Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/2nul8tG3N6Dq5Mvjj0Hw1kHicvM.roa
File:                     2nul8tG3N6Dq5Mvjj0Hw1kHicvM.roa (raw, json)
Hash identifier:          uXS7mPnavDUf7K0za3YVoso/nbqL1YMkqEunaMiv/NY=
Subject key identifier:   DA:7B:A5:F2:D1:B7:37:A0:EA:E4:CB:E3:8F:41:F0:D6:41:E2:72:F3
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018BA39162EA2F62B851BB35FC581E1CAABC
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/2nul8tG3N6Dq5Mvjj0Hw1kHicvM.roa
Signing time:             Mon 06 Nov 2023 07:38:16 +0000
ROA not before:           Mon 06 Nov 2023 07:38:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     49981
IP address blocks:        109.176.245.0/24 maxlen: 24
                          89.213.157.0/24 maxlen: 24
                          82.153.220.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 10 Nov 2023 07:28:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:a3:91:62:ea:2f:62:b8:51:bb:35:fc:58:1e:1c:aa:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Nov  6 07:38:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=da7ba5f2d1b737a0eae4cbe38f41f0d641e272f3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:ae:48:69:93:ec:e1:01:02:ab:fe:b7:21:08:
                    ec:68:76:7b:ef:f0:31:af:15:83:ed:e8:de:c0:ae:
                    de:70:21:6c:26:dd:51:76:ac:b8:d8:fb:fc:cd:55:
                    14:3e:88:5c:1c:99:62:9a:7b:c8:1f:5a:e0:a0:9c:
                    10:64:42:6d:72:52:fd:de:b1:af:65:89:6d:66:5e:
                    aa:51:e3:20:bc:9e:16:28:03:40:bf:41:39:85:90:
                    ec:83:f1:58:9d:e0:ce:f6:e0:d3:a6:d1:33:cb:4e:
                    07:a2:3d:56:50:3b:0d:f4:1b:eb:33:16:5e:2d:a5:
                    60:0e:53:73:74:b4:43:23:dc:4a:65:7f:7f:a8:b9:
                    fb:c0:1f:8e:91:90:86:7b:63:1b:00:ca:63:66:a6:
                    ca:b2:fd:11:62:d3:e9:af:00:ce:09:b8:f8:71:3a:
                    80:0c:33:3d:ad:52:1f:1d:8a:84:aa:4d:1b:a9:27:
                    b6:49:98:cc:ad:5f:d5:d5:b3:32:42:13:93:9f:c0:
                    fd:c1:69:8f:9c:a2:bf:1c:69:90:b4:51:21:a2:b6:
                    84:ad:b8:c5:b3:f3:a5:02:57:cc:d0:99:1f:d7:da:
                    a0:f1:df:a3:60:d3:98:75:28:7a:8f:ec:fc:eb:fc:
                    53:e5:35:c8:b4:44:0d:3e:cb:21:29:4b:36:17:04:
                    b8:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:7B:A5:F2:D1:B7:37:A0:EA:E4:CB:E3:8F:41:F0:D6:41:E2:72:F3
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/2nul8tG3N6Dq5Mvjj0Hw1kHicvM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.220.0/24
                  89.213.157.0/24
                  109.176.245.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3c:8a:18:fe:e3:c2:4c:82:f7:00:39:b5:73:83:70:30:e4:d2:
         3d:4d:81:03:94:62:c6:6b:52:21:53:46:6a:38:05:3d:de:a5:
         a8:9c:bb:23:02:58:d9:b5:50:e8:8e:76:eb:5b:d7:c9:54:6a:
         d0:86:0c:7d:62:e8:01:72:33:d6:97:31:b0:1c:c7:b8:fa:29:
         35:9c:42:bc:71:be:2e:d5:c4:23:5e:73:cd:2b:32:c8:f5:18:
         a4:4d:c7:a0:eb:d9:b5:08:3f:d4:e6:dc:6c:69:48:aa:b0:86:
         71:91:c4:f5:39:b2:19:62:48:e4:32:96:52:af:8b:a6:7b:44:
         c3:c0:20:1d:2f:96:9e:ff:0e:55:b3:ac:95:b4:df:be:cc:eb:
         02:b4:de:55:4e:83:97:85:0b:53:81:c5:05:48:49:58:22:13:
         dc:28:51:f0:1c:e1:5b:53:ef:4b:ad:65:11:8e:6a:88:8c:45:
         d1:92:30:58:2a:3b:a1:45:7a:f4:3c:ad:a9:c1:2d:34:6c:f8:
         ec:73:ef:0b:12:93:ee:f6:30:2c:4e:48:fd:28:19:bf:7d:de:
         99:b4:ce:d0:ac:49:b7:2e:d9:59:d4:e9:bd:45:93:72:bf:1e:
         9b:13:21:50:a5:a9:83:70:9a:25:01:a9:f2:a2:fc:c8:5a:4a:
         62:17:36:ff
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYujkWLqL2K4Ubs1/FgeHKq8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMxMTA2MDczODE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTdiYTVmMmQxYjczN2EwZWFlNGNiZTM4ZjQxZjBkNjQxZTI3MmYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsK5IaZPs4QECq/63IQjsaHZ77/Ax
rxWD7ejewK7ecCFsJt1Rdqy42Pv8zVUUPohcHJlimnvIH1rgoJwQZEJtclL93rGv
ZYltZl6qUeMgvJ4WKANAv0E5hZDsg/FYneDO9uDTptEzy04Hoj1WUDsN9BvrMxZe
LaVgDlNzdLRDI9xKZX9/qLn7wB+OkZCGe2MbAMpjZqbKsv0RYtPprwDOCbj4cTqA
DDM9rVIfHYqEqk0bqSe2SZjMrV/V1bMyQhOTn8D9wWmPnKK/HGmQtFEhoraErbjF
s/OlAlfM0Jkf19qg8d+jYNOYdSh6j+z86/xT5TXItEQNPsshKUs2FwS44wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNp7pfLRtzeg6uTL449B8NZB4nLzMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvMm51bDh0RzNONkRxNU12amowSHcxa0hpY3ZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUpncAwQA
WdWdAwQAbbD1MA0GCSqGSIb3DQEBCwUAA4IBAQA8ihj+48JMgvcAObVzg3Aw5NI9
TYEDlGLGa1IhU0ZqOAU93qWonLsjAljZtVDojnbrW9fJVGrQhgx9YugBcjPWlzGw
HMe4+ik1nEK8cb4u1cQjXnPNKzLI9RikTceg69m1CD/U5txsaUiqsIZxkcT1ObIZ
YkjkMpZSr4ume0TDwCAdL5ae/w5Vs6yVtN++zOsCtN5VToOXhQtTgcUFSElYIhPc
KFHwHOFbU+9LrWURjmqIjEXRkjBYKjuhRXr0PK2pwS00bPjsc+8LEpPu9jAsTkj9
KBm/fd6ZtM7QrEm3LtlZ1Om9RZNyvx6bEyFQpamDcJolAanyovzIWkpiFzb/
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:19 2024 by rpki-client on console-ams.rpki-client.org