Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/1cgU1IQbxwNBmc7t-TjI6BI_D_8.roa
File:                     1cgU1IQbxwNBmc7t-TjI6BI_D_8.roa (raw, json)
Hash identifier:          Sn0/766rh57CKTmXlOi+AeRBoN/zTRCMa+uscgDNDBQ=
Subject key identifier:   D5:C8:14:D4:84:1B:C7:03:41:99:CE:ED:F9:38:C8:E8:12:3F:0F:FF
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018E6551D57C34ECB3A59C81DA4A9FDEA34E
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/1cgU1IQbxwNBmc7t-TjI6BI_D_8.roa
Signing time:             Fri 22 Mar 2024 08:40:45 +0000
ROA not before:           Fri 22 Mar 2024 08:40:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     215638
IP address blocks:        213.218.252.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Mon 25 Mar 2024 09:09:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:65:51:d5:7c:34:ec:b3:a5:9c:81:da:4a:9f:de:a3:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Mar 22 08:40:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=d5c814d4841bc7034199ceedf938c8e8123f0fff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:e9:1f:c4:24:ad:0e:d9:b2:55:18:43:31:b0:
                    d0:87:32:8d:1f:0e:1a:da:c5:ad:47:96:0b:42:5b:
                    b6:b2:28:dc:d8:ee:d4:bb:1b:a6:92:5f:6a:62:88:
                    65:38:c3:a8:6d:37:3a:69:69:57:89:3d:fe:87:43:
                    77:fd:2d:70:a5:26:a3:c4:c1:3b:32:ec:2e:17:84:
                    fb:f9:88:b9:00:f5:c1:90:5e:5f:5d:d4:1f:72:9c:
                    61:aa:0b:d4:ab:97:a1:d0:e4:22:1c:58:1b:e0:c8:
                    dc:30:b1:6b:b7:eb:ef:68:f1:7c:61:a1:88:f4:26:
                    92:d9:ea:15:f9:dd:d6:98:15:be:1d:3d:eb:37:20:
                    09:b2:92:f1:1a:96:c0:3c:ac:c3:25:b4:cd:ea:50:
                    a4:19:3a:3f:7a:ef:7d:96:72:e3:ca:5f:1a:0d:43:
                    7c:37:1f:b3:36:23:a5:7f:a7:52:ce:c1:07:57:5f:
                    4e:f3:f7:c6:60:67:44:c9:97:60:31:8d:2b:ac:fe:
                    27:54:19:63:89:93:69:66:9d:57:3f:87:da:31:12:
                    9a:98:69:1e:a0:93:8a:75:0c:0d:a7:60:37:76:32:
                    ad:6a:12:6d:40:3c:6a:0f:bd:84:0d:94:3c:9a:ef:
                    7f:3b:ab:6c:28:cd:8d:e9:91:69:79:90:bb:5f:83:
                    7c:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:C8:14:D4:84:1B:C7:03:41:99:CE:ED:F9:38:C8:E8:12:3F:0F:FF
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/1cgU1IQbxwNBmc7t-TjI6BI_D_8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.218.252.0/23

    Signature Algorithm: sha256WithRSAEncryption
         70:47:46:39:d6:83:ad:73:60:85:07:8b:e3:96:c3:78:79:eb:
         b7:a9:94:78:6c:fe:aa:5a:a7:ae:83:60:d6:41:42:cc:4a:2d:
         4c:45:05:50:3b:f8:6e:89:50:7b:22:f1:87:98:72:25:d7:65:
         69:c0:34:77:56:9b:b7:1b:16:8e:46:c6:6a:38:d5:66:01:fa:
         07:b7:c6:6d:e1:c6:bc:9e:57:10:ed:99:48:ed:77:c4:eb:1e:
         38:67:e5:bf:4b:30:89:20:06:2b:cc:11:78:30:c8:02:58:e9:
         91:36:58:a7:c0:d9:e7:29:97:72:92:51:dd:19:c0:81:0d:82:
         ae:30:40:c3:ff:76:03:86:95:b4:7b:0e:b4:4c:9f:6d:00:73:
         71:3f:0c:22:d3:34:df:19:b4:a8:ac:0a:5b:2c:5b:3a:14:16:
         fd:6c:9a:f9:e6:2a:1a:96:06:ec:14:52:4e:b9:d4:5d:be:92:
         67:eb:cd:7b:38:4d:9b:7f:fd:19:56:03:30:15:40:9e:32:2e:
         f6:6b:83:12:1d:aa:f8:a6:21:57:f2:d0:53:06:fe:c5:8f:33:
         34:a4:61:66:74:cc:70:f5:b4:4b:41:38:62:bc:3b:91:93:ee:
         dd:da:25:d2:69:93:83:01:5a:ee:39:f8:e2:53:f0:bd:3c:34:
         42:52:88:87
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY5lUdV8NOyzpZyB2kqf3qNOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMzIyMDg0MDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWM4MTRkNDg0MWJjNzAzNDE5OWNlZWRmOTM4YzhlODEyM2YwZmZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn+kfxCStDtmyVRhDMbDQhzKNHw4a
2sWtR5YLQlu2sijc2O7Uuxumkl9qYohlOMOobTc6aWlXiT3+h0N3/S1wpSajxME7
MuwuF4T7+Yi5APXBkF5fXdQfcpxhqgvUq5eh0OQiHFgb4MjcMLFrt+vvaPF8YaGI
9CaS2eoV+d3WmBW+HT3rNyAJspLxGpbAPKzDJbTN6lCkGTo/eu99lnLjyl8aDUN8
Nx+zNiOlf6dSzsEHV19O8/fGYGdEyZdgMY0rrP4nVBljiZNpZp1XP4faMRKamGke
oJOKdQwNp2A3djKtahJtQDxqD72EDZQ8mu9/O6tsKM2N6ZFpeZC7X4N8oQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNXIFNSEG8cDQZnO7fk4yOgSPw//MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvMWNnVTFJUWJ4d05CbWM3dC1Uakk2QklfRF84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB1dr8MA0G
CSqGSIb3DQEBCwUAA4IBAQBwR0Y51oOtc2CFB4vjlsN4eeu3qZR4bP6qWqeug2DW
QULMSi1MRQVQO/huiVB7IvGHmHIl12VpwDR3Vpu3GxaORsZqONVmAfoHt8Zt4ca8
nlcQ7ZlI7XfE6x44Z+W/SzCJIAYrzBF4MMgCWOmRNlinwNnnKZdyklHdGcCBDYKu
MEDD/3YDhpW0ew60TJ9tAHNxPwwi0zTfGbSorApbLFs6FBb9bJr55ioalgbsFFJO
udRdvpJn6817OE2bf/0ZVgMwFUCeMi72a4MSHar4piFX8tBTBv7FjzM0pGFmdMxw
9bRLQThivDuRk+7d2iXSaZODAVruOfjiU/C9PDRCUoiH
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:19 2024 by rpki-client on console-ams.rpki-client.org