Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/0eJ8AgwY9Qh6FN2dQ0y3ewydFD8.roa
File:                     0eJ8AgwY9Qh6FN2dQ0y3ewydFD8.roa (raw, json)
Hash identifier:          3glZdwAczJX3H4Iq01nIUzB9vdZLQnJNirn8ILTr8SQ=
Subject key identifier:   D1:E2:7C:02:0C:18:F5:08:7A:14:DD:9D:43:4C:B7:7B:0C:9D:14:3F
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       01878E5843074BADE85F49CABDD4F91CE88B
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/0eJ8AgwY9Qh6FN2dQ0y3ewydFD8.roa
Signing time:             Mon 17 Apr 2023 08:32:41 +0000
ROA not before:           Mon 17 Apr 2023 08:32:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     3320
IP address blocks:        82.153.240.0/24 maxlen: 24
                          81.5.189.0/24 maxlen: 24
                          82.152.178.0/24 maxlen: 24
                          82.153.250.0/24 maxlen: 24
                          82.153.69.0/24 maxlen: 24
                          81.168.35.0/24 maxlen: 24
                          82.153.221.0/24 maxlen: 24
                          82.153.220.0/24 maxlen: 24
                          82.153.223.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 26 Apr 2023 07:59:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:8e:58:43:07:4b:ad:e8:5f:49:ca:bd:d4:f9:1c:e8:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Apr 17 08:32:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d1e27c020c18f5087a14dd9d434cb77b0c9d143f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:8b:12:9a:ea:c4:a3:32:12:4a:42:7a:8d:c8:
                    6f:51:bb:71:42:4f:42:f1:7d:80:56:37:f5:b7:0b:
                    c5:f8:be:0d:eb:f5:07:0b:9c:6a:65:d6:02:c8:f1:
                    8b:6a:00:43:eb:c9:7a:f3:05:6e:2d:23:3f:01:ee:
                    25:db:53:83:9e:83:2c:e5:21:ae:f8:1b:b2:ce:2a:
                    70:8d:52:0e:d6:71:61:22:95:21:76:eb:e3:8b:74:
                    58:20:56:d6:55:79:ac:1e:b5:c6:df:e2:f0:3a:02:
                    5d:8d:69:25:f5:1d:e7:41:2c:47:39:de:18:a8:91:
                    3f:bf:bc:44:55:da:d0:fa:a3:a9:3a:09:df:ea:1d:
                    fe:0b:38:10:a0:80:71:b6:5a:f1:ee:ad:b0:8a:5b:
                    f9:22:18:21:8e:d5:99:ad:1d:44:64:14:e0:80:9d:
                    8e:e0:c5:c4:7e:6b:5c:31:5b:3a:9a:34:a3:15:17:
                    3f:91:e4:c9:91:5f:df:37:51:8b:80:b1:c3:92:8d:
                    f8:fb:2f:43:c3:61:2d:72:a2:8f:34:5c:9e:0a:99:
                    76:a8:31:6c:72:7b:cc:85:2e:19:6e:2c:fb:6a:a7:
                    ff:03:73:9f:29:3c:62:65:56:57:61:47:c6:e8:47:
                    b8:b9:19:df:25:59:ae:56:ce:0b:12:e3:0b:0c:23:
                    66:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:E2:7C:02:0C:18:F5:08:7A:14:DD:9D:43:4C:B7:7B:0C:9D:14:3F
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/0eJ8AgwY9Qh6FN2dQ0y3ewydFD8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.5.189.0/24
                  81.168.35.0/24
                  82.152.178.0/24
                  82.153.69.0/24
                  82.153.220.0/23
                  82.153.223.0/24
                  82.153.240.0/24
                  82.153.250.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9d:92:6a:7a:35:67:bf:45:cb:2f:5d:da:83:2e:23:ff:d7:21:
         37:bc:94:a1:26:f7:6b:b2:64:be:15:31:54:e7:90:b2:bd:0f:
         1f:60:5c:fa:c3:4b:2a:39:b2:83:11:9f:ac:59:27:cb:94:3d:
         46:a1:4e:cc:68:b5:f1:d2:9a:08:ed:5f:8e:cb:0c:dc:46:4b:
         d5:00:ab:fc:b5:fd:21:f5:1f:02:56:52:4f:06:7e:2d:7a:57:
         80:77:34:68:9c:cb:cf:26:b9:75:c9:16:21:16:80:1e:da:0b:
         16:5c:24:8d:20:de:6d:70:f3:d5:ba:85:d5:33:d7:dd:33:5b:
         bc:11:61:ca:0f:dd:b3:61:1e:ea:55:3c:86:a5:17:1c:3b:21:
         76:b7:00:80:31:14:37:45:ea:7d:71:7c:2b:af:53:3d:88:c8:
         88:67:c7:59:d0:86:9b:cf:75:6c:54:ea:ea:25:b0:2c:e4:b4:
         9a:75:59:31:30:84:8d:8e:57:a9:5e:94:6a:13:7c:40:84:ff:
         c3:3e:20:ee:70:40:86:73:2c:e6:7a:2a:5d:ab:3b:b8:bf:34:
         3c:db:c0:8a:10:8f:7b:12:d5:ae:0a:13:9e:0d:95:77:60:4a:
         85:8e:b5:e5:8d:fd:6d:55:a5:5a:bd:05:e4:81:25:ae:d4:77:
         d2:f7:5d:dc
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYeOWEMHS63oX0nKvdT5HOiLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNDE3MDgzMjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWUyN2MwMjBjMThmNTA4N2ExNGRkOWQ0MzRjYjc3YjBjOWQxNDNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0osSmurEozISSkJ6jchvUbtxQk9C
8X2AVjf1twvF+L4N6/UHC5xqZdYCyPGLagBD68l68wVuLSM/Ae4l21ODnoMs5SGu
+BuyzipwjVIO1nFhIpUhduvji3RYIFbWVXmsHrXG3+LwOgJdjWkl9R3nQSxHOd4Y
qJE/v7xEVdrQ+qOpOgnf6h3+CzgQoIBxtlrx7q2wilv5IhghjtWZrR1EZBTggJ2O
4MXEfmtcMVs6mjSjFRc/keTJkV/fN1GLgLHDko34+y9Dw2EtcqKPNFyeCpl2qDFs
cnvMhS4Zbiz7aqf/A3OfKTxiZVZXYUfG6Ee4uRnfJVmuVs4LEuMLDCNmoQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFNHifAIMGPUIehTdnUNMt3sMnRQ/MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvMGVKOEFnd1k5UWg2Rk4yZFEweTNld3lkRkQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAUQW9AwQA
UagjAwQAUpiyAwQAUplFAwQBUpncAwQAUpnfAwQAUpnwAwQAUpn6MA0GCSqGSIb3
DQEBCwUAA4IBAQCdkmp6NWe/RcsvXdqDLiP/1yE3vJShJvdrsmS+FTFU55CyvQ8f
YFz6w0sqObKDEZ+sWSfLlD1GoU7MaLXx0poI7V+OywzcRkvVAKv8tf0h9R8CVlJP
Bn4teleAdzRonMvPJrl1yRYhFoAe2gsWXCSNIN5tcPPVuoXVM9fdM1u8EWHKD92z
YR7qVTyGpRccOyF2twCAMRQ3Rep9cXwrr1M9iMiIZ8dZ0Iabz3VsVOrqJbAs5LSa
dVkxMISNjlepXpRqE3xAhP/DPiDucECGcyzmeipdqzu4vzQ828CKEI97EtWuChOe
DZV3YEqFjrXljf1tVaVavQXkgSWu1HfS913c
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:13 2024 by rpki-client on console-fra.rpki-client.org