Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/0AlEC1nmgozQepgr-tFMS8M8MFs.roa
File:                     0AlEC1nmgozQepgr-tFMS8M8MFs.roa (raw, json)
Hash identifier:          tWI26GpjsgdcmosKNEsJOiVwKi3PTjb2uJySqnpPfsw=
Subject key identifier:   D0:09:44:0B:59:E6:82:8C:D0:7A:98:2B:FA:D1:4C:4B:C3:3C:30:5B
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018703FA73BBBA2415635D42C39EF9947CFE
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/0AlEC1nmgozQepgr-tFMS8M8MFs.roa
Signing time:             Tue 21 Mar 2023 11:42:37 +0000
ROA not before:           Tue 21 Mar 2023 11:42:37 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212953
IP address blocks:        82.153.70.0/24 maxlen: 24
                          82.153.71.0/24 maxlen: 24
                          82.152.251.0/24 maxlen: 24
                          82.153.210.0/24 maxlen: 24
                          82.152.255.0/24 maxlen: 24
                          82.153.222.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 03 Apr 2023 07:54:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:03:fa:73:bb:ba:24:15:63:5d:42:c3:9e:f9:94:7c:fe
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Mar 21 11:42:37 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d009440b59e6828cd07a982bfad14c4bc33c305b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:85:93:4e:b4:55:77:be:ca:84:05:62:86:6f:
                    9f:a8:54:4b:de:6c:08:63:a8:dc:46:95:b3:8d:dc:
                    ea:6b:21:15:8c:df:ac:9a:91:9a:03:b8:e1:fa:b5:
                    c2:7a:ec:bc:c4:9b:78:7a:db:9b:dd:80:6f:e4:10:
                    ab:f3:4b:0d:65:16:ec:46:61:58:81:5d:d9:bf:88:
                    32:3d:71:fa:2e:84:fa:0d:ce:0d:9e:98:51:c5:1b:
                    3f:e1:55:5d:59:e4:bc:1b:b6:cb:6f:8d:5b:ff:4f:
                    6f:95:d2:b3:50:91:9d:c9:e9:41:c0:51:8a:44:fc:
                    dc:02:53:26:6a:74:ce:52:f5:05:8d:09:f4:42:f5:
                    b7:bb:fb:11:20:43:7a:f1:7c:65:e2:14:4a:64:61:
                    06:fe:ca:e5:e4:24:76:76:56:eb:47:d7:5c:cd:c6:
                    68:9d:cd:fc:51:43:e7:17:a8:71:d1:b2:20:ee:5f:
                    4f:c2:aa:29:a5:48:a9:77:7e:41:ca:9e:53:3a:ce:
                    6e:ce:6d:a3:30:68:81:92:61:0c:b5:e3:68:ff:85:
                    58:f8:82:e1:b0:b7:6e:92:20:bf:7c:99:4d:00:f6:
                    2d:fb:45:36:8c:47:20:22:f4:06:56:43:e8:b1:b4:
                    a5:ae:ef:e3:aa:a0:1f:0c:f4:80:2a:d4:67:be:1b:
                    ef:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:09:44:0B:59:E6:82:8C:D0:7A:98:2B:FA:D1:4C:4B:C3:3C:30:5B
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/0AlEC1nmgozQepgr-tFMS8M8MFs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.152.251.0/24
                  82.152.255.0/24
                  82.153.70.0/23
                  82.153.210.0/24
                  82.153.222.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a0:5e:7a:dc:0c:77:9b:dc:22:5c:2c:51:fe:cf:36:f5:c1:00:
         22:45:50:ab:e1:74:7a:a7:d6:b1:ce:93:81:e8:2e:e5:90:ef:
         a1:d6:66:6d:91:ad:d3:af:48:34:db:62:d4:de:30:c0:f1:3e:
         e1:4d:a2:41:aa:c2:a2:1d:29:be:62:b1:1b:36:ce:2c:ee:ef:
         30:37:1d:21:8f:ec:87:a3:ad:a5:24:33:2d:12:39:1f:26:43:
         3c:6c:48:1e:ff:51:8e:fc:e1:86:ed:8c:8e:9d:26:f4:0c:4a:
         94:80:82:ad:2f:26:a9:61:8d:22:6f:b6:2c:57:10:2c:24:dc:
         9b:6e:46:b0:e1:82:0e:14:9b:26:59:7b:e1:9e:81:6c:9b:ed:
         0b:81:0d:4d:ed:c3:cf:07:38:27:3f:2e:15:7f:1f:25:ba:92:
         41:6e:06:3b:b0:31:1b:b4:96:96:47:fd:be:0d:da:12:b5:9d:
         30:31:69:d7:a4:fe:c8:e8:b2:99:5d:e4:4c:13:3b:b2:e4:16:
         37:38:86:ca:9e:1f:da:e7:dc:73:f6:db:ea:9b:e8:2d:32:3d:
         27:7a:66:13:41:0d:f4:4c:52:85:cb:5f:5f:82:50:f1:98:c1:
         09:ae:75:07:c4:be:88:63:2e:6c:3c:a2:b4:54:0a:68:d6:35:
         74:26:5c:8a
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYcD+nO7uiQVY11Cw575lHz+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwMzIxMTE0MjM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDA5NDQwYjU5ZTY4MjhjZDA3YTk4MmJmYWQxNGM0YmMzM2MzMDViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqoWTTrRVd77KhAVihm+fqFRL3mwI
Y6jcRpWzjdzqayEVjN+smpGaA7jh+rXCeuy8xJt4etub3YBv5BCr80sNZRbsRmFY
gV3Zv4gyPXH6LoT6Dc4NnphRxRs/4VVdWeS8G7bLb41b/09vldKzUJGdyelBwFGK
RPzcAlMmanTOUvUFjQn0QvW3u/sRIEN68Xxl4hRKZGEG/srl5CR2dlbrR9dczcZo
nc38UUPnF6hx0bIg7l9PwqoppUipd35Byp5TOs5uzm2jMGiBkmEMteNo/4VY+ILh
sLdukiC/fJlNAPYt+0U2jEcgIvQGVkPosbSlru/jqqAfDPSAKtRnvhvvNQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFNAJRAtZ5oKM0HqYK/rRTEvDPDBbMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvMEFsRUMxbm1nb3pRZXBnci10Rk1TOE04TUZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAUpj7AwQA
Upj/AwQBUplGAwQAUpnSAwQAUpneMA0GCSqGSIb3DQEBCwUAA4IBAQCgXnrcDHeb
3CJcLFH+zzb1wQAiRVCr4XR6p9axzpOB6C7lkO+h1mZtka3Tr0g022LU3jDA8T7h
TaJBqsKiHSm+YrEbNs4s7u8wNx0hj+yHo62lJDMtEjkfJkM8bEge/1GO/OGG7YyO
nSb0DEqUgIKtLyapYY0ib7YsVxAsJNybbkaw4YIOFJsmWXvhnoFsm+0LgQ1N7cPP
BzgnPy4Vfx8lupJBbgY7sDEbtJaWR/2+DdoStZ0wMWnXpP7I6LKZXeRMEzuy5BY3
OIbKnh/a59xz9tvqm+gtMj0nemYTQQ30TFKFy19fglDxmMEJrnUHxL6IYy5sPKK0
VApo1jV0JlyK
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:19 2024 by rpki-client on console-ams.rpki-client.org