Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/r8BuYKvXc8LIqIdhAhZXehabB0s.roa
File:                     r8BuYKvXc8LIqIdhAhZXehabB0s.roa (raw, json)
Hash identifier:          oHchZzIEVtAlohQQJ+cw6vlBNf6kTKn12Sq764J8ILE=
Subject key identifier:   AF:C0:6E:60:AB:D7:73:C2:C8:A8:87:61:02:16:57:7A:16:9B:07:4B
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018BA3916353C82D072F91552A4689D52153
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/r8BuYKvXc8LIqIdhAhZXehabB0s.roa
Signing time:             Mon 06 Nov 2023 07:38:16 +0000
ROA not before:           Mon 06 Nov 2023 07:38:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     216362
IP address blocks:        89.213.181.0/24 maxlen: 24
                          89.213.147.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 21 Nov 2023 14:56:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:a3:91:63:53:c8:2d:07:2f:91:55:2a:46:89:d5:21:53
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Nov  6 07:38:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=afc06e60abd773c2c8a887610216577a169b074b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:7f:e4:ff:b4:01:0d:2b:29:2e:3d:44:9d:fc:
                    db:a7:f7:0b:d9:89:19:b3:0a:3f:bb:19:c4:aa:d7:
                    72:57:73:9f:d2:38:da:f9:44:3c:b5:e0:97:51:4a:
                    e6:2b:c7:1b:9a:c1:2a:6c:ef:33:23:cb:f7:a9:ae:
                    e0:01:7b:1e:32:8f:3f:db:18:e7:7b:59:5f:5d:b5:
                    e4:31:7c:5b:f8:3e:ab:08:9f:fe:5b:6b:73:c3:1b:
                    e7:3a:dd:47:c3:63:e1:26:b8:30:3f:6c:55:c4:63:
                    94:f0:ce:9a:ff:31:be:9d:c9:97:90:db:61:1a:cd:
                    ef:7f:70:c5:ba:5e:80:41:ac:ec:91:dc:3a:9a:ca:
                    72:06:df:e8:ba:65:4e:2c:25:c2:85:61:06:3d:39:
                    0b:78:a9:89:cc:90:65:df:2e:93:93:b5:62:9a:11:
                    b1:d1:2d:b8:61:fc:f2:19:d0:70:ce:07:75:a6:e1:
                    8b:96:ee:c2:73:78:b2:ff:08:e4:12:a1:f8:de:19:
                    f3:56:70:35:26:bd:64:f9:66:1f:a5:21:af:e2:04:
                    bd:8e:b0:6d:03:2b:b9:33:de:a8:03:cb:d5:43:96:
                    b2:60:d4:ed:7b:8a:6b:e9:5b:70:bc:8b:da:4a:b8:
                    11:08:8b:2e:1a:d7:cf:9c:3c:97:83:ff:99:c8:aa:
                    16:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:C0:6E:60:AB:D7:73:C2:C8:A8:87:61:02:16:57:7A:16:9B:07:4B
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/r8BuYKvXc8LIqIdhAhZXehabB0s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.213.147.0/24
                  89.213.181.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2c:43:19:5a:06:b1:36:11:16:9e:b1:28:52:24:5d:ef:10:de:
         8f:0c:03:10:69:e5:eb:e2:0b:b6:d9:7f:36:3a:c1:f1:a2:bf:
         ef:a4:81:60:2d:9a:96:c6:98:90:0a:38:9a:7c:da:f2:e5:ff:
         05:32:d9:da:fa:72:a4:ec:fe:55:89:3d:4c:f4:05:7f:bb:f3:
         7d:24:18:e2:5c:29:e7:d2:c1:09:9b:eb:5a:b6:90:19:ae:36:
         28:f9:93:59:b3:9e:ab:96:12:30:9c:18:84:a0:70:25:e7:d4:
         24:a3:4f:3b:ce:ae:06:07:68:41:45:0c:2e:fe:05:a2:e5:e2:
         45:dc:e2:d3:10:b6:f5:3e:6b:40:34:f7:14:47:40:7d:cb:67:
         5c:a7:2e:d9:ca:b4:df:1b:8a:3a:68:5b:ac:0f:cf:25:08:d0:
         ba:da:a6:cb:b4:e2:10:cb:59:09:80:d0:43:84:08:96:67:ad:
         c0:e6:73:5b:16:02:b7:83:02:18:9d:02:f7:56:de:e4:76:b6:
         58:65:12:5a:d1:6c:63:ef:de:3a:58:6b:42:27:99:66:58:a7:
         51:0e:cd:a2:07:0f:85:ae:89:76:ee:b8:5d:1e:99:00:76:49:
         23:0e:6f:cd:29:39:10:d6:3d:2d:99:96:d6:78:8c:6c:9f:ab:
         97:ee:95:9f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYujkWNTyC0HL5FVKkaJ1SFTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMxMTA2MDczODE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZmMwNmU2MGFiZDc3M2MyYzhhODg3NjEwMjE2NTc3YTE2OWIwNzRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw3/k/7QBDSspLj1Enfzbp/cL2YkZ
swo/uxnEqtdyV3Of0jja+UQ8teCXUUrmK8cbmsEqbO8zI8v3qa7gAXseMo8/2xjn
e1lfXbXkMXxb+D6rCJ/+W2tzwxvnOt1Hw2PhJrgwP2xVxGOU8M6a/zG+ncmXkNth
Gs3vf3DFul6AQazskdw6mspyBt/oumVOLCXChWEGPTkLeKmJzJBl3y6Tk7VimhGx
0S24YfzyGdBwzgd1puGLlu7Cc3iy/wjkEqH43hnzVnA1Jr1k+WYfpSGv4gS9jrBt
Ayu5M96oA8vVQ5ayYNTte4pr6VtwvIvaSrgRCIsuGtfPnDyXg/+ZyKoWVQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFK/AbmCr13PCyKiHYQIWV3oWmwdLMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvcjhCdVlLdlhjOExJcUlkaEFoWlhlaGFiQjBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWdWTAwQA
WdW1MA0GCSqGSIb3DQEBCwUAA4IBAQAsQxlaBrE2ERaesShSJF3vEN6PDAMQaeXr
4gu22X82OsHxor/vpIFgLZqWxpiQCjiafNry5f8FMtna+nKk7P5ViT1M9AV/u/N9
JBjiXCnn0sEJm+tatpAZrjYo+ZNZs56rlhIwnBiEoHAl59Qko087zq4GB2hBRQwu
/gWi5eJF3OLTELb1PmtANPcUR0B9y2dcpy7ZyrTfG4o6aFusD88lCNC62qbLtOIQ
y1kJgNBDhAiWZ63A5nNbFgK3gwIYnQL3Vt7kdrZYZRJa0Wxj7946WGtCJ5lmWKdR
Ds2iBw+Frol27rhdHpkAdkkjDm/NKTkQ1j0tmZbWeIxsn6uX7pWf
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:31 2024 by rpki-client on console-ams.rpki-client.org