Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/1HsKcyCtGrl7CM1zfseVl1eaOx8.roa
File:                     1HsKcyCtGrl7CM1zfseVl1eaOx8.roa (raw, json)
Hash identifier:          +1NOtivPtTs/0zhTyu50HcDw68tlycrTJMD6EXmu7W0=
Subject key identifier:   D4:7B:0A:73:20:AD:1A:B9:7B:08:CD:73:7E:C7:95:97:57:9A:3B:1F
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018CC3495607289E86C8F3B8EDAFBF23F38D
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/1HsKcyCtGrl7CM1zfseVl1eaOx8.roa
Signing time:             Mon 01 Jan 2024 04:30:12 +0000
ROA not before:           Mon 01 Jan 2024 04:30:12 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     61112
IP address blocks:        82.153.1.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 23 Jan 2024 10:57:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:49:56:07:28:9e:86:c8:f3:b8:ed:af:bf:23:f3:8d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jan  1 04:30:12 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=d47b0a7320ad1ab97b08cd737ec79597579a3b1f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:be:ce:e5:94:e0:59:52:ca:b3:f9:9e:f3:24:
                    e3:2c:01:73:c0:88:5a:92:98:ca:ea:11:59:ab:fe:
                    66:58:d2:74:99:9d:f4:c4:41:1f:3e:68:4d:bb:7c:
                    a7:1f:61:a7:7a:a8:c9:01:83:fd:a9:ac:d0:28:59:
                    ed:9f:a0:ee:12:85:6d:ec:6d:97:8a:3c:3b:8e:c5:
                    60:89:17:7b:fd:29:22:38:0d:8b:07:7a:44:a1:7f:
                    fb:31:da:6b:96:a1:1d:55:81:30:96:80:08:4a:0a:
                    ae:e7:5c:03:81:53:a7:6b:02:79:08:d3:8a:81:3f:
                    6b:1e:c4:fa:ff:11:06:67:d3:6b:92:41:28:e5:23:
                    5c:28:9e:56:25:69:03:06:9b:3d:49:e4:a3:6d:0b:
                    dd:33:2d:b9:c7:75:ed:cf:4a:72:70:23:82:87:a9:
                    1a:3f:c6:7d:aa:90:38:08:ab:0a:b6:96:24:b1:2f:
                    3d:30:71:67:fd:7a:11:12:b7:d6:0f:9a:0f:f6:85:
                    da:77:92:d6:dc:5c:09:c3:dc:e2:5d:d6:ee:ee:b8:
                    f6:c8:85:8e:5a:fa:c2:95:72:10:06:c6:67:90:a2:
                    de:e7:02:c2:e4:92:72:9e:9b:73:b4:4c:a7:f6:c4:
                    2b:b4:6b:76:f9:31:7a:0a:ba:6d:7c:91:2f:df:95:
                    f2:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:7B:0A:73:20:AD:1A:B9:7B:08:CD:73:7E:C7:95:97:57:9A:3B:1F
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/1HsKcyCtGrl7CM1zfseVl1eaOx8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.1.0/24

    Signature Algorithm: sha256WithRSAEncryption
         17:9a:57:e8:ab:44:58:2c:84:b5:b7:53:48:c3:25:e9:31:90:
         96:a5:ad:65:f6:7a:82:e1:f6:7e:88:fc:3a:d9:72:dc:b3:d3:
         e3:2d:d6:bd:c4:9f:19:5b:10:77:17:c7:56:ea:1a:86:94:c7:
         ab:4f:f8:c2:6d:5e:1f:df:0e:82:50:e8:65:d6:3f:46:a3:15:
         a9:8f:7b:52:d6:58:76:b9:49:04:ee:ef:33:25:0d:27:c1:63:
         5f:70:c5:94:18:30:af:ba:a0:50:83:99:76:8b:d3:fb:12:49:
         1a:75:b5:7f:a6:d9:41:a6:86:3a:5d:4d:b9:eb:00:ee:06:85:
         38:4a:f2:16:6c:5d:15:e0:87:39:52:73:1c:56:29:38:ac:32:
         2c:ad:13:48:fd:13:14:0d:4b:64:cf:b7:c9:45:79:b5:37:76:
         1c:b8:28:ac:6c:bf:c8:1e:74:0a:39:69:35:b2:aa:20:26:bf:
         2d:e0:01:b4:f1:7e:02:6b:3b:74:64:50:ba:96:8f:e7:fb:8e:
         62:65:ad:2a:87:8f:79:ac:b2:19:62:67:07:77:30:c3:35:e0:
         6c:39:7d:2d:04:e7:06:0e:b5:ab:6f:3e:a5:0a:36:81:8d:4a:
         f8:e6:f2:66:da:b7:d5:54:76:e2:fc:fd:66:79:77:4e:35:a7:
         86:70:dd:c0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSVYHKJ6GyPO47a+/I/ONMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMTAxMDQzMDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDdiMGE3MzIwYWQxYWI5N2IwOGNkNzM3ZWM3OTU5NzU3OWEzYjFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyL7O5ZTgWVLKs/me8yTjLAFzwIha
kpjK6hFZq/5mWNJ0mZ30xEEfPmhNu3ynH2GneqjJAYP9qazQKFntn6DuEoVt7G2X
ijw7jsVgiRd7/SkiOA2LB3pEoX/7MdprlqEdVYEwloAISgqu51wDgVOnawJ5CNOK
gT9rHsT6/xEGZ9NrkkEo5SNcKJ5WJWkDBps9SeSjbQvdMy25x3Xtz0pycCOCh6ka
P8Z9qpA4CKsKtpYksS89MHFn/XoRErfWD5oP9oXad5LW3FwJw9ziXdbu7rj2yIWO
WvrClXIQBsZnkKLe5wLC5JJynptztEyn9sQrtGt2+TF6CrptfJEv35XyDwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNR7CnMgrRq5ewjNc37HlZdXmjsfMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvMUhzS2N5Q3RHcmw3Q00xemZzZVZsMWVhT3g4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpkBMA0G
CSqGSIb3DQEBCwUAA4IBAQAXmlfoq0RYLIS1t1NIwyXpMZCWpa1l9nqC4fZ+iPw6
2XLcs9PjLda9xJ8ZWxB3F8dW6hqGlMerT/jCbV4f3w6CUOhl1j9GoxWpj3tS1lh2
uUkE7u8zJQ0nwWNfcMWUGDCvuqBQg5l2i9P7EkkadbV/ptlBpoY6XU256wDuBoU4
SvIWbF0V4Ic5UnMcVik4rDIsrRNI/RMUDUtkz7fJRXm1N3YcuCisbL/IHnQKOWk1
sqogJr8t4AG08X4Cazt0ZFC6lo/n+45iZa0qh495rLIZYmcHdzDDNeBsOX0tBOcG
DrWrbz6lCjaBjUr45vJm2rfVVHbi/P1meXdONaeGcN3A
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:13 2024 by rpki-client on console-fra.rpki-client.org