Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/aHXj63XSGiQ0b35XAyvBGIRF4wQ.roa
File:                     aHXj63XSGiQ0b35XAyvBGIRF4wQ.roa (raw, json)
Hash identifier:          71r5Wx0rOZz76lwGT6JBX9RivC8wyZsY5z500hDRmAA=
Subject key identifier:   68:75:E3:EB:75:D2:1A:24:34:6F:7E:57:03:2B:C1:18:84:45:E3:04
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018E75701C7DC4832B2073A4EFFCA656F3CD
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/aHXj63XSGiQ0b35XAyvBGIRF4wQ.roa
Signing time:             Mon 25 Mar 2024 11:47:45 +0000
ROA not before:           Mon 25 Mar 2024 11:47:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     211439
IP address blocks:        89.213.117.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 28 Mar 2024 14:07:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:75:70:1c:7d:c4:83:2b:20:73:a4:ef:fc:a6:56:f3:cd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Mar 25 11:47:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=6875e3eb75d21a24346f7e57032bc1188445e304
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:9a:b1:89:1e:7f:5a:e9:16:7e:ba:30:3a:03:
                    b4:86:ef:e3:28:7c:97:d5:e5:3c:26:fd:e5:6b:a0:
                    5f:23:3d:0c:61:71:8d:5b:9a:3b:8f:58:80:2c:ea:
                    74:74:eb:7b:d7:c9:56:ca:ee:df:c7:98:08:df:35:
                    37:2a:dd:f4:2b:43:ec:3d:cc:b0:16:00:c5:c2:e2:
                    5d:cd:04:2c:c8:12:0d:9e:fa:6c:a7:55:fb:f7:25:
                    05:84:f8:6f:3b:d7:b2:ad:20:97:c8:59:47:0a:d2:
                    3d:8c:05:0d:4b:7a:ba:49:f4:0a:a5:74:0f:bd:ce:
                    95:19:39:5f:a6:8b:1c:8f:fd:a4:f7:a8:d1:5d:a8:
                    53:69:f2:44:9e:92:2e:e5:69:e5:ac:b9:d0:be:de:
                    58:75:5f:54:3d:37:6d:b3:7f:29:6e:58:1c:09:9f:
                    74:8c:b6:c0:6a:f8:be:07:9c:b6:5d:2c:60:f3:ba:
                    21:1c:b0:b2:50:d2:46:01:0c:fb:2b:cd:13:61:4b:
                    56:75:d6:4b:e7:2f:6a:03:c1:2a:1e:26:a0:67:7a:
                    bd:2c:7d:86:22:59:68:4a:04:61:d1:10:c3:e8:62:
                    24:3e:47:c5:84:8e:95:d4:aa:e0:9d:5a:f2:d2:8a:
                    84:26:7e:3d:fa:46:3f:72:b6:45:30:04:b7:31:14:
                    b4:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:75:E3:EB:75:D2:1A:24:34:6F:7E:57:03:2B:C1:18:84:45:E3:04
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/aHXj63XSGiQ0b35XAyvBGIRF4wQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.213.117.0/24

    Signature Algorithm: sha256WithRSAEncryption
         74:05:c4:6a:b5:61:5d:76:13:24:33:50:dc:2b:45:8e:f2:a1:
         b0:3b:56:94:c5:e4:7f:c9:e4:1e:7b:d2:46:c3:43:a2:31:d9:
         62:8f:c3:6b:e5:5e:de:07:9d:08:c3:42:b3:4f:74:f7:b4:b6:
         8e:a9:00:b5:94:9c:a5:f6:72:04:b5:8e:08:b5:da:4d:29:44:
         71:fa:77:40:6b:27:21:29:28:d8:03:f3:76:7d:dd:db:e6:14:
         b5:5b:34:0a:6d:0a:c6:10:d3:c6:49:64:84:46:23:29:50:15:
         74:a1:ec:bf:24:de:a0:68:77:cd:40:e1:fa:58:84:eb:60:88:
         00:ac:53:ec:b9:dd:af:0c:ee:d0:03:06:36:65:0a:1a:10:d8:
         b6:88:64:c5:c0:14:0d:d4:8c:48:f1:58:bf:c7:dc:5f:8a:96:
         fe:80:5c:f9:e7:51:a0:5f:0c:35:ce:23:6e:9d:f0:d6:0d:c6:
         d8:33:b0:3c:71:93:29:ad:2d:55:95:a7:16:ac:bc:2f:f7:5c:
         72:56:94:55:a3:26:6d:dd:b2:d7:d8:cc:4b:2e:e7:3c:1d:82:
         4e:c4:c3:f1:31:6b:f6:5a:5b:86:f0:36:08:bb:eb:2e:78:ae:
         e5:e1:2b:68:09:24:7a:13:49:e6:8c:0d:e8:9a:a2:e4:a1:03:
         36:c9:d6:12
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY51cBx9xIMrIHOk7/ymVvPNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMzI1MTE0NzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODc1ZTNlYjc1ZDIxYTI0MzQ2ZjdlNTcwMzJiYzExODg0NDVlMzA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhpqxiR5/WukWfrowOgO0hu/jKHyX
1eU8Jv3la6BfIz0MYXGNW5o7j1iALOp0dOt718lWyu7fx5gI3zU3Kt30K0PsPcyw
FgDFwuJdzQQsyBINnvpsp1X79yUFhPhvO9eyrSCXyFlHCtI9jAUNS3q6SfQKpXQP
vc6VGTlfposcj/2k96jRXahTafJEnpIu5WnlrLnQvt5YdV9UPTdts38pblgcCZ90
jLbAavi+B5y2XSxg87ohHLCyUNJGAQz7K80TYUtWddZL5y9qA8EqHiagZ3q9LH2G
IlloSgRh0RDD6GIkPkfFhI6V1KrgnVry0oqEJn49+kY/crZFMAS3MRS0hwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGh14+t10hokNG9+VwMrwRiEReMEMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvYUhYajYzWFNHaVEwYjM1WEF5dkJHSVJGNHdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWdV1MA0G
CSqGSIb3DQEBCwUAA4IBAQB0BcRqtWFddhMkM1DcK0WO8qGwO1aUxeR/yeQee9JG
w0OiMdlij8Nr5V7eB50Iw0KzT3T3tLaOqQC1lJyl9nIEtY4ItdpNKURx+ndAaych
KSjYA/N2fd3b5hS1WzQKbQrGENPGSWSERiMpUBV0oey/JN6gaHfNQOH6WITrYIgA
rFPsud2vDO7QAwY2ZQoaENi2iGTFwBQN1IxI8Vi/x9xfipb+gFz551GgXww1ziNu
nfDWDcbYM7A8cZMprS1VlacWrLwv91xyVpRVoyZt3bLX2MxLLuc8HYJOxMPxMWv2
WluG8DYIu+sueK7l4StoCSR6E0nmjA3omqLkoQM2ydYS
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:24 2024 by rpki-client on console-ams.rpki-client.org