Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/zxxkFK7WsqCq-mNrl5hoPTHDuYk.roa
File:                     zxxkFK7WsqCq-mNrl5hoPTHDuYk.roa (raw, json)
Hash identifier:          kaKiuoWq2sQnX8i4NB0K+vTNSUhJf7JMqIWkVkXxKRo=
Subject key identifier:   CF:1C:64:14:AE:D6:B2:A0:AA:FA:63:6B:97:98:68:3D:31:C3:B9:89
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       01894059290E3C4B8673B35B20E852DC2F9A
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/zxxkFK7WsqCq-mNrl5hoPTHDuYk.roa
Signing time:             Mon 10 Jul 2023 15:08:52 +0000
ROA not before:           Mon 10 Jul 2023 15:08:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     197860
IP address blocks:        89.213.166.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:30:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:40:59:29:0e:3c:4b:86:73:b3:5b:20:e8:52:dc:2f:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jul 10 15:08:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=cf1c6414aed6b2a0aafa636b9798683d31c3b989
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:26:65:90:4e:79:3b:c0:2f:cd:d0:f2:54:cc:
                    f9:4a:41:4e:6c:69:89:4b:4d:9d:d0:b4:3a:f0:f2:
                    fe:74:12:18:55:19:85:f0:ce:4d:ea:a6:d3:82:57:
                    42:c3:db:3d:28:8f:22:59:b6:5c:de:2f:71:a0:af:
                    3e:1e:65:b4:be:2c:fa:c3:4c:88:ed:cd:12:e0:f7:
                    5f:64:41:31:64:9d:d3:22:85:4e:62:2c:4b:7b:1c:
                    6b:e5:52:44:2d:bc:d8:32:26:03:b0:9f:d2:fb:21:
                    bb:de:11:02:59:1e:0d:c2:0e:7d:54:77:d5:69:ca:
                    08:72:dc:57:3f:ab:f6:e5:81:8c:77:6e:9d:7c:f5:
                    51:8d:1d:b8:4b:4b:97:50:7c:53:6f:25:17:d9:2d:
                    6b:68:fc:ba:56:3f:43:6f:66:aa:85:8a:78:50:db:
                    04:d0:fa:e6:1a:4a:7a:5d:61:40:4b:1f:d2:21:4e:
                    8a:18:53:93:70:9c:5e:37:b8:61:8e:17:ab:58:5c:
                    f6:f7:13:b5:59:52:0b:4b:dc:ce:3b:9e:20:e3:65:
                    6b:2f:8b:20:2b:89:21:ad:40:f7:2b:a6:b1:77:38:
                    a7:37:3a:2c:af:a4:4b:a2:dd:fe:79:96:77:f1:85:
                    e3:32:18:33:2e:ce:e6:b5:b3:3f:7d:18:6b:70:58:
                    e6:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:1C:64:14:AE:D6:B2:A0:AA:FA:63:6B:97:98:68:3D:31:C3:B9:89
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/zxxkFK7WsqCq-mNrl5hoPTHDuYk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.213.166.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4f:d4:8b:fe:0b:0c:02:b0:2c:6a:e3:c2:8c:34:71:27:b3:4b:
         db:c0:af:1f:75:f2:15:bc:8a:29:f9:ae:f5:b5:81:eb:f4:cc:
         4a:7f:3a:9d:d0:29:d8:fc:0a:15:c7:95:18:33:dc:55:ca:10:
         70:a0:5a:9e:e2:50:5e:60:7d:78:31:34:e5:d8:76:69:c2:d4:
         6e:15:be:3f:85:a7:5e:3d:9f:c6:0d:37:33:80:c1:b5:d7:df:
         f9:bb:98:b5:24:64:1d:b1:78:d3:b2:7f:2a:40:65:01:3e:94:
         27:d3:0b:b8:3b:e4:f6:91:5d:7c:48:c7:57:3f:0d:a2:df:a2:
         38:c0:70:53:f0:c8:b3:2a:5a:09:9d:c5:46:c7:6b:7d:98:0c:
         b0:7f:81:cf:18:38:a5:4e:ec:4e:69:3c:16:8e:17:9c:c7:c7:
         94:40:5c:df:9e:c5:1f:76:4b:d1:3d:7c:14:6d:92:f1:97:a3:
         08:eb:06:42:14:24:d9:bb:99:c8:a6:e3:83:b3:50:fc:d8:f3:
         18:85:81:7e:24:33:75:49:0c:cf:a2:3a:3f:f5:04:1c:b5:4b:
         d3:03:07:72:95:19:d1:d8:6a:ef:97:7c:a3:49:fa:d8:b2:ad:
         35:27:7b:1d:5a:a3:f2:47:c2:4a:c3:cd:b2:27:07:b0:45:eb:
         50:2d:a6:dd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYlAWSkOPEuGc7NbIOhS3C+aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNzEwMTUwODUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjFjNjQxNGFlZDZiMmEwYWFmYTYzNmI5Nzk4NjgzZDMxYzNiOTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjCZlkE55O8AvzdDyVMz5SkFObGmJ
S02d0LQ68PL+dBIYVRmF8M5N6qbTgldCw9s9KI8iWbZc3i9xoK8+HmW0viz6w0yI
7c0S4PdfZEExZJ3TIoVOYixLexxr5VJELbzYMiYDsJ/S+yG73hECWR4Nwg59VHfV
acoIctxXP6v25YGMd26dfPVRjR24S0uXUHxTbyUX2S1raPy6Vj9Db2aqhYp4UNsE
0PrmGkp6XWFASx/SIU6KGFOTcJxeN7hhjherWFz29xO1WVILS9zOO54g42VrL4sg
K4khrUD3K6axdzinNzosr6RLot3+eZZ38YXjMhgzLs7mtbM/fRhrcFjmwQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM8cZBSu1rKgqvpja5eYaD0xw7mJMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvenh4a0ZLN1dzcUNxLW1Ocmw1aG9QVEhEdVlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWdWmMA0G
CSqGSIb3DQEBCwUAA4IBAQBP1Iv+CwwCsCxq48KMNHEns0vbwK8fdfIVvIop+a71
tYHr9MxKfzqd0CnY/AoVx5UYM9xVyhBwoFqe4lBeYH14MTTl2HZpwtRuFb4/hade
PZ/GDTczgMG119/5u5i1JGQdsXjTsn8qQGUBPpQn0wu4O+T2kV18SMdXPw2i36I4
wHBT8MizKloJncVGx2t9mAywf4HPGDilTuxOaTwWjhecx8eUQFzfnsUfdkvRPXwU
bZLxl6MI6wZCFCTZu5nIpuODs1D82PMYhYF+JDN1SQzPojo/9QQctUvTAwdylRnR
2Grvl3yjSfrYsq01J3sdWqPyR8JKw82yJwewRetQLabd
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:18 2024 by rpki-client on console-fra.rpki-client.org