Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/oDk8znsgDMuLnRWTY4HakKjtkeY.roa
File:                     oDk8znsgDMuLnRWTY4HakKjtkeY.roa (raw, json)
Hash identifier:          1GvWQhKGF60RQjWnUTmfXHPTUiCOAEyZyIQB5rU1Bo4=
Subject key identifier:   A0:39:3C:CE:7B:20:0C:CB:8B:9D:15:93:63:81:DA:90:A8:ED:91:E6
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018E51ED236BDEF79E57994ED293720682DF
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/oDk8znsgDMuLnRWTY4HakKjtkeY.roa
Signing time:             Mon 18 Mar 2024 14:17:59 +0000
ROA not before:           Mon 18 Mar 2024 14:17:59 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     63150
IP address blocks:        89.213.150.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 21 Mar 2024 15:55:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:51:ed:23:6b:de:f7:9e:57:99:4e:d2:93:72:06:82:df
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Mar 18 14:17:59 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=a0393cce7b200ccb8b9d15936381da90a8ed91e6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:af:db:af:a0:bd:d1:95:c5:e1:0e:bc:ad:00:
                    f9:fb:43:86:3b:ae:57:91:a8:9d:ff:1c:07:6f:6d:
                    3c:14:27:fd:d1:57:6f:6a:95:14:96:d3:0f:80:53:
                    38:4a:c0:c1:2f:fb:88:b2:9c:a5:95:f9:0c:cc:53:
                    c3:ec:b5:f5:68:04:ee:cf:c1:6d:2a:06:43:7a:11:
                    0b:43:00:c8:79:74:09:9c:5b:37:f2:45:24:4b:a0:
                    b9:20:e8:52:69:00:db:76:52:1b:9c:d6:71:2d:60:
                    a9:42:f7:9d:62:9f:9f:55:57:38:b7:12:4a:e1:56:
                    29:45:05:f6:33:a5:cb:b1:b3:d5:ea:ed:c3:1d:79:
                    bc:1e:d6:b6:cd:c9:3b:f0:94:00:2c:e3:0a:db:c9:
                    0b:e3:c6:d1:18:bd:27:7f:82:d0:e2:3f:64:94:cb:
                    8a:b4:3e:81:21:e9:a7:bc:fe:ad:35:bc:4e:7f:5d:
                    9d:0d:37:1e:5d:c5:fe:46:5b:76:8d:9b:fe:35:0b:
                    e1:a5:71:ec:d2:f4:6e:07:e6:83:19:bc:a9:34:53:
                    1c:8b:50:e7:43:17:35:6d:a3:c6:89:46:b6:22:8d:
                    b8:2d:59:5b:0b:16:6c:40:19:0b:bb:d9:cf:05:d9:
                    f7:a6:66:14:39:8b:15:3f:3a:2d:14:20:c5:50:15:
                    79:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:39:3C:CE:7B:20:0C:CB:8B:9D:15:93:63:81:DA:90:A8:ED:91:E6
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/oDk8znsgDMuLnRWTY4HakKjtkeY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.213.150.0/24

    Signature Algorithm: sha256WithRSAEncryption
         93:b7:70:7f:f3:fc:11:34:53:09:1d:24:10:1e:cd:de:8b:46:
         75:6d:61:5a:25:5a:d3:3f:06:b8:85:39:59:a8:b9:b9:b2:a0:
         5e:12:69:16:9f:97:0e:36:17:fe:d9:49:ac:c7:44:56:6b:24:
         a4:b0:6d:24:98:e5:b8:98:cc:21:13:d3:d1:ec:a4:01:ac:65:
         1d:a0:68:e7:8d:b1:88:44:c8:73:b4:50:ce:9f:47:82:f4:a2:
         0b:73:43:e9:d8:81:6a:88:93:eb:1f:94:f6:24:fe:9c:1c:c7:
         df:24:71:2a:ae:ae:4d:bc:c6:ac:71:74:2a:1c:85:29:94:a2:
         de:e7:be:5f:f7:f6:86:2e:d7:83:0c:ac:bd:03:44:26:70:49:
         62:78:9f:b1:01:59:60:65:45:46:74:8b:c6:1a:5d:16:57:98:
         1f:35:79:20:98:63:79:5d:e0:42:d1:06:a7:d2:9e:9d:39:64:
         82:9c:64:14:b8:f2:77:47:fc:ef:1e:a0:df:81:5f:27:a2:c8:
         68:9d:5b:bf:ac:14:e6:e3:b6:4a:5f:3f:4f:ef:78:4b:be:62:
         c9:dd:3a:75:04:73:5a:b6:3c:0c:f9:b3:4d:d4:be:21:37:70:
         2b:ed:f1:6a:bc:35:09:cf:e5:25:a2:2c:43:21:69:7c:8b:c9:
         cd:98:54:58
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY5R7SNr3veeV5lO0pNyBoLfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMzE4MTQxNzU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDM5M2NjZTdiMjAwY2NiOGI5ZDE1OTM2MzgxZGE5MGE4ZWQ5MWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk6/br6C90ZXF4Q68rQD5+0OGO65X
kaid/xwHb208FCf90VdvapUUltMPgFM4SsDBL/uIspyllfkMzFPD7LX1aATuz8Ft
KgZDehELQwDIeXQJnFs38kUkS6C5IOhSaQDbdlIbnNZxLWCpQvedYp+fVVc4txJK
4VYpRQX2M6XLsbPV6u3DHXm8Hta2zck78JQALOMK28kL48bRGL0nf4LQ4j9klMuK
tD6BIemnvP6tNbxOf12dDTceXcX+Rlt2jZv+NQvhpXHs0vRuB+aDGbypNFMci1Dn
Qxc1baPGiUa2Io24LVlbCxZsQBkLu9nPBdn3pmYUOYsVPzotFCDFUBV5twIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKA5PM57IAzLi50Vk2OB2pCo7ZHmMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvb0RrOHpuc2dETXVMblJXVFk0SGFrS2p0a2VZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWdWWMA0G
CSqGSIb3DQEBCwUAA4IBAQCTt3B/8/wRNFMJHSQQHs3ei0Z1bWFaJVrTPwa4hTlZ
qLm5sqBeEmkWn5cONhf+2Umsx0RWaySksG0kmOW4mMwhE9PR7KQBrGUdoGjnjbGI
RMhztFDOn0eC9KILc0Pp2IFqiJPrH5T2JP6cHMffJHEqrq5NvMascXQqHIUplKLe
575f9/aGLteDDKy9A0QmcElieJ+xAVlgZUVGdIvGGl0WV5gfNXkgmGN5XeBC0Qan
0p6dOWSCnGQUuPJ3R/zvHqDfgV8noshonVu/rBTm47ZKXz9P73hLvmLJ3Tp1BHNa
tjwM+bNN1L4hN3Ar7fFqvDUJz+UloixDIWl8i8nNmFRY
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:17 2024 by rpki-client on console-fra.rpki-client.org