Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/1-JYnDzECULWSuF8Srh5xAdLGxYY.roa
File:                     1-JYnDzECULWSuF8Srh5xAdLGxYY.roa (raw, json)
Hash identifier:          HXuAeezgGhDJuGRx6ovNfeF1NP8AjSZo2rgH4/D5kLs=
Subject key identifier:   F8:96:27:0F:31:02:50:B5:92:B8:5F:12:AE:1E:71:01:D2:C6:C5:86
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018DBCCFA7D31C3FA5FB8E634ABD873155F1
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/1-JYnDzECULWSuF8Srh5xAdLGxYY.roa
Signing time:             Sun 18 Feb 2024 15:22:21 +0000
ROA not before:           Sun 18 Feb 2024 15:22:21 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     834
IP address blocks:        82.153.136.0/22 maxlen: 22
                          89.213.148.0/22 maxlen: 24
                          89.213.152.0/22 maxlen: 24
                          89.213.156.0/22 maxlen: 24
                          89.213.165.0/24 maxlen: 24
                          89.213.172.0/22 maxlen: 24
                          89.213.173.0/24 maxlen: 24
                          89.213.180.0/24 maxlen: 24
                          185.49.126.0/23 maxlen: 24
                          213.152.42.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 22 Feb 2024 16:11:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:bc:cf:a7:d3:1c:3f:a5:fb:8e:63:4a:bd:87:31:55:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Feb 18 15:22:21 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=f896270f310250b592b85f12ae1e7101d2c6c586
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:72:b8:52:4d:d2:f3:1e:dd:9e:ae:2a:9d:83:
                    7f:e1:51:55:c7:7c:2b:2c:0c:0e:56:45:2b:93:48:
                    f2:3c:0e:53:b5:b5:40:41:b9:0a:09:5a:ad:86:75:
                    07:d2:66:eb:37:98:9f:74:ad:95:10:c6:8c:57:95:
                    d1:1f:26:c2:5c:29:97:5d:87:04:17:34:70:10:64:
                    7e:ad:2a:51:3c:ed:76:fc:5c:2c:a1:8b:64:d0:bf:
                    2c:2a:07:b8:c5:b7:37:cd:bd:a8:24:89:cf:fa:8b:
                    38:e6:a0:64:ac:94:20:79:b2:58:e0:62:56:50:7d:
                    9e:22:07:76:45:93:59:8b:ca:08:4a:39:29:32:e9:
                    34:e0:11:6a:c3:9a:41:7f:14:f7:90:cc:a2:71:44:
                    54:b8:04:8a:b1:20:06:4b:29:64:6b:d9:bd:1c:48:
                    bb:a0:9f:af:72:97:6e:89:f2:36:74:69:0f:7c:2b:
                    0f:37:4e:c2:6b:0b:02:4d:7c:4a:23:aa:e7:fd:d9:
                    02:c3:c4:87:9f:0a:f6:6a:0d:3d:11:c2:82:c6:6d:
                    38:82:91:cb:c2:59:c2:8d:17:97:c6:72:af:26:34:
                    0e:f9:fe:1b:27:05:d9:c6:b7:dc:8d:5a:e8:a9:f3:
                    9a:fa:1a:97:41:10:0d:8b:50:e2:7c:4d:9a:45:6e:
                    19:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:96:27:0F:31:02:50:B5:92:B8:5F:12:AE:1E:71:01:D2:C6:C5:86
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/1-JYnDzECULWSuF8Srh5xAdLGxYY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.136.0/22
                  89.213.148.0-89.213.159.255
                  89.213.165.0/24
                  89.213.172.0/22
                  89.213.180.0/24
                  185.49.126.0/23
                  213.152.42.0/24

    Signature Algorithm: sha256WithRSAEncryption
         18:a5:93:5e:1b:8a:e2:17:5f:95:be:28:79:9c:f6:e6:52:4a:
         39:57:df:05:4d:6d:c7:9b:0a:ed:1e:cd:69:c7:fc:02:f2:0e:
         03:ff:cb:13:79:25:53:16:03:65:75:18:bd:b6:bd:3d:ec:5e:
         57:17:fc:4b:ef:da:13:de:b4:44:95:1a:a7:e5:04:f9:01:cc:
         ab:cb:0e:b9:90:6f:fd:8f:63:80:a3:5b:e6:7a:65:52:88:40:
         70:35:ac:08:15:5c:a7:54:d2:63:9b:cc:c4:d6:ed:68:47:5f:
         c9:b8:50:46:65:84:f9:24:23:67:8e:a4:dc:97:65:26:3d:80:
         09:fa:fc:1d:c2:8f:73:dc:37:6d:50:ba:ad:44:73:47:54:6f:
         a5:2b:30:f1:39:60:20:c0:53:4e:04:90:f8:f0:64:9e:82:ce:
         c5:b3:72:53:8a:7e:13:63:c7:fd:d7:15:ce:81:9c:38:08:fe:
         48:59:22:1c:b4:dc:f3:f2:05:b3:41:4a:ec:49:a5:1b:ac:50:
         b5:d6:c0:90:38:b3:a9:ad:d9:94:ba:24:44:b6:de:8f:ca:e0:
         5b:7e:ce:52:21:a8:d9:47:0e:a4:6b:88:32:0e:04:72:65:98:
         b6:9d:a0:fb:f4:d4:5c:40:4c:98:f6:92:30:c7:0b:9a:80:70:
         5e:2d:71:c9
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAY28z6fTHD+l+45jSr2HMVXxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMjE4MTUyMjIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODk2MjcwZjMxMDI1MGI1OTJiODVmMTJhZTFlNzEwMWQyYzZjNTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo3K4Uk3S8x7dnq4qnYN/4VFVx3wr
LAwOVkUrk0jyPA5TtbVAQbkKCVqthnUH0mbrN5ifdK2VEMaMV5XRHybCXCmXXYcE
FzRwEGR+rSpRPO12/FwsoYtk0L8sKge4xbc3zb2oJInP+os45qBkrJQgebJY4GJW
UH2eIgd2RZNZi8oISjkpMuk04BFqw5pBfxT3kMyicURUuASKsSAGSylka9m9HEi7
oJ+vcpduifI2dGkPfCsPN07CawsCTXxKI6rn/dkCw8SHnwr2ag09EcKCxm04gpHL
wlnCjReXxnKvJjQO+f4bJwXZxrfcjVroqfOa+hqXQRANi1DifE2aRW4ZXwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFPiWJw8xAlC1krhfEq4ecQHSxsWGMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvMS1KWW5EekVDVUxXU3VGOFNyaDV4QWRMR3hZWS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOGEvNDlkYzAwLTk3ZTItNDYyOC1hZTM5LTQxMjI4ZTM5ZmY3
Yy8xL1A5TU5pbjRTX0h2Mkxnd1NIbnpDSnQ2bE81cy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBLBggrBgEFBQcBBwEB/wQ8MDowOAQCAAEwMgMEAlKZiDAM
AwQCWdWUAwQFWdWAAwQAWdWlAwQCWdWsAwQAWdW0AwQBuTF+AwQA1ZgqMA0GCSqG
SIb3DQEBCwUAA4IBAQAYpZNeG4riF1+Vvih5nPbmUko5V98FTW3HmwrtHs1px/wC
8g4D/8sTeSVTFgNldRi9tr097F5XF/xL79oT3rRElRqn5QT5Acyryw65kG/9j2OA
o1vmemVSiEBwNawIFVynVNJjm8zE1u1oR1/JuFBGZYT5JCNnjqTcl2UmPYAJ+vwd
wo9z3DdtULqtRHNHVG+lKzDxOWAgwFNOBJD48GSegs7Fs3JTin4TY8f91xXOgZw4
CP5IWSIctNzz8gWzQUrsSaUbrFC11sCQOLOprdmUuiREtt6PyuBbfs5SIajZRw6k
a4gyDgRyZZi2naD79NRcQEyY9pIwxwuagHBeLXHJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:19 2024 by rpki-client on console-ams.rpki-client.org