Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/33oanJFV2FM2RYZ0pNo2GZhCkNs.roa
File:                     33oanJFV2FM2RYZ0pNo2GZhCkNs.roa (raw, json)
Hash identifier:          EZaDcXIqikp/OCYAv4dP+lHv7l5WRXsokfoAit7OmZU=
Subject key identifier:   DF:7A:1A:9C:91:55:D8:53:36:45:86:74:A4:DA:36:19:98:42:90:DB
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018659787969A727E24C8680101DF0BAC31A
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/33oanJFV2FM2RYZ0pNo2GZhCkNs.roa
Signing time:             Thu 16 Feb 2023 09:05:13 +0000
ROA not before:           Thu 16 Feb 2023 09:05:13 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211936
IP address blocks:        82.153.250.0/24 maxlen: 24
                          82.153.220.0/24 maxlen: 24
                          82.153.223.0/24 maxlen: 24
                          82.153.221.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 02 Jun 2023 08:04:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:59:78:79:69:a7:27:e2:4c:86:80:10:1d:f0:ba:c3:1a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Feb 16 09:05:13 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=df7a1a9c9155d85336458674a4da3619984290db
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:cd:51:ca:24:ca:6c:35:8d:f4:81:92:c1:20:
                    19:ec:bc:9d:5e:01:55:27:c8:b9:ed:42:43:b8:b3:
                    74:d1:28:45:91:5f:bb:99:75:7b:73:1e:24:e6:79:
                    b4:cf:be:f0:28:12:d3:7d:28:44:a7:d9:ff:77:3f:
                    83:4c:21:c8:a6:a6:19:38:ec:bd:72:cf:dc:64:61:
                    61:7d:5c:b5:a5:92:71:37:0d:da:32:ac:1d:48:89:
                    94:1b:86:20:b4:2a:c8:06:93:ee:a4:6c:97:f4:7b:
                    b9:0c:52:0d:7e:2b:11:44:53:c1:74:62:0a:9b:b8:
                    b2:22:a5:e5:cb:45:ea:66:de:ee:68:a5:66:5a:9d:
                    5b:f9:c9:9c:46:2c:aa:22:a9:1e:1f:f9:0f:a1:a0:
                    3d:1e:ca:0d:a9:7b:6f:6c:45:d4:22:aa:2d:d4:38:
                    7e:1d:2b:da:08:6d:34:34:d0:02:09:c2:ce:dd:ef:
                    7d:cd:ac:8b:f3:10:e8:a1:5e:88:19:39:97:9b:25:
                    5e:f4:09:18:26:f1:d1:49:83:e9:1e:0a:7f:47:bb:
                    43:fc:3b:81:5d:fb:a1:e5:8f:43:01:4f:56:37:62:
                    d2:6b:a6:26:d1:e7:f8:9c:5b:15:e0:1d:ba:fb:0b:
                    57:38:a2:e9:54:de:4f:31:d4:d7:71:32:f3:2b:99:
                    16:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:7A:1A:9C:91:55:D8:53:36:45:86:74:A4:DA:36:19:98:42:90:DB
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/33oanJFV2FM2RYZ0pNo2GZhCkNs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.220.0/23
                  82.153.223.0/24
                  82.153.250.0/24

    Signature Algorithm: sha256WithRSAEncryption
         53:ed:c3:90:5e:cf:e1:8c:b2:00:51:10:e4:65:47:2b:88:ef:
         5e:42:59:36:0d:de:75:f2:65:c4:47:1c:53:81:48:7c:4e:d1:
         e8:a8:45:74:f0:66:e9:f5:58:8c:4d:90:77:25:dc:07:dd:e9:
         75:4e:12:44:8e:43:50:d5:27:f8:08:0e:36:a5:7e:91:e6:c9:
         ea:78:ac:5f:cd:02:f6:aa:91:a2:49:18:c7:b7:f0:56:c8:ec:
         c4:e4:67:63:cd:ee:12:9c:86:87:1a:c1:b4:61:c1:a2:1c:2b:
         f2:61:e4:ae:85:91:10:c4:d5:2b:9e:13:f8:19:ee:60:d9:ae:
         6b:86:9d:d4:68:bd:bc:69:13:44:32:94:40:8b:02:ef:60:1f:
         d3:c4:66:1a:87:d0:64:3b:55:0d:58:30:c6:2b:6f:c6:13:70:
         8a:ec:a1:1e:c7:ce:5a:c5:e5:3c:92:59:ac:03:e0:17:b8:87:
         5b:26:8f:80:ae:ac:00:a2:60:80:88:5c:e3:09:9e:6e:7b:3d:
         77:41:20:cd:f5:0a:75:90:33:92:cc:f1:0b:ca:50:36:38:35:
         26:81:37:c3:e5:8e:47:49:4b:c6:78:da:24:ca:51:b1:94:4e:
         7c:62:3c:98:70:99:2b:9a:c6:f1:8c:23:8a:70:05:e7:4b:58:
         43:0d:d1:f7
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYZZeHlppyfiTIaAEB3wusMaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwMjE2MDkwNTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjdhMWE5YzkxNTVkODUzMzY0NTg2NzRhNGRhMzYxOTk4NDI5MGRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjM1RyiTKbDWN9IGSwSAZ7LydXgFV
J8i57UJDuLN00ShFkV+7mXV7cx4k5nm0z77wKBLTfShEp9n/dz+DTCHIpqYZOOy9
cs/cZGFhfVy1pZJxNw3aMqwdSImUG4YgtCrIBpPupGyX9Hu5DFINfisRRFPBdGIK
m7iyIqXly0XqZt7uaKVmWp1b+cmcRiyqIqkeH/kPoaA9HsoNqXtvbEXUIqot1Dh+
HSvaCG00NNACCcLO3e99zayL8xDooV6IGTmXmyVe9AkYJvHRSYPpHgp/R7tD/DuB
Xfuh5Y9DAU9WN2LSa6Ym0ef4nFsV4B26+wtXOKLpVN5PMdTXcTLzK5kWbQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFN96GpyRVdhTNkWGdKTaNhmYQpDbMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvMzNvYW5KRlYyRk0yUllaMHBObzJHWmhDa05zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBUpncAwQA
UpnfAwQAUpn6MA0GCSqGSIb3DQEBCwUAA4IBAQBT7cOQXs/hjLIAURDkZUcriO9e
Qlk2Dd518mXERxxTgUh8TtHoqEV08Gbp9ViMTZB3JdwH3el1ThJEjkNQ1Sf4CA42
pX6R5snqeKxfzQL2qpGiSRjHt/BWyOzE5Gdjze4SnIaHGsG0YcGiHCvyYeSuhZEQ
xNUrnhP4Ge5g2a5rhp3UaL28aRNEMpRAiwLvYB/TxGYah9BkO1UNWDDGK2/GE3CK
7KEex85axeU8klmsA+AXuIdbJo+ArqwAomCAiFzjCZ5uez13QSDN9Qp1kDOSzPEL
ylA2ODUmgTfD5Y5HSUvGeNokylGxlE58YjyYcJkrmsbxjCOKcAXnS1hDDdH3
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:19 2024 by rpki-client on console-ams.rpki-client.org