Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/u_ufwJoLidKrG09EPwOK8jhEDqU.roa
File:                     u_ufwJoLidKrG09EPwOK8jhEDqU.roa (raw, json)
Hash identifier:          Z6/SGMIHXzxPSeTaveSsO3qXqy2S1X4TNSMZDVwfo5k=
Subject key identifier:   BB:FB:9F:C0:9A:0B:89:D2:AB:1B:4F:44:3F:03:8A:F2:38:44:0E:A5
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018B46CE4C568A28B6B28B00CF4B92B2AFEE
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/u_ufwJoLidKrG09EPwOK8jhEDqU.roa
Signing time:             Thu 19 Oct 2023 07:20:06 +0000
ROA not before:           Thu 19 Oct 2023 07:20:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     216362
IP address blocks:        89.213.181.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 06 Nov 2023 07:38:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:46:ce:4c:56:8a:28:b6:b2:8b:00:cf:4b:92:b2:af:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Oct 19 07:20:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=bbfb9fc09a0b89d2ab1b4f443f038af238440ea5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:23:d9:fc:2f:75:3c:83:5b:cf:b0:1f:7f:ed:
                    f9:ab:fa:44:76:76:ee:32:d2:1d:aa:6e:5c:5e:87:
                    da:bd:a2:b4:1c:b5:07:13:61:65:8e:81:5b:4d:0a:
                    f6:c7:34:31:05:58:a9:1d:f4:5e:c4:c1:55:eb:fc:
                    9e:0a:43:c7:a1:a1:ac:3e:4a:3f:fc:53:0a:06:06:
                    82:f7:9f:5a:87:aa:29:29:b2:7d:83:7c:9f:f2:bc:
                    0b:5c:b7:71:21:de:eb:25:79:fc:f9:38:5f:90:6f:
                    3c:b1:b2:ce:ee:c4:91:a1:0f:f1:f6:76:4a:e6:5d:
                    37:71:66:08:03:e5:18:56:f2:ef:bd:de:91:84:30:
                    41:7f:54:ae:da:70:40:6c:38:a0:5d:d6:c5:68:f3:
                    3b:f4:55:8e:2f:5e:da:8f:76:8e:b9:5e:6d:8d:8a:
                    ef:d0:56:e2:67:e2:e7:91:87:a4:af:eb:86:bd:da:
                    f6:94:ab:df:45:f0:53:cd:b1:6a:0e:21:02:9a:b9:
                    28:96:cf:f3:11:f2:ba:d6:79:0e:54:e1:3a:81:86:
                    19:fa:3f:08:7a:bf:c2:1a:95:53:e7:97:62:ad:6c:
                    e2:d4:4f:0e:c8:8f:e7:d9:d1:9c:13:a5:07:69:cb:
                    3c:14:04:77:44:20:62:38:82:5f:9e:3d:b8:a2:ef:
                    77:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:FB:9F:C0:9A:0B:89:D2:AB:1B:4F:44:3F:03:8A:F2:38:44:0E:A5
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/u_ufwJoLidKrG09EPwOK8jhEDqU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.213.181.0/24

    Signature Algorithm: sha256WithRSAEncryption
         10:f6:e0:e7:0c:cc:f3:ec:33:12:94:a3:e3:70:a6:34:5a:98:
         fe:b0:7e:01:c7:b9:86:81:81:44:00:81:9d:ce:da:b8:94:ad:
         56:ef:41:be:03:13:62:6a:cd:ab:b9:ea:7d:6a:16:ee:3d:09:
         24:b5:a7:1d:95:bb:c3:98:42:3d:b7:17:14:43:be:6e:da:8b:
         a3:03:ca:c3:51:30:14:fe:d5:1e:57:63:77:ca:4b:0c:86:7c:
         12:e6:3d:dc:43:45:a0:c7:2f:69:27:11:cf:6f:73:c6:33:49:
         f7:2e:ca:28:a5:14:d4:f0:0d:53:fa:e2:bb:44:8f:33:10:c6:
         a1:3e:5f:8a:95:92:63:cd:ab:d3:a6:9f:52:05:a6:be:50:71:
         69:7a:b8:6d:ad:e6:8b:46:9a:31:c2:48:bb:ad:07:2e:93:e4:
         ab:41:d1:19:5f:1f:1d:90:ff:50:02:29:5b:ea:bf:df:a4:27:
         c2:b8:94:35:87:a8:ee:38:bb:5e:69:ea:da:6b:bc:76:b3:f6:
         0a:25:04:03:97:89:bc:6a:27:e7:2b:aa:9d:f4:f4:20:eb:12:
         8a:47:6e:a7:62:28:97:f0:7b:e0:a7:c7:a6:ef:55:42:d6:0c:
         33:a2:f5:81:7d:9f:97:c2:c6:e4:1f:19:e1:50:50:b8:96:9d:
         d7:ae:3f:2c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYtGzkxWiii2sosAz0uSsq/uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMxMDE5MDcyMDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmZiOWZjMDlhMGI4OWQyYWIxYjRmNDQzZjAzOGFmMjM4NDQwZWE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoiPZ/C91PINbz7Aff+35q/pEdnbu
MtIdqm5cXofavaK0HLUHE2FljoFbTQr2xzQxBVipHfRexMFV6/yeCkPHoaGsPko/
/FMKBgaC959ah6opKbJ9g3yf8rwLXLdxId7rJXn8+ThfkG88sbLO7sSRoQ/x9nZK
5l03cWYIA+UYVvLvvd6RhDBBf1Su2nBAbDigXdbFaPM79FWOL17aj3aOuV5tjYrv
0FbiZ+LnkYekr+uGvdr2lKvfRfBTzbFqDiECmrkols/zEfK61nkOVOE6gYYZ+j8I
er/CGpVT55dirWzi1E8OyI/n2dGcE6UHacs8FAR3RCBiOIJfnj24ou93xwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLv7n8CaC4nSqxtPRD8DivI4RA6lMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvdV91ZndKb0xpZEtyRzA5RVB3T0s4amhFRHFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWdW1MA0G
CSqGSIb3DQEBCwUAA4IBAQAQ9uDnDMzz7DMSlKPjcKY0Wpj+sH4Bx7mGgYFEAIGd
ztq4lK1W70G+AxNias2ruep9ahbuPQkktacdlbvDmEI9txcUQ75u2oujA8rDUTAU
/tUeV2N3yksMhnwS5j3cQ0Wgxy9pJxHPb3PGM0n3LsoopRTU8A1T+uK7RI8zEMah
Pl+KlZJjzavTpp9SBaa+UHFperhtreaLRpoxwki7rQcuk+SrQdEZXx8dkP9QAilb
6r/fpCfCuJQ1h6juOLteaeraa7x2s/YKJQQDl4m8aifnK6qd9PQg6xKKR26nYiiX
8Hvgp8em71VC1gwzovWBfZ+XwsbkHxnhUFC4lp3Xrj8s
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:32 2024 by rpki-client on console-ams.rpki-client.org