Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/t8zSR0330m3MzBWj2VH_XKJ2PWE.roa
File:                     t8zSR0330m3MzBWj2VH_XKJ2PWE.roa (raw, json)
Hash identifier:          jl75LsWJeaBAvYPlvvRIdrIr1Hcod8gPc71TdSVGMrk=
Subject key identifier:   B7:CC:D2:47:4D:F7:D2:6D:CC:CC:15:A3:D9:51:FF:5C:A2:76:3D:61
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018DF9910AA18FB2B977A5F319323E725DF9
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/t8zSR0330m3MzBWj2VH_XKJ2PWE.roa
Signing time:             Fri 01 Mar 2024 10:30:48 +0000
ROA not before:           Fri 01 Mar 2024 10:30:48 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     398465
IP address blocks:        89.213.133.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Apr 2024 07:42:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:f9:91:0a:a1:8f:b2:b9:77:a5:f3:19:32:3e:72:5d:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Mar  1 10:30:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=b7ccd2474df7d26dcccc15a3d951ff5ca2763d61
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:ee:f1:fc:d8:d5:21:53:01:19:91:60:1a:c1:
                    12:0c:e3:7b:e7:f1:16:73:60:48:0a:7a:47:94:1e:
                    23:de:fa:2d:1b:e0:b0:33:ad:7b:bc:42:d7:d3:49:
                    f5:7c:50:0e:21:ca:1c:e6:51:f1:3b:68:25:2f:c5:
                    73:df:33:c3:4a:7f:8f:ce:8c:06:a3:80:8c:df:a8:
                    3d:02:ea:ed:35:12:96:f5:10:35:df:f7:87:15:58:
                    f0:17:f8:8d:60:77:f6:3a:ca:f1:80:0b:09:61:f1:
                    86:c5:a7:d7:46:3d:1b:11:c6:10:88:2b:b6:3e:dc:
                    a8:ca:da:1a:42:21:6f:bd:f6:27:64:4a:6d:39:59:
                    56:d5:df:73:c1:e1:16:7b:13:9f:83:8f:ca:52:f3:
                    dd:1d:b3:da:23:1d:21:0e:92:65:2a:07:f6:81:8a:
                    33:ec:13:cc:7d:2b:8f:26:9d:f9:18:62:b0:2e:cb:
                    be:27:79:01:a8:fa:56:ef:d3:8b:de:73:3b:6c:99:
                    01:81:b3:23:ba:88:7d:7e:bb:78:aa:75:81:07:36:
                    ab:ec:db:19:c2:2c:ca:3e:f8:0f:ee:00:f9:62:2c:
                    ce:8b:ba:98:1d:e7:65:15:e1:0c:aa:4f:84:6a:26:
                    d2:35:d2:2f:48:00:13:06:f1:38:28:f0:df:6b:bc:
                    89:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:CC:D2:47:4D:F7:D2:6D:CC:CC:15:A3:D9:51:FF:5C:A2:76:3D:61
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/t8zSR0330m3MzBWj2VH_XKJ2PWE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.213.133.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8d:61:4b:7e:64:ca:0a:66:df:89:ba:1f:22:80:d5:d1:09:90:
         cc:ef:82:8d:bf:75:96:76:3b:6b:05:5e:75:7f:7d:71:dd:04:
         ed:39:65:9f:7d:8f:96:8d:74:a9:af:a9:43:21:93:58:f3:1a:
         37:9e:a4:14:73:42:79:5d:5c:4c:d1:20:3e:25:92:c8:99:12:
         9b:0a:5d:e7:8d:01:e4:3e:48:c7:62:04:ef:2c:8b:00:61:5a:
         dd:98:aa:65:cd:cc:72:8f:d6:88:67:7b:70:9f:8d:43:45:76:
         82:0a:9e:8d:00:7a:e4:29:56:39:d9:41:61:39:82:7e:d2:fa:
         5c:6e:b0:0a:24:47:6c:6e:33:2c:16:2a:7a:42:12:af:69:fc:
         eb:ed:e4:09:0f:e7:3a:68:5a:fc:c6:34:59:a3:a0:a4:08:58:
         d2:71:07:48:a3:f8:19:82:d7:de:f1:00:81:b8:28:2f:71:62:
         5a:da:b9:dc:28:0e:2f:be:50:0d:a5:77:ad:4a:2c:41:e9:80:
         fd:00:9e:cf:8d:e5:94:dc:79:da:13:f5:da:4a:a2:3c:3c:7e:
         12:9d:f2:25:34:d9:0c:06:1f:e3:23:ee:6c:1e:84:9b:24:fe:
         7e:d9:10:50:6d:df:20:6f:7a:1f:53:47:f6:8b:fe:12:f4:f1:
         cf:31:be:9f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY35kQqhj7K5d6XzGTI+cl35MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMzAxMTAzMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2NjZDI0NzRkZjdkMjZkY2NjYzE1YTNkOTUxZmY1Y2EyNzYzZDYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7e7x/NjVIVMBGZFgGsESDON75/EW
c2BICnpHlB4j3votG+CwM617vELX00n1fFAOIcoc5lHxO2glL8Vz3zPDSn+PzowG
o4CM36g9AurtNRKW9RA13/eHFVjwF/iNYHf2OsrxgAsJYfGGxafXRj0bEcYQiCu2
PtyoytoaQiFvvfYnZEptOVlW1d9zweEWexOfg4/KUvPdHbPaIx0hDpJlKgf2gYoz
7BPMfSuPJp35GGKwLsu+J3kBqPpW79OL3nM7bJkBgbMjuoh9frt4qnWBBzar7NsZ
wizKPvgP7gD5YizOi7qYHedlFeEMqk+EaibSNdIvSAATBvE4KPDfa7yJGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLfM0kdN99JtzMwVo9lR/1yidj1hMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvdDh6U1IwMzMwbTNNekJXajJWSF9YS0oyUFdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWdWFMA0G
CSqGSIb3DQEBCwUAA4IBAQCNYUt+ZMoKZt+Juh8igNXRCZDM74KNv3WWdjtrBV51
f31x3QTtOWWffY+WjXSpr6lDIZNY8xo3nqQUc0J5XVxM0SA+JZLImRKbCl3njQHk
PkjHYgTvLIsAYVrdmKplzcxyj9aIZ3twn41DRXaCCp6NAHrkKVY52UFhOYJ+0vpc
brAKJEdsbjMsFip6QhKvafzr7eQJD+c6aFr8xjRZo6CkCFjScQdIo/gZgtfe8QCB
uCgvcWJa2rncKA4vvlANpXetSixB6YD9AJ7PjeWU3HnaE/XaSqI8PH4SnfIlNNkM
Bh/jI+5sHoSbJP5+2RBQbd8gb3ofU0f2i/4S9PHPMb6f
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:31 2024 by rpki-client on console-ams.rpki-client.org