Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/2wDLl1lNjUFVNF74I_lJdnr_pIk.roa
File:                     2wDLl1lNjUFVNF74I_lJdnr_pIk.roa (raw, json)
Hash identifier:          UfkoxnoDkoMwuiu7bG60CHpUt3O8pN83Kdl2lU2fWt4=
Subject key identifier:   DB:00:CB:97:59:4D:8D:41:55:34:5E:F8:23:F9:49:76:7A:FF:A4:89
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018CC605837F65582DF1F20BA9FA663816B9
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/2wDLl1lNjUFVNF74I_lJdnr_pIk.roa
Signing time:             Mon 01 Jan 2024 17:14:59 +0000
ROA not before:           Mon 01 Jan 2024 17:14:59 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     400909
IP address blocks:        82.153.32.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 19 Mar 2024 19:26:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c6:05:83:7f:65:58:2d:f1:f2:0b:a9:fa:66:38:16:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jan  1 17:14:59 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=db00cb97594d8d4155345ef823f949767affa489
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:fe:60:15:77:0c:22:93:bd:0a:4d:42:b9:26:
                    02:de:6c:bc:d4:8e:66:9d:82:1d:cc:92:5b:d3:e9:
                    aa:1f:99:d1:40:a6:03:29:35:a2:05:dd:5f:20:e2:
                    8a:75:30:13:e3:8c:66:ce:64:29:fa:30:04:e3:2d:
                    58:04:49:eb:86:16:94:b5:28:e9:22:54:a5:13:0b:
                    4c:7e:11:e6:13:74:6f:d5:3f:dd:ef:fc:38:94:b4:
                    9e:de:c1:a0:f8:86:f8:62:23:35:88:ed:27:81:b6:
                    24:8d:87:61:d2:db:a3:7d:62:29:74:f8:a4:2f:b6:
                    3f:4a:72:58:5c:3c:42:0e:dc:0d:ed:62:c3:21:7f:
                    6f:e9:31:c0:fe:85:24:5e:a1:cb:aa:4e:27:e3:27:
                    0a:d7:38:9b:83:5c:ec:b0:56:27:92:f2:09:f9:5d:
                    d4:c2:00:2f:ad:b5:9a:31:f8:a9:1e:eb:06:1c:55:
                    23:53:87:73:93:d7:6d:dd:aa:6f:d7:11:20:05:63:
                    b8:44:69:a9:36:ae:d4:5f:4e:51:37:e2:36:a0:d0:
                    ff:d8:4a:e8:d1:eb:1e:04:d6:4b:3c:2c:e5:67:6a:
                    1d:0a:6f:b8:11:d0:d2:98:b7:d9:06:ae:89:24:60:
                    11:1c:47:5e:4a:19:eb:2d:82:4e:db:b4:f7:20:2f:
                    c1:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:00:CB:97:59:4D:8D:41:55:34:5E:F8:23:F9:49:76:7A:FF:A4:89
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/2wDLl1lNjUFVNF74I_lJdnr_pIk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.32.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a0:3b:55:db:50:7a:71:1f:35:ed:ee:a1:0e:36:fd:6d:e7:a4:
         e9:1c:29:4c:63:0c:d4:5e:7d:7f:cb:ae:d9:44:aa:48:50:a0:
         8e:81:9d:79:9d:7f:3e:68:45:5f:61:a7:7f:d1:6c:91:e3:ae:
         ee:7d:2a:9d:6f:84:53:92:9e:e0:28:b4:e8:e1:b8:b8:42:c4:
         35:3c:1f:da:5c:f4:5e:c8:c5:e3:a9:68:0f:13:06:b7:6c:d9:
         61:b1:c0:96:53:e3:41:69:71:42:77:07:23:33:e9:0d:00:12:
         b1:9c:e8:23:5d:5d:87:74:a9:d6:3a:d9:d7:5a:94:5a:81:f2:
         38:a5:00:28:9c:6a:85:99:d0:95:38:02:ca:98:a3:f2:22:96:
         32:bc:25:a0:b7:f0:6a:cb:5b:5a:f7:4e:2f:5d:00:60:84:d4:
         90:40:be:98:9f:f3:91:ef:fd:f5:7e:10:e7:f1:f3:0c:dc:0d:
         4c:f6:6f:cc:9f:3f:1e:1e:59:8c:7d:af:06:0d:e4:13:7f:4c:
         12:88:4a:c4:48:a8:c2:e4:64:de:20:e0:93:07:94:4b:c9:64:
         38:4a:25:a3:1c:a8:29:70:4b:c8:9e:6b:a8:ea:da:a8:32:c3:
         a8:9b:bb:68:85:67:42:6e:01:4e:b2:db:1f:13:93:23:88:81:
         1f:d3:7e:68
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGBYN/ZVgt8fILqfpmOBa5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMTAxMTcxNDU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjAwY2I5NzU5NGQ4ZDQxNTUzNDVlZjgyM2Y5NDk3NjdhZmZhNDg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoP5gFXcMIpO9Ck1CuSYC3my81I5m
nYIdzJJb0+mqH5nRQKYDKTWiBd1fIOKKdTAT44xmzmQp+jAE4y1YBEnrhhaUtSjp
IlSlEwtMfhHmE3Rv1T/d7/w4lLSe3sGg+Ib4YiM1iO0ngbYkjYdh0tujfWIpdPik
L7Y/SnJYXDxCDtwN7WLDIX9v6THA/oUkXqHLqk4n4ycK1zibg1zssFYnkvIJ+V3U
wgAvrbWaMfipHusGHFUjU4dzk9dt3apv1xEgBWO4RGmpNq7UX05RN+I2oND/2Ero
0eseBNZLPCzlZ2odCm+4EdDSmLfZBq6JJGARHEdeShnrLYJO27T3IC/BGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNsAy5dZTY1BVTRe+CP5SXZ6/6SJMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvMndETGwxbE5qVUZWTkY3NElfbEpkbnJfcElrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpkgMA0G
CSqGSIb3DQEBCwUAA4IBAQCgO1XbUHpxHzXt7qEONv1t56TpHClMYwzUXn1/y67Z
RKpIUKCOgZ15nX8+aEVfYad/0WyR467ufSqdb4RTkp7gKLTo4bi4QsQ1PB/aXPRe
yMXjqWgPEwa3bNlhscCWU+NBaXFCdwcjM+kNABKxnOgjXV2HdKnWOtnXWpRagfI4
pQAonGqFmdCVOALKmKPyIpYyvCWgt/Bqy1ta904vXQBghNSQQL6Yn/OR7/31fhDn
8fMM3A1M9m/Mnz8eHlmMfa8GDeQTf0wSiErESKjC5GTeIOCTB5RLyWQ4SiWjHKgp
cEvInmuo6tqoMsOom7tohWdCbgFOstsfE5MjiIEf035o
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:19 2024 by rpki-client on console-ams.rpki-client.org