Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/kJYmCxmFNMEuaaStDctEILbmhrw.roa
File:                     kJYmCxmFNMEuaaStDctEILbmhrw.roa (raw, json)
Hash identifier:          p3I2JJ7PV5sYCRCn+pzB7ov8/nrXRombDy3dXcLPsOY=
Subject key identifier:   90:96:26:0B:19:85:34:C1:2E:69:A4:AD:0D:CB:44:20:B6:E6:86:BC
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018A6078CEFD231122F71F8156771F633B75
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/kJYmCxmFNMEuaaStDctEILbmhrw.roa
Signing time:             Mon 04 Sep 2023 13:54:04 +0000
ROA not before:           Mon 04 Sep 2023 13:54:04 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     399073
IP address blocks:        89.213.148.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Mon 04 Sep 2023 16:26:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:60:78:ce:fd:23:11:22:f7:1f:81:56:77:1f:63:3b:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Sep  4 13:54:04 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9096260b198534c12e69a4ad0dcb4420b6e686bc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:3a:ea:89:e6:23:a6:16:f9:7d:7f:e6:c7:61:
                    1b:63:8d:b8:dc:12:17:59:11:dd:a4:7d:7d:ce:3d:
                    35:da:35:f2:08:53:79:5e:a9:f8:68:be:b6:c0:de:
                    75:1d:4b:79:7b:22:83:ae:2d:7f:82:ea:cd:60:7a:
                    fc:c5:a7:b8:f9:89:80:e4:28:ce:1d:87:2c:14:b3:
                    ee:7d:46:29:06:5a:93:3f:e8:62:e8:05:38:ec:e4:
                    fd:e6:cb:ea:cd:49:74:cb:fc:98:d7:18:6b:c5:a3:
                    cf:92:94:ec:54:a6:e0:2c:3c:59:44:71:c5:70:bf:
                    81:02:bd:ce:6f:5a:87:f8:dd:61:22:bb:02:ad:4e:
                    0f:1a:e4:27:99:43:a3:01:b2:1e:1c:f0:38:fc:7a:
                    5a:40:c7:b4:34:07:8e:04:a7:70:da:ad:61:48:f5:
                    a0:a0:b2:91:83:99:2f:07:b8:91:6c:bf:0d:11:23:
                    fc:9d:0b:54:66:e4:93:2b:4e:06:5c:ae:2f:f0:46:
                    4e:7b:c3:b9:d0:7b:24:54:99:d6:ce:56:24:3c:42:
                    7e:d5:06:14:db:a3:41:1f:8e:60:69:09:62:b2:50:
                    d6:81:b6:01:86:9b:92:93:57:0c:a3:84:7d:a2:89:
                    9d:ae:69:68:72:59:71:f6:7c:ae:11:f4:e6:98:ec:
                    70:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:96:26:0B:19:85:34:C1:2E:69:A4:AD:0D:CB:44:20:B6:E6:86:BC
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/kJYmCxmFNMEuaaStDctEILbmhrw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.213.148.0/22

    Signature Algorithm: sha256WithRSAEncryption
         9c:e5:d6:96:68:65:5e:30:c6:b8:36:44:a8:cd:66:cb:de:17:
         4e:a0:f3:e7:f0:41:5e:67:79:5f:c5:2d:33:3b:15:a0:81:ad:
         e9:a0:c4:26:bb:80:db:8b:ce:1a:b6:50:63:c7:22:bf:ba:91:
         c2:54:4d:11:85:1d:0d:70:4d:54:ed:7c:88:d6:d5:29:4a:22:
         ab:03:b6:c3:7d:10:24:5d:00:5a:89:9f:3a:d8:e9:c4:44:f7:
         91:0c:b6:1c:ff:66:db:a4:98:fe:57:bf:78:ad:c2:45:14:38:
         36:04:fc:ef:65:fa:1b:bf:2d:fc:d8:53:c9:85:28:59:3b:02:
         9f:0b:a5:c7:f4:c3:58:88:63:9c:f3:c9:74:51:57:1a:42:30:
         c1:9e:d1:04:d1:a5:6e:48:29:86:22:82:ff:d6:07:bc:3b:bb:
         7d:8b:ef:13:df:1a:d0:3a:64:f5:f7:76:48:4d:d9:08:5f:f7:
         b4:85:e5:2a:79:68:ac:9a:75:27:19:15:b0:e9:0d:cc:10:c1:
         01:cb:86:b8:0b:cc:1f:d2:2a:42:de:8d:08:d0:ac:fb:ca:32:
         fa:12:24:39:c2:b1:8a:4b:9b:63:7e:de:5f:8e:3a:a6:80:25:
         72:ee:31:bb:2c:ef:b2:cf:d1:87:dd:bd:84:2c:f6:dd:77:cd:
         b2:c6:10:69
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYpgeM79IxEi9x+BVncfYzt1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwOTA0MTM1NDA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDk2MjYwYjE5ODUzNGMxMmU2OWE0YWQwZGNiNDQyMGI2ZTY4NmJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAizrqieYjphb5fX/mx2EbY4243BIX
WRHdpH19zj012jXyCFN5Xqn4aL62wN51HUt5eyKDri1/gurNYHr8xae4+YmA5CjO
HYcsFLPufUYpBlqTP+hi6AU47OT95svqzUl0y/yY1xhrxaPPkpTsVKbgLDxZRHHF
cL+BAr3Ob1qH+N1hIrsCrU4PGuQnmUOjAbIeHPA4/HpaQMe0NAeOBKdw2q1hSPWg
oLKRg5kvB7iRbL8NESP8nQtUZuSTK04GXK4v8EZOe8O50HskVJnWzlYkPEJ+1QYU
26NBH45gaQlislDWgbYBhpuSk1cMo4R9oomdrmlocllx9nyuEfTmmOxwzQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJCWJgsZhTTBLmmkrQ3LRCC25oa8MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEva0pZbUN4bUZOTUV1YWFTdERjdEVJTGJtaHJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCWdWUMA0G
CSqGSIb3DQEBCwUAA4IBAQCc5daWaGVeMMa4NkSozWbL3hdOoPPn8EFeZ3lfxS0z
OxWgga3poMQmu4Dbi84atlBjxyK/upHCVE0RhR0NcE1U7XyI1tUpSiKrA7bDfRAk
XQBaiZ862OnERPeRDLYc/2bbpJj+V794rcJFFDg2BPzvZfobvy382FPJhShZOwKf
C6XH9MNYiGOc88l0UVcaQjDBntEE0aVuSCmGIoL/1ge8O7t9i+8T3xrQOmT193ZI
TdkIX/e0heUqeWismnUnGRWw6Q3MEMEBy4a4C8wf0ipC3o0I0Kz7yjL6EiQ5wrGK
S5tjft5fjjqmgCVy7jG7LO+yz9GH3b2ELPbdd82yxhBp
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:17 2024 by rpki-client on console-fra.rpki-client.org