Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/yBfZPoR7Vt3vQL29CTSPgyV-3aE.roa
File:                     yBfZPoR7Vt3vQL29CTSPgyV-3aE.roa (raw, json)
Hash identifier:          F/hB+LtIy+1pcjMhR6IPcfSHlEI+8MVjNM8pWlHie/w=
Subject key identifier:   C8:17:D9:3E:84:7B:56:DD:EF:40:BD:BD:09:34:8F:83:25:7E:DD:A1
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       0189B052E086FFE2404F6D329984CE811792
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/yBfZPoR7Vt3vQL29CTSPgyV-3aE.roa
Signing time:             Tue 01 Aug 2023 08:59:28 +0000
ROA not before:           Tue 01 Aug 2023 08:59:28 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     200482
IP address blocks:        89.213.182.0/24 maxlen: 24
                          89.213.186.0/24 maxlen: 24
                          89.213.187.0/24 maxlen: 24
                          89.213.7.0/24 maxlen: 24
                          89.213.150.0/24 maxlen: 24
                          89.213.163.0/24 maxlen: 24
                          82.153.4.0/24 maxlen: 24
                          89.213.172.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 02 Aug 2023 09:46:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:b0:52:e0:86:ff:e2:40:4f:6d:32:99:84:ce:81:17:92
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Aug  1 08:59:28 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c817d93e847b56ddef40bdbd09348f83257edda1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:9b:bb:e0:8b:ab:a8:3d:cb:1e:61:b6:43:3f:
                    36:d1:27:37:4d:ef:fe:ec:7b:8c:a9:84:bf:72:af:
                    02:a8:2c:82:56:a9:5c:9f:d0:98:7b:a7:b7:7d:00:
                    fd:91:19:d5:11:65:13:39:e3:21:d4:67:87:e7:f2:
                    19:7b:a3:cb:de:2f:64:08:21:1f:7a:99:7b:45:3b:
                    10:a8:28:6b:44:5a:11:e5:a8:bf:1e:f8:de:a9:68:
                    12:9e:a9:56:22:e4:0d:ab:2a:72:fd:c6:b6:20:fb:
                    4e:9f:4d:68:e5:61:24:80:07:87:91:1b:60:75:57:
                    c8:9d:85:b1:1a:a5:bd:f0:59:e2:00:58:26:6c:30:
                    4f:b8:37:5a:bb:ac:c0:5d:43:0f:9f:46:42:2e:73:
                    26:57:62:9e:66:44:01:06:50:cf:4a:12:1c:0a:0a:
                    36:d4:3e:f0:5b:93:68:24:68:ed:86:cf:bf:76:ad:
                    8a:c2:ad:d3:f2:d5:99:33:e3:8f:5d:be:20:d1:0b:
                    c0:36:bf:47:f1:61:ce:26:e9:15:66:ac:ec:f2:41:
                    ad:f5:17:53:2b:53:86:cd:80:88:f0:49:54:3a:e6:
                    a1:ee:a1:e1:83:77:8d:7d:53:f6:ee:2a:c4:ba:4d:
                    14:45:bd:3c:e9:7a:84:1f:a1:b8:42:2a:48:a8:cb:
                    e9:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:17:D9:3E:84:7B:56:DD:EF:40:BD:BD:09:34:8F:83:25:7E:DD:A1
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/yBfZPoR7Vt3vQL29CTSPgyV-3aE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.4.0/24
                  89.213.7.0/24
                  89.213.150.0/24
                  89.213.163.0/24
                  89.213.172.0/24
                  89.213.182.0/24
                  89.213.186.0/23

    Signature Algorithm: sha256WithRSAEncryption
         86:24:1e:b6:db:b2:90:41:cb:7d:79:89:43:5e:53:b4:f7:f0:
         16:a8:52:51:51:4d:ff:20:6f:d0:f0:5f:d0:2e:d3:bb:29:9a:
         29:09:c8:79:2b:84:4b:81:01:79:66:e1:0a:91:17:c4:c9:d7:
         3e:8a:4f:66:83:4d:e7:fa:c6:7d:ac:01:8b:2d:36:84:89:ec:
         b4:59:18:df:49:d9:33:47:4d:e1:58:85:d3:c4:8d:6f:d2:ef:
         2b:b0:ce:5a:77:9a:50:9e:9b:6b:2c:dd:aa:65:dd:81:1b:ac:
         67:ac:e2:a0:e8:0f:4a:c2:3f:33:cf:e7:74:ea:0a:a1:97:c1:
         16:5d:f7:7b:d7:3d:86:b2:55:48:ab:30:41:76:d5:c9:4d:80:
         7d:5c:5d:49:f3:cd:0d:b8:fb:de:f1:72:fd:64:ff:42:ee:52:
         b7:30:52:e8:05:cd:f6:e0:0a:7d:b0:45:d4:17:b9:a9:e4:4e:
         b8:bc:db:88:33:53:4f:79:5b:48:19:a8:58:12:f7:5c:c3:08:
         97:c1:63:2a:10:2e:16:89:85:0e:be:67:b8:36:42:fe:eb:0a:
         eb:17:11:45:9f:f8:8e:aa:d9:1e:dc:4c:22:90:41:15:52:df:
         d8:65:e9:e2:43:13:f7:25:59:d5:ce:54:31:25:e6:1e:34:23:
         05:ff:76:32
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYmwUuCG/+JAT20ymYTOgReSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwODAxMDg1OTI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODE3ZDkzZTg0N2I1NmRkZWY0MGJkYmQwOTM0OGY4MzI1N2VkZGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr5u74IurqD3LHmG2Qz820Sc3Te/+
7HuMqYS/cq8CqCyCVqlcn9CYe6e3fQD9kRnVEWUTOeMh1GeH5/IZe6PL3i9kCCEf
epl7RTsQqChrRFoR5ai/HvjeqWgSnqlWIuQNqypy/ca2IPtOn01o5WEkgAeHkRtg
dVfInYWxGqW98FniAFgmbDBPuDdau6zAXUMPn0ZCLnMmV2KeZkQBBlDPShIcCgo2
1D7wW5NoJGjths+/dq2Kwq3T8tWZM+OPXb4g0QvANr9H8WHOJukVZqzs8kGt9RdT
K1OGzYCI8ElUOuah7qHhg3eNfVP27irEuk0URb086XqEH6G4QipIqMvp/wIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFMgX2T6Ee1bd70C9vQk0j4Mlft2hMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEveUJmWlBvUjdWdDN2UUwyOUNUU1BneVYtM2FFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAUpkEAwQA
WdUHAwQAWdWWAwQAWdWjAwQAWdWsAwQAWdW2AwQBWdW6MA0GCSqGSIb3DQEBCwUA
A4IBAQCGJB6227KQQct9eYlDXlO09/AWqFJRUU3/IG/Q8F/QLtO7KZopCch5K4RL
gQF5ZuEKkRfEydc+ik9mg03n+sZ9rAGLLTaEiey0WRjfSdkzR03hWIXTxI1v0u8r
sM5ad5pQnptrLN2qZd2BG6xnrOKg6A9Kwj8zz+d06gqhl8EWXfd71z2GslVIqzBB
dtXJTYB9XF1J880NuPve8XL9ZP9C7lK3MFLoBc324Ap9sEXUF7mp5E64vNuIM1NP
eVtIGahYEvdcwwiXwWMqEC4WiYUOvme4NkL+6wrrFxFFn/iOqtke3EwikEEVUt/Y
ZeniQxP3JVnVzlQxJeYeNCMF/3Yy
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:18 2024 by rpki-client on console-fra.rpki-client.org