Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/cG8EyVDW2V_5ypgR6fMuJEq3UIY.roa
File:                     cG8EyVDW2V_5ypgR6fMuJEq3UIY.roa (raw, json)
Hash identifier:          ut4TrMM2uF9h/gmD0hoIUrW1ziDzMGL/20oN6bl0pvk=
Subject key identifier:   70:6F:04:C9:50:D6:D9:5F:F9:CA:98:11:E9:F3:2E:24:4A:B7:50:86
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018BB8224C05CC3A829A4FB1FDC4304DA4CC
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/cG8EyVDW2V_5ypgR6fMuJEq3UIY.roa
Signing time:             Fri 10 Nov 2023 07:28:57 +0000
ROA not before:           Fri 10 Nov 2023 07:28:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     49981
IP address blocks:        109.176.245.0/24 maxlen: 24
                          89.213.157.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 15 Nov 2023 08:02:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:b8:22:4c:05:cc:3a:82:9a:4f:b1:fd:c4:30:4d:a4:cc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Nov 10 07:28:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=706f04c950d6d95ff9ca9811e9f32e244ab75086
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:a5:29:7c:74:16:76:de:af:a9:47:5a:ae:fa:
                    b0:d8:37:6e:bb:b6:c2:be:b8:99:9d:2e:e6:0c:21:
                    bc:c8:78:5e:78:86:93:44:2b:65:92:1b:74:5f:9b:
                    84:d8:48:29:bc:af:82:39:5a:6f:4e:30:76:29:f5:
                    98:80:c9:dd:c2:c3:95:f0:46:b3:66:2e:2d:0a:88:
                    26:b7:54:b1:c0:4d:24:9c:e3:b6:18:ea:94:cb:79:
                    53:46:3a:c1:05:29:3a:4e:b6:94:1e:61:29:09:b9:
                    af:f2:0d:26:aa:5f:08:ed:ad:48:c5:82:aa:af:95:
                    4d:ec:6f:34:30:96:b0:16:88:0b:64:21:33:d0:7e:
                    49:63:bc:ef:de:81:9c:3c:0b:b6:b7:12:3c:85:23:
                    27:2b:4f:b8:22:8d:c3:44:c3:7c:95:df:cd:32:88:
                    28:c0:62:72:2f:f0:a1:11:d7:94:2c:fd:8e:a8:40:
                    20:b2:50:01:a8:6c:fe:92:50:40:ff:cc:87:34:29:
                    70:24:f8:47:08:b8:dd:08:14:d5:2e:15:d2:11:93:
                    eb:0c:45:d6:44:f4:7e:a1:02:77:4d:2b:19:54:ff:
                    da:51:ba:6f:30:0f:ed:eb:a2:2d:87:69:fc:af:90:
                    2d:e9:22:d9:7f:c6:4f:3f:ba:16:64:ef:bf:8f:bc:
                    d2:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:6F:04:C9:50:D6:D9:5F:F9:CA:98:11:E9:F3:2E:24:4A:B7:50:86
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/cG8EyVDW2V_5ypgR6fMuJEq3UIY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.213.157.0/24
                  109.176.245.0/24

    Signature Algorithm: sha256WithRSAEncryption
         06:06:0e:7c:7e:42:c1:69:1c:a5:4c:18:95:4c:1e:76:30:5e:
         5e:8f:7f:a8:28:96:c6:74:ea:df:4a:38:b9:0c:4d:39:fa:0c:
         c5:55:17:3e:0b:21:0c:e2:82:98:d4:00:03:7a:f2:9a:14:29:
         da:07:69:f7:c8:3b:5e:3d:d2:12:6b:95:e6:7f:5b:1d:73:c3:
         8a:17:a5:de:d4:29:80:fa:69:f0:02:fd:68:69:8c:a1:1e:03:
         a6:fd:59:41:84:dd:9c:23:61:e7:50:ae:1f:68:e8:bf:e9:f5:
         5a:00:36:7a:89:52:1f:99:d0:8a:57:ee:1b:98:bc:68:10:dc:
         90:a7:11:b1:08:34:b5:ad:2c:7a:c1:b6:b2:72:ef:8a:8d:af:
         2c:92:52:f1:67:2f:25:f7:9d:5b:72:7f:c3:dd:23:8b:82:0f:
         ad:3c:53:62:0e:9e:94:94:b3:91:a4:e5:3e:96:6e:53:97:46:
         35:f9:10:fd:9e:2f:1f:75:e0:08:e7:ee:e8:63:c6:1f:a5:9a:
         4b:2f:46:86:22:28:a6:57:bf:bf:55:ef:18:1c:09:57:50:ef:
         b1:63:00:03:15:d9:fd:66:04:17:5f:b9:76:0d:3a:ff:bf:45:
         05:58:cf:8d:4e:b2:45:53:42:d7:86:10:4e:80:7f:8d:76:7b:
         61:5b:af:52
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYu4IkwFzDqCmk+x/cQwTaTMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMxMTEwMDcyODU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDZmMDRjOTUwZDZkOTVmZjljYTk4MTFlOWYzMmUyNDRhYjc1MDg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsKUpfHQWdt6vqUdarvqw2Dduu7bC
vriZnS7mDCG8yHheeIaTRCtlkht0X5uE2EgpvK+COVpvTjB2KfWYgMndwsOV8Eaz
Zi4tCogmt1SxwE0knOO2GOqUy3lTRjrBBSk6TraUHmEpCbmv8g0mql8I7a1IxYKq
r5VN7G80MJawFogLZCEz0H5JY7zv3oGcPAu2txI8hSMnK0+4Io3DRMN8ld/NMogo
wGJyL/ChEdeULP2OqEAgslABqGz+klBA/8yHNClwJPhHCLjdCBTVLhXSEZPrDEXW
RPR+oQJ3TSsZVP/aUbpvMA/t66Ith2n8r5At6SLZf8ZPP7oWZO+/j7zSDwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHBvBMlQ1tlf+cqYEenzLiRKt1CGMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvY0c4RXlWRFcyVl81eXBnUjZmTXVKRXEzVUlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWdWdAwQA
bbD1MA0GCSqGSIb3DQEBCwUAA4IBAQAGBg58fkLBaRylTBiVTB52MF5ej3+oKJbG
dOrfSji5DE05+gzFVRc+CyEM4oKY1AADevKaFCnaB2n3yDtePdISa5Xmf1sdc8OK
F6Xe1CmA+mnwAv1oaYyhHgOm/VlBhN2cI2HnUK4faOi/6fVaADZ6iVIfmdCKV+4b
mLxoENyQpxGxCDS1rSx6wbaycu+Kja8sklLxZy8l951bcn/D3SOLgg+tPFNiDp6U
lLORpOU+lm5Tl0Y1+RD9ni8fdeAI5+7oY8YfpZpLL0aGIiimV7+/Ve8YHAlXUO+x
YwADFdn9ZgQXX7l2DTr/v0UFWM+NTrJFU0LXhhBOgH+NdnthW69S
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:24 2024 by rpki-client on console-ams.rpki-client.org