Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/b1hH8Z6wp-eVLuZb_lnwIjtqlWQ.roa
File:                     b1hH8Z6wp-eVLuZb_lnwIjtqlWQ.roa (raw, json)
Hash identifier:          Z35fLGbcGXECaR31x/23NUJB6ZY9/+Hidew3vNYXgIg=
Subject key identifier:   6F:58:47:F1:9E:B0:A7:E7:95:2E:E6:5B:FE:59:F0:22:3B:6A:95:64
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       01891C7D751D0207B0575CC5B298D94F013F
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/b1hH8Z6wp-eVLuZb_lnwIjtqlWQ.roa
Signing time:             Mon 03 Jul 2023 16:02:11 +0000
ROA not before:           Mon 03 Jul 2023 16:02:11 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     142111
IP address blocks:        89.213.144.0/24 maxlen: 24
                          82.153.10.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 21 Nov 2023 12:19:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:1c:7d:75:1d:02:07:b0:57:5c:c5:b2:98:d9:4f:01:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jul  3 16:02:11 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6f5847f19eb0a7e7952ee65bfe59f0223b6a9564
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:da:f5:09:be:28:14:98:3a:a3:61:da:33:09:
                    61:34:d6:6d:b5:cc:d0:4f:00:d6:a0:bd:7b:02:86:
                    0d:8d:9d:dc:08:b5:55:83:de:01:cf:6d:b4:ba:0e:
                    e4:af:1c:3b:f3:36:51:da:10:61:33:e4:9e:5f:31:
                    87:d6:5c:70:49:42:a0:c8:9c:c8:21:af:91:1e:95:
                    a4:fb:f8:a6:9c:78:95:5c:69:c0:d5:12:68:ff:c9:
                    e3:be:29:b6:ff:e5:a1:bd:5f:e1:fc:37:83:33:7a:
                    ef:7e:fa:dc:0d:eb:9a:84:5a:40:73:82:ba:ab:74:
                    16:e5:16:dc:43:89:d0:70:56:65:9b:21:2b:c8:19:
                    44:d5:19:24:62:6e:7a:c6:bc:c0:d2:ca:60:fe:95:
                    c8:d9:74:29:80:a1:8f:fb:3f:7c:e0:38:b1:4a:0d:
                    2a:42:81:58:42:1d:79:74:07:d1:03:d7:05:6f:ce:
                    c1:98:a3:f7:62:72:f0:b2:0a:1d:e9:f6:6f:9b:8d:
                    8f:12:14:c3:b8:97:6a:31:fd:2f:f0:19:e5:dc:9a:
                    ac:0a:2e:b0:98:37:6d:97:61:f2:0e:f7:02:02:cc:
                    ec:fe:27:61:04:6a:ed:f2:99:4d:eb:59:6b:3a:05:
                    d3:d1:ca:f4:58:91:2f:79:2f:19:ec:3b:33:46:89:
                    30:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:58:47:F1:9E:B0:A7:E7:95:2E:E6:5B:FE:59:F0:22:3B:6A:95:64
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/b1hH8Z6wp-eVLuZb_lnwIjtqlWQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.10.0/24
                  89.213.144.0/24

    Signature Algorithm: sha256WithRSAEncryption
         94:18:99:2e:c3:df:d0:41:a8:e2:c8:3c:84:4d:82:be:5a:c8:
         a0:24:2e:71:89:5b:a6:95:93:14:bd:81:f3:28:ff:9f:00:ab:
         1f:0a:d8:96:1d:54:5d:09:03:84:60:92:34:fe:d7:c2:06:e3:
         f7:e9:5b:54:99:2c:6c:89:e1:b2:7b:9b:5b:df:03:28:d4:5a:
         d3:ea:e0:08:9e:9c:43:04:29:43:82:eb:5a:df:f0:5e:42:63:
         23:ef:4c:38:0c:2d:e0:75:72:3b:bb:ca:d4:80:ee:39:93:8c:
         ba:8a:3d:b7:f5:c0:68:9c:bc:b3:93:f9:14:d1:e5:e5:b9:a6:
         39:2d:b7:24:4d:52:48:0b:02:fc:b7:ae:95:5c:e5:73:12:52:
         89:b2:48:c2:6f:dc:91:e6:63:46:68:c6:20:eb:32:68:13:d6:
         62:ed:49:6a:d9:82:72:cf:72:13:5e:2d:cb:70:ca:f3:43:d3:
         19:6e:c3:1d:5d:09:35:51:08:79:c8:32:c4:50:03:29:eb:3c:
         cd:d0:e4:c1:fd:d2:00:41:3d:c6:fa:1a:6f:08:d1:6c:2f:ad:
         c5:e9:59:38:d8:f5:a7:32:84:6b:15:63:48:cf:b6:85:ce:fd:
         e5:24:a2:0c:c4:0a:53:99:3a:8e:76:03:3d:7f:bd:9d:26:9d:
         97:07:1d:5b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYkcfXUdAgewV1zFspjZTwE/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNzAzMTYwMjExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjU4NDdmMTllYjBhN2U3OTUyZWU2NWJmZTU5ZjAyMjNiNmE5NTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr9r1Cb4oFJg6o2HaMwlhNNZttczQ
TwDWoL17AoYNjZ3cCLVVg94Bz220ug7krxw78zZR2hBhM+SeXzGH1lxwSUKgyJzI
Ia+RHpWk+/imnHiVXGnA1RJo/8njvim2/+WhvV/h/DeDM3rvfvrcDeuahFpAc4K6
q3QW5RbcQ4nQcFZlmyEryBlE1RkkYm56xrzA0spg/pXI2XQpgKGP+z984DixSg0q
QoFYQh15dAfRA9cFb87BmKP3YnLwsgod6fZvm42PEhTDuJdqMf0v8Bnl3JqsCi6w
mDdtl2HyDvcCAszs/idhBGrt8plN61lrOgXT0cr0WJEveS8Z7DszRokwuwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFG9YR/GesKfnlS7mW/5Z8CI7apVkMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvYjFoSDhaNndwLWVWTHVaYl9sbndJanRxbFdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUpkKAwQA
WdWQMA0GCSqGSIb3DQEBCwUAA4IBAQCUGJkuw9/QQajiyDyETYK+WsigJC5xiVum
lZMUvYHzKP+fAKsfCtiWHVRdCQOEYJI0/tfCBuP36VtUmSxsieGye5tb3wMo1FrT
6uAInpxDBClDguta3/BeQmMj70w4DC3gdXI7u8rUgO45k4y6ij239cBonLyzk/kU
0eXluaY5LbckTVJICwL8t66VXOVzElKJskjCb9yR5mNGaMYg6zJoE9Zi7Ulq2YJy
z3ITXi3LcMrzQ9MZbsMdXQk1UQh5yDLEUAMp6zzN0OTB/dIAQT3G+hpvCNFsL63F
6Vk42PWnMoRrFWNIz7aFzv3lJKIMxApTmTqOdgM9f72dJp2XBx1b
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:24 2024 by rpki-client on console-ams.rpki-client.org