Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/0pK1dMnq2Ou6M-n3yjgf6964epg.roa
File:                     0pK1dMnq2Ou6M-n3yjgf6964epg.roa (raw, json)
Hash identifier:          y3dYfBtnTDhOV5M5ZKpdMbWDMjxtAJXigXSKdx0kBuQ=
Subject key identifier:   D2:92:B5:74:C9:EA:D8:EB:BA:33:E9:F7:CA:38:1F:EB:DE:B8:7A:98
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       0186C0A36B94AA7E2709857092824C583102
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/0pK1dMnq2Ou6M-n3yjgf6964epg.roa
Signing time:             Wed 08 Mar 2023 09:53:00 +0000
ROA not before:           Wed 08 Mar 2023 09:53:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     46844
IP address blocks:        82.152.253.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 09 May 2023 08:26:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:c0:a3:6b:94:aa:7e:27:09:85:70:92:82:4c:58:31:02
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Mar  8 09:53:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d292b574c9ead8ebba33e9f7ca381febdeb87a98
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:d0:0c:cb:c3:b1:30:77:d6:bb:fc:6d:02:2c:
                    00:3f:28:ee:12:a6:c1:04:0e:2e:16:a8:ce:bb:59:
                    38:e0:ca:58:21:11:4c:c9:ec:e5:21:a0:5f:47:c0:
                    4c:e0:ea:3b:ff:12:3a:da:10:0a:9d:e9:a1:e0:fa:
                    6a:96:d8:5e:e3:06:9d:86:0d:80:b1:ee:26:1b:9c:
                    ae:49:fc:79:1a:63:37:26:16:8e:f9:ef:6f:2f:f5:
                    ef:db:c0:e1:1b:82:12:62:f5:55:6f:87:a5:b0:ef:
                    0b:07:1f:51:f3:9e:1c:06:8a:83:58:ba:96:5c:e8:
                    32:82:58:93:29:6f:43:e6:16:5e:fa:60:78:ae:bb:
                    2b:ff:a4:68:70:87:3d:ef:0f:51:75:84:ad:f9:06:
                    dd:c3:b4:b7:18:c1:82:e8:7f:80:d2:99:f0:1a:d0:
                    2a:9b:ca:4d:7c:7c:ee:fa:f6:62:02:d8:a8:ab:18:
                    43:ae:4e:22:e3:c5:d9:83:94:b2:97:2f:e7:0b:d5:
                    6d:59:f6:ca:8c:ed:fa:f6:da:92:85:48:8d:26:67:
                    89:8d:26:b6:33:74:97:79:53:b0:5b:ff:c3:a0:6a:
                    a7:b8:6a:c9:f9:da:3e:2d:2c:3d:c7:89:66:d9:be:
                    79:e2:98:4d:c8:3d:1b:ab:cb:fd:2a:08:be:28:c3:
                    fb:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:92:B5:74:C9:EA:D8:EB:BA:33:E9:F7:CA:38:1F:EB:DE:B8:7A:98
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/0pK1dMnq2Ou6M-n3yjgf6964epg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.152.253.0/24

    Signature Algorithm: sha256WithRSAEncryption
         72:f6:ae:e5:a2:0d:48:4a:41:7b:c9:5b:fa:2a:f7:43:08:c8:
         5a:34:19:ff:26:29:8a:98:a4:ea:f8:4c:78:6b:7c:48:82:36:
         a8:72:be:62:e3:72:3c:06:0b:5e:fc:bc:89:59:e9:6d:ff:ab:
         ef:bb:43:35:2c:07:7c:a4:1e:d5:ec:36:77:be:8e:9f:e3:06:
         aa:fb:74:58:62:0b:e6:05:5b:3b:c3:30:bf:87:ab:78:3c:40:
         fd:10:64:b2:53:a2:f3:be:c8:07:51:93:18:d5:6b:a5:df:95:
         4e:8e:bf:fe:fc:6e:6a:3e:50:3b:e3:c4:1d:96:2b:45:65:05:
         4a:ec:80:d2:2f:86:2d:2f:85:21:db:f7:2a:6a:eb:fd:b1:d9:
         d2:67:ce:09:cf:53:37:b3:ec:94:56:01:92:c1:ed:34:ce:d9:
         d7:4b:ca:87:e5:0a:fa:50:80:92:45:8d:f4:80:72:78:cd:ee:
         4c:b6:37:3c:e9:82:74:48:fa:29:f4:25:d4:3c:56:b0:8f:7e:
         90:11:44:07:a1:47:37:fa:01:27:56:f0:52:13:52:33:2f:b0:
         16:12:f6:f8:48:93:de:af:82:a6:f5:24:db:c3:39:b7:30:56:
         a4:02:32:d4:74:eb:66:dc:d9:64:e8:25:ff:13:48:74:ec:55:
         52:85:2b:c8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYbAo2uUqn4nCYVwkoJMWDECMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwMzA4MDk1MzAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjkyYjU3NGM5ZWFkOGViYmEzM2U5ZjdjYTM4MWZlYmRlYjg3YTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzdAMy8OxMHfWu/xtAiwAPyjuEqbB
BA4uFqjOu1k44MpYIRFMyezlIaBfR8BM4Oo7/xI62hAKnemh4Ppqlthe4wadhg2A
se4mG5yuSfx5GmM3JhaO+e9vL/Xv28DhG4ISYvVVb4elsO8LBx9R854cBoqDWLqW
XOgygliTKW9D5hZe+mB4rrsr/6RocIc97w9RdYSt+Qbdw7S3GMGC6H+A0pnwGtAq
m8pNfHzu+vZiAtioqxhDrk4i48XZg5Syly/nC9VtWfbKjO369tqShUiNJmeJjSa2
M3SXeVOwW//DoGqnuGrJ+do+LSw9x4lm2b554phNyD0bq8v9Kgi+KMP7oQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNKStXTJ6tjrujPp98o4H+veuHqYMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvMHBLMWRNbnEyT3U2TS1uM3lqZ2Y2OTY0ZXBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpj9MA0G
CSqGSIb3DQEBCwUAA4IBAQBy9q7log1ISkF7yVv6KvdDCMhaNBn/JimKmKTq+Ex4
a3xIgjaocr5i43I8Bgte/LyJWelt/6vvu0M1LAd8pB7V7DZ3vo6f4waq+3RYYgvm
BVs7wzC/h6t4PED9EGSyU6LzvsgHUZMY1Wul35VOjr/+/G5qPlA748QdlitFZQVK
7IDSL4YtL4Uh2/cqauv9sdnSZ84Jz1M3s+yUVgGSwe00ztnXS8qH5Qr6UICSRY30
gHJ4ze5Mtjc86YJ0SPop9CXUPFawj36QEUQHoUc3+gEnVvBSE1IzL7AWEvb4SJPe
r4Km9STbwzm3MFakAjLUdOtm3Nlk6CX/E0h07FVShSvI
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:13 2024 by rpki-client on console-fra.rpki-client.org