Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/0Hs25izVXiOq8y2CeuEsMW6day4.roa
File:                     0Hs25izVXiOq8y2CeuEsMW6day4.roa (raw, json)
Hash identifier:          dcjb5GRMpDqyxQRaoW5M2OduvdKuXEx/jRe+djJipH8=
Subject key identifier:   D0:7B:36:E6:2C:D5:5E:23:AA:F3:2D:82:7A:E1:2C:31:6E:9D:6B:2E
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018CCE8A4B7159B1E2DD4C72BC5EB211EBB6
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/0Hs25izVXiOq8y2CeuEsMW6day4.roa
Signing time:             Wed 03 Jan 2024 08:56:58 +0000
ROA not before:           Wed 03 Jan 2024 08:56:58 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     21859
IP address blocks:        82.153.228.0/23 maxlen: 23
                          82.152.176.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Tue 23 Jan 2024 10:58:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:ce:8a:4b:71:59:b1:e2:dd:4c:72:bc:5e:b2:11:eb:b6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jan  3 08:56:58 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=d07b36e62cd55e23aaf32d827ae12c316e9d6b2e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:e9:5d:d8:09:64:cd:8b:35:e3:33:8b:30:1c:
                    dd:dd:cb:46:d3:38:04:af:b1:93:f0:43:9f:8c:0f:
                    e2:ba:88:82:18:9a:3e:7b:b2:da:f7:65:69:75:d4:
                    c9:49:99:1c:a5:9d:db:c8:c8:13:73:80:18:de:23:
                    87:2a:fd:e3:42:63:56:e4:54:c2:d9:57:14:26:28:
                    52:b1:ee:aa:d5:3a:97:10:23:e4:68:c4:3e:3a:fa:
                    fd:ec:5a:36:90:9d:d6:2f:cd:c3:40:1e:67:d1:ae:
                    a9:e6:29:98:18:a2:28:17:aa:43:3d:7c:b7:a3:88:
                    35:27:05:90:64:b0:24:72:a9:b2:bd:24:99:18:6e:
                    5f:b0:92:6e:16:5e:7f:2d:8a:78:f2:72:bb:d9:2e:
                    15:07:7e:e7:35:e8:94:8a:b0:34:37:9d:c3:23:87:
                    df:5c:15:cb:f9:42:81:b1:39:19:b8:ae:81:08:87:
                    05:81:62:69:f1:67:d0:05:eb:b2:74:bb:08:f9:fc:
                    d5:0b:23:45:d0:cd:f7:5a:ba:80:26:b6:67:b7:05:
                    cd:e4:b7:5e:08:34:3c:b5:29:73:1f:84:38:6a:77:
                    f8:e3:2a:aa:32:23:35:54:6d:e0:e6:00:6a:ea:15:
                    ea:00:84:a2:1f:fb:5f:3d:4e:a3:40:57:03:50:fb:
                    8c:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:7B:36:E6:2C:D5:5E:23:AA:F3:2D:82:7A:E1:2C:31:6E:9D:6B:2E
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/0Hs25izVXiOq8y2CeuEsMW6day4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.152.176.0/23
                  82.153.228.0/23

    Signature Algorithm: sha256WithRSAEncryption
         5a:2d:80:ef:83:8f:fd:d8:a8:97:a6:d8:aa:fd:3b:fd:46:f6:
         0a:ca:e3:80:62:9a:83:4d:07:8b:e8:73:92:9e:50:49:71:70:
         3f:cc:2e:1f:dc:7a:23:87:c0:84:cc:0a:c8:50:23:e4:d9:c5:
         58:fd:78:82:20:e8:36:61:bc:2c:ad:46:4e:61:68:f4:ea:45:
         35:7c:73:2d:ec:34:5c:db:40:68:22:dc:f4:8c:15:f2:36:dc:
         9c:ce:d1:8e:9c:ec:a6:89:d2:ce:f5:bf:9e:f0:bb:24:bd:00:
         25:e9:af:be:03:67:7d:07:4c:eb:a3:d8:82:e5:ef:cb:68:5a:
         f6:57:5d:24:4d:25:f4:da:a6:b7:93:04:51:d6:a7:14:9c:48:
         b9:41:83:5f:97:10:05:52:1a:9f:81:74:86:76:99:0e:2d:1e:
         dc:71:86:1c:bc:ca:a8:5a:2b:16:e2:e4:a8:d9:59:17:a2:d7:
         f8:2a:3f:f5:0e:57:44:8a:ab:eb:25:1e:b6:89:16:c5:9f:83:
         65:9b:4f:e5:23:cc:3e:a7:7d:f9:a8:84:c7:08:b4:37:6d:8b:
         58:cb:6a:2b:b1:87:e9:15:6b:c7:4e:f5:b0:58:0c:e2:cc:f7:
         f7:0f:bd:d6:68:f6:8c:a0:51:9f:06:92:2d:3e:f9:5c:33:82:
         88:4b:8a:32
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzOiktxWbHi3UxyvF6yEeu2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMTAzMDg1NjU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDdiMzZlNjJjZDU1ZTIzYWFmMzJkODI3YWUxMmMzMTZlOWQ2YjJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl+ld2AlkzYs14zOLMBzd3ctG0zgE
r7GT8EOfjA/iuoiCGJo+e7La92VpddTJSZkcpZ3byMgTc4AY3iOHKv3jQmNW5FTC
2VcUJihSse6q1TqXECPkaMQ+Ovr97Fo2kJ3WL83DQB5n0a6p5imYGKIoF6pDPXy3
o4g1JwWQZLAkcqmyvSSZGG5fsJJuFl5/LYp48nK72S4VB37nNeiUirA0N53DI4ff
XBXL+UKBsTkZuK6BCIcFgWJp8WfQBeuydLsI+fzVCyNF0M33WrqAJrZntwXN5Lde
CDQ8tSlzH4Q4anf44yqqMiM1VG3g5gBq6hXqAISiH/tfPU6jQFcDUPuM6QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNB7NuYs1V4jqvMtgnrhLDFunWsuMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvMEhzMjVpelZYaU9xOHkyQ2V1RXNNVzZkYXk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBUpiwAwQB
UpnkMA0GCSqGSIb3DQEBCwUAA4IBAQBaLYDvg4/92KiXptiq/Tv9RvYKyuOAYpqD
TQeL6HOSnlBJcXA/zC4f3Hojh8CEzArIUCPk2cVY/XiCIOg2YbwsrUZOYWj06kU1
fHMt7DRc20BoItz0jBXyNtycztGOnOymidLO9b+e8LskvQAl6a++A2d9B0zro9iC
5e/LaFr2V10kTSX02qa3kwRR1qcUnEi5QYNflxAFUhqfgXSGdpkOLR7ccYYcvMqo
WisW4uSo2VkXotf4Kj/1DldEiqvrJR62iRbFn4Nlm0/lI8w+p335qITHCLQ3bYtY
y2orsYfpFWvHTvWwWAzizPf3D73WaPaMoFGfBpItPvlcM4KIS4oy
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:13 2024 by rpki-client on console-fra.rpki-client.org