Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/2b5f5f-bb96-4b31-8a6a-dd115f9e3301/1/XMg8rWhC3dfEEA9__k3lOD1sBkU.roa
File:                     XMg8rWhC3dfEEA9__k3lOD1sBkU.roa (raw, json)
Hash identifier:          anucSKpaKht1cO9oEhc4hslDAcpVRJNLT+mU5we8xCI=
Subject key identifier:   5C:C8:3C:AD:68:42:DD:D7:C4:10:0F:7F:FE:4D:E5:38:3D:6C:06:45
Certificate issuer:       /CN=e909ee3d618974da0cbd805a2da80410a4989881
Certificate serial:       01856B811AB3812FB8402C460FDC39E97DCE
Authority key identifier: E9:09:EE:3D:61:89:74:DA:0C:BD:80:5A:2D:A8:04:10:A4:98:98:81
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6QnuPWGJdNoMvYBaLagEEKSYmIE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1e/2b5f5f-bb96-4b31-8a6a-dd115f9e3301/1/XMg8rWhC3dfEEA9__k3lOD1sBkU.roa
Signing time:             Sun 01 Jan 2023 04:05:01 +0000
ROA not before:           Sun 01 Jan 2023 04:05:01 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     199568
IP address blocks:        82.196.24.0/24 maxlen: 24
                          82.163.38.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 18:31:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:81:1a:b3:81:2f:b8:40:2c:46:0f:dc:39:e9:7d:ce
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e909ee3d618974da0cbd805a2da80410a4989881
        Validity
            Not Before: Jan  1 04:05:01 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5cc83cad6842ddd7c4100f7ffe4de5383d6c0645
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:01:8f:9a:c5:96:6f:0c:4d:a9:30:33:dc:68:
                    d5:6e:aa:f6:6a:58:54:18:1d:95:44:3e:24:97:0f:
                    05:30:07:2c:35:90:c9:42:3b:0b:45:6b:99:3d:2d:
                    21:9a:10:12:2b:12:a2:3b:9c:04:16:be:04:2e:82:
                    fb:ea:90:b1:4b:28:8a:56:24:43:ae:ef:73:2f:bc:
                    68:69:a9:92:66:fc:fb:4b:5e:88:6c:29:ea:c5:9c:
                    8f:e2:40:ec:68:6c:2a:28:39:4c:f1:31:01:0c:d9:
                    94:7b:9b:b5:2f:23:da:14:41:49:f8:ff:c6:d3:5d:
                    59:40:de:7c:aa:a8:70:32:c8:0b:a5:87:e8:08:cf:
                    ee:b6:21:4c:d6:04:49:51:aa:23:68:25:42:01:c8:
                    aa:ed:6c:7a:bf:4a:2a:cb:6b:60:bd:a7:a3:59:41:
                    35:9f:49:87:4f:e4:25:99:10:b0:8a:72:34:7e:93:
                    0d:33:22:65:8f:49:c1:4d:44:36:03:a7:2c:7a:da:
                    fb:d5:b7:99:1b:12:e2:79:06:b0:66:80:14:da:41:
                    f1:b8:fa:a0:98:f6:16:fa:f9:03:ed:50:b9:44:27:
                    40:cb:a7:dc:7b:18:01:e1:50:85:b0:84:6c:1e:ff:
                    1a:b0:76:0b:d9:59:7e:c6:98:ce:36:3f:bc:d2:f3:
                    09:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:C8:3C:AD:68:42:DD:D7:C4:10:0F:7F:FE:4D:E5:38:3D:6C:06:45
            X509v3 Authority Key Identifier:
                keyid:E9:09:EE:3D:61:89:74:DA:0C:BD:80:5A:2D:A8:04:10:A4:98:98:81

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6QnuPWGJdNoMvYBaLagEEKSYmIE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/2b5f5f-bb96-4b31-8a6a-dd115f9e3301/1/XMg8rWhC3dfEEA9__k3lOD1sBkU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/2b5f5f-bb96-4b31-8a6a-dd115f9e3301/1/6QnuPWGJdNoMvYBaLagEEKSYmIE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.163.38.0/24
                  82.196.24.0/24

    Signature Algorithm: sha256WithRSAEncryption
         14:b8:0b:da:d8:2f:8b:a4:9d:c0:ad:fd:75:a3:d6:6a:6f:84:
         a4:59:a4:d8:03:60:93:eb:43:a5:72:f2:3f:56:d2:79:1f:b0:
         b9:6a:26:bb:c2:91:a9:db:ea:8f:6c:06:ca:49:5f:8e:69:02:
         b4:e5:a7:fb:04:e7:85:f9:fc:7f:97:b8:7b:b9:c8:41:f3:bc:
         b9:b5:ca:9d:21:3a:28:1e:66:fb:b6:7f:e1:e5:87:43:76:70:
         af:a9:11:fd:e0:d7:1e:91:56:40:5f:bd:80:e0:9e:6e:bd:56:
         c4:13:5b:0b:b4:01:42:69:21:ad:fc:05:9a:11:61:04:52:f3:
         3e:75:e9:ea:ef:db:1e:6a:fe:a8:1c:6b:d4:1d:1a:61:b9:25:
         b8:45:bc:d0:74:c6:19:a2:66:87:c4:50:c6:1c:d1:bf:a9:a8:
         44:89:46:4b:ea:5e:24:d1:9e:61:90:5d:28:bf:50:3a:35:e0:
         45:3f:2e:3a:95:34:bd:82:c2:ca:60:6c:a6:4b:eb:73:27:66:
         c9:aa:06:8b:21:78:55:b2:bf:ee:d1:04:42:ba:86:b2:96:99:
         51:0a:9e:2d:bc:70:94:eb:e3:fa:18:76:6b:03:2b:a1:e2:15:
         ac:ad:3f:a2:ef:ee:1b:ff:55:e2:4b:96:40:b0:5b:da:7b:8a:
         9b:fe:51:36
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVrgRqzgS+4QCxGD9w56X3OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5MDllZTNkNjE4OTc0ZGEwY2JkODA1YTJkYTgwNDEwYTQ5
ODk4ODEwHhcNMjMwMTAxMDQwNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2M4M2NhZDY4NDJkZGQ3YzQxMDBmN2ZmZTRkZTUzODNkNmMwNjQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhQGPmsWWbwxNqTAz3GjVbqr2alhU
GB2VRD4klw8FMAcsNZDJQjsLRWuZPS0hmhASKxKiO5wEFr4ELoL76pCxSyiKViRD
ru9zL7xoaamSZvz7S16IbCnqxZyP4kDsaGwqKDlM8TEBDNmUe5u1LyPaFEFJ+P/G
011ZQN58qqhwMsgLpYfoCM/utiFM1gRJUaojaCVCAciq7Wx6v0oqy2tgvaejWUE1
n0mHT+QlmRCwinI0fpMNMyJlj0nBTUQ2A6csetr71beZGxLieQawZoAU2kHxuPqg
mPYW+vkD7VC5RCdAy6fcexgB4VCFsIRsHv8asHYL2Vl+xpjONj+80vMJ3QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFzIPK1oQt3XxBAPf/5N5Tg9bAZFMB8GA1UdIwQY
MBaAFOkJ7j1hiXTaDL2AWi2oBBCkmJiBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlFudVBXR0pkTm9NdllCYUxhZ0VFS1NZbUlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8yYjVmNWYtYmI5Ni00YjMxLThhNmEt
ZGQxMTVmOWUzMzAxLzEvWE1nOHJXaEMzZGZFRUE5X19rM2xPRDFzQmtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8yYjVmNWYtYmI5Ni00YjMxLThhNmEtZGQxMTVmOWUzMzAx
LzEvNlFudVBXR0pkTm9NdllCYUxhZ0VFS1NZbUlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUqMmAwQA
UsQYMA0GCSqGSIb3DQEBCwUAA4IBAQAUuAva2C+LpJ3Arf11o9Zqb4SkWaTYA2CT
60OlcvI/VtJ5H7C5aia7wpGp2+qPbAbKSV+OaQK05af7BOeF+fx/l7h7uchB87y5
tcqdITooHmb7tn/h5YdDdnCvqRH94NcekVZAX72A4J5uvVbEE1sLtAFCaSGt/AWa
EWEEUvM+denq79seav6oHGvUHRphuSW4RbzQdMYZomaHxFDGHNG/qahEiUZL6l4k
0Z5hkF0ov1A6NeBFPy46lTS9gsLKYGymS+tzJ2bJqgaLIXhVsr/u0QRCuoaylplR
Cp4tvHCU6+P6GHZrAyuh4hWsrT+i7+4b/1XiS5ZAsFvae4qb/lE2
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:17 2024 by rpki-client on console-ams.rpki-client.org