cEl7tNLRoLa0U5mb7tDwm6J6KTPDtO+BfoJOZAVQddpguLy
Co9Gd8Es1WSohPiNubKAIgdR0Sh1w0MeSKLCMJl+x1h+IOujKXnuKGjcEhGAmhg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:23 2024 by rpki-client on console-ams.rpki-client.org