Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/hv4ZBAMHWFL15evdjIbNWTeoXEQ.roa
File:                     hv4ZBAMHWFL15evdjIbNWTeoXEQ.roa (raw, json)
Hash identifier:          k1Ra7BGMVAhdosuz9j5FGVnHY6QFKiZtB90S7A47Kao=
Subject key identifier:   86:FE:19:04:03:07:58:52:F5:E5:EB:DD:8C:86:CD:59:37:A8:5C:44
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018E75701C2BD14E30A5C92FC68312A0FEBB
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/hv4ZBAMHWFL15evdjIbNWTeoXEQ.roa
Signing time:             Mon 25 Mar 2024 11:47:45 +0000
ROA not before:           Mon 25 Mar 2024 11:47:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     209043
IP address blocks:        89.213.115.0/24 maxlen: 24
                          89.213.218.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 23 Apr 2024 13:35:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:75:70:1c:2b:d1:4e:30:a5:c9:2f:c6:83:12:a0:fe:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Mar 25 11:47:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=86fe190403075852f5e5ebdd8c86cd5937a85c44
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:a2:11:86:c0:a3:87:63:07:82:3b:0d:d8:7f:
                    1c:bc:21:8c:86:25:59:0d:dd:49:c1:46:b5:bd:51:
                    ca:57:7b:51:af:ee:8d:77:27:b0:f4:9e:59:cb:6f:
                    14:a7:55:d5:7e:bc:52:de:d1:44:0b:41:52:52:92:
                    4e:ce:89:1f:64:fb:1b:f6:84:c3:74:5a:30:c2:75:
                    04:a6:fb:52:ff:5e:eb:b3:a4:ae:cf:04:d5:31:26:
                    36:b6:8b:29:71:46:69:6f:a1:d2:26:70:14:b2:bb:
                    03:6a:d6:39:e4:88:f7:0b:84:a5:a4:ac:03:6f:37:
                    6a:eb:7e:df:a2:85:23:e4:61:c6:8e:4c:27:52:6a:
                    09:94:9e:97:e3:22:f9:5a:99:7f:75:76:48:90:27:
                    ae:f7:32:26:1c:e3:74:b8:38:79:2e:49:43:cb:a7:
                    97:0a:f2:48:6b:51:b6:71:02:43:a5:50:ec:56:db:
                    c6:67:ce:78:59:35:ba:cd:e3:db:62:8c:4e:0e:22:
                    13:53:52:d0:f4:40:12:3a:f7:59:ee:6f:f5:15:fc:
                    ef:ab:4d:29:b8:bd:46:0d:ff:df:62:52:f1:5a:2d:
                    96:fa:a2:83:07:f6:05:06:d3:18:d4:15:c3:b0:b3:
                    13:41:79:df:f4:ec:93:fb:15:ba:69:4e:0b:5b:ec:
                    74:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:FE:19:04:03:07:58:52:F5:E5:EB:DD:8C:86:CD:59:37:A8:5C:44
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/hv4ZBAMHWFL15evdjIbNWTeoXEQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.213.115.0/24
                  89.213.218.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7c:66:ae:13:17:d5:84:9e:5c:e9:ea:0d:c9:8a:ed:26:97:d7:
         a9:d1:be:58:23:e6:db:90:07:f4:bf:02:8f:94:4f:b6:60:94:
         2e:4f:e9:f9:1f:50:cb:fb:51:03:8f:a4:ce:1b:d3:b1:41:85:
         c8:da:7a:eb:87:84:52:c8:7c:8e:ae:04:04:17:3d:c1:87:c1:
         a8:50:f3:89:3b:da:06:8d:70:4d:e5:ce:5c:3a:af:f7:72:c9:
         e9:71:de:17:cf:9c:a6:04:49:c3:f3:a2:03:03:8a:39:1b:ec:
         4e:6c:bd:4b:0c:c9:d8:9e:c2:9b:ff:48:3f:61:93:bd:a2:4c:
         70:1b:d0:35:f5:76:a0:c1:2b:c9:75:4e:2a:25:ca:16:48:b8:
         e3:34:97:af:ed:bd:19:22:c1:e2:7b:67:e6:bb:f9:a2:ee:32:
         3d:55:27:f4:94:43:76:d0:a7:11:8f:cc:7c:eb:18:05:41:03:
         93:94:e1:ef:e3:89:6c:ab:78:80:75:1e:42:ce:20:59:16:16:
         73:b9:5b:0c:0e:26:88:c8:7a:b1:25:86:a6:5d:20:8e:fe:3d:
         b8:6f:56:89:70:58:73:95:ed:b4:47:9c:d2:c2:ad:bc:21:2b:
         20:06:56:85:4b:a8:80:2f:5f:36:3d:b8:ab:cf:e5:ee:b5:c1:
         97:79:1c:24
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY51cBwr0U4wpckvxoMSoP67MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMzI1MTE0NzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmZlMTkwNDAzMDc1ODUyZjVlNWViZGQ4Yzg2Y2Q1OTM3YTg1YzQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyaIRhsCjh2MHgjsN2H8cvCGMhiVZ
Dd1JwUa1vVHKV3tRr+6Ndyew9J5Zy28Up1XVfrxS3tFEC0FSUpJOzokfZPsb9oTD
dFowwnUEpvtS/17rs6SuzwTVMSY2tospcUZpb6HSJnAUsrsDatY55Ij3C4SlpKwD
bzdq637fooUj5GHGjkwnUmoJlJ6X4yL5Wpl/dXZIkCeu9zImHON0uDh5LklDy6eX
CvJIa1G2cQJDpVDsVtvGZ854WTW6zePbYoxODiITU1LQ9EASOvdZ7m/1Ffzvq00p
uL1GDf/fYlLxWi2W+qKDB/YFBtMY1BXDsLMTQXnf9OyT+xW6aU4LW+x0ywIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIb+GQQDB1hS9eXr3YyGzVk3qFxEMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvaHY0WkJBTUhXRkwxNWV2ZGpJYk5XVGVvWEVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWdVzAwQA
WdXaMA0GCSqGSIb3DQEBCwUAA4IBAQB8Zq4TF9WEnlzp6g3Jiu0ml9ep0b5YI+bb
kAf0vwKPlE+2YJQuT+n5H1DL+1EDj6TOG9OxQYXI2nrrh4RSyHyOrgQEFz3Bh8Go
UPOJO9oGjXBN5c5cOq/3csnpcd4Xz5ymBEnD86IDA4o5G+xObL1LDMnYnsKb/0g/
YZO9okxwG9A19XagwSvJdU4qJcoWSLjjNJev7b0ZIsHie2fmu/mi7jI9VSf0lEN2
0KcRj8x86xgFQQOTlOHv44lsq3iAdR5CziBZFhZzuVsMDiaIyHqxJYamXSCO/j24
b1aJcFhzle20R5zSwq28ISsgBlaFS6iAL182Pbirz+XutcGXeRwk
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:17 2024 by rpki-client on console-fra.rpki-client.org