Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/gKYx0yDWqBIZR_RVRLtBzQtmFtw.roa
File:                     gKYx0yDWqBIZR_RVRLtBzQtmFtw.roa (raw, json)
Hash identifier:          fpTXGB15O/tW1HsqaFyvxgRCYUy54fsrxLGGIzVxMsQ=
Subject key identifier:   80:A6:31:D3:20:D6:A8:12:19:47:F4:55:44:BB:41:CD:0B:66:16:DC
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018BF1D22132150D6ECFF54188A3AF625C48
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/gKYx0yDWqBIZR_RVRLtBzQtmFtw.roa
Signing time:             Tue 21 Nov 2023 12:19:21 +0000
ROA not before:           Tue 21 Nov 2023 12:19:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     63023
IP address blocks:        89.213.144.0/24 maxlen: 24
                          89.213.150.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:30:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:f1:d2:21:32:15:0d:6e:cf:f5:41:88:a3:af:62:5c:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Nov 21 12:19:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=80a631d320d6a8121947f45544bb41cd0b6616dc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:04:8d:dc:13:b0:4d:08:27:1e:4f:02:4a:e9:
                    b8:a9:66:87:ad:0c:e7:a2:bc:be:ef:f9:40:40:ee:
                    59:31:86:94:fa:90:17:bc:d8:2b:9b:d8:26:d4:31:
                    f5:f2:3e:45:49:31:15:96:22:72:29:d1:b9:72:c7:
                    1a:4a:98:b3:c0:6f:4c:68:23:e6:42:a2:45:5d:a9:
                    b8:6e:aa:15:d1:d4:07:92:3d:01:be:e3:d1:8f:3f:
                    91:95:91:7f:67:a1:74:7e:b9:de:45:cd:07:f8:c6:
                    6b:5e:a1:7b:46:c4:61:89:2b:d9:5c:7d:76:a6:35:
                    95:f1:0b:04:d6:ce:90:ca:7f:58:0b:dd:ad:2d:84:
                    f0:80:05:54:29:6b:6e:57:8a:5d:85:36:24:ad:2e:
                    d9:b8:ab:62:94:cf:46:89:99:43:d2:94:3b:76:2e:
                    55:d5:ba:5c:d5:b9:2a:62:a0:68:ff:f7:ca:e4:14:
                    67:49:20:99:e8:27:71:85:d8:46:7c:d5:fd:f0:9f:
                    c8:56:11:40:11:b6:98:17:ae:6d:ac:61:4e:0f:46:
                    8a:a3:36:9c:3e:0b:39:56:b4:62:76:23:a9:71:6b:
                    e3:f7:49:f4:db:94:ec:0c:40:11:f0:a3:77:6c:9f:
                    b3:6b:9d:2a:fa:5c:32:d2:11:11:0d:f2:0e:9d:f6:
                    82:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:A6:31:D3:20:D6:A8:12:19:47:F4:55:44:BB:41:CD:0B:66:16:DC
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/gKYx0yDWqBIZR_RVRLtBzQtmFtw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.213.144.0/24
                  89.213.150.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9b:ee:b0:76:2c:0a:20:9e:e7:fe:d6:1d:e6:9d:a3:17:03:42:
         83:b9:b1:40:08:7c:b7:98:2e:6d:1d:78:b6:90:f0:21:d7:b8:
         7a:70:d8:c4:af:44:02:e1:fc:a1:55:13:dd:31:be:65:7c:e4:
         a7:64:d4:10:96:0f:8e:1d:be:1f:97:cd:f6:d2:ca:cf:fb:1a:
         4c:76:0c:bc:a5:f2:c1:c4:b4:28:93:6a:cd:ba:b1:d1:cd:f4:
         49:ce:b2:b9:78:5a:8e:93:bc:2a:13:c8:8d:d5:55:ce:90:d5:
         e4:a3:98:46:44:ed:be:c0:91:16:47:53:e5:b8:95:e3:5c:62:
         26:d9:2d:14:cc:36:31:7b:8f:06:ae:52:18:ec:fa:ba:f9:17:
         a8:27:4d:33:d9:76:23:b1:bb:de:d4:e8:69:83:71:06:b7:90:
         16:89:2b:29:80:9d:19:c8:12:58:f5:6f:8b:eb:ef:29:f4:ad:
         68:9b:30:a1:0a:dc:ec:20:3b:67:95:43:5a:5b:cc:3b:0b:78:
         bb:cf:3a:8d:28:23:21:0c:9c:4e:6e:07:8b:09:4d:e3:8e:ee:
         8c:f9:ae:e1:fb:57:50:d3:72:e0:ae:05:84:8a:73:22:83:91:
         61:32:1b:7c:69:79:1c:45:31:c4:bc:71:e0:d6:96:1f:c8:af:
         1f:c4:7e:08
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYvx0iEyFQ1uz/VBiKOvYlxIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMxMTIxMTIxOTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGE2MzFkMzIwZDZhODEyMTk0N2Y0NTU0NGJiNDFjZDBiNjYxNmRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiASN3BOwTQgnHk8CSum4qWaHrQzn
ory+7/lAQO5ZMYaU+pAXvNgrm9gm1DH18j5FSTEVliJyKdG5cscaSpizwG9MaCPm
QqJFXam4bqoV0dQHkj0BvuPRjz+RlZF/Z6F0frneRc0H+MZrXqF7RsRhiSvZXH12
pjWV8QsE1s6Qyn9YC92tLYTwgAVUKWtuV4pdhTYkrS7ZuKtilM9GiZlD0pQ7di5V
1bpc1bkqYqBo//fK5BRnSSCZ6CdxhdhGfNX98J/IVhFAEbaYF65trGFOD0aKozac
Pgs5VrRidiOpcWvj90n025TsDEAR8KN3bJ+za50q+lwy0hERDfIOnfaCHwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFICmMdMg1qgSGUf0VUS7Qc0LZhbcMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvZ0tZeDB5RFdxQklaUl9SVlJMdEJ6UXRtRnR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWdWQAwQA
WdWWMA0GCSqGSIb3DQEBCwUAA4IBAQCb7rB2LAognuf+1h3mnaMXA0KDubFACHy3
mC5tHXi2kPAh17h6cNjEr0QC4fyhVRPdMb5lfOSnZNQQlg+OHb4fl8320srP+xpM
dgy8pfLBxLQok2rNurHRzfRJzrK5eFqOk7wqE8iN1VXOkNXko5hGRO2+wJEWR1Pl
uJXjXGIm2S0UzDYxe48GrlIY7Pq6+ReoJ00z2XYjsbve1Ohpg3EGt5AWiSspgJ0Z
yBJY9W+L6+8p9K1omzChCtzsIDtnlUNaW8w7C3i7zzqNKCMhDJxObgeLCU3jju6M
+a7h+1dQ03LgrgWEinMig5FhMht8aXkcRTHEvHHg1pYfyK8fxH4I
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:17 2024 by rpki-client on console-fra.rpki-client.org