Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/y1p_uRDrFY-7qtYgFRej6Bo8XWs.roa
File:                     y1p_uRDrFY-7qtYgFRej6Bo8XWs.roa (raw, json)
Hash identifier:          MHMAjmdenx4tblKijrwQMrWQphehhwjdl/zlbcEKy+w=
Subject key identifier:   CB:5A:7F:B9:10:EB:15:8F:BB:AA:D6:20:15:17:A3:E8:1A:3C:5D:6B
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018D35F78A7B62A703B11BF00B8A1B16DE45
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/y1p_uRDrFY-7qtYgFRej6Bo8XWs.roa
Signing time:             Tue 23 Jan 2024 10:57:11 +0000
ROA not before:           Tue 23 Jan 2024 10:57:11 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     979
IP address blocks:        89.213.182.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 24 Jan 2024 09:59:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:35:f7:8a:7b:62:a7:03:b1:1b:f0:0b:8a:1b:16:de:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jan 23 10:57:11 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=cb5a7fb910eb158fbbaad6201517a3e81a3c5d6b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:d6:6e:a6:63:80:6d:08:e4:59:61:b6:0d:09:
                    35:a3:53:63:80:33:4c:c2:55:65:a5:66:28:54:92:
                    ce:b9:98:11:70:6d:84:00:5f:93:e4:bc:c3:40:df:
                    44:7a:8e:a0:9f:6c:81:57:7b:c7:3f:9f:e8:91:9b:
                    98:74:4e:48:5d:60:cf:41:54:5e:71:83:d6:3c:9c:
                    3c:e7:5d:8d:35:ec:f7:a8:e0:0c:72:91:20:98:ac:
                    aa:a7:4d:2a:ac:ed:ac:5b:1b:ca:18:cf:bb:96:6b:
                    46:c2:26:9a:f7:89:ef:5d:e6:b6:1b:53:68:8a:31:
                    b1:5a:81:b8:84:81:1e:3b:9b:1e:a0:30:89:8a:7d:
                    db:c7:48:9c:ac:22:70:8f:56:68:d4:3b:fd:e5:4d:
                    4b:40:53:dc:10:0e:4f:f6:f4:94:be:ea:29:ab:b2:
                    d6:73:4a:31:d0:3c:c5:b9:37:05:c1:b5:b8:e7:b4:
                    c4:1d:1f:4a:71:48:d3:82:7a:78:31:03:cc:20:8f:
                    5f:03:57:a8:e7:f4:f6:bf:45:34:51:b8:87:af:9a:
                    2a:c0:6b:72:3a:82:da:77:af:a4:97:2c:cc:b5:b0:
                    40:c7:fb:1d:47:31:ee:0b:63:30:c4:d0:ea:0c:22:
                    08:e8:cb:98:f8:91:9f:a1:ad:39:f1:56:48:d1:b9:
                    25:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:5A:7F:B9:10:EB:15:8F:BB:AA:D6:20:15:17:A3:E8:1A:3C:5D:6B
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/y1p_uRDrFY-7qtYgFRej6Bo8XWs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.213.182.0/24

    Signature Algorithm: sha256WithRSAEncryption
         32:ff:20:cb:56:df:06:aa:41:ef:70:33:10:1a:a5:5a:04:35:
         c3:2c:17:5f:57:cc:73:71:4a:06:98:e5:e7:6b:06:d0:31:6b:
         16:55:94:8d:93:af:69:07:38:9e:27:43:01:81:94:70:00:80:
         44:37:a7:cc:08:eb:2d:fc:f3:0f:46:8b:72:75:7f:14:93:8f:
         55:d6:8d:2b:37:a7:54:4e:26:f7:09:6f:13:e4:48:69:f6:c8:
         8c:c2:68:be:a6:df:85:87:50:e6:94:16:22:3b:36:62:31:07:
         0f:d7:d7:e5:c4:24:e1:98:80:35:af:cd:5e:9b:6e:24:f2:42:
         65:14:1d:bb:da:a5:7d:7e:30:7e:f5:b9:37:d5:44:cc:bf:2e:
         ee:d1:3b:2a:b4:2c:2f:4f:a2:1f:d5:c2:af:54:9f:f3:cb:76:
         45:c3:78:5b:b7:12:5d:b8:da:9d:3b:c6:07:a8:e1:16:c2:32:
         37:19:b8:d3:67:28:b8:a2:28:f2:d1:dc:5e:28:44:a9:27:26:
         2c:3b:9a:10:05:1e:99:72:de:be:8a:06:2c:d4:9f:4f:1e:4e:
         20:21:05:48:3b:f9:49:f3:9c:c7:6f:9f:2e:c7:3c:c0:ff:80:
         cd:9b:13:99:51:c6:4d:f8:24:07:db:d3:b4:68:93:37:c1:49:
         5d:a5:34:32
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY0194p7YqcDsRvwC4obFt5FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMTIzMTA1NzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjVhN2ZiOTEwZWIxNThmYmJhYWQ2MjAxNTE3YTNlODFhM2M1ZDZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoNZupmOAbQjkWWG2DQk1o1NjgDNM
wlVlpWYoVJLOuZgRcG2EAF+T5LzDQN9Eeo6gn2yBV3vHP5/okZuYdE5IXWDPQVRe
cYPWPJw8512NNez3qOAMcpEgmKyqp00qrO2sWxvKGM+7lmtGwiaa94nvXea2G1No
ijGxWoG4hIEeO5seoDCJin3bx0icrCJwj1Zo1Dv95U1LQFPcEA5P9vSUvuopq7LW
c0ox0DzFuTcFwbW457TEHR9KcUjTgnp4MQPMII9fA1eo5/T2v0U0UbiHr5oqwGty
OoLad6+klyzMtbBAx/sdRzHuC2MwxNDqDCII6MuY+JGfoa058VZI0bklOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMtaf7kQ6xWPu6rWIBUXo+gaPF1rMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEveTFwX3VSRHJGWS03cXRZZ0ZSZWo2Qm84WFdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWdW2MA0G
CSqGSIb3DQEBCwUAA4IBAQAy/yDLVt8GqkHvcDMQGqVaBDXDLBdfV8xzcUoGmOXn
awbQMWsWVZSNk69pBzieJ0MBgZRwAIBEN6fMCOst/PMPRotydX8Uk49V1o0rN6dU
Tib3CW8T5Ehp9siMwmi+pt+Fh1DmlBYiOzZiMQcP19flxCThmIA1r81em24k8kJl
FB272qV9fjB+9bk31UTMvy7u0TsqtCwvT6If1cKvVJ/zy3ZFw3hbtxJduNqdO8YH
qOEWwjI3GbjTZyi4oijy0dxeKESpJyYsO5oQBR6Zct6+igYs1J9PHk4gIQVIO/lJ
85zHb58uxzzA/4DNmxOZUcZN+CQH29O0aJM3wUldpTQy
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:18 2024 by rpki-client on console-fra.rpki-client.org