Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/9cc333-68d5-4692-9c5b-28a841da0bfd/1/f3jegiPXmul5Ea8gHkTvznFhBJ0.roa
File:                     f3jegiPXmul5Ea8gHkTvznFhBJ0.roa (raw, json)
Hash identifier:          9lR1fPIfA+V9SDqA9/Ozxe/Ypr0c1AhnqJAzVZMsLPU=
Subject key identifier:   7F:78:DE:82:23:D7:9A:E9:79:11:AF:20:1E:44:EF:CE:71:61:04:9D
Certificate issuer:       /CN=9e459aa4602bffa2d2650ba66818458c89fc4582
Certificate serial:       018CC2DB297099C74C99FBC4BFDF38C9C63F
Authority key identifier: 9E:45:9A:A4:60:2B:FF:A2:D2:65:0B:A6:68:18:45:8C:89:FC:45:82
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nkWapGAr_6LSZQumaBhFjIn8RYI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8b/9cc333-68d5-4692-9c5b-28a841da0bfd/1/f3jegiPXmul5Ea8gHkTvznFhBJ0.roa
Signing time:             Mon 01 Jan 2024 02:29:52 +0000
ROA not before:           Mon 01 Jan 2024 02:29:52 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     46562
IP address blocks:        89.149.25.0/24 maxlen: 24
                          84.247.65.0/24 maxlen: 24
                          84.247.66.0/24 maxlen: 24
                          84.247.74.0/24 maxlen: 24
                          84.247.75.0/24 maxlen: 24
                          84.247.73.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 19 Sep 2024 12:00:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c2:db:29:70:99:c7:4c:99:fb:c4:bf:df:38:c9:c6:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9e459aa4602bffa2d2650ba66818458c89fc4582
        Validity
            Not Before: Jan  1 02:29:52 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=7f78de8223d79ae97911af201e44efce7161049d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:73:67:c5:da:06:84:61:f0:e5:cb:3b:e8:10:
                    a8:49:c6:05:16:a1:9a:34:02:bd:0c:ca:c7:bd:21:
                    f7:a6:e9:ec:f4:b1:bc:6e:e0:ae:16:71:18:80:02:
                    5d:82:2b:71:73:f2:4c:9a:3c:9d:97:59:6c:41:a3:
                    70:58:da:49:24:cb:a7:76:da:4e:72:73:ae:f6:19:
                    4c:7d:3b:d5:f9:5e:72:47:b9:30:14:6b:2f:f9:e7:
                    28:05:10:38:64:43:53:92:0b:ad:a4:60:fa:92:64:
                    49:d7:a6:89:4b:fb:ea:4d:fc:f5:fd:5c:9a:82:3c:
                    07:0a:84:42:71:48:d8:06:44:5f:b6:a5:d3:cb:5f:
                    6d:f8:66:ed:37:97:ad:2a:8e:da:5f:18:9b:b9:be:
                    fa:24:89:88:eb:82:7a:20:8f:89:2d:0d:ee:11:5f:
                    10:31:99:ed:3b:30:d5:50:7c:31:77:c0:0f:a7:72:
                    91:12:a1:bf:4f:05:20:19:b4:c9:35:b6:f1:11:e9:
                    cd:d4:35:18:11:64:12:e3:3b:37:a8:7c:c4:70:78:
                    12:a5:cd:66:18:ec:a8:00:f9:f7:ab:65:bd:42:68:
                    5c:da:3b:f9:8c:10:43:25:0f:3b:ee:e5:22:a2:c0:
                    0e:fe:af:32:a4:55:3f:0e:db:06:a9:eb:34:f1:49:
                    f1:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:78:DE:82:23:D7:9A:E9:79:11:AF:20:1E:44:EF:CE:71:61:04:9D
            X509v3 Authority Key Identifier:
                keyid:9E:45:9A:A4:60:2B:FF:A2:D2:65:0B:A6:68:18:45:8C:89:FC:45:82

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nkWapGAr_6LSZQumaBhFjIn8RYI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/9cc333-68d5-4692-9c5b-28a841da0bfd/1/f3jegiPXmul5Ea8gHkTvznFhBJ0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/9cc333-68d5-4692-9c5b-28a841da0bfd/1/nkWapGAr_6LSZQumaBhFjIn8RYI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.247.65.0-84.247.66.255
                  84.247.73.0-84.247.75.255
                  89.149.25.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b2:cc:f1:b5:3e:f4:e3:60:3c:d7:6c:cf:ae:e2:91:96:4f:b1:
         93:d2:b5:0d:08:1c:d4:fa:bb:50:e5:5a:f3:3e:d5:4a:84:f9:
         38:3d:29:5e:41:7f:7d:6d:f9:01:29:99:19:0c:44:b7:68:72:
         65:f7:a6:a6:96:53:dd:42:37:cb:69:ca:f3:1d:5a:3a:7b:70:
         18:cf:1d:73:05:61:4d:6b:b2:74:34:d8:25:b7:c8:00:5c:b6:
         57:06:16:8f:2e:70:ae:d5:72:e4:a2:36:3d:ee:3d:10:c9:7e:
         8c:d5:50:96:5a:65:e2:f0:50:1a:6f:34:11:e6:48:b3:4f:b4:
         99:c9:d3:9c:cf:0c:63:20:1d:50:bd:f6:18:52:c4:1d:96:87:
         bb:17:4e:3c:6c:44:f0:75:a2:cc:97:f9:fb:4f:9b:b6:cf:3b:
         68:3b:35:d2:14:8c:18:c2:af:d7:57:8c:b7:b4:8c:fe:d4:2e:
         40:63:43:f0:70:16:96:3f:db:3c:8a:6a:37:31:62:31:a5:f0:
         81:f6:9b:c3:a3:f9:9b:68:00:6a:27:5a:1f:6e:66:23:52:e6:
         66:e2:34:67:38:9d:e9:91:69:d9:33:48:39:c5:7a:0e:9a:6c:
         fb:2e:ff:d5:08:80:a0:fb:6c:52:08:31:9b:7a:0e:53:db:6f:
         b2:cc:da:7e
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYzC2ylwmcdMmfvEv984ycY/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllNDU5YWE0NjAyYmZmYTJkMjY1MGJhNjY4MTg0NThjODlm
YzQ1ODIwHhcNMjQwMTAxMDIyOTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Zjc4ZGU4MjIzZDc5YWU5NzkxMWFmMjAxZTQ0ZWZjZTcxNjEwNDlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqnNnxdoGhGHw5cs76BCoScYFFqGa
NAK9DMrHvSH3puns9LG8buCuFnEYgAJdgitxc/JMmjydl1lsQaNwWNpJJMundtpO
cnOu9hlMfTvV+V5yR7kwFGsv+ecoBRA4ZENTkgutpGD6kmRJ16aJS/vqTfz1/Vya
gjwHCoRCcUjYBkRftqXTy19t+GbtN5etKo7aXxibub76JImI64J6II+JLQ3uEV8Q
MZntOzDVUHwxd8APp3KREqG/TwUgGbTJNbbxEenN1DUYEWQS4zs3qHzEcHgSpc1m
GOyoAPn3q2W9Qmhc2jv5jBBDJQ877uUiosAO/q8ypFU/DtsGqes08UnxjwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFH943oIj15rpeRGvIB5E785xYQSdMB8GA1UdIwQY
MBaAFJ5FmqRgK/+i0mULpmgYRYyJ/EWCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmtXYXBHQXJfNkxTWlF1bWFCaEZqSW44UllJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi85Y2MzMzMtNjhkNS00NjkyLTljNWIt
MjhhODQxZGEwYmZkLzEvZjNqZWdpUFhtdWw1RWE4Z0hrVHZ6bkZoQkowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi85Y2MzMzMtNjhkNS00NjkyLTljNWItMjhhODQxZGEwYmZk
LzEvbmtXYXBHQXJfNkxTWlF1bWFCaEZqSW44UllJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiMAwDBABU90ED
BABU90IwDAMEAFT3SQMEAlT3SAMEAFmVGTANBgkqhkiG9w0BAQsFAAOCAQEAsszx
tT7042A812zPruKRlk+xk9K1DQgc1Pq7UOVa8z7VSoT5OD0pXkF/fW35ASmZGQxE
t2hyZfemppZT3UI3y2nK8x1aOntwGM8dcwVhTWuydDTYJbfIAFy2VwYWjy5wrtVy
5KI2Pe49EMl+jNVQllpl4vBQGm80EeZIs0+0mcnTnM8MYyAdUL32GFLEHZaHuxdO
PGxE8HWizJf5+0+bts87aDs10hSMGMKv11eMt7SM/tQuQGND8HAWlj/bPIpqNzFi
MaXwgfabw6P5m2gAaidaH25mI1LmZuI0Zzid6ZFp2TNIOcV6Dpps+y7/1QiAoPts
Uggxm3oOU9tvsszafg==
-----END CERTIFICATE-----
Generated at Thu Sep 19 17:07:57 2024 by rpki-client on console-fra.rpki-client.org