Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/aMCaKyL02dnyZopkO1nBVZsvD98.roa
File:                     aMCaKyL02dnyZopkO1nBVZsvD98.roa (raw, json)
Hash identifier:          nddVUCyxGx5uw7LXKovDbKJruvTTLr5tAilIZ9Z48Bg=
Subject key identifier:   68:C0:9A:2B:22:F4:D9:D9:F2:66:8A:64:3B:59:C1:55:9B:2F:0F:DF
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018BA8BF1347EF32A8494CB82AE77D97CF8F
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/aMCaKyL02dnyZopkO1nBVZsvD98.roa
Signing time:             Tue 07 Nov 2023 07:46:16 +0000
ROA not before:           Tue 07 Nov 2023 07:46:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     397423
IP address blocks:        89.213.132.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 08 Nov 2023 08:01:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:a8:bf:13:47:ef:32:a8:49:4c:b8:2a:e7:7d:97:cf:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Nov  7 07:46:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=68c09a2b22f4d9d9f2668a643b59c1559b2f0fdf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:77:40:a4:c1:d0:72:b4:44:38:08:7f:ee:79:
                    4d:bf:e5:9b:63:c7:71:e5:5f:17:63:db:29:2e:41:
                    7a:9e:b4:e3:5f:ec:01:86:d6:cb:45:bc:73:09:d0:
                    8c:47:a6:6f:cd:0c:76:2b:cc:d3:b9:1c:61:40:5b:
                    11:09:e7:90:eb:f4:a9:48:5a:eb:01:31:da:34:df:
                    7b:ce:93:59:b0:ab:43:68:f2:24:7f:28:05:b2:83:
                    e5:c6:19:75:59:23:6f:5c:6f:49:ba:7a:42:cc:40:
                    56:ee:db:60:e4:a0:f0:37:db:48:15:6a:34:55:9a:
                    97:dd:b3:8f:55:57:84:8c:aa:6e:80:ca:8f:f5:9b:
                    c4:52:2d:a2:b6:ac:82:dd:56:fe:ea:e9:d6:2a:03:
                    51:27:26:cd:62:57:26:f5:c2:65:18:58:44:50:65:
                    04:53:da:87:23:8f:28:0c:5a:a1:1c:e4:77:65:32:
                    69:39:2e:ec:b6:5e:26:4e:bf:4b:d3:e5:8d:03:b0:
                    ce:07:7f:03:c3:fb:fb:12:e3:3b:fb:cc:df:0b:e0:
                    b0:0b:4a:72:13:e6:3c:4e:e0:78:f7:f8:4e:3c:e7:
                    88:b5:d3:4c:d3:27:13:1d:04:d1:97:0f:03:ec:d8:
                    bc:13:fb:ed:58:79:25:25:27:e5:cb:90:a8:98:16:
                    2a:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:C0:9A:2B:22:F4:D9:D9:F2:66:8A:64:3B:59:C1:55:9B:2F:0F:DF
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/aMCaKyL02dnyZopkO1nBVZsvD98.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.213.132.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6d:32:f1:37:0c:a4:24:04:74:1f:07:86:30:0a:87:fe:5c:53:
         f8:10:20:82:ed:53:3a:37:86:16:cc:80:4c:a0:23:a0:c9:0f:
         09:7d:a8:b5:25:21:7c:08:fe:e9:a6:65:b8:08:df:35:c3:29:
         0f:fb:32:42:df:ce:6b:a5:56:f0:d0:cc:3f:5b:39:8c:b7:2b:
         8b:d4:e4:93:cd:a6:7a:c8:a3:6d:0d:d2:39:89:1e:e9:8a:fc:
         18:fc:34:46:4a:c8:43:dc:83:9c:ba:26:8a:db:57:a7:7f:d7:
         0c:98:ed:28:9a:95:4d:5e:2b:a6:35:42:cb:fb:cb:90:d4:e2:
         49:52:30:98:a8:81:c2:4d:c0:85:52:22:61:a8:00:24:ee:42:
         4a:e1:82:1e:f5:de:ce:cb:49:ba:a4:8b:ef:2e:74:f6:29:07:
         c7:88:43:7e:13:00:bb:e4:37:29:bc:85:e5:50:bf:ec:b8:b1:
         f9:65:85:04:8e:9d:20:b2:27:9b:f9:f9:53:05:f0:db:ed:8b:
         ac:4b:af:d3:e6:0b:3b:db:bc:ec:4e:ff:a2:5d:1e:9b:2a:71:
         96:6b:56:79:c3:bc:94:69:d0:5c:4b:1e:80:46:6e:33:e4:d7:
         d2:f3:c5:72:32:c9:f2:34:f9:5e:4e:38:f9:a1:db:95:eb:23:
         d2:6c:12:26
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYuovxNH7zKoSUy4Kud9l8+PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMxMTA3MDc0NjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGMwOWEyYjIyZjRkOWQ5ZjI2NjhhNjQzYjU5YzE1NTliMmYwZmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkXdApMHQcrREOAh/7nlNv+WbY8dx
5V8XY9spLkF6nrTjX+wBhtbLRbxzCdCMR6ZvzQx2K8zTuRxhQFsRCeeQ6/SpSFrr
ATHaNN97zpNZsKtDaPIkfygFsoPlxhl1WSNvXG9JunpCzEBW7ttg5KDwN9tIFWo0
VZqX3bOPVVeEjKpugMqP9ZvEUi2itqyC3Vb+6unWKgNRJybNYlcm9cJlGFhEUGUE
U9qHI48oDFqhHOR3ZTJpOS7stl4mTr9L0+WNA7DOB38Dw/v7EuM7+8zfC+CwC0py
E+Y8TuB49/hOPOeItdNM0ycTHQTRlw8D7Ni8E/vtWHklJSfly5ComBYqEQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGjAmisi9NnZ8maKZDtZwVWbLw/fMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvYU1DYUt5TDAyZG55Wm9wa08xbkJWWnN2RDk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWdWEMA0G
CSqGSIb3DQEBCwUAA4IBAQBtMvE3DKQkBHQfB4YwCof+XFP4ECCC7VM6N4YWzIBM
oCOgyQ8Jfai1JSF8CP7ppmW4CN81wykP+zJC385rpVbw0Mw/WzmMtyuL1OSTzaZ6
yKNtDdI5iR7pivwY/DRGSshD3IOcuiaK21enf9cMmO0ompVNXiumNULL+8uQ1OJJ
UjCYqIHCTcCFUiJhqAAk7kJK4YIe9d7Oy0m6pIvvLnT2KQfHiEN+EwC75DcpvIXl
UL/suLH5ZYUEjp0gsieb+flTBfDb7YusS6/T5gs727zsTv+iXR6bKnGWa1Z5w7yU
adBcSx6ARm4z5NfS88VyMsnyNPleTjj5oduV6yPSbBIm
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:24 2024 by rpki-client on console-ams.rpki-client.org