Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/v9QxlH70mMhCO9oek6iiFXWyMPA.roa
File:                     v9QxlH70mMhCO9oek6iiFXWyMPA.roa (raw, json)
Hash identifier:          Wmed7GYxjbu9tNwV3rSo9NdRj5tfeItYlTi5Ukjs5W8=
Subject key identifier:   BF:D4:31:94:7E:F4:98:C8:42:3B:DA:1E:93:A8:A2:15:75:B2:30:F0
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018B42CBFDBC7017BC809ADD40E99FB4D8D1
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/v9QxlH70mMhCO9oek6iiFXWyMPA.roa
Signing time:             Wed 18 Oct 2023 12:39:06 +0000
ROA not before:           Wed 18 Oct 2023 12:39:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     32167
IP address blocks:        89.213.179.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 27 Nov 2023 23:07:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:42:cb:fd:bc:70:17:bc:80:9a:dd:40:e9:9f:b4:d8:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Oct 18 12:39:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=bfd431947ef498c8423bda1e93a8a21575b230f0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:7d:95:c1:10:76:f0:6e:13:85:68:44:e8:7b:
                    ae:a9:a2:07:4d:8b:84:9d:38:4e:4e:38:05:96:f5:
                    fc:ec:fc:b6:08:cf:58:ca:73:28:3c:88:e8:4e:be:
                    5f:e9:69:d8:e6:b6:85:5e:dd:1c:5c:1f:35:1c:d5:
                    bb:88:09:76:d0:a8:fc:52:8d:67:1c:bb:46:8e:98:
                    b9:13:fb:65:21:22:6d:51:be:6e:d7:d5:5e:25:83:
                    cc:9c:6a:b3:6d:79:51:1c:37:dd:8d:e2:f6:dd:3e:
                    43:d0:dd:54:a1:b7:39:16:99:93:2b:c9:f1:0a:6e:
                    ff:f9:2f:eb:3d:61:5a:b6:e1:1d:3f:9d:6e:ce:73:
                    65:81:d3:c3:87:1d:74:84:d0:f4:17:24:5f:03:89:
                    24:94:d8:b4:20:2f:b0:90:af:76:5e:f4:69:ae:1a:
                    b0:9f:e7:b0:6d:82:26:ea:02:01:e7:7d:1e:ea:7f:
                    09:3a:af:10:2c:6e:a1:9d:56:23:ee:af:02:0b:77:
                    ec:29:df:36:9e:bb:e3:83:3f:c5:72:bc:d6:58:22:
                    f3:4b:99:15:78:c1:7d:c7:fc:a4:11:f3:34:64:a8:
                    3b:93:5d:7a:f5:c7:18:35:aa:1a:5b:ae:6c:9d:ce:
                    4b:bd:af:95:0d:f5:91:ac:fb:b0:d2:7e:3a:21:7f:
                    48:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:D4:31:94:7E:F4:98:C8:42:3B:DA:1E:93:A8:A2:15:75:B2:30:F0
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/v9QxlH70mMhCO9oek6iiFXWyMPA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.213.179.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5f:21:f4:e6:0b:27:32:e0:5b:df:59:2f:96:e4:80:e5:79:24:
         76:cb:0d:32:2e:44:32:1f:b0:6c:69:19:c9:83:cd:61:b1:b5:
         36:95:18:b6:6f:e0:b8:ae:b1:94:b4:5d:05:b4:eb:ef:0e:cc:
         4c:33:75:3b:68:22:7c:05:52:0e:27:a6:56:f4:80:21:07:de:
         05:12:c9:9b:03:d5:bc:77:16:e0:4b:df:0c:58:69:27:ae:a9:
         2e:71:ee:a2:f2:c5:0f:57:a4:54:39:4a:13:bd:71:dd:7f:86:
         6d:0d:6b:94:2a:6d:1b:02:37:26:b8:4c:69:d7:9c:ab:eb:27:
         af:4a:e7:9b:ff:0c:c1:6b:ec:47:66:6f:fc:92:9c:25:42:64:
         68:66:e6:4a:b1:57:b3:f0:17:fb:45:22:bd:ca:0a:a9:19:43:
         bc:c2:1c:8b:1a:7f:0f:52:4f:b0:3f:0c:a9:93:0b:43:f7:10:
         33:18:ab:96:25:b8:fa:af:12:ca:4e:29:24:d1:1b:04:f2:ac:
         51:79:56:43:9c:e8:6c:00:1c:0e:51:0c:58:0b:24:c5:88:b0:
         db:34:83:88:3b:78:2c:5f:b5:eb:de:dd:64:eb:23:b6:42:f9:
         b9:e6:85:29:02:9d:a4:4f:ba:8a:7b:1d:26:3f:ff:aa:f6:79:
         3e:c5:fc:b8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYtCy/28cBe8gJrdQOmftNjRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMxMDE4MTIzOTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZmQ0MzE5NDdlZjQ5OGM4NDIzYmRhMWU5M2E4YTIxNTc1YjIzMGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzH2VwRB28G4ThWhE6HuuqaIHTYuE
nThOTjgFlvX87Py2CM9YynMoPIjoTr5f6WnY5raFXt0cXB81HNW7iAl20Kj8Uo1n
HLtGjpi5E/tlISJtUb5u19VeJYPMnGqzbXlRHDfdjeL23T5D0N1Uobc5FpmTK8nx
Cm7/+S/rPWFatuEdP51uznNlgdPDhx10hND0FyRfA4kklNi0IC+wkK92XvRprhqw
n+ewbYIm6gIB530e6n8JOq8QLG6hnVYj7q8CC3fsKd82nrvjgz/FcrzWWCLzS5kV
eMF9x/ykEfM0ZKg7k1169ccYNaoaW65snc5Lva+VDfWRrPuw0n46IX9IkwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL/UMZR+9JjIQjvaHpOoohV1sjDwMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvdjlReGxINzBtTWhDTzlvZWs2aWlGWFd5TVBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWdWzMA0G
CSqGSIb3DQEBCwUAA4IBAQBfIfTmCycy4FvfWS+W5IDleSR2yw0yLkQyH7BsaRnJ
g81hsbU2lRi2b+C4rrGUtF0FtOvvDsxMM3U7aCJ8BVIOJ6ZW9IAhB94FEsmbA9W8
dxbgS98MWGknrqkuce6i8sUPV6RUOUoTvXHdf4ZtDWuUKm0bAjcmuExp15yr6yev
Sueb/wzBa+xHZm/8kpwlQmRoZuZKsVez8Bf7RSK9ygqpGUO8whyLGn8PUk+wPwyp
kwtD9xAzGKuWJbj6rxLKTikk0RsE8qxReVZDnOhsABwOUQxYCyTFiLDbNIOIO3gs
X7Xr3t1k6yO2Qvm55oUpAp2kT7qKex0mP/+q9nk+xfy4
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:18 2024 by rpki-client on console-fra.rpki-client.org