Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/00c03c-d207-4ec1-9dd9-32449ce6cf89/1/AiM-40FehghumviGgvHIMLm1At8.roa
File:                     AiM-40FehghumviGgvHIMLm1At8.roa (raw, json)
Hash identifier:          MbLni8e+5GtWccPPccSDd6r5uWuOF0l73Nu6WY8Fqkg=
Subject key identifier:   02:23:3E:E3:41:5E:86:08:6E:9A:F8:86:82:F1:C8:30:B9:B5:02:DF
Certificate issuer:       /CN=45ad6f1f1b730c7a016b562c12b31becc4b3e1fa
Certificate serial:       018E7183C6822A9527DBD20D20940CF7EE51
Authority key identifier: 45:AD:6F:1F:1B:73:0C:7A:01:6B:56:2C:12:B3:1B:EC:C4:B3:E1:FA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ra1vHxtzDHoBa1YsErMb7MSz4fo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/63/00c03c-d207-4ec1-9dd9-32449ce6cf89/1/AiM-40FehghumviGgvHIMLm1At8.roa
Signing time:             Sun 24 Mar 2024 17:30:45 +0000
ROA not before:           Sun 24 Mar 2024 17:30:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     30981
IP address blocks:        82.205.216.0/21 maxlen: 21

Validation:               Failed, certificate revoked on Fri 19 Apr 2024 03:38:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:71:83:c6:82:2a:95:27:db:d2:0d:20:94:0c:f7:ee:51
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=45ad6f1f1b730c7a016b562c12b31becc4b3e1fa
        Validity
            Not Before: Mar 24 17:30:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=02233ee3415e86086e9af88682f1c830b9b502df
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:e0:ce:fe:5b:1e:7f:69:5c:77:51:12:47:94:
                    cc:50:54:21:d0:2b:90:11:77:91:27:4c:60:a1:06:
                    14:2d:5a:24:43:df:92:12:5e:87:b1:bb:cc:2f:c0:
                    c2:09:81:54:e4:8b:8c:ca:5f:45:ac:f4:20:38:08:
                    8e:2e:65:86:9a:4b:44:48:72:f1:2b:e1:5b:db:3e:
                    22:78:82:1f:d0:df:6d:3d:1d:91:5a:74:c7:d4:c9:
                    0e:77:5a:b2:84:db:87:8a:0d:93:74:49:2d:62:41:
                    fd:34:dc:53:99:13:b9:67:e6:5f:5b:3e:06:6d:fa:
                    89:3f:dd:7b:44:7d:f2:d3:5a:05:54:4b:58:bd:06:
                    1c:be:ad:69:dc:a7:71:10:2a:e9:ee:0f:e6:7f:d0:
                    cf:6c:2e:34:02:94:43:39:30:ae:11:6f:96:6a:7c:
                    8e:54:ba:60:e2:06:9b:cc:3f:97:44:ab:40:d2:2b:
                    c9:b7:9d:3e:0b:87:64:9b:39:e6:e8:6a:c4:56:0f:
                    10:eb:df:c0:d4:82:ae:1a:df:72:28:32:f1:5b:93:
                    46:56:a1:2d:72:e1:72:03:06:41:f4:14:fb:2a:c8:
                    5e:7f:c1:6d:a6:11:3d:2b:51:63:ff:e1:06:22:4e:
                    a4:c7:fb:d5:a1:12:c9:ba:bd:92:28:3a:89:9a:a0:
                    f8:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:23:3E:E3:41:5E:86:08:6E:9A:F8:86:82:F1:C8:30:B9:B5:02:DF
            X509v3 Authority Key Identifier:
                keyid:45:AD:6F:1F:1B:73:0C:7A:01:6B:56:2C:12:B3:1B:EC:C4:B3:E1:FA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ra1vHxtzDHoBa1YsErMb7MSz4fo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/00c03c-d207-4ec1-9dd9-32449ce6cf89/1/AiM-40FehghumviGgvHIMLm1At8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/63/00c03c-d207-4ec1-9dd9-32449ce6cf89/1/Ra1vHxtzDHoBa1YsErMb7MSz4fo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.205.216.0/21

    Signature Algorithm: sha256WithRSAEncryption
         12:4d:1e:58:a9:bb:e3:a6:86:e3:ef:59:86:93:46:6a:eb:7b:
         37:39:32:0d:1c:9b:9f:04:47:76:12:3b:1b:70:df:e6:35:38:
         d8:12:e9:70:6a:15:df:0e:49:a7:23:2f:03:52:78:52:74:57:
         d6:0b:6a:69:42:da:98:ed:bf:a0:09:c6:20:1d:9a:b1:8e:13:
         77:77:c5:c3:49:53:aa:67:34:c7:2c:83:16:22:1d:6b:61:68:
         41:4d:ef:39:e3:d3:0e:25:06:b1:92:50:13:4b:f0:0e:a4:6f:
         7f:f5:bf:19:98:2b:9d:e8:1f:bd:3f:a6:97:f6:91:7f:c5:aa:
         2a:3d:59:e2:18:68:dd:c5:09:b7:7f:78:08:da:fc:66:4a:74:
         6e:a9:77:60:6d:36:ef:8d:d9:4f:16:f2:1d:3f:bc:14:bf:75:
         c2:bb:fa:41:a1:ca:d3:3f:b8:54:ca:7c:48:b2:7c:6f:ff:39:
         59:b1:c7:42:d6:ba:28:36:b5:1e:de:49:a1:38:d5:55:cb:c8:
         28:3a:79:fc:d1:d6:60:a9:d7:88:cb:79:50:c4:c9:c5:b2:ff:
         a7:c5:55:74:5b:08:e3:60:f8:c3:ec:6e:40:93:97:84:59:79:
         bd:3b:a4:21:08:24:ed:c9:9e:c8:b1:ad:a8:4c:38:a8:3c:4c:
         dd:0e:6f:17
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY5xg8aCKpUn29INIJQM9+5RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1YWQ2ZjFmMWI3MzBjN2EwMTZiNTYyYzEyYjMxYmVjYzRi
M2UxZmEwHhcNMjQwMzI0MTczMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjIzM2VlMzQxNWU4NjA4NmU5YWY4ODY4MmYxYzgzMGI5YjUwMmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAreDO/lsef2lcd1ESR5TMUFQh0CuQ
EXeRJ0xgoQYULVokQ9+SEl6HsbvML8DCCYFU5IuMyl9FrPQgOAiOLmWGmktESHLx
K+Fb2z4ieIIf0N9tPR2RWnTH1MkOd1qyhNuHig2TdEktYkH9NNxTmRO5Z+ZfWz4G
bfqJP917RH3y01oFVEtYvQYcvq1p3KdxECrp7g/mf9DPbC40ApRDOTCuEW+WanyO
VLpg4gabzD+XRKtA0ivJt50+C4dkmznm6GrEVg8Q69/A1IKuGt9yKDLxW5NGVqEt
cuFyAwZB9BT7Kshef8FtphE9K1Fj/+EGIk6kx/vVoRLJur2SKDqJmqD40wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAIjPuNBXoYIbpr4hoLxyDC5tQLfMB8GA1UdIwQY
MBaAFEWtbx8bcwx6AWtWLBKzG+zEs+H6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmExdkh4dHpESG9CYTFZc0VyTWI3TVN6NGZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My8wMGMwM2MtZDIwNy00ZWMxLTlkZDkt
MzI0NDljZTZjZjg5LzEvQWlNLTQwRmVoZ2h1bXZpR2d2SElNTG0xQXQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My8wMGMwM2MtZDIwNy00ZWMxLTlkZDktMzI0NDljZTZjZjg5
LzEvUmExdkh4dHpESG9CYTFZc0VyTWI3TVN6NGZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDUs3YMA0G
CSqGSIb3DQEBCwUAA4IBAQASTR5Yqbvjpobj71mGk0Zq63s3OTINHJufBEd2Ejsb
cN/mNTjYEulwahXfDkmnIy8DUnhSdFfWC2ppQtqY7b+gCcYgHZqxjhN3d8XDSVOq
ZzTHLIMWIh1rYWhBTe8549MOJQaxklATS/AOpG9/9b8ZmCud6B+9P6aX9pF/xaoq
PVniGGjdxQm3f3gI2vxmSnRuqXdgbTbvjdlPFvIdP7wUv3XCu/pBocrTP7hUynxI
snxv/zlZscdC1rooNrUe3kmhONVVy8goOnn80dZgqdeIy3lQxMnFsv+nxVV0Wwjj
YPjD7G5Ak5eEWXm9O6QhCCTtyZ7Isa2oTDioPEzdDm8X
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:37 2024 by rpki-client on console-fra.rpki-client.org