Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/2FUfE26E3geHF98QzHun17wIdxc.roa
File:                     2FUfE26E3geHF98QzHun17wIdxc.roa (raw, json)
Hash identifier:          GZKv640DJD78ZTWUnHlExq2YGkbTtB/RbOhOHBbXMA0=
Subject key identifier:   D8:55:1F:13:6E:84:DE:07:87:17:DF:10:CC:7B:A7:D7:BC:08:77:17
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       0186CB9F2344E8AF9FFEB8632F1868C8335F
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/2FUfE26E3geHF98QzHun17wIdxc.roa
Signing time:             Fri 10 Mar 2023 13:04:09 +0000
ROA not before:           Fri 10 Mar 2023 13:04:09 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     207326
IP address blocks:        82.152.174.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Fri 10 Mar 2023 16:21:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:cb:9f:23:44:e8:af:9f:fe:b8:63:2f:18:68:c8:33:5f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Mar 10 13:04:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d8551f136e84de078717df10cc7ba7d7bc087717
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:ca:50:ec:59:39:14:dd:f7:d6:43:fc:cc:3b:
                    cc:ba:8b:ad:63:37:0b:bb:8d:d1:86:f5:1b:9f:f5:
                    ef:d2:f0:aa:56:e6:72:31:c3:d3:04:14:df:b7:9b:
                    af:62:9d:11:ba:ce:45:e3:1a:9c:c6:2b:7c:31:c9:
                    55:40:be:9d:87:23:36:cd:87:96:48:ae:57:7d:68:
                    23:fb:c4:63:e4:79:a6:d7:46:c7:cf:fa:07:03:a5:
                    69:70:a0:b6:c4:0f:af:46:66:9b:60:9c:c0:f7:50:
                    93:82:d3:62:ad:25:69:8f:d9:3d:54:7a:1d:70:45:
                    66:25:2b:a1:9a:f5:32:b0:37:3a:8e:d5:1b:8e:98:
                    fa:7c:ff:ff:aa:a7:5e:6a:23:1e:65:8d:79:a4:1d:
                    46:f4:26:03:64:35:b4:c6:4a:1e:ef:a5:5a:84:3f:
                    4f:a0:97:d7:f3:ba:34:82:67:93:9c:63:a5:d9:d9:
                    5c:6b:f8:8c:d7:ff:c8:99:7c:ab:20:8c:2d:40:2b:
                    22:45:63:52:00:0b:d7:29:8c:b4:e3:35:42:4d:78:
                    8e:70:1c:4f:b5:26:c5:ef:4c:18:25:6b:9d:02:9e:
                    1c:a4:af:4e:15:15:31:b4:63:2d:c2:65:34:d0:60:
                    d5:d2:d6:51:fb:1e:56:52:34:e1:c6:10:d3:08:54:
                    aa:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:55:1F:13:6E:84:DE:07:87:17:DF:10:CC:7B:A7:D7:BC:08:77:17
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/2FUfE26E3geHF98QzHun17wIdxc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.152.174.0/23

    Signature Algorithm: sha256WithRSAEncryption
         07:67:1e:46:7c:6d:11:a3:77:f8:83:4a:17:55:02:2f:4c:59:
         e3:68:70:ff:d4:a8:5d:df:cf:27:39:52:cb:35:a8:6e:ff:80:
         84:b3:00:67:b4:9e:62:6a:7b:05:2d:b3:45:22:16:88:78:73:
         19:20:cb:04:90:95:02:88:32:f0:87:a1:18:f5:4d:8f:b3:3b:
         4e:6f:61:58:d4:2b:15:45:d6:59:5d:16:63:8b:36:04:e8:50:
         8a:d2:ba:a0:e8:01:9f:36:8b:45:e5:52:50:65:d7:d3:4c:7c:
         e7:eb:95:56:c9:40:92:d0:52:47:2b:cf:a0:01:e2:42:67:6f:
         7d:f9:73:d6:0d:ac:6e:9d:ad:e9:f9:86:32:df:91:a5:d8:a9:
         48:cd:d5:c7:39:37:54:16:a9:09:ac:d8:1a:56:61:6b:d4:16:
         63:c8:e3:00:52:77:50:6f:46:a5:fc:33:59:42:cd:ba:d0:a2:
         ab:5d:4f:42:e5:c2:a5:2b:e9:d0:c5:38:0d:a1:d4:62:a8:e4:
         81:f2:b5:e1:77:94:06:63:42:c0:3f:97:58:ae:9c:26:3c:d3:
         89:8e:d6:22:d4:fa:86:d2:bb:cc:b4:2e:aa:e8:51:b6:95:40:
         de:f7:77:fe:f4:12:48:05:e7:a5:c1:cb:00:3f:73:02:9f:d4:
         1c:7c:c9:be
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYbLnyNE6K+f/rhjLxhoyDNfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwMzEwMTMwNDA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODU1MWYxMzZlODRkZTA3ODcxN2RmMTBjYzdiYTdkN2JjMDg3NzE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgspQ7Fk5FN331kP8zDvMuoutYzcL
u43RhvUbn/Xv0vCqVuZyMcPTBBTft5uvYp0Rus5F4xqcxit8MclVQL6dhyM2zYeW
SK5XfWgj+8Rj5Hmm10bHz/oHA6VpcKC2xA+vRmabYJzA91CTgtNirSVpj9k9VHod
cEVmJSuhmvUysDc6jtUbjpj6fP//qqdeaiMeZY15pB1G9CYDZDW0xkoe76VahD9P
oJfX87o0gmeTnGOl2dlca/iM1//ImXyrIIwtQCsiRWNSAAvXKYy04zVCTXiOcBxP
tSbF70wYJWudAp4cpK9OFRUxtGMtwmU00GDV0tZR+x5WUjThxhDTCFSqZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNhVHxNuhN4HhxffEMx7p9e8CHcXMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvMkZVZkUyNkUzZ2VIRjk4UXpIdW4xN3dJZHhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBUpiuMA0G
CSqGSIb3DQEBCwUAA4IBAQAHZx5GfG0Ro3f4g0oXVQIvTFnjaHD/1Khd388nOVLL
Nahu/4CEswBntJ5iansFLbNFIhaIeHMZIMsEkJUCiDLwh6EY9U2PsztOb2FY1CsV
RdZZXRZjizYE6FCK0rqg6AGfNotF5VJQZdfTTHzn65VWyUCS0FJHK8+gAeJCZ299
+XPWDaxuna3p+YYy35Gl2KlIzdXHOTdUFqkJrNgaVmFr1BZjyOMAUndQb0al/DNZ
Qs260KKrXU9C5cKlK+nQxTgNodRiqOSB8rXhd5QGY0LAP5dYrpwmPNOJjtYi1PqG
0rvMtC6q6FG2lUDe93f+9BJIBeelwcsAP3MCn9QcfMm+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:13 2024 by rpki-client on console-fra.rpki-client.org