Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/0Oe_SaajUXvbW1Epqhhdv4PezEc.roa
File:                     0Oe_SaajUXvbW1Epqhhdv4PezEc.roa (raw, json)
Hash identifier:          7yBR9o0yz3S9gDLYa5GEUuMUfvZxbVu5QPEqQir61Bw=
Subject key identifier:   D0:E7:BF:49:A6:A3:51:7B:DB:5B:51:29:AA:18:5D:BF:83:DE:CC:47
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018C90A457937C6C0A4FBAA94F95593427BF
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/0Oe_SaajUXvbW1Epqhhdv4PezEc.roa
Signing time:             Fri 22 Dec 2023 08:28:58 +0000
ROA not before:           Fri 22 Dec 2023 08:28:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     21859
IP address blocks:        82.153.228.0/23 maxlen: 23
                          82.152.176.0/23 maxlen: 23
                          82.153.241.0/24 maxlen: 24
                          82.153.70.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:30:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:90:a4:57:93:7c:6c:0a:4f:ba:a9:4f:95:59:34:27:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Dec 22 08:28:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d0e7bf49a6a3517bdb5b5129aa185dbf83decc47
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:6a:4d:4f:e7:0d:cd:8c:a1:7d:cf:cb:73:2e:
                    1c:5c:fb:0f:c7:2d:59:69:70:90:cf:82:20:85:00:
                    40:11:29:8e:28:7d:15:b6:64:32:a6:f4:6d:ed:c3:
                    8c:86:b6:8e:ac:7f:c3:91:4b:87:65:33:7e:e4:5c:
                    48:36:66:01:65:be:90:66:80:dd:2c:ac:8b:88:20:
                    54:eb:ff:a4:1f:a5:7f:b4:79:f6:6c:f8:4f:8f:2f:
                    db:53:73:5d:05:1a:69:f6:af:93:d4:69:0c:2b:3b:
                    17:ce:89:0c:e6:71:81:08:a9:bf:b5:7b:73:34:1f:
                    fc:a0:a3:15:c1:0d:e4:4c:3b:8c:87:90:8a:b5:40:
                    f4:09:bd:0a:bf:54:d7:db:f4:13:92:48:5f:24:7e:
                    82:ae:02:46:c4:90:81:d7:70:a7:0e:37:f8:29:71:
                    4a:4b:37:73:7f:bc:42:6a:69:24:d8:f8:93:1f:84:
                    51:a8:4a:b5:9d:da:1a:ed:58:cf:3e:67:99:aa:0c:
                    66:a3:69:57:a6:6c:64:fd:47:1f:90:5d:10:34:d1:
                    09:ce:20:4f:91:15:08:d8:0a:c8:87:43:ba:ac:48:
                    20:5b:13:7e:34:bb:b0:be:7b:95:7b:ec:e5:ce:b8:
                    3b:4d:e6:ae:61:63:7a:7e:34:81:4b:31:0e:7d:df:
                    45:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:E7:BF:49:A6:A3:51:7B:DB:5B:51:29:AA:18:5D:BF:83:DE:CC:47
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/0Oe_SaajUXvbW1Epqhhdv4PezEc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.152.176.0/23
                  82.153.70.0/24
                  82.153.228.0/23
                  82.153.241.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9c:fb:17:2b:3c:ba:73:ac:68:ef:14:6a:47:af:96:6a:be:e1:
         e0:83:fb:06:32:e1:59:7a:6e:04:f0:14:bd:57:60:83:dc:c5:
         52:b8:1f:16:45:aa:24:2f:65:73:b0:ed:13:2d:e3:82:b4:e8:
         fb:59:c4:45:e7:a8:c7:0d:44:7b:18:ba:b0:7e:ce:77:d9:a9:
         a7:21:ec:bc:29:7e:c2:82:f8:20:ce:0d:8e:c3:43:28:8f:fc:
         f2:5b:33:e3:21:6d:45:c7:ba:0d:f7:7b:d2:5d:c0:04:c5:06:
         fa:d3:55:c7:80:b8:37:b1:f1:7b:49:fa:a6:96:ca:d3:2c:08:
         cb:27:36:f5:c2:73:33:b7:a4:3f:07:0b:f3:9b:60:9e:20:0f:
         97:51:df:21:c9:5b:00:ce:bc:15:06:4b:3c:01:2c:ff:1d:8c:
         72:7a:7a:f6:7e:50:0f:e4:8d:83:ba:e9:56:df:8b:fe:57:eb:
         d0:a1:00:5f:8e:0d:56:d4:4e:74:91:a3:b7:45:f6:56:75:ed:
         a6:46:1f:c0:bd:3e:9b:68:64:fd:31:e2:18:dc:97:bf:00:22:
         4d:9e:9f:b5:55:8c:ac:80:6b:b8:41:85:a0:05:16:83:a9:26:
         ce:38:08:a1:0e:4f:b0:ac:75:be:6e:26:37:7a:73:ef:82:49:
         c8:90:aa:c2
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYyQpFeTfGwKT7qpT5VZNCe/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMxMjIyMDgyODU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGU3YmY0OWE2YTM1MTdiZGI1YjUxMjlhYTE4NWRiZjgzZGVjYzQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkmpNT+cNzYyhfc/Lcy4cXPsPxy1Z
aXCQz4IghQBAESmOKH0VtmQypvRt7cOMhraOrH/DkUuHZTN+5FxINmYBZb6QZoDd
LKyLiCBU6/+kH6V/tHn2bPhPjy/bU3NdBRpp9q+T1GkMKzsXzokM5nGBCKm/tXtz
NB/8oKMVwQ3kTDuMh5CKtUD0Cb0Kv1TX2/QTkkhfJH6CrgJGxJCB13CnDjf4KXFK
Szdzf7xCamkk2PiTH4RRqEq1ndoa7VjPPmeZqgxmo2lXpmxk/UcfkF0QNNEJziBP
kRUI2ArIh0O6rEggWxN+NLuwvnuVe+zlzrg7TeauYWN6fjSBSzEOfd9FRwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNDnv0mmo1F721tRKaoYXb+D3sxHMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvME9lX1NhYWpVWHZiVzFFcHFoaGR2NFBlekVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBUpiwAwQA
UplGAwQBUpnkAwQAUpnxMA0GCSqGSIb3DQEBCwUAA4IBAQCc+xcrPLpzrGjvFGpH
r5ZqvuHgg/sGMuFZem4E8BS9V2CD3MVSuB8WRaokL2VzsO0TLeOCtOj7WcRF56jH
DUR7GLqwfs532amnIey8KX7Cgvggzg2Ow0Moj/zyWzPjIW1Fx7oN93vSXcAExQb6
01XHgLg3sfF7SfqmlsrTLAjLJzb1wnMzt6Q/Bwvzm2CeIA+XUd8hyVsAzrwVBks8
ASz/HYxyenr2flAP5I2DuulW34v+V+vQoQBfjg1W1E50kaO3RfZWde2mRh/AvT6b
aGT9MeIY3Je/ACJNnp+1VYysgGu4QYWgBRaDqSbOOAihDk+wrHW+biY3enPvgknI
kKrC
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:13 2024 by rpki-client on console-fra.rpki-client.org