Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/WX7GqiZZaT3_xYdLjLARJldXHuQ.roa
File:                     WX7GqiZZaT3_xYdLjLARJldXHuQ.roa (raw, json)
Hash identifier:          lJZUvhppwxrLDHYsPEETIBUyNjHfORAneSxok1fXs1w=
Subject key identifier:   59:7E:C6:AA:26:59:69:3D:FF:C5:87:4B:8C:B0:11:26:57:57:1E:E4
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018917605CD71DD65FBDEA29DA70EC17A8BC
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/WX7GqiZZaT3_xYdLjLARJldXHuQ.roa
Signing time:             Sun 02 Jul 2023 16:12:18 +0000
ROA not before:           Sun 02 Jul 2023 16:12:18 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     270564
IP address blocks:        89.213.142.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:30:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:17:60:5c:d7:1d:d6:5f:bd:ea:29:da:70:ec:17:a8:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jul  2 16:12:18 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=597ec6aa2659693dffc5874b8cb0112657571ee4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:f9:dc:c2:60:e4:59:10:90:25:30:fd:36:88:
                    e2:09:b2:1c:3b:8d:ca:48:67:80:0f:c7:b1:99:1e:
                    94:a6:ce:ea:2b:8b:38:3c:b6:a7:8b:01:5d:c0:91:
                    c5:d1:83:39:d4:40:0e:63:f4:bb:57:1f:3b:c0:b0:
                    8f:74:29:1b:24:5d:33:31:74:1d:fd:bd:18:a9:f3:
                    dc:d0:34:7d:86:17:27:ce:37:fa:b1:12:51:79:a3:
                    93:d7:8c:c0:0d:73:ee:fd:06:c1:e9:5c:6b:cb:18:
                    05:3b:db:2f:bf:64:d5:50:77:ef:c7:45:8c:ac:0d:
                    54:63:15:f2:c3:12:cc:cf:88:fb:ee:77:23:dc:6a:
                    ae:17:37:b0:ca:bc:77:a9:b8:b4:28:c3:be:0b:9f:
                    5f:48:f6:45:29:f9:4b:ca:2c:c2:3c:04:53:b7:21:
                    6b:80:99:e5:a1:e9:9d:01:bf:be:25:3a:7b:a1:52:
                    6a:15:dc:47:02:a7:1e:bd:f3:f8:ba:74:32:ba:ca:
                    ab:17:4a:22:ba:3f:cb:e0:60:9a:7e:c2:91:66:8b:
                    0a:ae:1b:e4:e2:c0:cb:00:31:63:2d:50:ce:57:bf:
                    b9:a5:4c:06:cf:4a:33:40:a9:5b:21:a3:38:cd:bc:
                    6b:dd:41:ad:a1:ba:01:f6:64:44:a2:6f:95:4b:5b:
                    cd:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:7E:C6:AA:26:59:69:3D:FF:C5:87:4B:8C:B0:11:26:57:57:1E:E4
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/WX7GqiZZaT3_xYdLjLARJldXHuQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.213.142.0/24

    Signature Algorithm: sha256WithRSAEncryption
         42:95:e1:3d:66:cc:71:41:ef:1e:47:37:e5:4a:e1:6c:d2:79:
         84:80:95:a2:45:bf:e3:00:50:e9:f1:ab:b4:94:25:85:2f:ec:
         5a:b9:56:36:d7:f1:64:be:75:0a:f2:16:5e:85:0f:08:06:1b:
         3c:c0:05:17:9d:59:c2:f8:70:e5:74:dc:97:9d:33:3d:72:90:
         3f:5e:2d:38:d8:52:56:18:53:5d:4d:04:61:cf:d1:97:57:30:
         8c:c3:67:9f:c8:8b:3f:36:4a:3f:64:93:bd:e7:0d:a6:00:a0:
         50:33:97:3d:9d:70:16:8e:1b:b4:f8:c1:22:19:e0:32:6a:cc:
         4f:93:8b:86:ea:a7:59:ab:4d:58:00:e1:5f:95:21:7a:62:b3:
         87:a3:97:f4:1d:67:90:f5:e3:3b:b4:5f:51:0e:9d:74:39:a2:
         4a:7b:1f:22:1f:ad:07:8a:26:eb:ef:1a:39:63:3f:35:14:ee:
         5e:a7:b2:a5:d9:52:7a:26:01:94:a3:f8:0b:59:44:34:7e:03:
         3c:ba:ad:02:61:74:00:07:db:f6:8e:d6:17:e1:6d:7c:b0:b7:
         26:80:29:ea:57:72:73:ba:51:06:a6:29:88:a4:28:36:bb:5e:
         0b:9a:75:9b:64:76:3e:58:11:85:28:30:ab:d1:7c:43:f5:5c:
         de:22:97:86
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYkXYFzXHdZfveop2nDsF6i8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNzAyMTYxMjE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTdlYzZhYTI2NTk2OTNkZmZjNTg3NGI4Y2IwMTEyNjU3NTcxZWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn/ncwmDkWRCQJTD9NojiCbIcO43K
SGeAD8exmR6Ups7qK4s4PLaniwFdwJHF0YM51EAOY/S7Vx87wLCPdCkbJF0zMXQd
/b0YqfPc0DR9hhcnzjf6sRJReaOT14zADXPu/QbB6VxryxgFO9svv2TVUHfvx0WM
rA1UYxXywxLMz4j77ncj3GquFzewyrx3qbi0KMO+C59fSPZFKflLyizCPARTtyFr
gJnloemdAb++JTp7oVJqFdxHAqcevfP4unQyusqrF0oiuj/L4GCafsKRZosKrhvk
4sDLADFjLVDOV7+5pUwGz0ozQKlbIaM4zbxr3UGtoboB9mREom+VS1vNLQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFl+xqomWWk9/8WHS4ywESZXVx7kMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvV1g3R3FpWlphVDNfeFlkTGpMQVJKbGRYSHVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWdWOMA0G
CSqGSIb3DQEBCwUAA4IBAQBCleE9ZsxxQe8eRzflSuFs0nmEgJWiRb/jAFDp8au0
lCWFL+xauVY21/FkvnUK8hZehQ8IBhs8wAUXnVnC+HDldNyXnTM9cpA/Xi042FJW
GFNdTQRhz9GXVzCMw2efyIs/Nko/ZJO95w2mAKBQM5c9nXAWjhu0+MEiGeAyasxP
k4uG6qdZq01YAOFflSF6YrOHo5f0HWeQ9eM7tF9RDp10OaJKex8iH60Hiibr7xo5
Yz81FO5ep7Kl2VJ6JgGUo/gLWUQ0fgM8uq0CYXQAB9v2jtYX4W18sLcmgCnqV3Jz
ulEGpimIpCg2u14LmnWbZHY+WBGFKDCr0XxD9VzeIpeG
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:16 2024 by rpki-client on console-fra.rpki-client.org