Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/or2YC0DO6V7Z-3oHpt5Lk8_cWy4.roa
File:                     or2YC0DO6V7Z-3oHpt5Lk8_cWy4.roa (raw, json)
Hash identifier:          Gba2H433uRAY00Hs7TughthafldoHqfdXNGvd9vpfxY=
Subject key identifier:   A2:BD:98:0B:40:CE:E9:5E:D9:FB:7A:07:A6:DE:4B:93:CF:DC:5B:2E
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       0189B02E3B0D1157837C7BF139C582EDB6D1
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/or2YC0DO6V7Z-3oHpt5Lk8_cWy4.roa
Signing time:             Tue 01 Aug 2023 08:19:26 +0000
ROA not before:           Tue 01 Aug 2023 08:19:26 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     35409
IP address blocks:        89.213.179.0/24 maxlen: 24
                          89.213.175.0/24 maxlen: 24
                          109.176.241.0/24 maxlen: 24
                          109.176.242.0/24 maxlen: 24
                          89.213.159.0/24 maxlen: 24
                          109.176.248.0/24 maxlen: 24
                          109.176.250.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 01 Aug 2023 08:33:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:b0:2e:3b:0d:11:57:83:7c:7b:f1:39:c5:82:ed:b6:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Aug  1 08:19:26 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a2bd980b40cee95ed9fb7a07a6de4b93cfdc5b2e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:a9:04:9b:7f:b9:2d:48:01:cf:1d:8f:32:c9:
                    68:71:dd:fe:87:ce:bc:f7:5d:50:8e:44:59:bd:4f:
                    b6:b3:36:dc:97:65:f4:c1:f6:c1:e0:04:e8:c3:8e:
                    4e:52:ed:9c:63:b3:46:2e:ce:6e:cb:61:f6:11:92:
                    4e:c6:b0:6a:e6:96:73:ee:ce:7c:c7:e5:2d:52:ff:
                    b0:0a:e2:6e:03:a2:57:ba:5e:46:41:ac:31:46:39:
                    87:72:71:ad:4a:15:51:3a:70:93:2a:ca:e5:fa:b3:
                    15:65:8b:7b:21:60:e4:67:c6:34:44:9e:12:15:c4:
                    75:49:10:b9:36:7c:e9:3e:11:e5:a6:26:fd:02:a3:
                    06:1a:e2:22:c9:4f:82:84:ba:27:93:3b:08:6b:ba:
                    80:1b:07:6d:fa:21:fd:2f:86:aa:d7:23:bb:32:f3:
                    1c:d8:0e:a3:1e:e8:16:a2:89:a6:79:4b:15:22:14:
                    ee:1f:ee:7f:81:be:c1:79:47:04:c4:89:39:06:db:
                    86:c5:df:f3:16:fd:df:49:9d:61:21:d9:a1:d7:c9:
                    96:f1:8c:5a:06:95:30:e3:5b:f8:6f:f6:1f:71:b2:
                    0e:b6:c6:60:78:56:e6:6a:80:bc:be:38:35:ec:4d:
                    b7:83:6a:f5:a2:7f:02:26:61:65:4a:91:28:aa:9c:
                    4a:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:BD:98:0B:40:CE:E9:5E:D9:FB:7A:07:A6:DE:4B:93:CF:DC:5B:2E
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/or2YC0DO6V7Z-3oHpt5Lk8_cWy4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.213.159.0/24
                  89.213.175.0/24
                  89.213.179.0/24
                  109.176.241.0-109.176.242.255
                  109.176.248.0/24
                  109.176.250.0/24

    Signature Algorithm: sha256WithRSAEncryption
         31:54:2d:3e:ec:6d:77:2c:d9:64:c3:bb:66:c6:cf:30:ae:5f:
         be:c1:d9:ce:4f:6f:40:4a:0b:1e:af:f9:dc:86:cf:87:26:bc:
         9d:8a:33:5a:1b:17:67:73:9f:1d:0c:bf:b0:07:b0:bf:f7:fb:
         ef:34:a3:f1:37:a1:9c:af:4a:a6:c3:99:06:58:be:23:65:a6:
         82:f5:25:92:ee:1a:61:9d:b3:71:ae:ea:ff:9b:23:2c:94:f5:
         c6:93:e2:7e:f8:2f:37:8c:53:e9:4d:a5:d3:39:11:e4:6b:97:
         1d:9c:70:da:b2:9e:36:f5:d6:30:aa:c3:01:ca:55:3f:ce:d9:
         be:e9:68:d8:7c:f0:ec:6c:42:52:f9:5a:01:7b:0d:35:47:47:
         37:cf:3a:b7:6e:44:2b:41:ba:b1:23:e7:62:bc:c4:3c:53:c7:
         2e:5a:02:d2:c9:39:79:bc:c7:3f:f3:bd:a2:43:7a:63:63:8f:
         f7:88:d8:9a:f6:cd:e4:6f:34:0e:fc:61:af:e5:ba:e9:65:88:
         e3:58:28:c1:7c:da:58:d2:3e:29:22:e1:ae:37:ac:b0:45:53:
         6f:d1:8a:80:38:7a:24:77:a3:89:12:ba:23:7d:83:fc:25:81:
         17:e6:db:ec:e2:4c:5a:d4:ad:72:48:9f:4e:0d:d1:19:a9:fa:
         16:e2:6a:c9
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYmwLjsNEVeDfHvxOcWC7bbRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwODAxMDgxOTI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmJkOTgwYjQwY2VlOTVlZDlmYjdhMDdhNmRlNGI5M2NmZGM1YjJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl6kEm3+5LUgBzx2PMslocd3+h868
911QjkRZvU+2szbcl2X0wfbB4ATow45OUu2cY7NGLs5uy2H2EZJOxrBq5pZz7s58
x+UtUv+wCuJuA6JXul5GQawxRjmHcnGtShVROnCTKsrl+rMVZYt7IWDkZ8Y0RJ4S
FcR1SRC5NnzpPhHlpib9AqMGGuIiyU+ChLonkzsIa7qAGwdt+iH9L4aq1yO7MvMc
2A6jHugWoommeUsVIhTuH+5/gb7BeUcExIk5BtuGxd/zFv3fSZ1hIdmh18mW8Yxa
BpUw41v4b/YfcbIOtsZgeFbmaoC8vjg17E23g2r1on8CJmFlSpEoqpxKpwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFKK9mAtAzule2ft6B6beS5PP3FsuMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvb3IyWUMwRE82VjdaLTNvSHB0NUxrOF9jV3k0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQAWdWfAwQA
WdWvAwQAWdWzMAwDBABtsPEDBABtsPIDBABtsPgDBABtsPowDQYJKoZIhvcNAQEL
BQADggEBADFULT7sbXcs2WTDu2bGzzCuX77B2c5Pb0BKCx6v+dyGz4cmvJ2KM1ob
F2dznx0Mv7AHsL/3++80o/E3oZyvSqbDmQZYviNlpoL1JZLuGmGds3Gu6v+bIyyU
9caT4n74LzeMU+lNpdM5EeRrlx2ccNqynjb11jCqwwHKVT/O2b7paNh88OxsQlL5
WgF7DTVHRzfPOrduRCtBurEj52K8xDxTxy5aAtLJOXm8xz/zvaJDemNjj/eI2Jr2
zeRvNA78Ya/luulliONYKMF82ljSPiki4a43rLBFU2/RioA4eiR3o4kSuiN9g/wl
gRfm2+ziTFrUrXJIn04N0Rmp+hbiask=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:17 2024 by rpki-client on console-fra.rpki-client.org