Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/qjFt4Cx6fpVO5r_MaDm_HknBym8.roa
File:                     qjFt4Cx6fpVO5r_MaDm_HknBym8.roa (raw, json)
Hash identifier:          70cY/6FAPteyhRgItZulAiV4m8QMi4oasxQCEy5gBZU=
Subject key identifier:   AA:31:6D:E0:2C:7A:7E:95:4E:E6:BF:CC:68:39:BF:1E:49:C1:CA:6F
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018E0E07E18F0446C5282136232343C0B8E4
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/qjFt4Cx6fpVO5r_MaDm_HknBym8.roa
Signing time:             Tue 05 Mar 2024 09:53:01 +0000
ROA not before:           Tue 05 Mar 2024 09:53:01 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     216075
IP address blocks:        89.213.140.0/24 maxlen: 24
                          89.213.144.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 02 May 2024 07:53:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:0e:07:e1:8f:04:46:c5:28:21:36:23:23:43:c0:b8:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Mar  5 09:53:01 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=aa316de02c7a7e954ee6bfcc6839bf1e49c1ca6f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:89:37:c1:af:a9:95:42:ec:b9:28:a1:c0:09:
                    85:45:a5:9b:ed:1d:37:42:a0:5c:f3:14:2d:ef:bc:
                    d6:28:5d:cd:d6:b2:f5:32:30:a0:0c:2b:ec:1c:ac:
                    7c:0b:f9:cb:0c:a8:1d:5b:de:2d:c1:f9:ea:9e:c0:
                    67:d7:63:3d:87:91:56:f2:b2:3c:23:21:f0:43:f4:
                    4b:60:ef:e4:2b:1e:98:df:a6:a6:e3:b1:ef:e0:0c:
                    18:8f:43:d8:d0:59:b2:27:0c:69:3e:48:34:e7:1c:
                    88:54:96:28:43:e7:7c:c0:36:60:b1:e0:4f:7b:f8:
                    ef:7e:7e:cc:70:18:93:5a:0d:56:87:a5:8f:a0:af:
                    56:01:b6:67:c7:fc:42:f4:a7:84:c6:d6:3b:92:36:
                    6a:fa:d7:dc:d6:44:8f:2a:b9:9b:1b:13:be:41:b4:
                    74:82:b2:78:9f:40:4a:f7:12:aa:93:04:fb:14:3b:
                    f2:93:c1:2e:6f:04:01:80:2a:a6:59:94:0a:d6:c3:
                    46:02:d9:03:db:a8:c2:05:ce:37:45:f1:c8:76:83:
                    fa:2c:7c:e5:43:e3:bf:a8:31:a9:d2:63:7c:66:8e:
                    2d:fe:aa:9c:0f:d5:f7:df:f3:29:6a:8f:6a:25:32:
                    59:69:08:2a:60:6d:a9:d4:71:9f:98:f5:dc:1e:66:
                    6f:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:31:6D:E0:2C:7A:7E:95:4E:E6:BF:CC:68:39:BF:1E:49:C1:CA:6F
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/qjFt4Cx6fpVO5r_MaDm_HknBym8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.213.140.0/24
                  89.213.144.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4c:28:28:eb:af:bc:90:4c:71:ba:96:ec:60:e3:3a:46:b5:a3:
         67:f8:b0:a6:3f:dc:34:0a:30:cf:fa:d1:14:9d:6f:cc:66:22:
         42:dc:e5:70:9f:64:00:70:c8:9e:41:80:81:aa:3d:d6:93:98:
         1f:cf:6d:4d:7d:82:7a:55:65:af:f4:ca:bf:87:6d:eb:91:4b:
         6c:6a:ff:42:b2:ac:3d:69:09:e2:6c:84:87:2d:b4:8e:25:a3:
         09:fb:86:57:c7:00:e0:4d:48:ae:4c:cb:75:a9:cf:71:5a:74:
         b1:62:d5:e8:ea:8e:3a:bf:d8:10:c4:86:0b:56:6c:6b:d5:be:
         43:04:f7:1e:fa:58:7d:66:48:5d:ca:06:84:66:46:56:f0:58:
         5c:d7:82:21:12:d0:c5:b5:1c:e7:a6:56:83:e5:ae:11:75:38:
         2a:45:dd:12:40:68:f8:30:0a:ba:b0:99:cc:b6:69:39:6b:a1:
         13:cd:96:c2:11:60:54:50:8c:60:57:df:b6:dc:27:a8:a4:94:
         04:ff:7a:e9:b6:3b:40:e3:2f:6a:47:56:e0:d7:95:d3:40:8a:
         27:0a:9c:69:b3:05:41:4a:17:2a:6b:ff:0c:24:fc:1f:ae:d4:
         9f:d5:87:dc:8f:c1:06:21:1d:56:99:82:5c:87:da:fe:c8:a4:
         6e:95:ed:24
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY4OB+GPBEbFKCE2IyNDwLjkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMzA1MDk1MzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTMxNmRlMDJjN2E3ZTk1NGVlNmJmY2M2ODM5YmYxZTQ5YzFjYTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiok3wa+plULsuSihwAmFRaWb7R03
QqBc8xQt77zWKF3N1rL1MjCgDCvsHKx8C/nLDKgdW94twfnqnsBn12M9h5FW8rI8
IyHwQ/RLYO/kKx6Y36am47Hv4AwYj0PY0FmyJwxpPkg05xyIVJYoQ+d8wDZgseBP
e/jvfn7McBiTWg1Wh6WPoK9WAbZnx/xC9KeExtY7kjZq+tfc1kSPKrmbGxO+QbR0
grJ4n0BK9xKqkwT7FDvyk8EubwQBgCqmWZQK1sNGAtkD26jCBc43RfHIdoP6LHzl
Q+O/qDGp0mN8Zo4t/qqcD9X33/Mpao9qJTJZaQgqYG2p1HGfmPXcHmZvvQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKoxbeAsen6VTua/zGg5vx5JwcpvMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvcWpGdDRDeDZmcFZPNXJfTWFEbV9Ia25CeW04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWdWMAwQA
WdWQMA0GCSqGSIb3DQEBCwUAA4IBAQBMKCjrr7yQTHG6luxg4zpGtaNn+LCmP9w0
CjDP+tEUnW/MZiJC3OVwn2QAcMieQYCBqj3Wk5gfz21NfYJ6VWWv9Mq/h23rkUts
av9Csqw9aQnibISHLbSOJaMJ+4ZXxwDgTUiuTMt1qc9xWnSxYtXo6o46v9gQxIYL
Vmxr1b5DBPce+lh9ZkhdygaEZkZW8Fhc14IhEtDFtRznplaD5a4RdTgqRd0SQGj4
MAq6sJnMtmk5a6ETzZbCEWBUUIxgV9+23CeopJQE/3rptjtA4y9qR1bg15XTQIon
CpxpswVBShcqa/8MJPwfrtSf1Yfcj8EGIR1WmYJch9r+yKRule0k
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:31 2024 by rpki-client on console-ams.rpki-client.org