Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/uvm_S5twAvLVv08Z_4zQrm5sPGE.roa
File:                     uvm_S5twAvLVv08Z_4zQrm5sPGE.roa (raw, json)
Hash identifier:          URZ4OOfRYdLRMt/ZxaE/f1Id14Inq1rPB4rXLs/EHCQ=
Subject key identifier:   BA:F9:BF:4B:9B:70:02:F2:D5:BF:4F:19:FF:8C:D0:AE:6E:6C:3C:61
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018AD576CD2847A26881499AA5701EEF455E
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/uvm_S5twAvLVv08Z_4zQrm5sPGE.roa
Signing time:             Wed 27 Sep 2023 07:07:27 +0000
ROA not before:           Wed 27 Sep 2023 07:07:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     43260
IP address blocks:        89.213.42.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 10 Oct 2023 15:57:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:d5:76:cd:28:47:a2:68:81:49:9a:a5:70:1e:ef:45:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Sep 27 07:07:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=baf9bf4b9b7002f2d5bf4f19ff8cd0ae6e6c3c61
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:e2:27:5e:71:09:aa:9b:86:50:59:1b:7a:19:
                    be:8b:51:97:b6:41:14:9b:bd:f3:2a:24:5c:35:48:
                    64:aa:b4:eb:ef:1a:aa:ad:46:0e:9b:19:3a:12:63:
                    76:a1:cd:59:51:74:fe:80:6d:67:85:23:e4:8d:84:
                    48:d5:e0:a8:27:02:e9:51:ee:5b:5e:17:a8:2d:3e:
                    89:94:8b:66:d1:8d:b8:8d:cf:a6:3c:e0:d0:be:8c:
                    a0:83:a8:e7:8f:01:db:9f:32:29:99:51:7e:54:6a:
                    28:ce:af:17:42:2e:63:73:5b:d0:fc:81:d4:ea:18:
                    92:6d:d4:f1:bd:20:eb:11:e3:0a:66:e5:13:62:c9:
                    04:33:d0:e6:da:b0:3b:13:14:f2:d6:11:6d:47:c1:
                    d9:c1:00:b9:ba:dd:f3:1d:9e:11:66:3b:37:25:84:
                    aa:a9:43:f3:18:d6:04:fa:35:9b:79:18:e1:bc:91:
                    f8:a2:bf:ea:4d:09:47:3b:1a:e4:38:43:31:8f:a4:
                    95:21:22:70:06:54:73:06:75:54:e6:2a:27:9e:5f:
                    55:6d:13:90:0a:6b:90:d6:5f:b6:6a:4e:9d:bb:98:
                    2b:2f:f5:1f:35:ef:76:c3:dc:5c:00:71:f8:27:ac:
                    e2:54:5f:5b:07:c4:9d:9e:1a:ce:26:29:68:3b:93:
                    41:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:F9:BF:4B:9B:70:02:F2:D5:BF:4F:19:FF:8C:D0:AE:6E:6C:3C:61
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/uvm_S5twAvLVv08Z_4zQrm5sPGE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.213.42.0/24

    Signature Algorithm: sha256WithRSAEncryption
         74:ef:96:d5:b4:df:2d:45:d7:fa:9d:dc:7b:45:5d:96:a0:b7:
         37:ce:c6:72:13:c2:35:91:49:2b:48:ef:4e:b7:9b:85:d5:09:
         2d:14:bd:82:8a:3c:c3:48:ef:c0:c2:38:38:0c:0c:7f:c9:de:
         db:af:fa:60:25:75:23:d6:4e:0b:d4:b3:e5:b2:e2:38:e8:ed:
         55:c5:b9:47:c5:1d:13:84:be:da:c8:7a:f0:5b:88:be:b6:c8:
         65:43:6f:e5:d4:f8:f8:71:ce:04:78:03:84:36:07:f7:a2:bc:
         dd:c2:f3:f9:0f:50:76:5b:31:ba:ca:aa:a0:ef:04:09:f7:bf:
         2b:db:99:03:0b:24:85:08:af:37:72:e5:ec:5a:a0:9b:ba:66:
         4f:4d:65:ba:07:23:6f:a2:e2:89:49:51:fc:17:7a:9c:82:24:
         c7:e6:fe:36:6f:10:58:ee:32:82:cc:c8:d9:f0:9b:4a:1b:3e:
         d7:24:30:f3:59:da:16:e4:29:4f:10:c6:9f:9a:b3:40:5e:38:
         a8:18:26:4e:23:48:9c:68:5d:bb:d4:1d:3a:46:3d:38:40:78:
         25:84:b9:ed:f3:b4:d5:87:dd:04:ba:a4:23:ed:b4:64:3e:09:
         16:29:b1:8e:52:42:30:7e:50:e9:10:44:82:67:96:fa:eb:d2:
         c6:f5:7d:69
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYrVds0oR6JogUmapXAe70VeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwOTI3MDcwNzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWY5YmY0YjliNzAwMmYyZDViZjRmMTlmZjhjZDBhZTZlNmMzYzYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiOInXnEJqpuGUFkbehm+i1GXtkEU
m73zKiRcNUhkqrTr7xqqrUYOmxk6EmN2oc1ZUXT+gG1nhSPkjYRI1eCoJwLpUe5b
XheoLT6JlItm0Y24jc+mPODQvoygg6jnjwHbnzIpmVF+VGoozq8XQi5jc1vQ/IHU
6hiSbdTxvSDrEeMKZuUTYskEM9Dm2rA7ExTy1hFtR8HZwQC5ut3zHZ4RZjs3JYSq
qUPzGNYE+jWbeRjhvJH4or/qTQlHOxrkOEMxj6SVISJwBlRzBnVU5ionnl9VbROQ
CmuQ1l+2ak6du5grL/UfNe92w9xcAHH4J6ziVF9bB8SdnhrOJiloO5NBkQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLr5v0ubcALy1b9PGf+M0K5ubDxhMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvdXZtX1M1dHdBdkxWdjA4Wl80elFybTVzUEdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWdUqMA0G
CSqGSIb3DQEBCwUAA4IBAQB075bVtN8tRdf6ndx7RV2WoLc3zsZyE8I1kUkrSO9O
t5uF1QktFL2CijzDSO/Awjg4DAx/yd7br/pgJXUj1k4L1LPlsuI46O1VxblHxR0T
hL7ayHrwW4i+tshlQ2/l1Pj4cc4EeAOENgf3orzdwvP5D1B2WzG6yqqg7wQJ978r
25kDCySFCK83cuXsWqCbumZPTWW6ByNvouKJSVH8F3qcgiTH5v42bxBY7jKCzMjZ
8JtKGz7XJDDzWdoW5ClPEMafmrNAXjioGCZOI0icaF271B06Rj04QHglhLnt87TV
h90EuqQj7bRkPgkWKbGOUkIwflDpEESCZ5b669LG9X1p
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:18 2024 by rpki-client on console-fra.rpki-client.org