Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/wGcQVV0KaLcKx1UtpWpreXmZUUs.roa
File:                     wGcQVV0KaLcKx1UtpWpreXmZUUs.roa (raw, json)
Hash identifier:          k5htPcGfPw+4DXHL6IZLugpJTIo6GXIffLRBd2rmz9E=
Subject key identifier:   C0:67:10:55:5D:0A:68:B7:0A:C7:55:2D:A5:6A:6B:79:79:99:51:4B
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018CC3495A4483E9CABDCC8D28A5CE5F962F
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/wGcQVV0KaLcKx1UtpWpreXmZUUs.roa
Signing time:             Mon 01 Jan 2024 04:30:13 +0000
ROA not before:           Mon 01 Jan 2024 04:30:13 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     142111
IP address blocks:        89.213.144.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 03 Mar 2024 14:49:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:49:5a:44:83:e9:ca:bd:cc:8d:28:a5:ce:5f:96:2f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jan  1 04:30:13 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=c06710555d0a68b70ac7552da56a6b797999514b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:f3:dc:5e:b8:53:28:c9:af:36:00:01:55:72:
                    cd:8c:f5:0d:52:9f:a2:f8:5a:72:97:7c:f2:3f:85:
                    b4:13:cd:bd:d4:f8:a5:8a:0e:aa:78:e1:2e:d9:2a:
                    6a:ef:d2:3d:46:95:c0:25:57:c5:6f:cb:36:38:0e:
                    9c:1e:1b:97:e6:96:88:cc:6c:1e:f8:0d:06:61:38:
                    d8:53:9d:c4:7b:93:fd:00:25:2e:5c:51:96:65:32:
                    fa:62:21:03:bf:c2:31:2f:fd:a5:1b:c5:f6:3e:9a:
                    91:26:db:5e:dd:ee:40:0f:c2:77:bb:4d:a9:82:5e:
                    04:1a:ae:c6:fc:4b:50:ac:30:bb:ad:14:38:bb:14:
                    ba:6c:da:a9:a0:72:14:59:16:6f:8a:87:c8:11:2e:
                    b8:6a:b6:e3:27:65:e7:e1:63:36:14:a7:8b:2f:3c:
                    c0:26:e9:4a:e4:51:62:aa:2d:37:af:3b:5a:11:2c:
                    46:45:e9:43:ed:09:63:19:8e:af:40:49:fe:18:59:
                    67:9c:7b:ea:03:3c:a2:34:0f:a6:57:a1:b2:1f:b3:
                    b7:55:bf:9d:b0:f7:b9:68:63:49:68:90:6b:82:3a:
                    d5:59:e0:54:78:12:10:03:1f:99:09:87:3f:99:aa:
                    2a:a6:58:51:5a:68:65:a8:8a:29:7e:f6:e7:9f:84:
                    77:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:67:10:55:5D:0A:68:B7:0A:C7:55:2D:A5:6A:6B:79:79:99:51:4B
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/wGcQVV0KaLcKx1UtpWpreXmZUUs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.213.144.0/24

    Signature Algorithm: sha256WithRSAEncryption
         89:7a:87:e3:d5:f0:97:3b:d7:68:7d:e8:bb:61:06:4e:e8:ac:
         55:2b:21:3d:40:af:9e:57:41:70:c0:b3:83:0a:c6:e3:44:c0:
         b7:12:8c:dd:a8:7e:3d:f0:82:ba:10:a1:ec:5f:31:1a:28:09:
         9b:16:fd:7d:d8:18:26:17:60:36:17:62:68:61:86:7a:0c:ab:
         48:43:a6:94:0d:f5:55:0e:fc:a5:73:74:47:6f:4e:08:70:1f:
         23:cf:3a:2b:73:fa:c6:6e:7b:fd:25:1c:77:b4:c7:d9:90:0e:
         9e:be:3d:4a:2f:c9:43:86:cd:25:98:1f:2d:34:58:69:b7:70:
         f4:33:97:c2:92:45:ce:fd:63:0c:20:fa:15:b3:65:f6:e6:6d:
         09:a5:bc:37:76:fd:d2:ee:cd:58:b3:66:0a:48:9a:8d:f3:a1:
         c5:84:11:a5:b7:21:4b:42:72:34:ab:46:96:60:a3:20:ca:15:
         4d:97:02:a5:7f:58:9e:87:1e:a0:46:e6:2a:9a:b5:08:e7:dc:
         e9:6d:8f:b3:8b:7e:ea:92:e2:9f:e2:98:ed:62:78:e4:8b:6a:
         28:9d:e9:0f:d9:cb:b6:c2:dd:c2:ce:42:7c:6b:d6:41:62:97:
         1c:a4:1b:f4:c6:66:09:3b:58:ac:1f:57:44:4a:67:43:59:65:
         d0:93:90:d3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSVpEg+nKvcyNKKXOX5YvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMTAxMDQzMDEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDY3MTA1NTVkMGE2OGI3MGFjNzU1MmRhNTZhNmI3OTc5OTk1MTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo/PcXrhTKMmvNgABVXLNjPUNUp+i
+Fpyl3zyP4W0E8291Pilig6qeOEu2Spq79I9RpXAJVfFb8s2OA6cHhuX5paIzGwe
+A0GYTjYU53Ee5P9ACUuXFGWZTL6YiEDv8IxL/2lG8X2PpqRJtte3e5AD8J3u02p
gl4EGq7G/EtQrDC7rRQ4uxS6bNqpoHIUWRZviofIES64arbjJ2Xn4WM2FKeLLzzA
JulK5FFiqi03rztaESxGRelD7QljGY6vQEn+GFlnnHvqAzyiNA+mV6GyH7O3Vb+d
sPe5aGNJaJBrgjrVWeBUeBIQAx+ZCYc/maoqplhRWmhlqIopfvbnn4R3uQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMBnEFVdCmi3CsdVLaVqa3l5mVFLMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvd0djUVZWMEthTGNLeDFVdHBXcHJlWG1aVVVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWdWQMA0G
CSqGSIb3DQEBCwUAA4IBAQCJeofj1fCXO9dofei7YQZO6KxVKyE9QK+eV0FwwLOD
CsbjRMC3EozdqH498IK6EKHsXzEaKAmbFv192BgmF2A2F2JoYYZ6DKtIQ6aUDfVV
Dvylc3RHb04IcB8jzzorc/rGbnv9JRx3tMfZkA6evj1KL8lDhs0lmB8tNFhpt3D0
M5fCkkXO/WMMIPoVs2X25m0Jpbw3dv3S7s1Ys2YKSJqN86HFhBGltyFLQnI0q0aW
YKMgyhVNlwKlf1iehx6gRuYqmrUI59zpbY+zi37qkuKf4pjtYnjki2oonekP2cu2
wt3CzkJ8a9ZBYpccpBv0xmYJO1isH1dESmdDWWXQk5DT
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:32 2024 by rpki-client on console-ams.rpki-client.org