Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/mJR-RDbIqigRoHdWoluQWCbfAYY.roa
File:                     mJR-RDbIqigRoHdWoluQWCbfAYY.roa (raw, json)
Hash identifier:          4x+raYbfeIhVPt5A7YYcJmRe5yCXlc5p8P3s8gWCukg=
Subject key identifier:   98:94:7E:44:36:C8:AA:28:11:A0:77:56:A2:5B:90:58:26:DF:01:86
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018CB16A3B258610AA51B13224A430ECB347
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/mJR-RDbIqigRoHdWoluQWCbfAYY.roa
Signing time:             Thu 28 Dec 2023 17:12:58 +0000
ROA not before:           Thu 28 Dec 2023 17:12:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     133296
IP address blocks:        89.213.131.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:30:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:b1:6a:3b:25:86:10:aa:51:b1:32:24:a4:30:ec:b3:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Dec 28 17:12:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=98947e4436c8aa2811a07756a25b905826df0186
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:3f:d7:b4:f3:68:db:7d:ff:53:43:5d:bc:20:
                    d0:b1:d0:cf:86:d9:fc:48:a3:5b:d7:2f:e1:8d:20:
                    f1:d1:5d:0d:6d:c4:52:bd:56:2e:2f:0a:cd:fd:5a:
                    39:28:1e:5f:b5:40:d2:5d:da:f6:58:d8:3f:3e:58:
                    67:64:0b:05:20:db:3c:f2:4e:b8:19:3d:cd:b4:fb:
                    5c:ac:f1:72:43:9a:ba:ca:6e:17:49:3a:be:b2:96:
                    f7:3b:20:6a:84:e6:c6:90:20:8b:08:19:3e:07:e8:
                    d8:0d:5d:ae:b4:1d:ea:be:ea:87:f7:5a:ea:fc:36:
                    dc:87:d5:9e:ad:67:f9:33:68:10:2f:02:c1:23:76:
                    fe:89:47:76:47:23:63:3e:d5:0f:65:cb:88:6c:f2:
                    31:af:9e:73:15:4b:95:99:6a:5b:4f:81:cf:69:88:
                    5c:56:ae:f3:fa:57:52:d2:89:7d:d5:e9:e3:9a:71:
                    6d:fa:02:aa:19:aa:92:24:4e:38:fc:f9:2d:c3:0a:
                    80:34:cb:cc:e6:c4:0d:45:1b:f1:c7:c4:18:af:65:
                    8b:20:e9:1c:e4:20:96:d8:e2:80:f1:ee:fc:7a:af:
                    26:10:6e:a0:56:d6:eb:ab:2b:a9:8b:3d:f4:de:43:
                    e1:21:d9:0c:9b:d7:90:34:d4:61:1f:32:f6:93:dd:
                    57:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:94:7E:44:36:C8:AA:28:11:A0:77:56:A2:5B:90:58:26:DF:01:86
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/mJR-RDbIqigRoHdWoluQWCbfAYY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.213.131.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1c:6d:9b:49:0b:8e:b9:57:a5:97:43:28:c5:db:0f:15:65:b7:
         6d:9b:b9:6f:6c:2f:76:ef:43:ed:26:77:fd:62:44:1d:ee:53:
         e6:47:bd:ca:8d:6d:52:f3:46:f7:c3:35:54:65:98:96:a2:f6:
         ca:94:35:d8:be:5d:f7:9b:1f:03:0f:86:27:16:23:02:63:2e:
         24:07:c1:3c:5e:da:b4:51:1a:22:13:b5:f2:26:28:3f:aa:c3:
         89:67:b8:af:bb:b9:0f:14:13:e7:36:92:82:8e:73:e6:c8:9e:
         bf:75:84:80:aa:7c:67:66:8c:a2:cf:a9:e6:ac:e6:c7:22:0c:
         52:8b:e4:71:37:97:48:ea:e8:72:ad:61:9f:1b:20:d3:51:4a:
         e0:74:f5:36:ae:96:b6:ca:b0:84:b8:72:e2:02:91:7e:aa:3b:
         28:2a:7c:8e:d3:22:9e:40:5a:1a:96:58:c4:42:89:99:54:08:
         83:62:39:22:c8:df:cc:6a:f7:09:19:61:91:61:01:54:5f:4b:
         8b:72:03:57:6d:dc:f5:9a:d4:16:8a:ac:a2:89:f3:c0:d0:97:
         70:d8:47:50:54:59:f3:b3:b9:88:93:b1:59:7e:a2:73:d6:7d:
         02:bf:c5:49:6f:88:90:35:c8:26:a2:9b:25:3f:44:01:39:77:
         26:fe:a3:75
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYyxajslhhCqUbEyJKQw7LNHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMxMjI4MTcxMjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODk0N2U0NDM2YzhhYTI4MTFhMDc3NTZhMjViOTA1ODI2ZGYwMTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvD/XtPNo233/U0NdvCDQsdDPhtn8
SKNb1y/hjSDx0V0NbcRSvVYuLwrN/Vo5KB5ftUDSXdr2WNg/PlhnZAsFINs88k64
GT3NtPtcrPFyQ5q6ym4XSTq+spb3OyBqhObGkCCLCBk+B+jYDV2utB3qvuqH91rq
/Dbch9WerWf5M2gQLwLBI3b+iUd2RyNjPtUPZcuIbPIxr55zFUuVmWpbT4HPaYhc
Vq7z+ldS0ol91enjmnFt+gKqGaqSJE44/PktwwqANMvM5sQNRRvxx8QYr2WLIOkc
5CCW2OKA8e78eq8mEG6gVtbrqyupiz303kPhIdkMm9eQNNRhHzL2k91XlQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJiUfkQ2yKooEaB3VqJbkFgm3wGGMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvbUpSLVJEYklxaWdSb0hkV29sdVFXQ2JmQVlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWdWDMA0G
CSqGSIb3DQEBCwUAA4IBAQAcbZtJC465V6WXQyjF2w8VZbdtm7lvbC9270PtJnf9
YkQd7lPmR73KjW1S80b3wzVUZZiWovbKlDXYvl33mx8DD4YnFiMCYy4kB8E8Xtq0
URoiE7XyJig/qsOJZ7ivu7kPFBPnNpKCjnPmyJ6/dYSAqnxnZoyiz6nmrObHIgxS
i+RxN5dI6uhyrWGfGyDTUUrgdPU2rpa2yrCEuHLiApF+qjsoKnyO0yKeQFoalljE
QomZVAiDYjkiyN/MavcJGWGRYQFUX0uLcgNXbdz1mtQWiqyiifPA0Jdw2EdQVFnz
s7mIk7FZfqJz1n0Cv8VJb4iQNcgmopslP0QBOXcm/qN1
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:17 2024 by rpki-client on console-fra.rpki-client.org