Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/wNJb5a-ORUKj-2rlFa2pCrYtH9k.roa
File:                     wNJb5a-ORUKj-2rlFa2pCrYtH9k.roa (raw, json)
Hash identifier:          OW6nMNUfWDiEIPzp8HP6jykEhrazLL5wBR4JEJ6K8JE=
Subject key identifier:   C0:D2:5B:E5:AF:8E:45:42:A3:FB:6A:E5:15:AD:A9:0A:B6:2D:1F:D9
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018CD47E7C7B964354D2FFBE81430B87019B
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/wNJb5a-ORUKj-2rlFa2pCrYtH9k.roa
Signing time:             Thu 04 Jan 2024 12:41:48 +0000
ROA not before:           Thu 04 Jan 2024 12:41:48 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     834
IP address blocks:        185.49.126.0/23 maxlen: 24
                          89.213.180.0/24 maxlen: 24
                          82.153.246.0/24 maxlen: 24
                          82.153.136.0/22 maxlen: 22
                          81.168.119.0/24 maxlen: 24
                          89.213.152.0/22 maxlen: 24
                          89.213.148.0/22 maxlen: 24
                          89.213.156.0/22 maxlen: 24
                          213.152.42.0/24 maxlen: 24
                          89.213.172.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Fri 05 Jan 2024 09:28:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:d4:7e:7c:7b:96:43:54:d2:ff:be:81:43:0b:87:01:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jan  4 12:41:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=c0d25be5af8e4542a3fb6ae515ada90ab62d1fd9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ee:c5:fd:11:c4:8c:64:93:36:2a:7a:cb:e6:06:
                    00:02:38:ca:a1:fd:7e:69:c1:f0:b6:25:1d:8c:12:
                    b3:85:71:5a:39:e1:73:7c:a6:eb:7f:61:8a:96:e1:
                    3f:85:01:51:28:7c:a2:85:83:6e:86:b4:06:d3:05:
                    89:e7:42:ee:5e:83:5c:99:db:ad:37:22:40:90:41:
                    bb:ee:2a:72:af:3a:83:73:ed:96:4a:3b:f0:ec:f9:
                    01:ff:d3:ff:6c:14:93:d9:1f:56:30:88:92:e0:21:
                    ca:d7:3e:de:d5:83:be:55:15:93:9c:ab:36:49:23:
                    93:cc:fa:aa:4b:71:cc:68:cf:cc:93:cc:a9:ba:82:
                    39:0d:51:34:18:2b:e8:30:e9:0c:62:47:34:9e:16:
                    dc:1a:41:02:ac:ff:d9:22:db:0a:b7:71:d3:16:b1:
                    02:17:f9:32:07:aa:2d:13:4c:b6:d3:90:04:a5:66:
                    ec:eb:3a:c0:6d:9b:a1:6d:31:14:62:ae:e7:22:2e:
                    f2:f9:eb:3c:20:8f:4f:e9:53:be:70:3d:b0:0c:e3:
                    17:8c:e4:6f:80:fb:91:7a:8f:0d:bb:cb:91:38:be:
                    d1:39:24:64:a9:34:7b:bc:ac:c3:f2:0c:24:dc:2b:
                    3f:bf:51:6f:85:52:a2:0b:cc:30:d9:3e:7f:f7:3e:
                    67:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:D2:5B:E5:AF:8E:45:42:A3:FB:6A:E5:15:AD:A9:0A:B6:2D:1F:D9
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/wNJb5a-ORUKj-2rlFa2pCrYtH9k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.168.119.0/24
                  82.153.136.0/22
                  82.153.246.0/24
                  89.213.148.0-89.213.159.255
                  89.213.172.0/22
                  89.213.180.0/24
                  185.49.126.0/23
                  213.152.42.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4e:6a:27:14:cf:da:cb:8e:e3:33:a7:f8:62:eb:ab:10:a3:17:
         95:fd:76:15:91:f2:65:88:aa:df:70:0a:4c:28:da:58:e6:24:
         bc:38:c6:16:3c:15:aa:9b:f9:c1:2d:29:49:2c:cd:56:80:aa:
         4c:82:32:ba:5c:9b:db:2e:3f:71:8b:9d:33:43:8a:ae:94:88:
         ca:e5:b7:b8:99:50:9b:aa:80:06:a0:fb:2a:1f:c7:13:93:20:
         8c:5f:16:93:03:e1:b1:f7:a1:e3:b5:93:7e:89:c8:cd:05:f7:
         1f:c4:88:6f:6f:c7:35:0d:97:19:b8:31:04:33:2d:0e:61:a8:
         3c:51:c6:0c:e9:fb:d2:9c:85:d4:42:d3:37:c5:59:52:8e:06:
         20:66:44:eb:12:1a:b4:b8:c7:62:a1:95:b5:8b:58:53:00:33:
         62:f5:91:1a:f6:33:4b:92:2a:e0:b7:31:97:f0:dd:77:b5:5a:
         26:15:f6:6c:34:d2:5f:4f:f5:80:7b:f9:1b:30:0b:7b:23:15:
         3d:1a:db:6e:10:ab:a4:04:e5:2c:06:39:77:70:04:a2:26:46:
         97:44:01:1c:a0:ad:29:5e:52:4f:f0:e3:e0:a6:1e:e6:1d:73:
         bf:eb:0a:22:d0:48:03:f0:3b:53:db:8d:cf:8b:03:0c:3a:31:
         cd:34:3c:fb
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYzUfnx7lkNU0v++gUMLhwGbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMTA0MTI0MTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMGQyNWJlNWFmOGU0NTQyYTNmYjZhZTUxNWFkYTkwYWI2MmQxZmQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7sX9EcSMZJM2KnrL5gYAAjjKof1+
acHwtiUdjBKzhXFaOeFzfKbrf2GKluE/hQFRKHyihYNuhrQG0wWJ50LuXoNcmdut
NyJAkEG77ipyrzqDc+2WSjvw7PkB/9P/bBST2R9WMIiS4CHK1z7e1YO+VRWTnKs2
SSOTzPqqS3HMaM/Mk8ypuoI5DVE0GCvoMOkMYkc0nhbcGkECrP/ZItsKt3HTFrEC
F/kyB6otE0y205AEpWbs6zrAbZuhbTEUYq7nIi7y+es8II9P6VO+cD2wDOMXjORv
gPuReo8Nu8uROL7ROSRkqTR7vKzD8gwk3Cs/v1FvhVKiC8ww2T5/9z5nQwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFMDSW+WvjkVCo/tq5RWtqQq2LR/ZMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvd05KYjVhLU9SVUtqLTJybEZhMnBDcll0SDlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQAUah3AwQC
UpmIAwQAUpn2MAwDBAJZ1ZQDBAVZ1YADBAJZ1awDBABZ1bQDBAG5MX4DBADVmCow
DQYJKoZIhvcNAQELBQADggEBAE5qJxTP2suO4zOn+GLrqxCjF5X9dhWR8mWIqt9w
Ckwo2ljmJLw4xhY8Faqb+cEtKUkszVaAqkyCMrpcm9suP3GLnTNDiq6UiMrlt7iZ
UJuqgAag+yofxxOTIIxfFpMD4bH3oeO1k36JyM0F9x/EiG9vxzUNlxm4MQQzLQ5h
qDxRxgzp+9KchdRC0zfFWVKOBiBmROsSGrS4x2KhlbWLWFMAM2L1kRr2M0uSKuC3
MZfw3Xe1WiYV9mw00l9P9YB7+RswC3sjFT0a224Qq6QE5SwGOXdwBKImRpdEARyg
rSleUk/w4+CmHuYdc7/rCiLQSAPwO1Pbjc+LAww6Mc00PPs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:32 2024 by rpki-client on console-ams.rpki-client.org