Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/sGxAEIrZysSX8bt_sEzddO_k1zU.roa
File:                     sGxAEIrZysSX8bt_sEzddO_k1zU.roa (raw, json)
Hash identifier:          aF3cmT7oPj2EqV0713aqLZIPqb7FYwkdMjLwpuuaIPk=
Subject key identifier:   B0:6C:40:10:8A:D9:CA:C4:97:F1:BB:7F:B0:4C:DD:74:EF:E4:D7:35
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018930F85CD6C9E72A8B83BD5204293B2826
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/sGxAEIrZysSX8bt_sEzddO_k1zU.roa
Signing time:             Fri 07 Jul 2023 15:28:50 +0000
ROA not before:           Fri 07 Jul 2023 15:28:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     29802
IP address blocks:        89.213.161.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 18 Dec 2023 09:18:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:30:f8:5c:d6:c9:e7:2a:8b:83:bd:52:04:29:3b:28:26
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jul  7 15:28:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b06c40108ad9cac497f1bb7fb04cdd74efe4d735
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:dd:77:21:23:94:61:b8:6c:ea:f1:a5:51:f6:
                    70:2c:dc:92:7d:dc:35:7d:38:3f:aa:ce:f5:0e:e5:
                    37:85:e2:76:61:6e:75:f5:f3:d1:55:6d:d0:ea:fa:
                    0b:8e:9c:92:19:ef:1f:21:dd:64:59:74:6c:d8:02:
                    7a:a0:7b:07:16:18:79:33:d1:93:96:86:cd:35:a1:
                    47:d5:85:72:ed:d3:27:e3:6f:fe:73:8c:5e:ea:a6:
                    c5:2c:09:ed:c4:1c:75:90:1f:aa:b3:93:92:d0:0c:
                    65:c7:da:a5:ad:52:6d:ce:00:3b:47:c2:8f:21:3b:
                    8c:5d:9e:ea:07:e3:f7:66:02:0b:2c:81:88:ea:de:
                    a8:74:79:5f:3f:bf:d6:6d:04:a0:79:7e:f8:41:67:
                    7a:7f:77:d5:e8:aa:b5:5a:d3:a6:2c:16:9b:93:e7:
                    74:39:7e:a1:59:6a:b3:12:be:36:ed:08:0b:be:e5:
                    09:05:f5:ef:a1:62:81:9a:6b:96:6b:0b:1c:0c:b3:
                    1f:3f:00:08:22:66:21:aa:9f:8f:9e:5f:c5:83:63:
                    24:ed:3e:b6:42:f7:c9:34:1c:e7:55:47:d1:67:79:
                    16:c8:4c:62:96:94:f7:1e:51:dc:14:47:f5:4f:e2:
                    5c:90:3f:5f:33:ad:af:a8:6d:90:3b:ed:b9:1f:b0:
                    f2:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:6C:40:10:8A:D9:CA:C4:97:F1:BB:7F:B0:4C:DD:74:EF:E4:D7:35
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/sGxAEIrZysSX8bt_sEzddO_k1zU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.213.161.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1f:2c:89:7d:9a:0e:e1:6d:64:15:4c:5c:f6:f8:8a:32:0c:47:
         e0:9f:03:38:24:d8:af:41:0b:9c:49:2e:3b:a8:75:dc:f1:2d:
         52:c3:65:fa:f9:4d:5a:2c:a4:ab:aa:1c:31:97:00:75:b7:25:
         40:f7:01:8d:dd:a9:cd:70:5d:2d:d1:c9:5e:e3:8a:d2:22:65:
         69:b0:24:28:de:1e:da:f3:f0:52:f2:b7:90:54:60:e4:a4:9a:
         03:f8:8e:31:28:86:28:d5:9b:21:09:71:c1:ec:74:f2:70:4b:
         ab:a6:4d:16:69:02:23:b2:46:57:0f:78:e9:15:a1:68:bb:08:
         a5:c1:f0:7d:94:5b:17:07:ba:18:2d:ad:38:fa:39:2d:d2:2f:
         4a:31:71:d0:9f:72:39:3b:6f:c0:9a:ef:7b:2d:90:f3:b2:e6:
         7f:f6:70:a3:b3:83:cb:a1:c9:a9:40:af:ef:12:14:20:42:4f:
         48:73:77:5b:5e:67:a6:3f:cb:23:df:35:38:b6:e4:7e:f7:a7:
         23:0e:2a:ad:9d:43:75:d8:43:34:49:65:30:c0:18:b4:a1:69:
         3a:4a:31:1b:28:13:2e:b5:8b:b0:9d:6c:be:25:90:fa:09:de:
         a6:96:4a:0b:69:b6:cb:d5:ea:c0:c6:d8:f7:98:40:f3:17:b5:
         a6:f4:62:81
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYkw+FzWyecqi4O9UgQpOygmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNzA3MTUyODUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDZjNDAxMDhhZDljYWM0OTdmMWJiN2ZiMDRjZGQ3NGVmZTRkNzM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArd13ISOUYbhs6vGlUfZwLNySfdw1
fTg/qs71DuU3heJ2YW519fPRVW3Q6voLjpySGe8fId1kWXRs2AJ6oHsHFhh5M9GT
lobNNaFH1YVy7dMn42/+c4xe6qbFLAntxBx1kB+qs5OS0Axlx9qlrVJtzgA7R8KP
ITuMXZ7qB+P3ZgILLIGI6t6odHlfP7/WbQSgeX74QWd6f3fV6Kq1WtOmLBabk+d0
OX6hWWqzEr427QgLvuUJBfXvoWKBmmuWawscDLMfPwAIImYhqp+Pnl/Fg2Mk7T62
QvfJNBznVUfRZ3kWyExilpT3HlHcFEf1T+JckD9fM62vqG2QO+25H7DyowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLBsQBCK2crEl/G7f7BM3XTv5Nc1MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvc0d4QUVJclp5c1NYOGJ0X3NFemRkT19rMXpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWdWhMA0G
CSqGSIb3DQEBCwUAA4IBAQAfLIl9mg7hbWQVTFz2+IoyDEfgnwM4JNivQQucSS47
qHXc8S1Sw2X6+U1aLKSrqhwxlwB1tyVA9wGN3anNcF0t0cle44rSImVpsCQo3h7a
8/BS8reQVGDkpJoD+I4xKIYo1ZshCXHB7HTycEurpk0WaQIjskZXD3jpFaFouwil
wfB9lFsXB7oYLa04+jkt0i9KMXHQn3I5O2/Amu97LZDzsuZ/9nCjs4PLocmpQK/v
EhQgQk9Ic3dbXmemP8sj3zU4tuR+96cjDiqtnUN12EM0SWUwwBi0oWk6SjEbKBMu
tYuwnWy+JZD6Cd6mlkoLabbL1erAxtj3mEDzF7Wm9GKB
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:31 2024 by rpki-client on console-ams.rpki-client.org