Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/nWe498GlJcQ0rbkbeqY8kGAUnzQ.roa
File:                     nWe498GlJcQ0rbkbeqY8kGAUnzQ.roa (raw, json)
Hash identifier:          HDOGnsD3rFxbCCXcxgFqif+wvB3G1FPjrSjCOTBrmdw=
Subject key identifier:   9D:67:B8:F7:C1:A5:25:C4:34:AD:B9:1B:7A:A6:3C:90:60:14:9F:34
Certificate issuer:       /CN=201fe30fc6b4b0d0f6db4e1bfbbd50195dca575c
Certificate serial:       01880B8F216285567AB8397AB9F2E0B8EA85
Authority key identifier: 20:1F:E3:0F:C6:B4:B0:D0:F6:DB:4E:1B:FB:BD:50:19:5D:CA:57:5C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IB_jD8a0sND2204b-71QGV3KV1w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/nWe498GlJcQ0rbkbeqY8kGAUnzQ.roa
Signing time:             Thu 11 May 2023 16:05:09 +0000
ROA not before:           Thu 11 May 2023 16:05:09 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     30785
IP address blocks:        82.150.140.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:30:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:0b:8f:21:62:85:56:7a:b8:39:7a:b9:f2:e0:b8:ea:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=201fe30fc6b4b0d0f6db4e1bfbbd50195dca575c
        Validity
            Not Before: May 11 16:05:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9d67b8f7c1a525c434adb91b7aa63c9060149f34
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:14:5c:c9:7a:bf:ef:a0:ed:8a:63:86:48:e3:
                    f1:1c:2f:62:fb:83:58:3d:e6:6f:f6:1c:13:95:25:
                    7d:db:9c:9b:29:dd:a9:8a:53:06:85:6a:e9:6a:3d:
                    81:a5:5b:e5:8c:35:f0:cb:e3:4d:61:4c:54:46:10:
                    bd:10:98:83:7d:2c:54:97:a2:04:5e:90:7b:be:01:
                    09:c7:32:da:f4:ab:78:fc:e1:4e:a9:83:e7:78:05:
                    0a:cd:01:35:12:2d:07:57:0d:2d:85:50:3e:1f:84:
                    0c:19:48:31:9a:79:b0:ff:8e:1f:a9:eb:49:ff:06:
                    dc:10:48:41:60:84:31:c1:5b:62:20:c1:8a:5f:d4:
                    73:d9:ed:65:77:6f:a5:71:e8:30:80:89:13:33:0a:
                    8b:20:01:e7:51:b5:a3:32:de:0b:5c:25:52:a6:d6:
                    85:7f:d2:ba:e9:7f:b6:d8:91:02:df:d0:de:5f:2b:
                    04:04:f6:45:8f:f3:b1:8d:81:93:51:3e:ae:83:ed:
                    1f:20:b4:2d:20:8a:c5:57:69:7a:8e:09:64:14:b8:
                    b7:eb:7f:76:67:46:6b:ab:77:9d:3c:54:4b:25:3a:
                    e8:eb:3e:30:56:5b:d2:fa:55:a8:3a:7f:9a:6c:15:
                    b6:ca:d3:a6:aa:2a:77:a9:dd:18:0d:7d:fa:60:0c:
                    2f:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:67:B8:F7:C1:A5:25:C4:34:AD:B9:1B:7A:A6:3C:90:60:14:9F:34
            X509v3 Authority Key Identifier:
                keyid:20:1F:E3:0F:C6:B4:B0:D0:F6:DB:4E:1B:FB:BD:50:19:5D:CA:57:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IB_jD8a0sND2204b-71QGV3KV1w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/nWe498GlJcQ0rbkbeqY8kGAUnzQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/IB_jD8a0sND2204b-71QGV3KV1w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.150.140.0/22

    Signature Algorithm: sha256WithRSAEncryption
         61:3e:a7:be:66:a1:1e:fa:26:7b:ef:be:2a:72:97:1b:86:03:
         28:e1:97:7f:b1:24:46:95:73:f7:97:1e:bd:1f:32:e2:6a:13:
         2b:42:ee:b0:00:fb:4f:40:29:b2:32:0e:5f:49:8b:ae:2e:b5:
         5d:15:41:b5:f5:f5:5a:de:ad:4a:60:e9:23:ef:a8:5d:d7:6b:
         16:6a:58:fb:8b:3c:90:32:47:1c:12:bd:1c:86:ed:76:72:2e:
         8d:d3:0c:96:2f:47:a0:3f:5d:38:91:66:dd:c6:40:9a:04:5f:
         f7:28:83:15:c8:1c:bd:6d:74:f4:5d:80:da:4c:b2:6f:1f:91:
         9e:e8:b9:6e:44:0d:44:99:74:a4:26:af:b5:af:e0:fa:2f:f4:
         03:24:d4:d0:6d:4f:2d:f0:d4:cb:bd:90:b2:cc:ec:ad:9b:d9:
         f3:3a:cf:87:55:ac:88:7e:3d:b8:6e:84:65:a6:13:50:f2:d9:
         49:74:74:b8:2c:2f:f9:17:66:45:6d:6b:59:39:3a:d0:ca:63:
         e0:4a:b4:b2:07:f5:93:80:08:c9:06:88:b6:9b:46:ce:4a:47:
         ab:39:5d:64:36:9e:eb:d9:0d:c1:c2:90:c0:f5:e6:40:b4:f6:
         5d:87:31:06:ec:71:9c:87:75:df:a7:1d:db:0b:6d:13:b1:3c:
         1d:66:0c:4e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYgLjyFihVZ6uDl6ufLguOqFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwMWZlMzBmYzZiNGIwZDBmNmRiNGUxYmZiYmQ1MDE5NWRj
YTU3NWMwHhcNMjMwNTExMTYwNTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDY3YjhmN2MxYTUyNWM0MzRhZGI5MWI3YWE2M2M5MDYwMTQ5ZjM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAphRcyXq/76DtimOGSOPxHC9i+4NY
PeZv9hwTlSV925ybKd2pilMGhWrpaj2BpVvljDXwy+NNYUxURhC9EJiDfSxUl6IE
XpB7vgEJxzLa9Kt4/OFOqYPneAUKzQE1Ei0HVw0thVA+H4QMGUgxmnmw/44fqetJ
/wbcEEhBYIQxwVtiIMGKX9Rz2e1ld2+lcegwgIkTMwqLIAHnUbWjMt4LXCVSptaF
f9K66X+22JEC39DeXysEBPZFj/OxjYGTUT6ug+0fILQtIIrFV2l6jglkFLi36392
Z0Zrq3edPFRLJTro6z4wVlvS+lWoOn+abBW2ytOmqip3qd0YDX36YAwvTQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ1nuPfBpSXENK25G3qmPJBgFJ80MB8GA1UdIwQY
MBaAFCAf4w/GtLDQ9ttOG/u9UBldyldcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUJfakQ4YTBzTkQyMjA0Yi03MVFHVjNLVjF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My84ZDgwZjktNDk0ZS00YWJiLTk5NTYt
ZmMxMjFjODAwYjMwLzEvbldlNDk4R2xKY1EwcmJrYmVxWThrR0FVbnpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My84ZDgwZjktNDk0ZS00YWJiLTk5NTYtZmMxMjFjODAwYjMw
LzEvSUJfakQ4YTBzTkQyMjA0Yi03MVFHVjNLVjF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCUpaMMA0G
CSqGSIb3DQEBCwUAA4IBAQBhPqe+ZqEe+iZ7774qcpcbhgMo4Zd/sSRGlXP3lx69
HzLiahMrQu6wAPtPQCmyMg5fSYuuLrVdFUG19fVa3q1KYOkj76hd12sWalj7izyQ
MkccEr0chu12ci6N0wyWL0egP104kWbdxkCaBF/3KIMVyBy9bXT0XYDaTLJvH5Ge
6LluRA1EmXSkJq+1r+D6L/QDJNTQbU8t8NTLvZCyzOytm9nzOs+HVayIfj24boRl
phNQ8tlJdHS4LC/5F2ZFbWtZOTrQymPgSrSyB/WTgAjJBoi2m0bOSkerOV1kNp7r
2Q3BwpDA9eZAtPZdhzEG7HGch3Xfpx3bC20TsTwdZgxO
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:13 2024 by rpki-client on console-fra.rpki-client.org