Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/d9Zz11qbpPqypy62Im2QP3J-jvA.roa
File:                     d9Zz11qbpPqypy62Im2QP3J-jvA.roa (raw, json)
Hash identifier:          wIkIM949Qrl2AuH+7eRZBI2GFpcMgz6i0G1HjCNL2nk=
Subject key identifier:   77:D6:73:D7:5A:9B:A4:FA:B2:A7:2E:B6:22:6D:90:3F:72:7E:8E:F0
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       01897939511D3389FF1A5024080858980D2A
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/d9Zz11qbpPqypy62Im2QP3J-jvA.roa
Signing time:             Fri 21 Jul 2023 16:12:26 +0000
ROA not before:           Fri 21 Jul 2023 16:12:26 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     20473
IP address blocks:        89.213.4.0/24 maxlen: 24
                          82.152.108.0/24 maxlen: 24
                          82.152.49.0/24 maxlen: 24
                          89.213.167.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 04 Sep 2023 11:21:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:79:39:51:1d:33:89:ff:1a:50:24:08:08:58:98:0d:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jul 21 16:12:26 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=77d673d75a9ba4fab2a72eb6226d903f727e8ef0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:c9:ea:a8:cd:2e:a4:e7:9c:52:0e:c2:59:80:
                    a2:55:c7:1b:3b:e4:f3:1d:07:29:9a:65:11:a6:78:
                    bf:14:2b:3b:5c:7f:a9:10:54:78:6d:3a:91:b3:c9:
                    3a:c2:2f:e9:34:f8:2f:fa:73:95:75:0d:54:35:f9:
                    c5:a6:96:bc:ea:76:77:1c:d2:a4:87:83:db:29:c4:
                    36:6c:0c:8f:16:db:31:a5:b4:9b:0d:a6:37:94:b0:
                    76:24:72:0b:c7:bc:3c:80:81:af:65:6d:cd:ae:7f:
                    8e:b0:e8:f8:7b:4e:e0:48:4e:9b:73:5b:6f:a3:66:
                    6a:1b:09:c3:02:e8:f6:52:3c:cc:07:e0:88:c9:ec:
                    7d:11:fa:ac:c1:58:24:c1:07:ea:b3:24:8b:72:95:
                    a9:b0:14:16:2c:76:f0:16:23:ac:ae:89:b4:d7:bf:
                    72:39:ef:5f:52:78:28:1c:55:c9:01:e6:de:2a:a0:
                    1f:20:b7:ab:c8:87:4c:d5:59:90:d6:60:be:64:7a:
                    55:65:05:57:f9:97:47:ba:3c:8e:49:f5:9e:d9:52:
                    59:06:c8:c3:a5:48:d1:b9:30:4f:ae:22:cd:c8:0b:
                    32:53:b7:17:36:9f:14:ad:05:a6:1e:db:54:75:30:
                    e9:26:03:7f:81:7f:ec:66:b7:66:d9:b9:f4:02:53:
                    09:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:D6:73:D7:5A:9B:A4:FA:B2:A7:2E:B6:22:6D:90:3F:72:7E:8E:F0
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/d9Zz11qbpPqypy62Im2QP3J-jvA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.152.49.0/24
                  82.152.108.0/24
                  89.213.4.0/24
                  89.213.167.0/24

    Signature Algorithm: sha256WithRSAEncryption
         69:e4:e6:be:81:dc:49:0e:c9:19:d0:65:a3:57:ed:3f:be:fd:
         ba:ef:cc:2c:d0:a9:4a:19:da:b8:30:22:52:54:0f:bc:05:05:
         50:19:72:86:4a:df:19:8a:f2:22:b2:7b:a9:c0:b8:56:39:ad:
         24:39:12:bb:65:ef:ee:15:47:37:20:64:4a:9a:50:d6:c6:b6:
         5a:1c:43:74:ab:fb:99:e0:10:6f:f8:6f:4d:97:a1:62:27:3a:
         16:62:43:78:00:3c:1f:0f:0c:4c:1f:e5:88:26:26:33:2b:19:
         02:cf:e9:51:a7:95:49:b2:91:27:35:b2:9f:50:41:79:61:08:
         1f:3a:6b:6d:a1:fd:44:1c:0c:94:2c:32:ce:6c:f5:85:bf:cc:
         ec:14:95:5f:87:88:2e:bd:fd:09:c2:0c:78:2c:fc:c9:29:f1:
         52:0c:c4:a8:0d:80:1b:57:00:b8:56:41:89:e7:6c:a6:c6:f4:
         4f:b9:5b:e4:4a:ea:aa:55:3d:32:e0:06:85:d0:b2:70:ae:c2:
         fc:58:f0:6b:cf:c3:90:3c:b5:96:a0:32:9c:cd:aa:13:7b:4b:
         19:7d:a1:00:36:50:80:b9:3e:9a:af:9d:8f:c2:a1:ea:7e:a4:
         87:51:a1:93:d0:45:38:b0:45:b0:71:b0:03:b2:40:6f:36:06:
         67:e8:16:a8
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYl5OVEdM4n/GlAkCAhYmA0qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNzIxMTYxMjI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2Q2NzNkNzVhOWJhNGZhYjJhNzJlYjYyMjZkOTAzZjcyN2U4ZWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjMnqqM0upOecUg7CWYCiVccbO+Tz
HQcpmmURpni/FCs7XH+pEFR4bTqRs8k6wi/pNPgv+nOVdQ1UNfnFppa86nZ3HNKk
h4PbKcQ2bAyPFtsxpbSbDaY3lLB2JHILx7w8gIGvZW3Nrn+OsOj4e07gSE6bc1tv
o2ZqGwnDAuj2UjzMB+CIyex9EfqswVgkwQfqsySLcpWpsBQWLHbwFiOsrom0179y
Oe9fUngoHFXJAebeKqAfILeryIdM1VmQ1mC+ZHpVZQVX+ZdHujyOSfWe2VJZBsjD
pUjRuTBPriLNyAsyU7cXNp8UrQWmHttUdTDpJgN/gX/sZrdm2bn0AlMJaQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHfWc9dam6T6sqcutiJtkD9yfo7wMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvZDlaejExcWJwUHF5cHk2MkltMlFQM0otanZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAUpgxAwQA
UphsAwQAWdUEAwQAWdWnMA0GCSqGSIb3DQEBCwUAA4IBAQBp5Oa+gdxJDskZ0GWj
V+0/vv2678ws0KlKGdq4MCJSVA+8BQVQGXKGSt8ZivIisnupwLhWOa0kORK7Ze/u
FUc3IGRKmlDWxrZaHEN0q/uZ4BBv+G9Nl6FiJzoWYkN4ADwfDwxMH+WIJiYzKxkC
z+lRp5VJspEnNbKfUEF5YQgfOmttof1EHAyULDLObPWFv8zsFJVfh4guvf0Jwgx4
LPzJKfFSDMSoDYAbVwC4VkGJ52ymxvRPuVvkSuqqVT0y4AaF0LJwrsL8WPBrz8OQ
PLWWoDKczaoTe0sZfaEANlCAuT6ar52PwqHqfqSHUaGT0EU4sEWwcbADskBvNgZn
6Bao
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:17 2024 by rpki-client on console-fra.rpki-client.org