Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/b30e5d-8b3b-4287-9b3b-8232fa3e629d/1/eUnWVcEnB1scv2DUz4XOUcQMsAo.roa
File:                     eUnWVcEnB1scv2DUz4XOUcQMsAo.roa (raw, json)
Hash identifier:          yGK30R0FzZPCGQ/EIBRxemvB54wVn/oC5wwliaEaTLA=
Subject key identifier:   79:49:D6:55:C1:27:07:5B:1C:BF:60:D4:CF:85:CE:51:C4:0C:B0:0A
Certificate issuer:       /CN=d7d0674bd6f0cc9175219a328c8b396829f6c0af
Certificate serial:       018CC3B7203D58A804459CF4267FE57935CA
Authority key identifier: D7:D0:67:4B:D6:F0:CC:91:75:21:9A:32:8C:8B:39:68:29:F6:C0:AF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/19BnS9bwzJF1IZoyjIs5aCn2wK8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dc/b30e5d-8b3b-4287-9b3b-8232fa3e629d/1/eUnWVcEnB1scv2DUz4XOUcQMsAo.roa
Signing time:             Mon 01 Jan 2024 06:30:07 +0000
ROA not before:           Mon 01 Jan 2024 06:30:07 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     39370
IP address blocks:        89.147.3.0/24 maxlen: 24
                          89.147.0.0/23 maxlen: 23
                          89.147.0.0/24 maxlen: 24
                          89.147.4.0/24 maxlen: 24
                          89.147.1.0/24 maxlen: 24
                          89.147.2.0/24 maxlen: 24
                          89.147.7.0/24 maxlen: 24
                          89.147.5.0/24 maxlen: 24
                          89.147.6.0/23 maxlen: 23
                          89.147.6.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 06 Feb 2024 05:30:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:b7:20:3d:58:a8:04:45:9c:f4:26:7f:e5:79:35:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d7d0674bd6f0cc9175219a328c8b396829f6c0af
        Validity
            Not Before: Jan  1 06:30:07 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=7949d655c127075b1cbf60d4cf85ce51c40cb00a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:e9:6c:31:e6:3f:bf:bd:12:5b:2a:07:ac:99:
                    87:6d:49:97:69:17:af:d7:8a:92:5c:c5:6f:82:7e:
                    0d:ac:36:19:1b:c7:ac:39:51:0d:85:4d:74:59:f7:
                    6a:30:57:df:16:13:56:6c:92:8f:95:2c:2c:a0:c1:
                    53:72:4c:68:41:8a:93:89:6b:01:7f:a3:38:e2:14:
                    ab:6b:dd:98:82:f9:48:0f:b8:cc:cc:87:d9:83:ad:
                    d4:5a:e3:30:c8:ab:af:68:7e:5a:08:94:8e:7c:14:
                    56:c9:b5:aa:7d:6b:5b:4c:b2:af:f1:68:93:fe:66:
                    ab:1e:9d:4e:04:6f:a0:fd:50:c6:61:d3:e0:7d:e1:
                    3e:b2:13:de:81:a6:7a:93:e5:7f:8a:4b:43:da:ea:
                    46:bb:09:97:78:05:93:44:9a:78:ea:b5:95:b8:d6:
                    ae:12:6d:f2:74:80:d4:16:f6:07:98:d5:fe:92:37:
                    79:a7:28:05:cf:cf:9d:4a:fd:bf:bd:46:b2:41:8d:
                    cf:e3:82:ff:5c:d7:38:36:61:b1:1d:e9:a6:8a:2a:
                    41:16:70:67:76:21:56:be:9b:99:9c:95:d3:d4:d4:
                    1f:90:bd:cb:6f:f4:cb:3e:ed:0b:82:03:95:a4:eb:
                    7f:1d:77:48:aa:33:b5:ca:be:45:e1:83:6b:4a:f5:
                    2d:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:49:D6:55:C1:27:07:5B:1C:BF:60:D4:CF:85:CE:51:C4:0C:B0:0A
            X509v3 Authority Key Identifier:
                keyid:D7:D0:67:4B:D6:F0:CC:91:75:21:9A:32:8C:8B:39:68:29:F6:C0:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/19BnS9bwzJF1IZoyjIs5aCn2wK8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/b30e5d-8b3b-4287-9b3b-8232fa3e629d/1/eUnWVcEnB1scv2DUz4XOUcQMsAo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/b30e5d-8b3b-4287-9b3b-8232fa3e629d/1/19BnS9bwzJF1IZoyjIs5aCn2wK8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.147.0.0/21

    Signature Algorithm: sha256WithRSAEncryption
         40:17:b2:1f:ca:90:0c:0c:3a:1f:01:0f:b8:39:26:73:44:e3:
         fe:36:fc:e7:c3:a5:fe:1f:ab:19:a1:5a:34:76:28:4f:ef:83:
         db:b9:77:e1:b3:7d:c5:89:d1:a1:23:9c:41:d6:c0:af:f9:50:
         a0:f5:4a:6e:45:ae:60:1d:b1:1e:f6:4b:ae:68:bc:5e:e4:69:
         6d:ed:6d:f8:5a:34:c7:de:f6:9f:37:77:ae:31:42:88:60:02:
         30:45:7f:43:0f:8b:b7:f1:29:7d:15:21:d1:7a:60:78:91:f0:
         f5:13:81:10:ac:62:d0:3d:5f:22:f1:e9:8a:e5:d8:a2:fb:0e:
         96:e3:5e:57:0b:46:f5:c5:cf:65:47:5b:b2:03:f9:7f:fc:10:
         a2:58:cd:bd:da:f4:e0:f0:f9:a5:1a:85:1c:7f:64:0b:38:19:
         3f:75:93:bf:f3:07:c3:83:5c:f9:3c:c0:44:20:ae:75:08:1b:
         d4:06:97:80:00:90:cb:b7:cd:56:f1:b8:b3:df:ac:8e:99:58:
         64:82:c4:e8:f9:eb:09:a8:a1:92:cf:d6:59:39:94:bc:dd:44:
         ac:eb:45:be:78:90:7b:d9:e9:e9:13:f0:58:a0:be:48:e6:f9:
         60:47:1a:a6:72:98:23:57:54:5a:27:87:22:b2:e7:06:7d:10:
         eb:44:2c:99
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDtyA9WKgERZz0Jn/leTXKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3ZDA2NzRiZDZmMGNjOTE3NTIxOWEzMjhjOGIzOTY4Mjlm
NmMwYWYwHhcNMjQwMTAxMDYzMDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTQ5ZDY1NWMxMjcwNzViMWNiZjYwZDRjZjg1Y2U1MWM0MGNiMDBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkOlsMeY/v70SWyoHrJmHbUmXaRev
14qSXMVvgn4NrDYZG8esOVENhU10WfdqMFffFhNWbJKPlSwsoMFTckxoQYqTiWsB
f6M44hSra92YgvlID7jMzIfZg63UWuMwyKuvaH5aCJSOfBRWybWqfWtbTLKv8WiT
/marHp1OBG+g/VDGYdPgfeE+shPegaZ6k+V/iktD2upGuwmXeAWTRJp46rWVuNau
Em3ydIDUFvYHmNX+kjd5pygFz8+dSv2/vUayQY3P44L/XNc4NmGxHemmiipBFnBn
diFWvpuZnJXT1NQfkL3Lb/TLPu0LggOVpOt/HXdIqjO1yr5F4YNrSvUtZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHlJ1lXBJwdbHL9g1M+FzlHEDLAKMB8GA1UdIwQY
MBaAFNfQZ0vW8MyRdSGaMoyLOWgp9sCvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTlCblM5Ynd6SkYxSVpveWpJczVhQ24yd0s4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9iMzBlNWQtOGIzYi00Mjg3LTliM2It
ODIzMmZhM2U2MjlkLzEvZVVuV1ZjRW5CMXNjdjJEVXo0WE9VY1FNc0FvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9iMzBlNWQtOGIzYi00Mjg3LTliM2ItODIzMmZhM2U2Mjlk
LzEvMTlCblM5Ynd6SkYxSVpveWpJczVhQ24yd0s4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDWZMAMA0G
CSqGSIb3DQEBCwUAA4IBAQBAF7IfypAMDDofAQ+4OSZzROP+Nvznw6X+H6sZoVo0
dihP74PbuXfhs33FidGhI5xB1sCv+VCg9UpuRa5gHbEe9kuuaLxe5Glt7W34WjTH
3vafN3euMUKIYAIwRX9DD4u38Sl9FSHRemB4kfD1E4EQrGLQPV8i8emK5dii+w6W
415XC0b1xc9lR1uyA/l//BCiWM292vTg8PmlGoUcf2QLOBk/dZO/8wfDg1z5PMBE
IK51CBvUBpeAAJDLt81W8biz36yOmVhkgsTo+esJqKGSz9ZZOZS83USs60W+eJB7
2enpE/BYoL5I5vlgRxqmcpgjV1RaJ4cisucGfRDrRCyZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:47 2024 by rpki-client on console-ams.rpki-client.org