Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/dRUrY4W8_Hxb79h5LGqW0R0HXSQ.roa
File:                     dRUrY4W8_Hxb79h5LGqW0R0HXSQ.roa (raw, json)
Hash identifier:          GNeyydRPYEQCwjlUULZxM2/Ca+UMEX1yD3xy8JsLMCA=
Subject key identifier:   75:15:2B:63:85:BC:FC:7C:5B:EF:D8:79:2C:6A:96:D1:1D:07:5D:24
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       0189772DA282E826F32FD58845F20B7839BF
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/dRUrY4W8_Hxb79h5LGqW0R0HXSQ.roa
Signing time:             Fri 21 Jul 2023 06:40:26 +0000
ROA not before:           Fri 21 Jul 2023 06:40:26 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     210110
IP address blocks:        89.213.128.0/24 maxlen: 24
                          109.176.254.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:30:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:77:2d:a2:82:e8:26:f3:2f:d5:88:45:f2:0b:78:39:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jul 21 06:40:26 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=75152b6385bcfc7c5befd8792c6a96d11d075d24
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:4c:a9:3f:c2:2a:5e:70:b9:7a:72:4e:28:e9:
                    44:1c:75:a0:07:ef:0b:8f:23:df:5d:ac:84:6b:13:
                    f7:81:f9:86:88:e5:49:ee:93:13:35:d5:7e:fd:bc:
                    3b:56:54:23:90:23:bc:54:31:68:95:9d:8e:a3:f6:
                    d4:89:12:29:84:97:82:cd:f6:cf:96:d0:59:27:60:
                    21:95:55:40:95:ab:e6:8b:a4:fb:57:36:04:1e:4c:
                    07:01:0a:22:bb:a0:f4:56:54:ea:39:2e:7b:b5:9a:
                    05:73:0e:e4:5a:3a:7a:e8:66:f9:20:e3:7c:06:87:
                    3b:21:8d:d8:96:1a:e4:e8:5b:4b:c5:ae:c2:e0:4a:
                    ac:25:98:d8:35:ae:d5:71:51:ef:6e:04:94:9c:24:
                    4b:5f:88:11:d0:14:b9:a2:33:4b:29:0e:c7:38:8c:
                    71:eb:4b:12:1e:15:4c:6a:96:61:08:01:ff:e9:b2:
                    a5:a1:4b:ce:a7:ee:0d:44:19:88:11:ed:e8:dc:00:
                    d7:0b:09:2c:fc:e7:fb:e9:dd:24:fe:43:c4:e1:93:
                    c3:0d:f5:60:4e:c0:e6:89:29:64:da:04:13:e3:c6:
                    72:47:9b:a3:13:ee:0c:4a:20:8d:bf:72:0d:3d:bc:
                    88:6f:44:40:dc:2f:c6:83:f9:9e:7d:e1:2c:26:3f:
                    41:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:15:2B:63:85:BC:FC:7C:5B:EF:D8:79:2C:6A:96:D1:1D:07:5D:24
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/dRUrY4W8_Hxb79h5LGqW0R0HXSQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.213.128.0/24
                  109.176.254.0/23

    Signature Algorithm: sha256WithRSAEncryption
         41:73:8d:8d:20:85:49:db:68:2b:2d:9f:f1:da:f2:ab:a5:01:
         4d:6e:22:07:cb:39:ed:54:58:9d:3f:13:61:6c:3b:cc:6f:d1:
         46:10:ae:7e:b4:1a:b4:10:05:fe:85:b4:58:af:0f:79:c0:f0:
         9e:fa:82:e0:39:dd:53:1b:cf:b3:b4:81:65:8b:53:3d:67:46:
         a8:31:7a:87:54:ae:c5:49:18:d3:19:d3:6d:75:f2:c2:13:da:
         c8:96:5b:a0:22:09:ff:60:9f:71:95:56:9e:57:b2:f2:ed:31:
         24:49:f1:6e:71:ba:a0:2b:f3:5b:15:06:9e:f7:f7:19:7f:22:
         de:7a:42:72:3f:76:dc:bb:0f:6e:36:e8:99:b6:bc:53:e5:c8:
         c5:9b:5e:65:0b:04:51:6f:fd:88:e1:f6:72:89:2c:3f:54:1a:
         3c:fc:d8:4e:e3:bf:6c:5d:62:ac:1e:d6:e1:56:c1:5e:36:3c:
         5f:41:32:05:69:7f:d9:e3:ff:d6:68:45:44:eb:b9:57:b1:3f:
         be:b7:b0:c9:1e:2f:e6:b2:c2:b2:37:72:1a:d8:4e:eb:35:4e:
         cf:22:06:b6:c8:01:8e:7d:58:f4:90:b4:59:30:52:92:ef:8b:
         22:fc:62:16:03:dc:e9:69:33:f8:62:b3:bb:75:97:3a:5f:60:
         1a:16:e9:40
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYl3LaKC6CbzL9WIRfILeDm/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNzIxMDY0MDI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTE1MmI2Mzg1YmNmYzdjNWJlZmQ4NzkyYzZhOTZkMTFkMDc1ZDI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkUypP8IqXnC5enJOKOlEHHWgB+8L
jyPfXayEaxP3gfmGiOVJ7pMTNdV+/bw7VlQjkCO8VDFolZ2Oo/bUiRIphJeCzfbP
ltBZJ2AhlVVAlavmi6T7VzYEHkwHAQoiu6D0VlTqOS57tZoFcw7kWjp66Gb5ION8
Boc7IY3Ylhrk6FtLxa7C4EqsJZjYNa7VcVHvbgSUnCRLX4gR0BS5ojNLKQ7HOIxx
60sSHhVMapZhCAH/6bKloUvOp+4NRBmIEe3o3ADXCwks/Of76d0k/kPE4ZPDDfVg
TsDmiSlk2gQT48ZyR5ujE+4MSiCNv3INPbyIb0RA3C/Gg/mefeEsJj9ByQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHUVK2OFvPx8W+/YeSxqltEdB10kMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvZFJVclk0VzhfSHhiNzloNUxHcVcwUjBIWFNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWdWAAwQB
bbD+MA0GCSqGSIb3DQEBCwUAA4IBAQBBc42NIIVJ22grLZ/x2vKrpQFNbiIHyznt
VFidPxNhbDvMb9FGEK5+tBq0EAX+hbRYrw95wPCe+oLgOd1TG8+ztIFli1M9Z0ao
MXqHVK7FSRjTGdNtdfLCE9rIllugIgn/YJ9xlVaeV7Ly7TEkSfFucbqgK/NbFQae
9/cZfyLeekJyP3bcuw9uNuiZtrxT5cjFm15lCwRRb/2I4fZyiSw/VBo8/NhO479s
XWKsHtbhVsFeNjxfQTIFaX/Z4//WaEVE67lXsT++t7DJHi/mssKyN3Ia2E7rNU7P
Iga2yAGOfVj0kLRZMFKS74si/GIWA9zpaTP4YrO7dZc6X2AaFulA
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:24 2024 by rpki-client on console-ams.rpki-client.org