Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/0EU8ZbMvRMkGCPwzsiYZU0rxf8Q.roa
File:                     0EU8ZbMvRMkGCPwzsiYZU0rxf8Q.roa (raw, json)
Hash identifier:          tlCFob2Zd7pwiIVdgmvGp35oycUM04JYG4FwKc5BQx8=
Subject key identifier:   D0:45:3C:65:B3:2F:44:C9:06:08:FC:33:B2:26:19:53:4A:F1:7F:C4
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018871C89A067A208C5D6F2509AA1CDA6E44
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/0EU8ZbMvRMkGCPwzsiYZU0rxf8Q.roa
Signing time:             Wed 31 May 2023 12:29:11 +0000
ROA not before:           Wed 31 May 2023 12:29:11 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     42831
IP address blocks:        82.152.110.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 29 Jun 2023 08:58:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:71:c8:9a:06:7a:20:8c:5d:6f:25:09:aa:1c:da:6e:44
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: May 31 12:29:11 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d0453c65b32f44c90608fc33b22619534af17fc4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:be:b8:5e:96:62:d5:2f:df:d2:0d:87:9c:6b:
                    19:52:94:d8:bc:83:57:58:9c:7c:45:bf:d6:fb:0b:
                    ce:d9:25:c3:f6:34:c2:1e:a3:ee:21:f6:d4:23:6d:
                    ae:57:d8:53:f6:4f:9d:f6:ad:4f:62:4e:78:cc:17:
                    f1:1f:26:2c:44:eb:28:ba:8c:d6:e1:48:22:cf:d3:
                    d7:12:34:3f:cd:40:85:77:4c:d1:9a:c6:7b:c4:b2:
                    b5:ea:f7:b7:8b:a2:25:d4:77:b8:56:31:bf:d4:bf:
                    49:db:5a:b7:2b:df:2f:76:1d:27:07:4a:10:0f:bf:
                    7e:54:70:5b:39:28:0c:eb:76:86:3c:51:a8:2b:65:
                    32:cb:1b:e7:09:79:5b:af:f9:f9:51:ed:66:ac:ba:
                    43:7d:ef:53:01:94:74:94:ce:eb:20:ea:58:b1:8d:
                    d5:72:88:f8:1c:5c:d7:ae:f8:f7:8b:58:ea:48:85:
                    45:d6:c4:61:7c:b1:14:ec:44:72:d1:6e:b6:98:5a:
                    f6:1b:62:07:cf:04:15:c7:f3:6e:11:a6:5f:ff:ab:
                    63:5c:4b:53:98:11:31:19:34:f8:ca:50:ec:ed:5d:
                    27:1c:bf:31:16:83:96:e4:c9:ab:02:2a:21:95:dc:
                    50:8a:78:d8:c0:10:cf:7c:5c:1d:8e:bf:d1:d8:c3:
                    00:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:45:3C:65:B3:2F:44:C9:06:08:FC:33:B2:26:19:53:4A:F1:7F:C4
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/0EU8ZbMvRMkGCPwzsiYZU0rxf8Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.152.110.0/24

    Signature Algorithm: sha256WithRSAEncryption
         67:ef:67:6a:2a:31:62:55:1a:ae:3f:e2:6c:63:f4:fe:af:82:
         3f:9f:4d:a0:be:e9:0b:c6:4a:c2:42:55:b8:8e:66:3f:0b:5c:
         7e:0b:9f:24:85:80:30:b5:64:90:98:4e:b7:05:9c:00:82:9c:
         ca:11:3e:f0:60:02:6b:2c:da:6b:86:7c:e1:b2:b7:27:f3:ce:
         a0:a6:22:57:92:04:f8:93:5e:92:a1:fd:51:70:24:85:62:a5:
         21:b4:af:76:02:12:f7:e7:bd:f8:5a:a8:3b:71:e7:1c:62:68:
         95:40:85:95:c9:2d:fe:6a:47:99:8c:5a:d0:68:eb:d7:aa:28:
         32:79:ae:85:0b:73:fa:cb:34:cf:e2:7a:ba:7d:f9:05:68:9c:
         39:be:c1:c2:31:16:96:5e:f2:62:a3:8c:4a:9d:74:ef:b3:4a:
         95:b6:12:51:87:81:49:eb:76:dd:bf:32:79:bd:d7:b0:2f:9a:
         2d:96:a1:84:e7:6d:0f:0f:a8:59:ce:c0:71:6d:e2:55:01:ed:
         25:60:6c:ef:5d:d5:e8:03:c5:68:89:39:ea:15:94:17:55:04:
         28:0f:08:b3:b5:4b:ba:e6:ba:db:d4:71:a5:ea:5b:ad:7f:b2:
         de:a2:90:c8:b8:fd:ed:72:10:80:88:db:39:bb:a8:0a:a7:26:
         e3:5e:b2:8d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYhxyJoGeiCMXW8lCaoc2m5EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNTMxMTIyOTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDQ1M2M2NWIzMmY0NGM5MDYwOGZjMzNiMjI2MTk1MzRhZjE3ZmM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsr64XpZi1S/f0g2HnGsZUpTYvINX
WJx8Rb/W+wvO2SXD9jTCHqPuIfbUI22uV9hT9k+d9q1PYk54zBfxHyYsROsouozW
4Ugiz9PXEjQ/zUCFd0zRmsZ7xLK16ve3i6Il1He4VjG/1L9J21q3K98vdh0nB0oQ
D79+VHBbOSgM63aGPFGoK2UyyxvnCXlbr/n5Ue1mrLpDfe9TAZR0lM7rIOpYsY3V
coj4HFzXrvj3i1jqSIVF1sRhfLEU7ERy0W62mFr2G2IHzwQVx/NuEaZf/6tjXEtT
mBExGTT4ylDs7V0nHL8xFoOW5MmrAiohldxQinjYwBDPfFwdjr/R2MMAgwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNBFPGWzL0TJBgj8M7ImGVNK8X/EMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvMEVVOFpiTXZSTWtHQ1B3enNpWVpVMHJ4ZjhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUphuMA0G
CSqGSIb3DQEBCwUAA4IBAQBn72dqKjFiVRquP+JsY/T+r4I/n02gvukLxkrCQlW4
jmY/C1x+C58khYAwtWSQmE63BZwAgpzKET7wYAJrLNprhnzhsrcn886gpiJXkgT4
k16Sof1RcCSFYqUhtK92AhL35734Wqg7ceccYmiVQIWVyS3+akeZjFrQaOvXqigy
ea6FC3P6yzTP4nq6ffkFaJw5vsHCMRaWXvJio4xKnXTvs0qVthJRh4FJ63bdvzJ5
vdewL5otlqGE520PD6hZzsBxbeJVAe0lYGzvXdXoA8VoiTnqFZQXVQQoDwiztUu6
5rrb1HGl6lutf7LeopDIuP3tchCAiNs5u6gKpybjXrKN
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:13 2024 by rpki-client on console-fra.rpki-client.org