Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/tND_sNXwGa6m4lTRN-VfPp9Mzhw.roa
File:                     tND_sNXwGa6m4lTRN-VfPp9Mzhw.roa (raw, json)
Hash identifier:          UzfWVib0KUFiD+k9nDzquwPSeIFc9Mm3xsYRudThZ1k=
Subject key identifier:   B4:D0:FF:B0:D5:F0:19:AE:A6:E2:54:D1:37:E5:5F:3E:9F:4C:CE:1C
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018CC3495A734CAEFCFF04808A4E8EA27925
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/tND_sNXwGa6m4lTRN-VfPp9Mzhw.roa
Signing time:             Mon 01 Jan 2024 04:30:13 +0000
ROA not before:           Mon 01 Jan 2024 04:30:13 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     197624
IP address blocks:        89.213.169.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 19 Jan 2024 09:12:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:49:5a:73:4c:ae:fc:ff:04:80:8a:4e:8e:a2:79:25
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jan  1 04:30:13 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=b4d0ffb0d5f019aea6e254d137e55f3e9f4cce1c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:e0:00:c9:bb:2a:4f:13:93:d1:a7:6d:aa:72:
                    ab:05:63:b8:97:b5:7e:81:13:18:86:c2:85:43:fc:
                    77:81:b0:1b:ca:73:d1:dd:4e:cb:e7:5a:e7:ed:5b:
                    09:25:4b:c4:47:f8:fa:b3:03:fe:0b:23:9e:9f:04:
                    6b:64:07:23:13:90:bf:f5:6e:4f:78:e1:6b:9c:93:
                    23:c2:a0:8e:5c:5f:03:08:71:cc:9d:54:0f:ba:51:
                    18:32:7d:cf:59:5d:63:cd:ab:ce:6e:a5:c3:ce:56:
                    3d:79:b2:e8:6b:57:d2:ba:40:f4:65:fe:b4:e8:5d:
                    f9:78:8c:f2:18:87:fc:1e:5d:d9:42:7f:13:7e:ff:
                    fd:09:aa:36:d6:ca:c7:aa:3f:50:cc:d2:9e:82:ff:
                    79:39:3d:13:f6:a0:bb:30:ce:47:53:94:fd:02:49:
                    b5:81:7d:53:4c:53:97:f9:26:bd:3d:5d:bf:3e:bd:
                    1f:17:d8:d0:8d:d6:98:bc:ca:63:c7:cc:c6:c9:ef:
                    02:8c:8e:70:60:6c:56:7e:71:5e:1c:e2:3f:29:56:
                    33:94:d1:d7:58:3e:f7:1e:5a:12:60:6f:9f:ce:f8:
                    84:a5:25:d6:78:2d:72:fb:c4:72:81:54:63:dc:1f:
                    48:cd:27:7c:8b:7c:3f:f4:62:ab:15:55:85:a1:74:
                    5e:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:D0:FF:B0:D5:F0:19:AE:A6:E2:54:D1:37:E5:5F:3E:9F:4C:CE:1C
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/tND_sNXwGa6m4lTRN-VfPp9Mzhw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.213.169.0/24

    Signature Algorithm: sha256WithRSAEncryption
         67:69:c9:ad:07:5a:d4:45:7f:f1:99:0d:3e:b3:fa:40:f5:79:
         52:2b:50:27:71:c2:cb:5d:51:47:12:c2:7c:7b:d0:a6:4e:fe:
         18:ef:e5:49:14:05:ce:df:bb:4d:73:e6:e7:60:bf:0b:b7:13:
         38:07:23:77:2a:1f:10:bd:9e:83:00:48:91:35:37:8b:b1:0d:
         08:10:15:03:46:70:a3:f5:34:e9:6c:97:84:57:6c:43:c0:61:
         3e:9d:c5:8d:ef:46:f8:88:23:fe:b1:4f:bd:77:70:64:0b:a2:
         ca:1d:86:ec:c8:79:68:a8:d4:e0:e1:6f:2f:b9:7d:55:f2:21:
         38:6f:c6:b8:9e:f5:ee:f6:ae:a5:4e:3c:c1:bf:7c:c3:75:4f:
         c5:42:da:4e:9b:f1:a1:94:24:ee:46:59:39:a3:5e:29:8d:e8:
         18:df:f8:b1:e1:d8:29:c8:8a:03:e3:79:a2:27:89:ed:e4:72:
         a7:8f:ff:6f:10:c2:26:4d:81:db:f9:a3:6c:2e:14:8b:e7:97:
         d6:51:31:e4:3c:1e:df:8d:a7:1a:bd:8f:83:6a:6a:8f:ff:53:
         43:f1:1f:d0:ec:09:87:8b:4d:9b:4d:74:62:f2:04:40:57:50:
         54:b6:42:dd:27:68:5c:00:00:49:53:c6:bb:bc:ed:2b:e7:4e:
         33:4a:df:03
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSVpzTK78/wSAik6OonklMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMTAxMDQzMDEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGQwZmZiMGQ1ZjAxOWFlYTZlMjU0ZDEzN2U1NWYzZTlmNGNjZTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkeAAybsqTxOT0adtqnKrBWO4l7V+
gRMYhsKFQ/x3gbAbynPR3U7L51rn7VsJJUvER/j6swP+CyOenwRrZAcjE5C/9W5P
eOFrnJMjwqCOXF8DCHHMnVQPulEYMn3PWV1jzavObqXDzlY9ebLoa1fSukD0Zf60
6F35eIzyGIf8Hl3ZQn8Tfv/9Cao21srHqj9QzNKegv95OT0T9qC7MM5HU5T9Akm1
gX1TTFOX+Sa9PV2/Pr0fF9jQjdaYvMpjx8zGye8CjI5wYGxWfnFeHOI/KVYzlNHX
WD73HloSYG+fzviEpSXWeC1y+8RygVRj3B9IzSd8i3w/9GKrFVWFoXRedwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLTQ/7DV8BmupuJU0TflXz6fTM4cMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvdE5EX3NOWHdHYTZtNGxUUk4tVmZQcDlNemh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWdWpMA0G
CSqGSIb3DQEBCwUAA4IBAQBnacmtB1rURX/xmQ0+s/pA9XlSK1AnccLLXVFHEsJ8
e9CmTv4Y7+VJFAXO37tNc+bnYL8LtxM4ByN3Kh8QvZ6DAEiRNTeLsQ0IEBUDRnCj
9TTpbJeEV2xDwGE+ncWN70b4iCP+sU+9d3BkC6LKHYbsyHloqNTg4W8vuX1V8iE4
b8a4nvXu9q6lTjzBv3zDdU/FQtpOm/GhlCTuRlk5o14pjegY3/ix4dgpyIoD43mi
J4nt5HKnj/9vEMImTYHb+aNsLhSL55fWUTHkPB7fjacavY+DamqP/1ND8R/Q7AmH
i02bTXRi8gRAV1BUtkLdJ2hcAABJU8a7vO0r504zSt8D
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:31 2024 by rpki-client on console-ams.rpki-client.org