Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Xgn5H5apJhJ_VHAA5HHBBM90NME.roa
File:                     Xgn5H5apJhJ_VHAA5HHBBM90NME.roa (raw, json)
Hash identifier:          35j/mm+p5eH3JPICuWiVykjuc5AJPYbGnL0dXKfEggk=
Subject key identifier:   5E:09:F9:1F:96:A9:26:12:7F:54:70:00:E4:71:C1:04:CF:74:34:C1
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018B41A531C6DCDC9EC25B429EF3A010A28F
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Xgn5H5apJhJ_VHAA5HHBBM90NME.roa
Signing time:             Wed 18 Oct 2023 07:17:07 +0000
ROA not before:           Wed 18 Oct 2023 07:17:07 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     58955
IP address blocks:        89.213.177.0/24 maxlen: 24
                          89.213.176.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 18 Dec 2023 10:10:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:41:a5:31:c6:dc:dc:9e:c2:5b:42:9e:f3:a0:10:a2:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Oct 18 07:17:07 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5e09f91f96a926127f547000e471c104cf7434c1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:2d:78:22:db:6a:d0:7d:4c:4b:e2:9e:38:15:
                    52:02:97:b4:d7:8c:b0:d0:25:d3:df:cd:69:1c:91:
                    58:8f:f4:7c:5c:99:ed:0f:6f:5e:ec:2b:61:db:51:
                    ae:62:81:9c:e6:84:3d:39:97:a8:ef:b7:51:cb:fe:
                    07:cf:ba:98:d7:22:f7:e1:bf:a7:20:3b:87:a9:20:
                    72:74:0d:91:d8:13:cc:62:95:e5:16:b7:51:56:82:
                    91:65:69:80:7d:b6:2c:9d:59:6a:e9:23:a9:1e:64:
                    c5:d7:0f:99:00:59:bb:82:b7:74:d2:95:a1:4d:f7:
                    a0:a2:eb:f8:34:19:a4:56:87:2a:47:c7:30:7b:59:
                    7d:a9:5b:25:0e:47:51:cc:4b:03:3e:02:9c:e0:37:
                    aa:cd:95:b2:3e:a0:e1:bf:d9:65:32:1c:ce:34:a4:
                    cb:04:25:94:67:ad:a4:71:e2:0f:1c:63:f1:c1:4e:
                    78:63:fe:19:30:42:31:eb:e2:4a:68:d3:d4:bb:37:
                    5f:81:87:5f:86:27:e0:63:83:d4:fd:cb:d3:05:0e:
                    cb:d9:7e:6e:df:bd:f2:f3:8c:fa:d5:a2:44:15:40:
                    13:a6:71:52:85:86:17:9d:95:8e:35:6c:39:5a:89:
                    83:18:a0:08:73:a3:dc:f1:d3:43:cc:93:4e:9a:b9:
                    50:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:09:F9:1F:96:A9:26:12:7F:54:70:00:E4:71:C1:04:CF:74:34:C1
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Xgn5H5apJhJ_VHAA5HHBBM90NME.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.213.176.0/23

    Signature Algorithm: sha256WithRSAEncryption
         1f:2b:ec:30:c2:a1:3c:f7:d3:0a:0f:4e:40:f4:af:c1:fb:9a:
         10:fb:ee:c9:00:72:b2:2e:e1:09:34:2d:a5:05:b0:a5:2d:5e:
         1f:90:d2:7e:93:f1:97:93:34:c2:59:2e:e1:7a:b0:f4:6a:23:
         4b:a4:98:ec:f3:1d:2a:3f:a3:4c:31:c7:53:14:f0:a1:32:d8:
         22:4c:fa:20:95:63:e9:84:37:39:b7:61:27:86:26:a8:bf:6e:
         ce:83:89:ee:0a:df:a2:89:43:c9:b1:5a:0d:02:64:3f:e2:60:
         6e:59:37:c5:5e:93:fb:5e:9e:47:5c:7c:a1:e7:18:a3:07:fb:
         0f:9f:01:35:e6:2e:03:c9:97:22:2e:88:18:38:81:3f:6d:e8:
         c4:9a:66:ea:e3:fb:91:bb:b6:4b:86:43:21:13:c9:64:c9:7e:
         45:c7:73:b8:7a:ca:97:df:7c:43:4b:a1:2a:fc:e1:a1:c3:ea:
         d7:dc:a1:c8:31:29:7c:f3:21:d4:c9:59:65:d9:a1:b0:79:09:
         b4:9d:56:a3:b6:7c:ce:1f:a2:d0:0d:ae:e0:88:d6:2f:df:d2:
         c7:a8:e2:80:f8:fd:05:06:b5:eb:b2:79:da:e0:ab:29:c8:0e:
         d5:a2:b0:28:b9:53:e1:41:20:ee:f7:e4:3e:2a:ba:e2:e3:87:
         4d:cb:08:c9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYtBpTHG3NyewltCnvOgEKKPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMxMDE4MDcxNzA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTA5ZjkxZjk2YTkyNjEyN2Y1NDcwMDBlNDcxYzEwNGNmNzQzNGMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjS14Ittq0H1MS+KeOBVSApe014yw
0CXT381pHJFYj/R8XJntD29e7Cth21GuYoGc5oQ9OZeo77dRy/4Hz7qY1yL34b+n
IDuHqSBydA2R2BPMYpXlFrdRVoKRZWmAfbYsnVlq6SOpHmTF1w+ZAFm7grd00pWh
Tfegouv4NBmkVocqR8cwe1l9qVslDkdRzEsDPgKc4DeqzZWyPqDhv9llMhzONKTL
BCWUZ62kceIPHGPxwU54Y/4ZMEIx6+JKaNPUuzdfgYdfhifgY4PU/cvTBQ7L2X5u
373y84z61aJEFUATpnFShYYXnZWONWw5WomDGKAIc6Pc8dNDzJNOmrlQVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF4J+R+WqSYSf1RwAORxwQTPdDTBMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvWGduNUg1YXBKaEpfVkhBQTVISEJCTTkwTk1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBWdWwMA0G
CSqGSIb3DQEBCwUAA4IBAQAfK+wwwqE899MKD05A9K/B+5oQ++7JAHKyLuEJNC2l
BbClLV4fkNJ+k/GXkzTCWS7herD0aiNLpJjs8x0qP6NMMcdTFPChMtgiTPoglWPp
hDc5t2Enhiaov27Og4nuCt+iiUPJsVoNAmQ/4mBuWTfFXpP7Xp5HXHyh5xijB/sP
nwE15i4DyZciLogYOIE/bejEmmbq4/uRu7ZLhkMhE8lkyX5Fx3O4esqX33xDS6Eq
/OGhw+rX3KHIMSl88yHUyVll2aGweQm0nVajtnzOH6LQDa7giNYv39LHqOKA+P0F
BrXrsnna4KspyA7VorAouVPhQSDu9+Q+Krri44dNywjJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:23 2024 by rpki-client on console-ams.rpki-client.org