Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/i5SPKDe9vPhzfithP73g2ti-aWY.roa
File:                     i5SPKDe9vPhzfithP73g2ti-aWY.roa (raw, json)
Hash identifier:          sMZEEbyLXa8nRFsPn7A9YeCvbomCyRdsRWNWuiYQWvM=
Subject key identifier:   8B:94:8F:28:37:BD:BC:F8:73:7E:2B:61:3F:BD:E0:DA:D8:BE:69:66
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018BFB5CC1F8B1930BF1EB8C5270502BEE66
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/i5SPKDe9vPhzfithP73g2ti-aWY.roa
Signing time:             Thu 23 Nov 2023 08:47:22 +0000
ROA not before:           Thu 23 Nov 2023 08:47:22 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212815
IP address blocks:        89.213.157.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:30:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:fb:5c:c1:f8:b1:93:0b:f1:eb:8c:52:70:50:2b:ee:66
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Nov 23 08:47:22 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8b948f2837bdbcf8737e2b613fbde0dad8be6966
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:61:5a:cc:24:c7:d8:af:70:12:1a:93:bc:60:
                    a2:b2:36:32:48:32:4c:ed:48:67:bd:ea:c3:f2:83:
                    12:c4:e5:ee:b4:dd:01:ff:11:73:6d:60:59:7c:64:
                    55:3b:88:dc:83:4d:5e:1c:df:42:09:d5:81:a6:cb:
                    e3:e9:72:a6:1d:a1:be:82:a7:da:07:51:b5:d2:cd:
                    b0:ff:2a:eb:76:57:61:7f:18:81:f7:9c:4d:23:0c:
                    60:a9:0b:b9:d3:32:5c:15:66:f6:2d:92:d6:bd:aa:
                    cb:6f:8a:4e:f1:12:cc:52:32:cd:dc:e4:8c:83:8c:
                    2a:cb:f0:be:79:13:24:8e:cf:83:18:14:91:4f:ff:
                    1d:21:9b:48:cf:30:a5:b8:8a:2f:54:e8:8b:f5:cc:
                    9c:9c:f9:86:2c:0c:57:03:d5:33:e9:76:6f:52:ad:
                    8c:2b:6a:cf:98:24:9a:0f:26:e0:11:e6:c3:f2:0a:
                    49:fc:dd:61:45:96:93:82:d3:96:a6:2b:28:af:4b:
                    6e:10:1c:63:1b:56:03:61:d7:e4:da:4b:66:48:21:
                    79:6c:49:34:62:2d:ac:af:d1:d9:68:60:12:e3:4c:
                    47:bc:bb:fe:85:13:ad:fe:ed:b1:fc:e4:7a:30:05:
                    86:b8:2c:09:1d:2c:a4:d5:b5:b6:7c:6f:84:5c:93:
                    42:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:94:8F:28:37:BD:BC:F8:73:7E:2B:61:3F:BD:E0:DA:D8:BE:69:66
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/i5SPKDe9vPhzfithP73g2ti-aWY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.213.157.0/24

    Signature Algorithm: sha256WithRSAEncryption
         72:62:c3:2c:9e:04:22:a4:4c:d5:d8:ac:77:bf:92:7a:19:25:
         67:ec:81:00:61:47:38:55:58:1a:ac:6e:1b:37:b5:21:46:51:
         df:7f:44:6c:31:e8:65:2f:2d:3f:8c:98:ca:ba:e7:30:95:31:
         25:ab:a4:b8:dd:e9:51:b1:12:95:f4:a4:fc:f7:bb:6c:f1:57:
         d9:9e:5a:91:3c:7e:18:80:7a:f9:38:5a:93:d4:b3:e8:85:d4:
         64:90:d5:c5:89:78:7d:78:e4:2b:da:f0:10:eb:51:af:9b:19:
         69:1b:cb:ca:f3:7c:98:2e:07:ae:7f:0f:15:d5:d0:f9:7a:3e:
         f6:e3:7f:55:ac:53:82:25:7f:93:64:25:23:94:00:54:70:60:
         e3:c3:b2:37:92:4d:7d:82:cd:12:56:5c:9f:6a:80:f4:1c:ff:
         c7:95:f0:3f:0d:d7:e2:0c:fd:f4:14:0b:fc:8e:46:cd:cf:77:
         b6:12:9a:d9:5f:20:0c:dd:71:c6:59:9f:96:25:bf:35:7c:a6:
         9b:1a:e3:fa:1f:f7:ac:72:35:6d:b1:f5:25:a1:a6:a6:05:54:
         6b:a8:1e:47:00:1f:d6:81:bb:1e:62:75:d1:1a:45:e8:fc:37:
         b4:54:23:6f:89:82:e6:c5:33:c6:1b:e6:c4:44:29:da:36:1e:
         6d:a7:ee:c5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYv7XMH4sZML8euMUnBQK+5mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMxMTIzMDg0NzIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Yjk0OGYyODM3YmRiY2Y4NzM3ZTJiNjEzZmJkZTBkYWQ4YmU2OTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlWFazCTH2K9wEhqTvGCisjYySDJM
7UhnverD8oMSxOXutN0B/xFzbWBZfGRVO4jcg01eHN9CCdWBpsvj6XKmHaG+gqfa
B1G10s2w/yrrdldhfxiB95xNIwxgqQu50zJcFWb2LZLWvarLb4pO8RLMUjLN3OSM
g4wqy/C+eRMkjs+DGBSRT/8dIZtIzzCluIovVOiL9cycnPmGLAxXA9Uz6XZvUq2M
K2rPmCSaDybgEebD8gpJ/N1hRZaTgtOWpisor0tuEBxjG1YDYdfk2ktmSCF5bEk0
Yi2sr9HZaGAS40xHvLv+hROt/u2x/OR6MAWGuCwJHSyk1bW2fG+EXJNCnQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIuUjyg3vbz4c34rYT+94NrYvmlmMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvaTVTUEtEZTl2UGh6Zml0aFA3M2cydGktYVdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWdWdMA0G
CSqGSIb3DQEBCwUAA4IBAQByYsMsngQipEzV2Kx3v5J6GSVn7IEAYUc4VVgarG4b
N7UhRlHff0RsMehlLy0/jJjKuucwlTElq6S43elRsRKV9KT897ts8VfZnlqRPH4Y
gHr5OFqT1LPohdRkkNXFiXh9eOQr2vAQ61GvmxlpG8vK83yYLgeufw8V1dD5ej72
439VrFOCJX+TZCUjlABUcGDjw7I3kk19gs0SVlyfaoD0HP/HlfA/DdfiDP30FAv8
jkbNz3e2EprZXyAM3XHGWZ+WJb81fKabGuP6H/escjVtsfUloaamBVRrqB5HAB/W
gbseYnXRGkXo/De0VCNviYLmxTPGG+bERCnaNh5tp+7F
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:30 2024 by rpki-client on console-ams.rpki-client.org