Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vnvmraSEO5irQ4silb1V1Wt_tpg.roa
File:                     vnvmraSEO5irQ4silb1V1Wt_tpg.roa (raw, json)
Hash identifier:          yrRcLnofdbylZYC3TgLwdFv5ezUHbseVFg5QDyu27Kc=
Subject key identifier:   BE:7B:E6:AD:A4:84:3B:98:AB:43:8B:22:95:BD:55:D5:6B:7F:B6:98
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018E5832C20F592A88DBCAF009EA9D82E705
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vnvmraSEO5irQ4silb1V1Wt_tpg.roa
Signing time:             Tue 19 Mar 2024 19:31:45 +0000
ROA not before:           Tue 19 Mar 2024 19:31:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     200373
IP address blocks:        89.213.228.0/22 maxlen: 22
                          89.213.232.0/22 maxlen: 22
                          89.213.236.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Wed 20 Mar 2024 08:45:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:58:32:c2:0f:59:2a:88:db:ca:f0:09:ea:9d:82:e7:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Mar 19 19:31:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=be7be6ada4843b98ab438b2295bd55d56b7fb698
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:63:62:7d:07:d1:30:6b:3d:67:bb:cf:b9:00:
                    fe:94:e0:12:5f:15:47:c5:39:cb:05:a8:37:b4:16:
                    a3:fd:42:4d:6b:bc:c8:7b:81:0d:ac:22:c7:04:97:
                    18:34:3e:a3:6b:43:c2:0b:eb:1a:b9:04:d7:3f:72:
                    2a:1d:c7:09:c3:33:fe:69:39:83:fd:d2:0f:93:3f:
                    ea:2b:5d:e6:05:bd:3f:2f:02:1f:4e:04:27:92:a4:
                    82:45:b9:35:1a:10:f1:9b:53:d4:32:28:59:d2:9b:
                    de:9c:29:cf:46:fc:10:7e:97:c4:1a:46:8c:6b:66:
                    65:9d:ff:1c:bb:14:70:62:03:03:69:15:55:66:25:
                    b6:d2:e2:06:e0:c1:2f:38:f4:d7:70:82:c9:d7:ba:
                    e4:bf:18:31:8b:65:e3:28:9b:55:38:6a:f3:d5:f7:
                    51:07:9f:47:e2:f6:6f:fd:ba:81:8e:27:89:50:66:
                    97:d9:f2:02:32:18:75:3a:6b:01:cc:fe:56:3a:40:
                    46:d3:41:23:f8:ca:68:29:ef:97:f1:a1:7f:5d:ba:
                    cb:46:1c:c6:84:d3:ac:65:8f:9b:9d:e4:5c:47:73:
                    c3:92:2b:d0:62:bc:1b:18:cc:8b:e9:e9:5d:46:03:
                    79:16:22:e5:a9:f7:01:ce:5a:b5:c6:c9:03:fd:28:
                    35:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:7B:E6:AD:A4:84:3B:98:AB:43:8B:22:95:BD:55:D5:6B:7F:B6:98
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vnvmraSEO5irQ4silb1V1Wt_tpg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.213.228.0-89.213.239.255

    Signature Algorithm: sha256WithRSAEncryption
         2b:93:b3:20:63:e2:ab:c8:5f:e5:bc:2d:f2:35:17:c6:c4:4c:
         a5:f2:0d:f1:d7:c8:3b:d7:38:21:14:52:68:76:4f:54:65:3e:
         42:6d:58:fb:8f:40:28:49:f5:56:05:f3:b0:51:af:6c:71:38:
         32:4f:88:cf:7b:5a:d6:70:74:d2:69:82:d8:fc:28:47:7c:2a:
         ee:3c:12:36:e9:89:39:3d:69:ad:1b:5a:ab:cb:dd:6b:21:88:
         a1:f3:f3:2e:49:6a:ac:99:e6:21:ab:c3:bf:c3:91:6d:d6:32:
         e9:bf:72:88:e8:60:6a:79:2f:e3:d3:d1:40:5b:d6:b4:f4:b0:
         e1:9c:bf:b0:09:72:3c:e5:2f:da:22:e7:2c:39:4e:d3:06:d7:
         23:2e:1d:7b:eb:4e:2d:5b:39:5d:a4:61:ce:66:e0:52:70:d5:
         f1:33:ef:a4:63:e1:5f:14:87:17:f2:00:f1:0f:0d:c2:2c:9f:
         0e:52:35:c9:72:4b:c5:a6:fb:46:5e:57:3a:bf:33:1c:3d:eb:
         e6:01:05:c0:42:00:e6:f0:90:20:58:64:d9:d3:9d:c5:32:20:
         05:c5:e0:71:c1:cc:2b:d0:4c:73:a4:1f:52:94:9d:d6:7b:ce:
         36:03:14:f0:25:b8:06:0a:f7:ca:c1:26:ab:a5:bb:9e:10:2e:
         c9:89:0b:6b
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY5YMsIPWSqI28rwCeqdgucFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMzE5MTkzMTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTdiZTZhZGE0ODQzYjk4YWI0MzhiMjI5NWJkNTVkNTZiN2ZiNjk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnWNifQfRMGs9Z7vPuQD+lOASXxVH
xTnLBag3tBaj/UJNa7zIe4ENrCLHBJcYND6ja0PCC+sauQTXP3IqHccJwzP+aTmD
/dIPkz/qK13mBb0/LwIfTgQnkqSCRbk1GhDxm1PUMihZ0pvenCnPRvwQfpfEGkaM
a2Zlnf8cuxRwYgMDaRVVZiW20uIG4MEvOPTXcILJ17rkvxgxi2XjKJtVOGrz1fdR
B59H4vZv/bqBjieJUGaX2fICMhh1OmsBzP5WOkBG00Ej+MpoKe+X8aF/XbrLRhzG
hNOsZY+bneRcR3PDkivQYrwbGMyL6eldRgN5FiLlqfcBzlq1xskD/Sg1iQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFL575q2khDuYq0OLIpW9VdVrf7aYMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvdm52bXJhU0VPNWlyUTRzaWxiMVYxV3RfdHBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAJZ1eQD
BARZ1eAwDQYJKoZIhvcNAQELBQADggEBACuTsyBj4qvIX+W8LfI1F8bETKXyDfHX
yDvXOCEUUmh2T1RlPkJtWPuPQChJ9VYF87BRr2xxODJPiM97WtZwdNJpgtj8KEd8
Ku48EjbpiTk9aa0bWqvL3WshiKHz8y5JaqyZ5iGrw7/DkW3WMum/cojoYGp5L+PT
0UBb1rT0sOGcv7AJcjzlL9oi5yw5TtMG1yMuHXvrTi1bOV2kYc5m4FJw1fEz76Rj
4V8UhxfyAPEPDcIsnw5SNclyS8Wm+0ZeVzq/Mxw96+YBBcBCAObwkCBYZNnTncUy
IAXF4HHBzCvQTHOkH1KUndZ7zjYDFPAluAYK98rBJqulu54QLsmJC2s=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:18 2024 by rpki-client on console-fra.rpki-client.org