Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/kKn0Dlz0bMnQK3SkgFG3izyJ1Zg.roa
File:                     kKn0Dlz0bMnQK3SkgFG3izyJ1Zg.roa (raw, json)
Hash identifier:          lMk7nLoLcwk9kewrlpPANHTPOoF/4a9BgA5lNMpfblg=
Subject key identifier:   90:A9:F4:0E:5C:F4:6C:C9:D0:2B:74:A4:80:51:B7:8B:3C:89:D5:98
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018CC349562AE7B61FB1C45EDA212D2C5037
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/kKn0Dlz0bMnQK3SkgFG3izyJ1Zg.roa
Signing time:             Mon 01 Jan 2024 04:30:12 +0000
ROA not before:           Mon 01 Jan 2024 04:30:12 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     61135
IP address blocks:        89.213.140.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 29 Jan 2024 10:09:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:49:56:2a:e7:b6:1f:b1:c4:5e:da:21:2d:2c:50:37
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jan  1 04:30:12 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=90a9f40e5cf46cc9d02b74a48051b78b3c89d598
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:7a:31:74:59:26:ec:b5:95:3d:82:c2:ec:68:
                    a9:ce:94:f9:8e:35:35:f3:c4:42:7f:17:9b:a8:ad:
                    6a:e5:df:e1:ea:83:c3:51:18:59:17:6a:b0:1e:be:
                    76:86:8f:68:32:b4:f1:09:f3:3a:e8:5c:be:33:cd:
                    ae:f4:c1:50:fe:cf:e4:89:42:30:12:d0:b1:75:56:
                    b3:e6:62:3a:96:5a:28:c8:b7:d9:62:cf:c4:6b:bd:
                    30:ce:12:55:7d:f4:a8:cd:0d:45:02:0c:b6:81:86:
                    54:bd:11:e0:b7:1a:b8:28:35:69:f4:e5:b1:17:58:
                    be:76:79:f2:5c:07:94:ef:d1:6c:ca:2f:de:8f:fb:
                    85:8a:d5:75:9f:11:51:0f:8f:88:58:21:00:4c:1f:
                    27:52:b5:7c:6d:36:e8:1e:23:4b:9d:24:79:93:ae:
                    15:4a:77:6a:04:0a:e4:7d:a1:11:b3:f7:cf:73:07:
                    a4:ff:93:0c:57:0d:cc:b0:f7:31:ac:4c:41:00:d8:
                    84:20:74:b7:0f:61:03:68:74:19:51:fd:31:7d:4a:
                    be:18:6c:ec:be:53:24:8f:dd:45:3f:d3:8c:0f:43:
                    f8:0c:eb:86:c5:00:22:21:07:70:07:6d:96:81:4f:
                    7a:b6:a9:d5:b8:f8:cd:e3:ae:c8:9e:04:11:15:75:
                    b8:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:A9:F4:0E:5C:F4:6C:C9:D0:2B:74:A4:80:51:B7:8B:3C:89:D5:98
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/kKn0Dlz0bMnQK3SkgFG3izyJ1Zg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.213.140.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a9:a3:a8:51:6f:f4:46:8d:b8:9b:5e:14:08:2d:5e:f0:58:7b:
         c2:df:47:2d:8f:d7:c9:63:19:48:50:e7:9e:2d:47:41:ee:08:
         a4:92:06:37:68:c4:72:1a:92:cd:a2:14:d2:20:f4:17:09:60:
         e5:bb:a1:a5:2b:1e:ed:62:2b:1a:f0:45:ae:a2:4a:b2:6d:4f:
         6e:06:a2:df:ec:1b:9c:55:c9:34:09:84:26:4f:d4:c6:58:68:
         75:ec:96:38:0e:cf:ea:cd:0c:e5:f2:a3:ed:c5:79:d1:c9:40:
         33:a2:02:c2:e7:27:b7:27:f0:27:27:f7:5b:49:96:5f:ad:53:
         60:39:60:fa:30:94:c6:ca:44:f2:03:af:0c:66:0e:4b:ee:c5:
         f3:64:50:6f:c3:4e:62:73:bd:d6:17:71:7a:4e:43:9e:7c:91:
         59:c9:ae:21:1d:a3:bf:29:dc:d6:83:91:02:98:3d:67:c9:a5:
         b9:0e:c7:64:2f:c5:1a:c0:52:c7:b2:a4:a2:8e:3f:16:5d:12:
         a1:1c:18:94:c7:ae:c5:0b:6a:cf:63:b2:09:bc:48:34:a2:4f:
         fd:0d:28:dd:75:d3:e5:9e:b2:1c:d9:5b:b6:94:a3:23:d1:a4:
         f3:17:d7:55:49:2b:0f:ec:c1:ae:91:f0:97:e4:7b:2b:02:ac:
         b9:88:57:c0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSVYq57YfscRe2iEtLFA3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMTAxMDQzMDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGE5ZjQwZTVjZjQ2Y2M5ZDAyYjc0YTQ4MDUxYjc4YjNjODlkNTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyHoxdFkm7LWVPYLC7GipzpT5jjU1
88RCfxebqK1q5d/h6oPDURhZF2qwHr52ho9oMrTxCfM66Fy+M82u9MFQ/s/kiUIw
EtCxdVaz5mI6llooyLfZYs/Ea70wzhJVffSozQ1FAgy2gYZUvRHgtxq4KDVp9OWx
F1i+dnnyXAeU79Fsyi/ej/uFitV1nxFRD4+IWCEATB8nUrV8bTboHiNLnSR5k64V
SndqBArkfaERs/fPcwek/5MMVw3MsPcxrExBANiEIHS3D2EDaHQZUf0xfUq+GGzs
vlMkj91FP9OMD0P4DOuGxQAiIQdwB22WgU96tqnVuPjN467IngQRFXW4IwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJCp9A5c9GzJ0Ct0pIBRt4s8idWYMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEva0tuMERsejBiTW5RSzNTa2dGRzNpenlKMVpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWdWMMA0G
CSqGSIb3DQEBCwUAA4IBAQCpo6hRb/RGjbibXhQILV7wWHvC30ctj9fJYxlIUOee
LUdB7gikkgY3aMRyGpLNohTSIPQXCWDlu6GlKx7tYisa8EWuokqybU9uBqLf7Buc
Vck0CYQmT9TGWGh17JY4Ds/qzQzl8qPtxXnRyUAzogLC5ye3J/AnJ/dbSZZfrVNg
OWD6MJTGykTyA68MZg5L7sXzZFBvw05ic73WF3F6TkOefJFZya4hHaO/KdzWg5EC
mD1nyaW5DsdkL8UawFLHsqSijj8WXRKhHBiUx67FC2rPY7IJvEg0ok/9DSjdddPl
nrIc2Vu2lKMj0aTzF9dVSSsP7MGukfCX5HsrAqy5iFfA
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:17 2024 by rpki-client on console-fra.rpki-client.org