Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/aoUmUAchEd8p8_XmHcxVKvFTs1w.roa
File:                     aoUmUAchEd8p8_XmHcxVKvFTs1w.roa (raw, json)
Hash identifier:          5MMsv/ZPIFCqNBp4Y6lza+h3Ai3DVksUFK3Vy58xq5s=
Subject key identifier:   6A:85:26:50:07:21:11:DF:29:F3:F5:E6:1D:CC:55:2A:F1:53:B3:5C
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018CB6A5A8379956411049F0B3971E9F0B70
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/aoUmUAchEd8p8_XmHcxVKvFTs1w.roa
Signing time:             Fri 29 Dec 2023 17:35:58 +0000
ROA not before:           Fri 29 Dec 2023 17:35:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     47679
IP address blocks:        89.213.191.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:30:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:b6:a5:a8:37:99:56:41:10:49:f0:b3:97:1e:9f:0b:70
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Dec 29 17:35:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6a852650072111df29f3f5e61dcc552af153b35c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:c9:6e:ad:77:e2:39:25:66:49:98:0e:2f:03:
                    94:19:fc:d4:dd:78:88:02:c4:7c:5d:7f:59:7a:d7:
                    7f:54:06:3e:8b:8c:ad:4c:16:6e:eb:5b:1d:c8:b7:
                    17:76:41:00:c4:96:de:44:f8:41:c7:8d:3d:d2:d4:
                    a9:10:9a:b2:8b:af:50:13:85:bd:79:5e:0a:4c:e9:
                    38:0b:2b:43:1e:11:8c:e4:eb:14:55:ee:0a:79:6b:
                    2b:18:77:4c:b1:aa:28:c0:2b:87:3d:fc:e9:b7:d6:
                    86:70:23:7d:e3:37:76:c5:6f:d8:18:bb:ab:ef:0a:
                    08:a6:5f:f8:89:2c:09:cb:ea:09:e4:50:95:39:9d:
                    cb:59:7c:7b:c0:b9:65:88:91:aa:57:99:ba:18:d1:
                    7a:38:13:f5:7d:3d:2f:79:40:b2:97:5a:68:ac:c5:
                    98:4d:89:7d:84:6e:1d:42:e9:c1:94:fb:e9:d1:09:
                    e7:8b:e3:ff:fb:21:e5:6f:fb:1c:db:2a:78:d3:3b:
                    e9:d2:86:a6:3b:50:f8:c7:ed:7f:4f:d1:30:3a:4a:
                    b6:02:0e:e9:4c:89:34:8c:1a:14:91:6c:bb:d5:82:
                    60:5d:74:d6:8e:72:94:46:f7:66:f6:fa:82:fc:28:
                    37:32:4c:f3:00:8a:46:79:8c:7f:d2:e4:6a:d3:1f:
                    00:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:85:26:50:07:21:11:DF:29:F3:F5:E6:1D:CC:55:2A:F1:53:B3:5C
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/aoUmUAchEd8p8_XmHcxVKvFTs1w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.213.191.0/24

    Signature Algorithm: sha256WithRSAEncryption
         56:ff:24:43:96:4d:93:e9:be:41:59:e6:f0:c9:44:6c:49:43:
         27:ce:e5:88:ef:75:0b:1f:e0:a1:cf:e6:7e:38:2a:64:83:9d:
         25:9e:38:de:9b:ff:89:4e:88:16:b0:c4:7a:54:86:d5:1b:75:
         cf:f8:c1:3a:2a:45:f7:33:fd:c6:d2:13:5d:94:1a:61:c7:f6:
         9c:21:22:f6:3d:07:57:12:30:81:42:bc:c7:a9:c3:d8:6d:76:
         d0:a0:89:27:84:09:fe:e0:a3:34:de:ef:24:04:06:30:3f:03:
         45:e0:e9:21:81:4d:58:bb:06:57:f1:1b:44:d0:24:6f:19:40:
         68:58:d9:2a:9b:d4:5b:c5:ec:6c:20:31:cc:95:72:51:c0:cb:
         7a:24:e8:98:21:09:37:0f:04:3c:bc:17:5f:3c:3a:79:12:5a:
         c3:fe:3c:0e:46:19:03:22:2a:33:39:f5:e3:a7:e0:45:1f:37:
         33:bd:36:ce:80:49:d0:53:8a:d0:51:4e:81:31:a5:ce:d3:cd:
         ed:34:70:09:64:b7:49:1d:b9:1a:60:ff:1b:73:55:69:2a:38:
         8a:c3:e8:cd:2b:11:3f:81:3e:88:69:ab:2d:15:9d:59:20:c4:
         99:ee:b0:a2:bb:c7:a8:c4:0c:ed:79:47:c1:da:9e:c1:3c:d0:
         1d:3a:64:9a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYy2pag3mVZBEEnws5cenwtwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMxMjI5MTczNTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTg1MjY1MDA3MjExMWRmMjlmM2Y1ZTYxZGNjNTUyYWYxNTNiMzVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlMlurXfiOSVmSZgOLwOUGfzU3XiI
AsR8XX9Zetd/VAY+i4ytTBZu61sdyLcXdkEAxJbeRPhBx4090tSpEJqyi69QE4W9
eV4KTOk4CytDHhGM5OsUVe4KeWsrGHdMsaoowCuHPfzpt9aGcCN94zd2xW/YGLur
7woIpl/4iSwJy+oJ5FCVOZ3LWXx7wLlliJGqV5m6GNF6OBP1fT0veUCyl1porMWY
TYl9hG4dQunBlPvp0Qnni+P/+yHlb/sc2yp40zvp0oamO1D4x+1/T9EwOkq2Ag7p
TIk0jBoUkWy71YJgXXTWjnKURvdm9vqC/Cg3MkzzAIpGeYx/0uRq0x8AoQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGqFJlAHIRHfKfP15h3MVSrxU7NcMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvYW9VbVVBY2hFZDhwOF9YbUhjeFZLdkZUczF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWdW/MA0G
CSqGSIb3DQEBCwUAA4IBAQBW/yRDlk2T6b5BWebwyURsSUMnzuWI73ULH+Chz+Z+
OCpkg50lnjjem/+JTogWsMR6VIbVG3XP+ME6KkX3M/3G0hNdlBphx/acISL2PQdX
EjCBQrzHqcPYbXbQoIknhAn+4KM03u8kBAYwPwNF4OkhgU1YuwZX8RtE0CRvGUBo
WNkqm9RbxexsIDHMlXJRwMt6JOiYIQk3DwQ8vBdfPDp5ElrD/jwORhkDIiozOfXj
p+BFHzczvTbOgEnQU4rQUU6BMaXO083tNHAJZLdJHbkaYP8bc1VpKjiKw+jNKxE/
gT6IaastFZ1ZIMSZ7rCiu8eoxAzteUfB2p7BPNAdOmSa
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:24 2024 by rpki-client on console-ams.rpki-client.org