Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ffqkLF154YPSE0x8xcr4ByHEeAQ.roa
File:                     ffqkLF154YPSE0x8xcr4ByHEeAQ.roa (raw, json)
Hash identifier:          p1DXRYaATA5lwagyOWqm4Mi5J917gcpjVF2W7hMRhRs=
Subject key identifier:   7D:FA:A4:2C:5D:79:E1:83:D2:13:4C:7C:C5:CA:F8:07:21:C4:78:04
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018CC34945E59C0E8EB5F9819800E823D80D
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ffqkLF154YPSE0x8xcr4ByHEeAQ.roa
Signing time:             Mon 01 Jan 2024 04:30:08 +0000
ROA not before:           Mon 01 Jan 2024 04:30:08 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     979
IP address blocks:        89.213.182.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 18 Jan 2024 12:00:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:49:45:e5:9c:0e:8e:b5:f9:81:98:00:e8:23:d8:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jan  1 04:30:08 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=7dfaa42c5d79e183d2134c7cc5caf80721c47804
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:18:a9:17:27:46:b0:64:b0:b6:05:98:f8:5b:
                    c1:ca:b3:62:be:9a:de:ed:f7:75:a0:54:38:f9:98:
                    b8:6d:e3:d0:73:c5:9d:b4:03:e8:71:dd:b3:7b:d3:
                    e6:bb:c7:f6:e5:ef:2b:c9:15:36:20:11:3c:da:a7:
                    82:1d:19:6f:8d:3a:da:46:ea:ff:68:06:b9:d5:9c:
                    10:8f:ac:66:74:d9:db:d8:94:7b:14:ed:ba:29:66:
                    19:46:09:84:60:93:09:97:88:1a:95:a1:4f:e7:31:
                    83:f4:db:f0:9c:25:73:5f:95:35:a0:ca:86:40:1d:
                    95:73:0d:d1:31:5a:c8:63:1d:f4:3e:1e:b2:7b:90:
                    77:f1:7c:de:35:c0:02:3c:1b:95:3c:93:c4:fc:84:
                    d8:19:c7:39:5a:29:ba:6a:e7:6f:c3:91:e6:cf:b2:
                    44:c4:8e:50:af:41:e8:4d:ad:64:99:e6:58:fc:3c:
                    62:4c:46:2f:95:1b:ef:22:c2:a3:e4:82:40:2d:82:
                    87:ba:b6:c8:d8:11:cd:00:27:d7:16:77:9a:df:6f:
                    6e:41:e5:10:00:23:18:3b:99:53:23:8f:69:df:31:
                    1d:17:72:0e:5f:ac:d7:41:ab:01:de:45:03:1b:6f:
                    80:e7:20:dd:4b:83:2a:ef:f7:2f:c7:52:be:9c:6b:
                    f4:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:FA:A4:2C:5D:79:E1:83:D2:13:4C:7C:C5:CA:F8:07:21:C4:78:04
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ffqkLF154YPSE0x8xcr4ByHEeAQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.213.182.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9c:ba:9c:32:cc:af:3d:a8:87:fa:f9:bc:ab:6e:86:97:b2:23:
         60:ac:bd:51:2c:ad:c5:7e:3d:5b:aa:51:1c:e9:9e:86:b6:97:
         01:5d:03:4c:bb:d4:c9:05:a8:16:52:83:9b:71:e6:1e:8e:76:
         6b:91:90:c0:82:39:c6:c7:7d:a8:3c:29:3d:50:ef:03:47:06:
         17:fd:a8:4a:1e:42:b6:81:be:80:11:46:70:35:9e:b7:a5:ec:
         35:7d:0e:b1:87:1a:44:0c:27:66:af:d1:57:c7:3f:44:b2:d0:
         15:5e:54:28:f5:6f:68:94:f4:b3:33:c0:e8:76:83:70:55:00:
         d3:61:ae:51:22:6a:cb:18:1a:1d:a0:14:85:b3:b2:a6:5e:11:
         5f:54:ab:c4:26:7d:00:26:93:00:5e:6b:61:1b:9d:e1:44:a1:
         4c:8a:e8:cd:42:e3:f3:5c:1b:f2:eb:5b:1d:47:ac:36:a9:02:
         ea:0a:dc:9b:19:75:bf:5e:1a:f3:02:d8:86:bc:cb:5a:29:e4:
         22:82:8d:e2:3b:16:e5:e1:09:7c:8f:2d:63:31:b9:1e:e7:9f:
         c2:c4:b9:a4:0e:0c:e5:b4:fc:9c:ea:9c:23:1e:cd:0d:4d:13:
         03:42:30:42:3c:f9:f2:b2:eb:b9:8a:23:50:b9:6b:c3:3b:bf:
         bd:3f:0e:22
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSUXlnA6OtfmBmADoI9gNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMTAxMDQzMDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGZhYTQyYzVkNzllMTgzZDIxMzRjN2NjNWNhZjgwNzIxYzQ3ODA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2xipFydGsGSwtgWY+FvByrNivpre
7fd1oFQ4+Zi4bePQc8WdtAPocd2ze9Pmu8f25e8ryRU2IBE82qeCHRlvjTraRur/
aAa51ZwQj6xmdNnb2JR7FO26KWYZRgmEYJMJl4galaFP5zGD9NvwnCVzX5U1oMqG
QB2Vcw3RMVrIYx30Ph6ye5B38XzeNcACPBuVPJPE/ITYGcc5Wim6audvw5Hmz7JE
xI5Qr0HoTa1kmeZY/DxiTEYvlRvvIsKj5IJALYKHurbI2BHNACfXFnea329uQeUQ
ACMYO5lTI49p3zEdF3IOX6zXQasB3kUDG2+A5yDdS4Mq7/cvx1K+nGv0rQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH36pCxdeeGD0hNMfMXK+AchxHgEMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvZmZxa0xGMTU0WVBTRTB4OHhjcjRCeUhFZUFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWdW2MA0G
CSqGSIb3DQEBCwUAA4IBAQCcupwyzK89qIf6+byrboaXsiNgrL1RLK3Ffj1bqlEc
6Z6GtpcBXQNMu9TJBagWUoObceYejnZrkZDAgjnGx32oPCk9UO8DRwYX/ahKHkK2
gb6AEUZwNZ63pew1fQ6xhxpEDCdmr9FXxz9EstAVXlQo9W9olPSzM8DodoNwVQDT
Ya5RImrLGBodoBSFs7KmXhFfVKvEJn0AJpMAXmthG53hRKFMiujNQuPzXBvy61sd
R6w2qQLqCtybGXW/XhrzAtiGvMtaKeQigo3iOxbl4Ql8jy1jMbke55/CxLmkDgzl
tPyc6pwjHs0NTRMDQjBCPPnysuu5iiNQuWvDO7+9Pw4i
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:17 2024 by rpki-client on console-fra.rpki-client.org