Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/_Ki03V2vEsT_WxyNbE3ybn1NR_w.roa
File:                     _Ki03V2vEsT_WxyNbE3ybn1NR_w.roa (raw, json)
Hash identifier:          QI0syYeBvvC5cA896yA+aykfNxjXqRO42EL0oLvR8PA=
Subject key identifier:   FC:A8:B4:DD:5D:AF:12:C4:FF:5B:1C:8D:6C:4D:F2:6E:7D:4D:47:FC
Certificate issuer:       /CN=201fe30fc6b4b0d0f6db4e1bfbbd50195dca575c
Certificate serial:       01856F4B726D4E719C3DAFCB6E9F97E00BB9
Authority key identifier: 20:1F:E3:0F:C6:B4:B0:D0:F6:DB:4E:1B:FB:BD:50:19:5D:CA:57:5C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IB_jD8a0sND2204b-71QGV3KV1w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/_Ki03V2vEsT_WxyNbE3ybn1NR_w.roa
Signing time:             Sun 01 Jan 2023 21:44:53 +0000
ROA not before:           Sun 01 Jan 2023 21:44:53 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     20562
IP address blocks:        82.150.150.0/24 maxlen: 24
                          82.150.151.0/24 maxlen: 24
                          82.150.156.0/24 maxlen: 24
                          82.150.157.0/24 maxlen: 24
                          82.150.158.0/24 maxlen: 24
                          82.150.159.0/24 maxlen: 24
                          82.150.153.0/24 maxlen: 24
                          82.150.154.0/24 maxlen: 24
                          82.150.155.0/24 maxlen: 24
                          213.207.20.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:30:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:4b:72:6d:4e:71:9c:3d:af:cb:6e:9f:97:e0:0b:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=201fe30fc6b4b0d0f6db4e1bfbbd50195dca575c
        Validity
            Not Before: Jan  1 21:44:53 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=fca8b4dd5daf12c4ff5b1c8d6c4df26e7d4d47fc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:73:57:0b:fd:22:0f:28:ff:63:ed:86:62:69:
                    eb:ca:c3:99:ee:02:eb:73:ff:17:27:e6:d0:13:61:
                    2b:c0:6a:bc:04:21:52:34:9e:d9:43:1c:14:17:4a:
                    d1:3c:9b:ce:4f:30:e5:44:77:8d:9a:d0:49:b5:92:
                    79:68:3d:79:43:78:46:a7:16:9c:32:3b:90:42:ae:
                    0b:5c:fe:80:9b:d8:dd:21:b3:6b:55:0b:97:47:ff:
                    0d:62:77:b3:b5:d8:4b:f6:23:f6:b2:8a:88:b1:76:
                    62:d5:56:33:5d:0e:80:76:1c:d6:cd:49:08:a3:7e:
                    1f:a6:dc:eb:13:72:2b:5e:88:b4:8b:40:16:73:0d:
                    59:bf:75:8d:fb:2c:80:ce:89:f2:75:f6:f3:f8:02:
                    9a:8d:f1:4e:94:4a:fb:57:81:03:52:3c:4d:3a:ec:
                    5b:8b:30:7e:8e:e3:0c:22:d6:fa:63:83:b4:42:82:
                    d7:87:56:52:36:06:42:44:5d:86:63:90:0d:e5:8c:
                    1c:5f:02:0c:f8:b3:87:15:65:dc:1c:6b:a0:32:5b:
                    25:87:e3:11:64:cf:7f:96:4f:a0:d4:f4:7b:51:58:
                    4f:44:2d:d5:41:f7:1a:b2:2f:64:0d:0f:6d:b8:fa:
                    c6:b2:a5:a1:9b:42:0b:57:6b:6b:19:2f:b3:03:90:
                    63:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FC:A8:B4:DD:5D:AF:12:C4:FF:5B:1C:8D:6C:4D:F2:6E:7D:4D:47:FC
            X509v3 Authority Key Identifier:
                keyid:20:1F:E3:0F:C6:B4:B0:D0:F6:DB:4E:1B:FB:BD:50:19:5D:CA:57:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IB_jD8a0sND2204b-71QGV3KV1w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/_Ki03V2vEsT_WxyNbE3ybn1NR_w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/IB_jD8a0sND2204b-71QGV3KV1w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.150.150.0/23
                  82.150.153.0-82.150.159.255
                  213.207.20.0/24

    Signature Algorithm: sha256WithRSAEncryption
         58:2d:17:3f:8f:b0:64:cf:8a:2a:f9:77:4b:fd:d6:d3:cc:d4:
         35:63:b3:40:b8:d7:ca:97:e8:39:9a:3d:c6:c2:8c:8a:02:5d:
         6b:12:ee:64:87:15:d8:55:1f:15:d5:bc:d8:40:cc:c8:ef:7a:
         fa:d8:a5:23:76:61:90:a1:5b:2d:43:9e:41:43:76:fe:20:4b:
         69:fe:01:47:eb:2b:5c:24:ed:10:fc:7a:17:6a:6f:3e:78:6d:
         0b:92:05:dd:3f:b8:ed:20:ae:b8:d3:a4:f9:54:4f:b9:04:c8:
         f3:5f:19:8e:22:a1:0f:85:82:c9:41:89:ff:50:ba:65:51:bd:
         a2:11:df:bd:f5:3f:15:a7:11:a8:2b:9c:d4:4a:31:44:68:31:
         b7:4a:c7:9a:f8:48:b9:22:c1:13:dd:ba:bb:45:7c:b3:f5:34:
         4a:c5:3c:bd:0f:e8:32:7b:5c:51:9b:69:28:03:09:08:81:53:
         6f:ca:b2:29:2c:89:e8:57:33:84:c1:c1:97:cf:c2:e0:d4:c8:
         be:80:f2:71:63:7d:95:4c:0f:2a:c2:fd:a0:63:7f:84:44:47:
         eb:05:85:93:93:3e:48:64:a0:37:95:5d:9d:0b:8f:4d:aa:d3:
         c2:32:bd:45:50:dc:30:98:14:0a:9d:20:61:5b:f2:18:1e:7c:
         f1:d0:86:8e
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYVvS3JtTnGcPa/Lbp+X4Au5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwMWZlMzBmYzZiNGIwZDBmNmRiNGUxYmZiYmQ1MDE5NWRj
YTU3NWMwHhcNMjMwMTAxMjE0NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmY2E4YjRkZDVkYWYxMmM0ZmY1YjFjOGQ2YzRkZjI2ZTdkNGQ0N2ZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq3NXC/0iDyj/Y+2GYmnrysOZ7gLr
c/8XJ+bQE2ErwGq8BCFSNJ7ZQxwUF0rRPJvOTzDlRHeNmtBJtZJ5aD15Q3hGpxac
MjuQQq4LXP6Am9jdIbNrVQuXR/8NYneztdhL9iP2soqIsXZi1VYzXQ6AdhzWzUkI
o34fptzrE3IrXoi0i0AWcw1Zv3WN+yyAzonydfbz+AKajfFOlEr7V4EDUjxNOuxb
izB+juMMItb6Y4O0QoLXh1ZSNgZCRF2GY5AN5YwcXwIM+LOHFWXcHGugMlslh+MR
ZM9/lk+g1PR7UVhPRC3VQfcasi9kDQ9tuPrGsqWhm0ILV2trGS+zA5BjbQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFPyotN1drxLE/1scjWxN8m59TUf8MB8GA1UdIwQY
MBaAFCAf4w/GtLDQ9ttOG/u9UBldyldcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUJfakQ4YTBzTkQyMjA0Yi03MVFHVjNLVjF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My84ZDgwZjktNDk0ZS00YWJiLTk5NTYt
ZmMxMjFjODAwYjMwLzEvX0tpMDNWMnZFc1RfV3h5TmJFM3libjFOUl93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My84ZDgwZjktNDk0ZS00YWJiLTk5NTYtZmMxMjFjODAwYjMw
LzEvSUJfakQ4YTBzTkQyMjA0Yi03MVFHVjNLVjF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQBUpaWMAwD
BABSlpkDBAVSloADBADVzxQwDQYJKoZIhvcNAQELBQADggEBAFgtFz+PsGTPiir5
d0v91tPM1DVjs0C418qX6DmaPcbCjIoCXWsS7mSHFdhVHxXVvNhAzMjvevrYpSN2
YZChWy1DnkFDdv4gS2n+AUfrK1wk7RD8ehdqbz54bQuSBd0/uO0grrjTpPlUT7kE
yPNfGY4ioQ+FgslBif9QumVRvaIR3731PxWnEagrnNRKMURoMbdKx5r4SLkiwRPd
urtFfLP1NErFPL0P6DJ7XFGbaSgDCQiBU2/KsiksiehXM4TBwZfPwuDUyL6A8nFj
fZVMDyrC/aBjf4RER+sFhZOTPkhkoDeVXZ0Lj02q08IyvUVQ3DCYFAqdIGFb8hge
fPHQho4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:13 2024 by rpki-client on console-fra.rpki-client.org