Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/s_IzNLflXdZQvY_tKl-f4KYa_3s.roa
File:                     s_IzNLflXdZQvY_tKl-f4KYa_3s.roa (raw, json)
Hash identifier:          upMc+rMvh9fc1O9gQUEWgBEe+jeF3eRZ4izuQHW7D2w=
Subject key identifier:   B3:F2:33:34:B7:E5:5D:D6:50:BD:8F:ED:2A:5F:9F:E0:A6:1A:FF:7B
Certificate issuer:       /CN=201fe30fc6b4b0d0f6db4e1bfbbd50195dca575c
Certificate serial:       01856F4B76C0E067A8E7350228890E64A10D
Authority key identifier: 20:1F:E3:0F:C6:B4:B0:D0:F6:DB:4E:1B:FB:BD:50:19:5D:CA:57:5C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IB_jD8a0sND2204b-71QGV3KV1w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/s_IzNLflXdZQvY_tKl-f4KYa_3s.roa
Signing time:             Sun 01 Jan 2023 21:44:54 +0000
ROA not before:           Sun 01 Jan 2023 21:44:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     31477
IP address blocks:        82.150.139.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:30:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:4b:76:c0:e0:67:a8:e7:35:02:28:89:0e:64:a1:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=201fe30fc6b4b0d0f6db4e1bfbbd50195dca575c
        Validity
            Not Before: Jan  1 21:44:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b3f23334b7e55dd650bd8fed2a5f9fe0a61aff7b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:b8:08:cf:65:c5:89:ef:e7:00:e3:51:16:59:
                    43:0e:05:56:30:e3:89:3e:99:50:d9:e1:22:a5:74:
                    f4:b1:91:c4:0c:51:9c:49:b7:80:21:39:19:34:1f:
                    43:bc:08:88:46:0e:43:2e:a4:5f:e7:7b:85:41:91:
                    da:ab:37:5f:66:43:f2:86:57:1a:42:1b:ae:24:c1:
                    5c:c3:af:27:f4:74:b7:2a:d6:61:c6:5a:eb:ff:53:
                    96:cc:71:94:56:f9:4b:e4:db:b4:4b:e4:53:e8:f2:
                    cc:cf:c0:79:90:be:62:37:78:21:c7:2b:49:c5:3f:
                    9e:23:4e:ce:a0:05:02:45:0a:dc:5f:5c:f8:6e:6e:
                    6b:5d:1b:7d:8d:80:58:fb:d2:bb:e6:f2:3a:52:81:
                    b6:cb:a4:24:15:82:a4:7e:8c:65:a2:98:58:17:a9:
                    52:86:a5:16:c4:be:8c:7f:8d:32:9a:32:bf:63:2d:
                    3e:ba:63:f1:eb:c7:28:35:d3:37:17:b7:fe:16:ad:
                    32:dc:aa:cd:07:7a:bd:8b:00:5e:72:e1:fb:5f:c5:
                    c8:06:44:14:1e:e3:d8:30:f7:61:5d:f3:43:3d:93:
                    e1:ff:8e:96:2a:65:8a:ad:79:f0:88:12:67:ad:c2:
                    61:fa:c4:5c:23:57:37:23:d8:87:9f:79:c3:53:71:
                    3e:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:F2:33:34:B7:E5:5D:D6:50:BD:8F:ED:2A:5F:9F:E0:A6:1A:FF:7B
            X509v3 Authority Key Identifier:
                keyid:20:1F:E3:0F:C6:B4:B0:D0:F6:DB:4E:1B:FB:BD:50:19:5D:CA:57:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IB_jD8a0sND2204b-71QGV3KV1w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/s_IzNLflXdZQvY_tKl-f4KYa_3s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/IB_jD8a0sND2204b-71QGV3KV1w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.150.139.0/24

    Signature Algorithm: sha256WithRSAEncryption
         59:9c:77:67:25:e1:5e:a6:a3:84:9c:bf:2b:cb:50:14:2c:02:
         d6:0c:dd:7c:b4:8c:4c:32:63:e8:46:70:34:4d:26:58:a5:ab:
         90:ec:84:59:d6:c5:90:da:9e:fd:bf:c6:a2:cf:16:dc:10:f3:
         58:51:20:9e:fa:3d:bf:74:34:53:48:29:36:4c:12:1c:ec:a4:
         26:2e:85:ba:39:c2:8f:5d:2f:09:d0:7b:26:8c:ae:71:99:62:
         c2:f5:43:28:27:1a:f7:4a:6f:76:cb:37:16:26:e2:ed:19:c8:
         ab:a8:9c:8b:b0:4b:91:66:95:9b:bc:52:7d:5c:31:a4:ad:48:
         e1:62:27:90:3c:ae:19:27:ff:9a:4f:7c:95:f4:3e:95:74:11:
         3f:65:b1:09:35:43:b6:c2:d6:d9:a3:3c:ee:b9:cf:a1:35:43:
         1a:8f:c5:e3:7e:c4:ce:55:1d:be:7a:c3:79:ec:72:cd:6e:f9:
         de:af:c6:c9:a0:4c:c6:74:73:19:a6:c1:d3:29:11:92:7c:66:
         a0:3d:2f:30:d0:69:cf:f3:05:a7:d2:28:b0:7b:09:d1:05:a3:
         58:d8:2f:1d:b1:c9:aa:35:d2:16:89:b0:04:4d:ce:9f:af:58:
         26:15:e3:ae:2c:2a:db:60:4a:8d:58:eb:6c:c3:24:93:21:43:
         5b:81:b8:ed
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvS3bA4Geo5zUCKIkOZKENMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwMWZlMzBmYzZiNGIwZDBmNmRiNGUxYmZiYmQ1MDE5NWRj
YTU3NWMwHhcNMjMwMTAxMjE0NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2YyMzMzNGI3ZTU1ZGQ2NTBiZDhmZWQyYTVmOWZlMGE2MWFmZjdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm7gIz2XFie/nAONRFllDDgVWMOOJ
PplQ2eEipXT0sZHEDFGcSbeAITkZNB9DvAiIRg5DLqRf53uFQZHaqzdfZkPyhlca
QhuuJMFcw68n9HS3KtZhxlrr/1OWzHGUVvlL5Nu0S+RT6PLMz8B5kL5iN3ghxytJ
xT+eI07OoAUCRQrcX1z4bm5rXRt9jYBY+9K75vI6UoG2y6QkFYKkfoxlophYF6lS
hqUWxL6Mf40ymjK/Yy0+umPx68coNdM3F7f+Fq0y3KrNB3q9iwBecuH7X8XIBkQU
HuPYMPdhXfNDPZPh/46WKmWKrXnwiBJnrcJh+sRcI1c3I9iHn3nDU3E+awIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLPyMzS35V3WUL2P7Spfn+CmGv97MB8GA1UdIwQY
MBaAFCAf4w/GtLDQ9ttOG/u9UBldyldcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUJfakQ4YTBzTkQyMjA0Yi03MVFHVjNLVjF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My84ZDgwZjktNDk0ZS00YWJiLTk5NTYt
ZmMxMjFjODAwYjMwLzEvc19Jek5MZmxYZFpRdllfdEtsLWY0S1lhXzNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My84ZDgwZjktNDk0ZS00YWJiLTk5NTYtZmMxMjFjODAwYjMw
LzEvSUJfakQ4YTBzTkQyMjA0Yi03MVFHVjNLVjF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpaLMA0G
CSqGSIb3DQEBCwUAA4IBAQBZnHdnJeFepqOEnL8ry1AULALWDN18tIxMMmPoRnA0
TSZYpauQ7IRZ1sWQ2p79v8aizxbcEPNYUSCe+j2/dDRTSCk2TBIc7KQmLoW6OcKP
XS8J0HsmjK5xmWLC9UMoJxr3Sm92yzcWJuLtGcirqJyLsEuRZpWbvFJ9XDGkrUjh
YieQPK4ZJ/+aT3yV9D6VdBE/ZbEJNUO2wtbZozzuuc+hNUMaj8XjfsTOVR2+esN5
7HLNbvner8bJoEzGdHMZpsHTKRGSfGagPS8w0GnP8wWn0iiwewnRBaNY2C8dscmq
NdIWibAETc6fr1gmFeOuLCrbYEqNWOtswySTIUNbgbjt
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:13 2024 by rpki-client on console-fra.rpki-client.org