Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/reBtZdmJIKZKv4BAjYo-DKy26AY.roa
File:                     reBtZdmJIKZKv4BAjYo-DKy26AY.roa (raw, json)
Hash identifier:          NntgX0yhx3drlt4KXbL16+QEH/re6ZP6rs5sH0pkNuQ=
Subject key identifier:   AD:E0:6D:65:D9:89:20:A6:4A:BF:80:40:8D:8A:3E:0C:AC:B6:E8:06
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       0189BAB17200674FADD6B7161FC0FB336029
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/reBtZdmJIKZKv4BAjYo-DKy26AY.roa
Signing time:             Thu 03 Aug 2023 09:18:58 +0000
ROA not before:           Thu 03 Aug 2023 09:18:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     397563
IP address blocks:        89.213.177.0/24 maxlen: 24
                          89.213.183.0/24 maxlen: 24
                          109.176.214.0/24 maxlen: 24
                          89.213.148.0/24 maxlen: 24
                          89.213.149.0/24 maxlen: 24
                          89.213.44.0/24 maxlen: 24
                          89.213.42.0/24 maxlen: 24
                          89.213.45.0/24 maxlen: 24
                          89.213.160.0/24 maxlen: 24
                          82.153.221.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 07 Aug 2023 07:14:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:ba:b1:72:00:67:4f:ad:d6:b7:16:1f:c0:fb:33:60:29
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Aug  3 09:18:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ade06d65d98920a64abf80408d8a3e0cacb6e806
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:4e:67:cd:fb:7f:a1:b8:75:c7:2f:2d:41:3b:
                    ed:0f:ae:7d:08:74:15:ce:8b:19:6b:73:23:84:6f:
                    1f:b6:01:c1:83:2d:6a:fa:8b:09:98:73:2e:85:f8:
                    66:73:6e:f4:13:bd:29:bb:1c:7f:16:35:f4:b9:73:
                    5e:30:d1:4e:e8:98:ae:2e:2b:c5:e4:94:13:40:bc:
                    41:f2:20:e5:9b:30:6b:dd:2a:c4:8d:a6:15:66:46:
                    4d:f2:af:79:d4:9a:04:98:03:5d:1c:7b:42:97:2f:
                    00:1e:e3:d9:a8:44:33:ea:ed:22:30:90:38:6e:23:
                    eb:01:c7:dc:91:89:45:7f:b4:83:9e:54:ff:7e:fa:
                    79:63:4d:7c:80:aa:2b:b9:fa:42:b3:a6:bd:31:bc:
                    4f:72:fb:a0:30:42:d4:5a:0a:bc:ed:6a:24:18:9f:
                    69:d9:7a:bc:6a:85:18:f7:a7:60:75:ac:c5:f9:7a:
                    70:d1:4f:94:75:a5:a7:29:4d:e4:8f:a1:0e:79:5a:
                    1f:7b:e0:73:e7:9d:2b:a7:96:c1:17:fc:2b:09:2b:
                    cb:b0:e8:df:6c:8b:50:b9:08:86:f5:67:d0:e5:18:
                    d2:0d:6f:10:29:07:39:b4:85:3a:d5:fd:3e:e5:a0:
                    c3:04:8c:0c:ec:26:39:ba:03:42:29:5d:ad:ef:80:
                    75:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:E0:6D:65:D9:89:20:A6:4A:BF:80:40:8D:8A:3E:0C:AC:B6:E8:06
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/reBtZdmJIKZKv4BAjYo-DKy26AY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.221.0/24
                  89.213.42.0/24
                  89.213.44.0/23
                  89.213.148.0/23
                  89.213.160.0/24
                  89.213.177.0/24
                  89.213.183.0/24
                  109.176.214.0/24

    Signature Algorithm: sha256WithRSAEncryption
         71:96:08:7f:b3:85:56:b0:e7:9b:c4:2d:0c:25:a1:8a:04:4d:
         82:ed:10:68:11:14:02:6f:f1:12:39:c5:83:dc:1f:df:4d:2f:
         80:02:7a:c1:29:4e:49:63:66:1e:80:7e:0c:17:58:67:d9:85:
         c7:88:00:3c:1d:12:b1:77:e4:32:32:1e:62:cc:77:2c:31:67:
         3a:07:a7:f3:02:3a:a5:59:23:d0:89:a2:8b:32:d3:ea:ba:0b:
         36:b6:29:60:1f:ad:21:a8:04:ca:1f:9a:5c:8c:73:00:93:b0:
         14:42:43:de:7f:0f:6e:95:f1:f9:63:0b:b3:1e:eb:84:0f:c9:
         1b:b8:3a:62:a7:6a:15:6d:19:85:bb:79:92:08:c5:40:9d:27:
         67:be:ad:de:8f:35:21:bb:91:bc:bd:87:7c:27:d7:74:d8:a1:
         e3:a8:d1:85:0c:7b:81:65:9c:23:30:e9:91:05:4b:88:29:fb:
         b0:c6:d2:06:99:9a:f7:e6:fe:77:30:ba:46:ec:d9:40:fc:85:
         2a:e0:3e:95:90:dd:af:a2:53:7d:2c:2c:ad:e8:2b:54:d5:33:
         cc:03:f2:42:b0:2f:c2:e8:82:2a:75:fb:04:ce:b7:d0:02:92:
         1e:0e:de:b0:73:b3:88:3f:e6:61:d4:cd:29:37:9b:d4:91:81:
         76:e2:9a:78
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYm6sXIAZ0+t1rcWH8D7M2ApMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwODAzMDkxODU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGUwNmQ2NWQ5ODkyMGE2NGFiZjgwNDA4ZDhhM2UwY2FjYjZlODA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyE5nzft/obh1xy8tQTvtD659CHQV
zosZa3MjhG8ftgHBgy1q+osJmHMuhfhmc270E70puxx/FjX0uXNeMNFO6JiuLivF
5JQTQLxB8iDlmzBr3SrEjaYVZkZN8q951JoEmANdHHtCly8AHuPZqEQz6u0iMJA4
biPrAcfckYlFf7SDnlT/fvp5Y018gKorufpCs6a9MbxPcvugMELUWgq87WokGJ9p
2Xq8aoUY96dgdazF+Xpw0U+UdaWnKU3kj6EOeVofe+Bz550rp5bBF/wrCSvLsOjf
bItQuQiG9WfQ5RjSDW8QKQc5tIU61f0+5aDDBIwM7CY5ugNCKV2t74B1yQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFK3gbWXZiSCmSr+AQI2KPgystugGMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvcmVCdFpkbUpJS1pLdjRCQWpZby1ES3kyNkFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAUpndAwQA
WdUqAwQBWdUsAwQBWdWUAwQAWdWgAwQAWdWxAwQAWdW3AwQAbbDWMA0GCSqGSIb3
DQEBCwUAA4IBAQBxlgh/s4VWsOebxC0MJaGKBE2C7RBoERQCb/ESOcWD3B/fTS+A
AnrBKU5JY2YegH4MF1hn2YXHiAA8HRKxd+QyMh5izHcsMWc6B6fzAjqlWSPQiaKL
MtPqugs2tilgH60hqATKH5pcjHMAk7AUQkPefw9ulfH5YwuzHuuED8kbuDpip2oV
bRmFu3mSCMVAnSdnvq3ejzUhu5G8vYd8J9d02KHjqNGFDHuBZZwjMOmRBUuIKfuw
xtIGmZr35v53MLpG7NlA/IUq4D6VkN2volN9LCyt6CtU1TPMA/JCsC/C6IIqdfsE
zrfQApIeDt6wc7OIP+Zh1M0pN5vUkYF24pp4
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:31 2024 by rpki-client on console-ams.rpki-client.org