Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/0r0IuDSpX1Q62EYN6aApcPRF-Yk.roa
File:                     0r0IuDSpX1Q62EYN6aApcPRF-Yk.roa (raw, json)
Hash identifier:          xcfEtLnObURnDThcl+t40dGvPDuLXHEYike+jUqbl7M=
Subject key identifier:   D2:BD:08:B8:34:A9:5F:54:3A:D8:46:0D:E9:A0:29:70:F4:45:F9:89
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018E8B0F62CDD5021B353FCA8BF0C1FDFD4A
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/0r0IuDSpX1Q62EYN6aApcPRF-Yk.roa
Signing time:             Fri 29 Mar 2024 16:33:45 +0000
ROA not before:           Fri 29 Mar 2024 16:33:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     14618
IP address blocks:        82.152.174.0/23 maxlen: 23
                          82.153.208.0/22 maxlen: 22
                          194.105.80.0/20 maxlen: 20

Validation:               Failed, certificate revoked on Sun 31 Mar 2024 18:53:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:8b:0f:62:cd:d5:02:1b:35:3f:ca:8b:f0:c1:fd:fd:4a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Mar 29 16:33:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=d2bd08b834a95f543ad8460de9a02970f445f989
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:a3:bb:91:f6:55:82:7c:3e:3e:c6:f0:ee:2d:
                    c3:8a:93:f7:01:c4:3d:60:d1:32:04:c7:75:eb:aa:
                    7c:65:2a:19:65:34:66:35:f2:d8:cf:38:81:35:0f:
                    7a:1a:07:8a:9d:9b:20:5e:3c:fb:f9:db:c0:50:05:
                    0e:3f:db:53:a3:e7:f8:32:be:41:10:0f:00:9c:eb:
                    34:cd:60:4a:49:b8:35:00:f7:9c:83:49:e0:69:7e:
                    84:43:f8:68:0d:11:96:03:da:18:56:42:cc:45:c4:
                    89:4d:59:3b:af:de:fd:8b:81:ad:9f:92:2b:68:72:
                    a9:60:dc:95:02:c4:da:22:d8:e8:a3:dc:13:6e:4a:
                    40:41:96:35:09:35:4a:14:75:74:b0:0d:9b:fe:72:
                    76:0d:ce:f2:25:01:ab:0a:70:07:a3:aa:93:3e:d5:
                    b4:d2:28:f8:2a:ea:da:49:9d:b3:8c:bb:d7:65:67:
                    db:49:00:c3:db:90:78:86:1a:f1:56:7f:96:de:29:
                    2b:8b:88:2a:66:3a:7c:c0:9a:49:30:47:32:2c:3f:
                    7a:11:74:bb:10:f6:8f:80:db:aa:81:13:ad:d4:cd:
                    58:97:b1:c3:72:2b:83:97:38:11:d5:ef:5d:96:2f:
                    0a:15:13:33:01:cb:02:66:8e:89:e8:72:e5:c9:2a:
                    c4:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:BD:08:B8:34:A9:5F:54:3A:D8:46:0D:E9:A0:29:70:F4:45:F9:89
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/0r0IuDSpX1Q62EYN6aApcPRF-Yk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.152.174.0/23
                  82.153.208.0/22
                  194.105.80.0/20

    Signature Algorithm: sha256WithRSAEncryption
         3b:68:59:08:03:20:73:0f:f6:bf:a8:b5:c9:ac:a7:e5:26:a3:
         eb:bf:54:1a:15:b9:3c:7d:ca:4a:e8:5f:28:bf:af:d7:8e:39:
         3a:33:88:b1:92:59:76:0e:d4:38:7a:81:aa:49:88:49:df:0d:
         9d:49:84:10:2b:a5:b2:97:47:f6:45:95:2e:56:e2:07:78:6c:
         77:1f:0c:8d:0c:84:16:6c:cd:20:ee:77:0d:fe:00:c9:3d:bf:
         ba:ae:ea:bf:18:db:67:8d:69:18:dd:14:9a:b2:93:a9:6f:f1:
         cd:0e:ce:ca:15:8a:42:20:6b:49:aa:30:76:f1:67:f7:dc:ec:
         c3:27:91:81:07:2d:4f:eb:aa:e5:88:77:69:65:9b:85:c5:59:
         43:28:cf:12:fe:51:c3:bb:03:32:cc:6e:b6:1e:64:59:bc:b5:
         4f:4a:69:9e:44:f7:c0:8c:b0:3b:64:6e:24:b4:c3:f1:67:05:
         65:a3:80:21:7b:f4:0f:bb:dd:1a:34:17:d3:ca:23:d8:ca:f9:
         b6:99:7a:c6:2c:61:df:d1:5a:93:ee:f6:bd:a3:0a:12:30:a6:
         77:80:ab:1a:c0:04:17:e3:b3:e1:83:da:c1:7a:d7:10:48:8d:
         a8:64:51:e9:d3:96:0c:8f:1a:16:df:87:5f:ff:15:3a:0e:7c:
         17:9f:44:f2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY6LD2LN1QIbNT/Ki/DB/f1KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMzI5MTYzMzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmJkMDhiODM0YTk1ZjU0M2FkODQ2MGRlOWEwMjk3MGY0NDVmOTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkKO7kfZVgnw+Psbw7i3DipP3AcQ9
YNEyBMd166p8ZSoZZTRmNfLYzziBNQ96GgeKnZsgXjz7+dvAUAUOP9tTo+f4Mr5B
EA8AnOs0zWBKSbg1APecg0ngaX6EQ/hoDRGWA9oYVkLMRcSJTVk7r979i4Gtn5Ir
aHKpYNyVAsTaItjoo9wTbkpAQZY1CTVKFHV0sA2b/nJ2Dc7yJQGrCnAHo6qTPtW0
0ij4KuraSZ2zjLvXZWfbSQDD25B4hhrxVn+W3ikri4gqZjp8wJpJMEcyLD96EXS7
EPaPgNuqgROt1M1Yl7HDciuDlzgR1e9dli8KFRMzAcsCZo6J6HLlySrETQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNK9CLg0qV9UOthGDemgKXD0RfmJMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvMHIwSXVEU3BYMVE2MkVZTjZhQXBjUFJGLVlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBUpiuAwQC
UpnQAwQEwmlQMA0GCSqGSIb3DQEBCwUAA4IBAQA7aFkIAyBzD/a/qLXJrKflJqPr
v1QaFbk8fcpK6F8ov6/Xjjk6M4ixkll2DtQ4eoGqSYhJ3w2dSYQQK6Wyl0f2RZUu
VuIHeGx3HwyNDIQWbM0g7ncN/gDJPb+6ruq/GNtnjWkY3RSaspOpb/HNDs7KFYpC
IGtJqjB28Wf33OzDJ5GBBy1P66rliHdpZZuFxVlDKM8S/lHDuwMyzG62HmRZvLVP
SmmeRPfAjLA7ZG4ktMPxZwVlo4Ahe/QPu90aNBfTyiPYyvm2mXrGLGHf0VqT7va9
owoSMKZ3gKsawAQX47Phg9rBetcQSI2oZFHp05YMjxoW34df/xU6DnwXn0Ty
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:13 2024 by rpki-client on console-fra.rpki-client.org