Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/pbznm0VsV9lZKsEefBXwUBicFog.roa
File:                     pbznm0VsV9lZKsEefBXwUBicFog.roa (raw, json)
Hash identifier:          yjqL6Z8XUg4AVBRiCEDD/xbjt5vB3HpqaB16eFYd3pY=
Subject key identifier:   A5:BC:E7:9B:45:6C:57:D9:59:2A:C1:1E:7C:15:F0:50:18:9C:16:88
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018BFB65EA03036195053C5FF6ECB69DE954
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/pbznm0VsV9lZKsEefBXwUBicFog.roa
Signing time:             Thu 23 Nov 2023 08:57:22 +0000
ROA not before:           Thu 23 Nov 2023 08:57:22 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     57974
IP address blocks:        89.213.178.0/24 maxlen: 24
                          89.213.181.0/24 maxlen: 24
                          89.213.147.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 21 Dec 2023 10:19:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:fb:65:ea:03:03:61:95:05:3c:5f:f6:ec:b6:9d:e9:54
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Nov 23 08:57:22 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a5bce79b456c57d9592ac11e7c15f050189c1688
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:c4:52:3f:7f:3f:52:6e:b8:23:22:20:ad:96:
                    1b:a5:b4:f0:b2:9d:53:ee:9f:3e:24:fc:35:e7:16:
                    ac:8c:d5:80:a9:a3:47:4d:dd:45:53:bd:4f:7a:22:
                    94:9a:bb:6e:e2:12:56:b3:91:1f:3c:e1:e5:44:23:
                    72:3f:56:71:8b:66:a6:4a:f1:6c:f1:00:db:df:e3:
                    0f:7d:a5:26:27:59:56:33:37:c1:07:e0:e9:72:8b:
                    b5:00:64:6c:1f:2b:d7:a8:65:f4:4b:64:0f:10:ed:
                    e3:68:91:24:90:42:d2:9e:3a:a0:19:35:70:99:9f:
                    61:47:df:c3:60:f7:f8:c7:af:fa:6d:65:46:29:75:
                    88:1b:a4:43:2f:2e:6b:23:d2:ff:1b:2d:9c:6c:04:
                    ed:4c:24:d2:67:d0:55:9f:93:60:6b:84:7e:79:39:
                    58:53:eb:0d:b8:7f:84:ee:da:e9:2d:50:44:7e:cc:
                    b7:49:63:08:31:d8:f0:e5:88:b3:ce:79:5f:b4:9b:
                    82:81:59:f9:b4:61:e9:d8:a6:24:1b:94:1d:8c:b1:
                    b1:aa:93:ac:f9:00:ae:28:d7:84:f4:00:43:2a:8a:
                    04:b3:35:9f:35:a6:3b:4e:dc:f7:00:37:7d:24:a5:
                    14:94:73:10:c1:12:7a:79:5c:e5:0c:cf:1e:b7:13:
                    19:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:BC:E7:9B:45:6C:57:D9:59:2A:C1:1E:7C:15:F0:50:18:9C:16:88
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/pbznm0VsV9lZKsEefBXwUBicFog.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.213.147.0/24
                  89.213.178.0/24
                  89.213.181.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a0:bb:fb:cd:9d:cb:be:5e:10:5d:7a:43:7f:b0:8d:08:4e:4f:
         bb:51:83:1d:c6:f0:85:c2:fb:71:0e:b7:9f:88:dd:1d:70:42:
         1e:0e:ce:92:87:5c:ff:1f:f7:9a:e7:cb:a3:b4:bf:c6:00:f3:
         4d:d5:a9:2a:52:4e:af:1e:cf:48:88:e8:e2:65:99:62:fd:47:
         77:73:19:e2:67:db:15:9e:12:92:c5:63:00:25:fe:aa:5b:e4:
         59:5e:88:57:c9:79:f0:70:63:9b:88:c6:e3:47:5d:cf:1c:8a:
         99:36:20:66:e1:f5:69:3e:a3:ae:39:51:f5:e5:9e:c1:5b:8d:
         7d:e6:77:4a:5e:71:77:37:62:4f:21:b1:8c:cb:7d:c7:d9:2c:
         99:d0:2b:68:c6:73:87:3b:3e:01:ee:54:b9:71:96:d0:27:19:
         8e:70:36:87:ed:d9:86:68:06:3d:4d:71:88:e4:b4:09:28:94:
         2f:9a:83:68:f9:85:e0:a4:32:1a:84:29:bb:a0:a4:61:23:fd:
         e4:e9:f6:a4:84:60:9a:68:8a:84:16:56:fa:29:36:31:bb:06:
         b8:2f:6e:1c:f9:f1:64:7a:40:24:32:7f:8d:86:53:a3:16:23:
         e4:41:05:26:bf:92:a2:bf:af:b4:b7:86:3c:e7:ae:f7:56:94:
         1b:7d:e6:f7
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYv7ZeoDA2GVBTxf9uy2nelUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMxMTIzMDg1NzIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWJjZTc5YjQ1NmM1N2Q5NTkyYWMxMWU3YzE1ZjA1MDE4OWMxNjg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAosRSP38/Um64IyIgrZYbpbTwsp1T
7p8+JPw15xasjNWAqaNHTd1FU71PeiKUmrtu4hJWs5EfPOHlRCNyP1Zxi2amSvFs
8QDb3+MPfaUmJ1lWMzfBB+Dpcou1AGRsHyvXqGX0S2QPEO3jaJEkkELSnjqgGTVw
mZ9hR9/DYPf4x6/6bWVGKXWIG6RDLy5rI9L/Gy2cbATtTCTSZ9BVn5Nga4R+eTlY
U+sNuH+E7trpLVBEfsy3SWMIMdjw5YizznlftJuCgVn5tGHp2KYkG5QdjLGxqpOs
+QCuKNeE9ABDKooEszWfNaY7Ttz3ADd9JKUUlHMQwRJ6eVzlDM8etxMZSQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKW855tFbFfZWSrBHnwV8FAYnBaIMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvcGJ6bm0wVnNWOWxaS3NFZWZCWHdVQmljRm9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWdWTAwQA
WdWyAwQAWdW1MA0GCSqGSIb3DQEBCwUAA4IBAQCgu/vNncu+XhBdekN/sI0ITk+7
UYMdxvCFwvtxDrefiN0dcEIeDs6Sh1z/H/ea58ujtL/GAPNN1akqUk6vHs9IiOji
ZZli/Ud3cxniZ9sVnhKSxWMAJf6qW+RZXohXyXnwcGObiMbjR13PHIqZNiBm4fVp
PqOuOVH15Z7BW4195ndKXnF3N2JPIbGMy33H2SyZ0CtoxnOHOz4B7lS5cZbQJxmO
cDaH7dmGaAY9TXGI5LQJKJQvmoNo+YXgpDIahCm7oKRhI/3k6fakhGCaaIqEFlb6
KTYxuwa4L24c+fFkekAkMn+NhlOjFiPkQQUmv5Kiv6+0t4Y85673VpQbfeb3
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:18 2024 by rpki-client on console-fra.rpki-client.org