Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/1-Djgw77UTA0Gwsfym_v0D8uDSl8.roa
File:                     1-Djgw77UTA0Gwsfym_v0D8uDSl8.roa (raw, json)
Hash identifier:          riG3rJ6PnGnRkOiLYCmFVJFetGnGLES60h7pDmsm5vM=
Subject key identifier:   F8:38:E0:C3:BE:D4:4C:0D:06:C2:C7:F2:9B:FB:F4:0F:CB:83:4A:5F
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018EB83C778506013A150A22D246191C7201
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/1-Djgw77UTA0Gwsfym_v0D8uDSl8.roa
Signing time:             Sun 07 Apr 2024 11:05:54 +0000
ROA not before:           Sun 07 Apr 2024 11:05:54 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     140208
IP address blocks:        82.163.21.0/24 maxlen: 24
                          213.218.249.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 09 May 2024 15:31:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:b8:3c:77:85:06:01:3a:15:0a:22:d2:46:19:1c:72:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Apr  7 11:05:54 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=f838e0c3bed44c0d06c2c7f29bfbf40fcb834a5f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:3f:60:be:f4:17:33:88:f6:d2:2e:4e:4d:88:
                    70:ba:9b:4f:c9:e7:5b:82:c3:94:32:78:17:d8:84:
                    26:53:f7:a7:c1:a4:64:5f:0d:d6:2d:8f:0d:5c:f4:
                    f1:00:a4:93:51:a4:fd:5b:26:ee:cf:b3:b4:56:2e:
                    83:9c:6e:37:f1:ae:92:3f:a0:f4:8a:fd:76:b5:fa:
                    61:37:fa:03:24:09:ee:3c:88:90:3c:38:6a:00:ca:
                    91:d1:ac:94:ce:40:4e:a5:7c:0f:a9:76:74:be:16:
                    20:6d:92:90:8f:be:f6:4f:79:52:bb:07:65:cf:4e:
                    de:af:e1:e3:b7:b1:17:76:32:c3:8c:13:52:f6:bd:
                    4a:51:f4:78:03:a2:bc:bb:f4:f7:35:5b:72:73:19:
                    22:94:2f:57:ae:8c:42:e0:72:ea:e3:e5:d4:06:78:
                    00:4e:78:2b:bb:9a:8b:39:53:a1:fe:79:3f:64:8a:
                    c7:df:7c:ed:a5:79:04:44:20:14:19:24:f9:64:5c:
                    f9:75:a1:67:de:14:e0:4b:2e:03:ed:97:7d:40:d8:
                    4f:44:b9:86:b1:09:ca:50:12:07:53:99:e5:53:4f:
                    ef:ce:a6:de:9f:80:bf:d6:8b:ea:43:c5:fe:a7:88:
                    21:e7:69:be:59:48:c4:50:8a:cd:19:36:0d:07:3f:
                    96:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:38:E0:C3:BE:D4:4C:0D:06:C2:C7:F2:9B:FB:F4:0F:CB:83:4A:5F
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/1-Djgw77UTA0Gwsfym_v0D8uDSl8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.163.21.0/24
                  213.218.249.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1a:c2:05:02:58:18:c5:46:c0:7b:a9:d0:f5:be:a2:a9:9f:b2:
         86:70:a4:87:88:bb:7f:74:0e:bc:b7:4b:30:af:0e:fc:05:90:
         6e:00:d4:4d:b0:41:13:fd:21:f7:a2:d2:ea:d1:c8:52:6f:7b:
         eb:d0:86:04:bd:3b:1d:10:5d:6d:b0:2c:12:6c:2b:20:5d:c1:
         7f:68:00:4f:2b:a8:04:be:31:d3:f3:c1:c5:b7:df:f3:76:c5:
         14:52:b8:1d:c7:cc:90:fc:c2:20:b1:89:9a:5b:e9:62:52:89:
         c9:b4:8a:a0:b2:e4:92:0b:76:5e:91:cb:2e:de:a3:96:9d:00:
         e9:7c:89:64:4b:fa:4d:d3:47:e3:aa:46:e3:f6:41:b4:88:3d:
         7f:df:d7:12:12:58:13:b6:7b:6a:8a:dd:b1:ad:02:7e:a3:67:
         42:0d:32:ba:1c:55:f8:25:32:38:a6:58:8e:ab:8a:e8:5e:91:
         2f:2a:ed:07:2f:d7:59:a3:3b:d5:5b:8a:01:47:d2:73:8c:48:
         e8:67:03:dc:29:a3:06:df:d4:03:ee:9c:1f:c8:78:a9:4c:38:
         37:a6:a8:6c:ed:0e:c3:eb:d6:ab:41:38:b5:62:8b:ec:61:1e:
         b6:a9:d4:cb:b9:86:8e:b3:97:9f:79:98:62:14:fb:a9:66:23:
         6e:ca:9e:0e
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAY64PHeFBgE6FQoi0kYZHHIBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNDA3MTEwNTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODM4ZTBjM2JlZDQ0YzBkMDZjMmM3ZjI5YmZiZjQwZmNiODM0YTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnj9gvvQXM4j20i5OTYhwuptPyedb
gsOUMngX2IQmU/enwaRkXw3WLY8NXPTxAKSTUaT9Wybuz7O0Vi6DnG438a6SP6D0
iv12tfphN/oDJAnuPIiQPDhqAMqR0ayUzkBOpXwPqXZ0vhYgbZKQj772T3lSuwdl
z07er+Hjt7EXdjLDjBNS9r1KUfR4A6K8u/T3NVtycxkilC9XroxC4HLq4+XUBngA
Tngru5qLOVOh/nk/ZIrH33ztpXkERCAUGST5ZFz5daFn3hTgSy4D7Zd9QNhPRLmG
sQnKUBIHU5nlU0/vzqben4C/1ovqQ8X+p4gh52m+WUjEUIrNGTYNBz+WtQIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPg44MO+1EwNBsLH8pv79A/Lg0pfMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvMS1Eamd3NzdVVEEwR3dzZnltX3YwRDh1RFNsOC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOGEvNDlkYzAwLTk3ZTItNDYyOC1hZTM5LTQxMjI4ZTM5ZmY3
Yy8xL1A5TU5pbjRTX0h2Mkxnd1NIbnpDSnQ2bE81cy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAFKjFQME
ANXa+TANBgkqhkiG9w0BAQsFAAOCAQEAGsIFAlgYxUbAe6nQ9b6iqZ+yhnCkh4i7
f3QOvLdLMK8O/AWQbgDUTbBBE/0h96LS6tHIUm9769CGBL07HRBdbbAsEmwrIF3B
f2gATyuoBL4x0/PBxbff83bFFFK4HcfMkPzCILGJmlvpYlKJybSKoLLkkgt2XpHL
Lt6jlp0A6XyJZEv6TdNH46pG4/ZBtIg9f9/XEhJYE7Z7aordsa0CfqNnQg0yuhxV
+CUyOKZYjquK6F6RLyrtBy/XWaM71VuKAUfSc4xI6GcD3CmjBt/UA+6cH8h4qUw4
N6aobO0Ow+vWq0E4tWKL7GEetqnUy7mGjrOXn3mYYhT7qWYjbsqeDg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:19 2024 by rpki-client on console-ams.rpki-client.org