Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/tviMF_75I21wakJ9HTfQN0BKHCM.roa
File:                     tviMF_75I21wakJ9HTfQN0BKHCM.roa (raw, json)
Hash identifier:          7/RwiKv1xcF63z16epg8EcDWRsael7J35cpy6AqgXzg=
Subject key identifier:   B6:F8:8C:17:FE:F9:23:6D:70:6A:42:7D:1D:37:D0:37:40:4A:1C:23
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018CC3494D0BFFD309BA60954384556234C9
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/tviMF_75I21wakJ9HTfQN0BKHCM.roa
Signing time:             Mon 01 Jan 2024 04:30:10 +0000
ROA not before:           Mon 01 Jan 2024 04:30:10 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     20473
IP address blocks:        89.213.176.0/24 maxlen: 24
                          89.213.183.0/24 maxlen: 24
                          81.5.189.0/24 maxlen: 24
                          82.153.65.0/24 maxlen: 24
                          89.213.152.0/24 maxlen: 24
                          82.152.49.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 25 Mar 2024 14:50:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:49:4d:0b:ff:d3:09:ba:60:95:43:84:55:62:34:c9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jan  1 04:30:10 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=b6f88c17fef9236d706a427d1d37d037404a1c23
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:08:77:51:9e:4e:dc:d7:0e:d0:22:f6:16:14:
                    88:30:6c:96:ea:68:5a:9a:66:7f:99:2e:5c:80:a9:
                    56:27:58:69:0a:91:40:73:42:e5:3e:df:a3:27:09:
                    11:70:76:43:c4:98:c2:3f:29:cf:de:b4:3f:b7:3e:
                    77:6d:04:86:1d:8b:df:af:f3:53:6f:d0:e6:96:21:
                    9d:22:9b:32:cd:2b:d9:b8:dd:3e:de:06:f9:e3:15:
                    30:16:44:71:29:87:1d:e9:3c:ff:2f:4d:ca:bd:8a:
                    45:2d:45:83:33:29:84:61:28:0e:fc:5e:1e:b7:ae:
                    1a:c0:e4:64:df:04:f7:69:ae:ea:e2:bc:1d:f3:9c:
                    92:4a:00:53:ab:b4:ed:4e:c4:a3:13:97:10:9d:c2:
                    08:46:dd:f3:1f:5f:97:1e:09:7f:32:a8:da:80:dc:
                    dc:ae:bf:6c:9f:fa:af:51:9f:79:5a:7a:bb:bc:b8:
                    eb:9a:c8:9c:5b:32:04:83:da:6b:b9:da:32:4b:cb:
                    dc:04:d4:54:e1:26:d8:5c:6f:fd:67:88:b0:19:50:
                    cd:e8:23:f4:ef:d4:d4:dc:8a:35:0f:66:b1:11:b3:
                    de:d5:8a:ee:8a:ac:27:65:c4:e1:8c:54:a9:40:25:
                    92:da:50:d9:e4:6d:93:26:5d:cb:f6:c0:c2:1f:3f:
                    e8:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:F8:8C:17:FE:F9:23:6D:70:6A:42:7D:1D:37:D0:37:40:4A:1C:23
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/tviMF_75I21wakJ9HTfQN0BKHCM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.5.189.0/24
                  82.152.49.0/24
                  82.153.65.0/24
                  89.213.152.0/24
                  89.213.176.0/24
                  89.213.183.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5d:b8:34:af:28:3f:77:df:76:7a:df:10:04:9d:a3:58:7e:a1:
         d4:e2:4c:83:54:0a:89:05:7c:ca:c1:e4:ae:6e:eb:fa:93:17:
         6f:1f:d5:e9:f2:88:92:49:b4:a6:5b:d4:51:3d:f6:59:3f:74:
         69:8c:4f:43:1d:4d:01:9d:17:aa:97:63:59:a7:6e:88:a8:3c:
         cf:d5:86:dc:e5:ed:99:60:36:ae:59:55:63:9c:8e:00:7c:bf:
         06:97:f9:84:87:91:07:f1:8e:1b:55:08:e4:1f:97:28:10:d7:
         6f:92:7d:ff:f9:ab:92:20:f9:a7:4d:19:de:7f:9d:6a:4d:a3:
         fb:04:3e:38:94:bb:b3:e3:f2:e2:f5:8f:ba:62:2b:e3:e6:76:
         fc:23:35:f3:a1:cc:6f:91:b9:d1:97:8d:3e:02:fd:bd:19:50:
         cd:c4:da:f1:a9:df:fa:2f:b6:21:af:33:2f:a5:24:40:ec:3c:
         52:08:ca:48:c6:4e:c6:88:4e:74:b4:16:ef:cb:c2:53:78:e3:
         08:5a:4c:cc:80:d9:72:b4:b2:18:2c:8b:f6:12:0a:4a:80:fa:
         4c:e2:36:af:5e:da:43:27:cf:93:01:13:36:f8:eb:82:51:b3:
         5e:f7:e9:f1:33:20:34:64:e0:b6:49:58:ed:59:c5:92:d6:ec:
         1c:c6:23:4c
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzDSU0L/9MJumCVQ4RVYjTJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMTAxMDQzMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmY4OGMxN2ZlZjkyMzZkNzA2YTQyN2QxZDM3ZDAzNzQwNGExYzIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgwh3UZ5O3NcO0CL2FhSIMGyW6mha
mmZ/mS5cgKlWJ1hpCpFAc0LlPt+jJwkRcHZDxJjCPynP3rQ/tz53bQSGHYvfr/NT
b9DmliGdIpsyzSvZuN0+3gb54xUwFkRxKYcd6Tz/L03KvYpFLUWDMymEYSgO/F4e
t64awORk3wT3aa7q4rwd85ySSgBTq7TtTsSjE5cQncIIRt3zH1+XHgl/MqjagNzc
rr9sn/qvUZ95Wnq7vLjrmsicWzIEg9prudoyS8vcBNRU4SbYXG/9Z4iwGVDN6CP0
79TU3Io1D2axEbPe1YruiqwnZcThjFSpQCWS2lDZ5G2TJl3L9sDCHz/oEQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFLb4jBf++SNtcGpCfR030DdAShwjMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvdHZpTUZfNzVJMjF3YWtKOUhUZlFOMEJLSENNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAUQW9AwQA
UpgxAwQAUplBAwQAWdWYAwQAWdWwAwQAWdW3MA0GCSqGSIb3DQEBCwUAA4IBAQBd
uDSvKD9333Z63xAEnaNYfqHU4kyDVAqJBXzKweSubuv6kxdvH9Xp8oiSSbSmW9RR
PfZZP3RpjE9DHU0BnReql2NZp26IqDzP1Ybc5e2ZYDauWVVjnI4AfL8Gl/mEh5EH
8Y4bVQjkH5coENdvkn3/+auSIPmnTRnef51qTaP7BD44lLuz4/Li9Y+6Yivj5nb8
IzXzocxvkbnRl40+Av29GVDNxNrxqd/6L7YhrzMvpSRA7DxSCMpIxk7GiE50tBbv
y8JTeOMIWkzMgNlytLIYLIv2EgpKgPpM4javXtpDJ8+TARM2+OuCUbNe9+nxMyA0
ZOC2SVjtWcWS1uwcxiNM
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:32 2024 by rpki-client on console-ams.rpki-client.org