Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/pJB_rTsbehmTYD90fYbx9y772xE.roa
File:                     pJB_rTsbehmTYD90fYbx9y772xE.roa (raw, json)
Hash identifier:          VSAMZzhpz1oT+5CcQ+FK1YGgSUtbSG11h7xODc1AYY4=
Subject key identifier:   A4:90:7F:AD:3B:1B:7A:19:93:60:3F:74:7D:86:F1:F7:2E:FB:DB:11
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018D30AE658B31CA5AC74712B7C8E9FDC885
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/pJB_rTsbehmTYD90fYbx9y772xE.roa
Signing time:             Mon 22 Jan 2024 10:19:12 +0000
ROA not before:           Mon 22 Jan 2024 10:19:12 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     23470
IP address blocks:        89.213.164.0/24 maxlen: 24
                          89.213.172.0/24 maxlen: 24
                          89.213.173.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 23 Jan 2024 11:02:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:30:ae:65:8b:31:ca:5a:c7:47:12:b7:c8:e9:fd:c8:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jan 22 10:19:12 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=a4907fad3b1b7a1993603f747d86f1f72efbdb11
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:67:7f:cf:30:bf:e6:0c:2f:bd:de:6d:ec:4b:
                    c1:0d:bb:45:2c:89:51:13:e2:17:cb:4c:e0:03:4d:
                    d2:a3:39:69:a6:19:4f:b9:0f:66:eb:ef:ef:f2:08:
                    07:4c:4f:0f:3e:e9:f1:f4:c9:79:48:58:e7:f7:22:
                    8e:0c:d6:16:e0:1b:55:21:75:d8:2d:44:46:e6:86:
                    53:48:0b:ec:b8:66:a1:15:53:43:16:86:7c:f7:53:
                    a3:d5:73:b3:e5:81:21:ee:de:a4:21:e0:aa:f7:7d:
                    35:a4:b8:6c:f5:fb:e2:02:dc:8c:85:45:b4:f2:ae:
                    f1:6e:a4:4c:70:bc:17:f9:a3:30:2e:c1:cc:57:2e:
                    8d:3e:c4:f1:3d:0f:e9:c0:c9:0c:1f:2c:e2:06:8d:
                    f5:cb:7d:54:6e:c2:b7:5a:6b:5f:09:6b:64:c8:02:
                    65:f8:72:1b:d0:88:79:72:45:a6:04:d4:16:b3:e5:
                    a7:97:81:d9:ca:76:ba:50:f0:f3:ea:73:74:bc:e1:
                    d5:bd:07:af:c3:e0:80:ef:80:c7:6b:80:7f:e1:60:
                    80:ef:d0:63:76:c7:e1:37:08:90:a5:89:58:05:92:
                    15:f2:4c:58:a3:b6:0a:66:85:15:30:2f:9b:ec:ba:
                    2b:68:62:29:2e:d7:92:7d:74:a8:51:a6:00:9b:ca:
                    d8:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:90:7F:AD:3B:1B:7A:19:93:60:3F:74:7D:86:F1:F7:2E:FB:DB:11
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/pJB_rTsbehmTYD90fYbx9y772xE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.213.164.0/24
                  89.213.172.0/23

    Signature Algorithm: sha256WithRSAEncryption
         5d:9a:f5:61:f2:53:6f:04:13:05:ee:0b:8f:9a:f4:e8:4e:5d:
         33:91:58:4e:57:b3:ed:71:ff:48:71:79:47:12:13:e0:69:7f:
         cf:08:03:41:6b:d9:25:2c:fc:88:52:a9:e9:d9:e1:75:6b:9c:
         0e:e2:06:70:92:12:87:7d:1b:a8:c5:91:26:17:57:ed:53:51:
         ca:52:81:bb:b0:84:50:f5:05:c1:68:c0:c4:00:e8:44:f9:7e:
         a8:51:c3:bd:86:74:8f:e2:e7:b2:ee:0e:94:f5:b5:a5:85:76:
         18:c5:bf:1c:23:ae:e7:5e:aa:0b:b2:34:f2:8c:32:71:97:9d:
         5d:b1:75:a8:3d:00:05:18:e5:b6:a3:38:89:bf:a9:25:e9:8c:
         ac:ff:b2:7c:46:f8:71:fe:c7:c6:9f:62:2c:3e:60:a3:c8:47:
         10:4f:20:5c:5e:1e:82:96:53:e4:c2:ff:8b:b4:32:1d:1c:db:
         d0:6f:d1:c8:38:e5:f9:da:40:77:ec:3a:30:a0:64:57:f1:04:
         43:29:87:95:28:6c:ee:30:3e:37:fb:c2:22:0a:a9:68:ef:64:
         57:2a:fd:43:c1:3c:89:95:54:87:29:71:57:05:b8:d3:2b:f0:
         5a:29:d1:2b:95:a5:4a:2f:1b:58:69:69:89:8c:23:64:a1:5a:
         a8:53:95:07
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY0wrmWLMcpax0cSt8jp/ciFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMTIyMTAxOTEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDkwN2ZhZDNiMWI3YTE5OTM2MDNmNzQ3ZDg2ZjFmNzJlZmJkYjExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi2d/zzC/5gwvvd5t7EvBDbtFLIlR
E+IXy0zgA03SozlpphlPuQ9m6+/v8ggHTE8PPunx9Ml5SFjn9yKODNYW4BtVIXXY
LURG5oZTSAvsuGahFVNDFoZ891Oj1XOz5YEh7t6kIeCq9301pLhs9fviAtyMhUW0
8q7xbqRMcLwX+aMwLsHMVy6NPsTxPQ/pwMkMHyziBo31y31UbsK3WmtfCWtkyAJl
+HIb0Ih5ckWmBNQWs+Wnl4HZyna6UPDz6nN0vOHVvQevw+CA74DHa4B/4WCA79Bj
dsfhNwiQpYlYBZIV8kxYo7YKZoUVMC+b7LoraGIpLteSfXSoUaYAm8rYMwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKSQf607G3oZk2A/dH2G8fcu+9sRMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvcEpCX3JUc2JlaG1UWUQ5MGZZYng5eTc3MnhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWdWkAwQB
WdWsMA0GCSqGSIb3DQEBCwUAA4IBAQBdmvVh8lNvBBMF7guPmvToTl0zkVhOV7Pt
cf9IcXlHEhPgaX/PCANBa9klLPyIUqnp2eF1a5wO4gZwkhKHfRuoxZEmF1ftU1HK
UoG7sIRQ9QXBaMDEAOhE+X6oUcO9hnSP4uey7g6U9bWlhXYYxb8cI67nXqoLsjTy
jDJxl51dsXWoPQAFGOW2oziJv6kl6Yys/7J8Rvhx/sfGn2IsPmCjyEcQTyBcXh6C
llPkwv+LtDIdHNvQb9HIOOX52kB37DowoGRX8QRDKYeVKGzuMD43+8IiCqlo72RX
Kv1DwTyJlVSHKXFXBbjTK/BaKdErlaVKLxtYaWmJjCNkoVqoU5UH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:17 2024 by rpki-client on console-fra.rpki-client.org