Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/hiivGh1cMYymgdX_nCFmXCGudS0.roa
File:                     hiivGh1cMYymgdX_nCFmXCGudS0.roa (raw, json)
Hash identifier:          ugeMHG14Iiu7VMdMIEs+zWCVdTU0+piIpGYqMy9/6D0=
Subject key identifier:   86:28:AF:1A:1D:5C:31:8C:A6:81:D5:FF:9C:21:66:5C:21:AE:75:2D
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018F28B0BF8AC7D17297F22C37128626D3EB
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/hiivGh1cMYymgdX_nCFmXCGudS0.roa
Signing time:             Mon 29 Apr 2024 07:10:22 +0000
ROA not before:           Mon 29 Apr 2024 07:10:22 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     197737
IP address blocks:        79.99.76.0/24 maxlen: 24
                          89.213.97.0/24 maxlen: 24
                          213.210.39.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 02 May 2024 07:54:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:28:b0:bf:8a:c7:d1:72:97:f2:2c:37:12:86:26:d3:eb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Apr 29 07:10:22 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=8628af1a1d5c318ca681d5ff9c21665c21ae752d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:43:ec:52:e3:d1:74:2d:7c:ba:70:b4:5d:8d:
                    da:bb:42:c4:0a:e1:0c:ee:9c:b8:17:6d:32:ad:d7:
                    87:45:36:6d:01:98:47:4e:64:cf:0d:02:e6:60:33:
                    8f:86:62:aa:be:28:9f:1a:f6:17:1d:66:29:a0:53:
                    5d:08:1e:3c:b9:14:87:8f:8e:b6:27:d2:e3:65:58:
                    85:dc:80:74:9d:38:76:02:96:af:77:88:5b:99:06:
                    2e:23:33:e6:f4:f2:72:58:bc:bf:8b:54:b7:ff:77:
                    57:f2:b3:bc:d3:f2:53:74:45:13:02:94:70:51:ef:
                    18:d0:91:44:b6:a0:dc:27:98:cb:91:e9:ea:3b:07:
                    9c:45:7a:db:40:7b:a0:e7:3d:cc:4e:84:aa:9a:a7:
                    48:fa:5d:c0:a2:70:c6:c7:64:fb:27:de:90:41:8e:
                    92:38:c3:88:dd:35:8f:00:3e:ce:ba:c7:47:d9:82:
                    3f:07:22:3f:26:0b:1c:40:2f:d2:6c:a9:fd:02:40:
                    06:ff:12:85:7b:03:2b:0e:ff:bb:00:e5:00:fe:91:
                    7b:ca:65:41:b2:a9:ad:7e:3f:51:43:ba:9b:6e:1b:
                    6d:75:8e:ec:a7:5e:af:a3:a7:28:d3:ad:f0:22:68:
                    bb:04:1f:cc:7b:de:9f:d5:e6:20:23:93:cb:5e:46:
                    44:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:28:AF:1A:1D:5C:31:8C:A6:81:D5:FF:9C:21:66:5C:21:AE:75:2D
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/hiivGh1cMYymgdX_nCFmXCGudS0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  79.99.76.0/24
                  89.213.97.0/24
                  213.210.39.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3f:5e:ee:c0:8f:aa:1c:06:da:d4:2e:a2:3c:fb:f2:95:c7:e6:
         e5:3a:64:c7:b3:80:69:a9:42:97:bb:dc:0a:37:22:c7:62:0d:
         47:d0:fa:44:6b:f9:26:95:e1:be:ea:95:1f:65:11:48:68:56:
         dd:f9:c3:dc:0f:1e:38:d7:4c:34:91:8a:b7:cc:94:e8:fb:f2:
         71:d5:87:9d:24:e3:39:c5:52:be:42:06:1e:aa:47:ec:9f:52:
         69:b8:a7:d7:84:38:34:a2:de:9b:b5:30:c9:ef:3e:4f:db:ee:
         9a:60:6b:3b:cf:7a:47:de:4c:31:94:45:d3:66:8d:89:0f:fa:
         89:70:9a:2e:19:02:9e:af:98:25:1f:7c:6e:4b:a8:b1:bb:55:
         89:50:e6:e2:d6:d4:e5:5a:85:6c:66:1e:e6:a1:93:e5:61:8d:
         ba:f0:09:ca:b6:79:0e:6a:42:78:2f:6d:94:a7:06:5c:35:6a:
         69:97:64:9a:9a:08:98:ad:05:be:a2:00:a8:1f:61:91:91:6b:
         f2:15:54:99:9d:78:e1:95:a0:36:4b:79:56:a3:ba:63:4c:ed:
         5d:1f:47:cf:9d:12:78:3b:53:b1:fb:bd:6d:bd:d9:f9:31:04:
         e8:c5:ae:f0:c3:3c:ae:1b:02:4b:a3:f7:e4:84:8e:18:96:4d:
         ed:51:c7:5f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY8osL+Kx9Fyl/IsNxKGJtPrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNDI5MDcxMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjI4YWYxYTFkNWMzMThjYTY4MWQ1ZmY5YzIxNjY1YzIxYWU3NTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnkPsUuPRdC18unC0XY3au0LECuEM
7py4F20yrdeHRTZtAZhHTmTPDQLmYDOPhmKqviifGvYXHWYpoFNdCB48uRSHj462
J9LjZViF3IB0nTh2Apavd4hbmQYuIzPm9PJyWLy/i1S3/3dX8rO80/JTdEUTApRw
Ue8Y0JFEtqDcJ5jLkenqOwecRXrbQHug5z3MToSqmqdI+l3AonDGx2T7J96QQY6S
OMOI3TWPAD7OusdH2YI/ByI/JgscQC/SbKn9AkAG/xKFewMrDv+7AOUA/pF7ymVB
sqmtfj9RQ7qbbhttdY7sp16vo6co063wImi7BB/Me96f1eYgI5PLXkZEbwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIYorxodXDGMpoHV/5whZlwhrnUtMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvaGlpdkdoMWNNWXltZ2RYX25DRm1YQ0d1ZFMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAT2NMAwQA
WdVhAwQA1dInMA0GCSqGSIb3DQEBCwUAA4IBAQA/Xu7Aj6ocBtrULqI8+/KVx+bl
OmTHs4BpqUKXu9wKNyLHYg1H0PpEa/kmleG+6pUfZRFIaFbd+cPcDx4410w0kYq3
zJTo+/Jx1YedJOM5xVK+QgYeqkfsn1JpuKfXhDg0ot6btTDJ7z5P2+6aYGs7z3pH
3kwxlEXTZo2JD/qJcJouGQKer5glH3xuS6ixu1WJUObi1tTlWoVsZh7moZPlYY26
8AnKtnkOakJ4L22UpwZcNWppl2SamgiYrQW+ogCoH2GRkWvyFVSZnXjhlaA2S3lW
o7pjTO1dH0fPnRJ4O1Ox+71tvdn5MQToxa7wwzyuGwJLo/fkhI4Ylk3tUcdf
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:30 2024 by rpki-client on console-ams.rpki-client.org