Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/4OS1AM8R4tLBPIEMtRMC9lXZh44.roa
File:                     4OS1AM8R4tLBPIEMtRMC9lXZh44.roa (raw, json)
Hash identifier:          aiu8Cy5wQ8nvwoZRMoFzun5Lx7Y2TVEJhOvX5jbIWLI=
Subject key identifier:   E0:E4:B5:00:CF:11:E2:D2:C1:3C:81:0C:B5:13:02:F6:55:D9:87:8E
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       01886881006015D39EDAC2F1142FB97CDB5C
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/4OS1AM8R4tLBPIEMtRMC9lXZh44.roa
Signing time:             Mon 29 May 2023 17:14:24 +0000
ROA not before:           Mon 29 May 2023 17:14:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     14618
IP address blocks:        82.153.208.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Mon 05 Jun 2023 08:00:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:68:81:00:60:15:d3:9e:da:c2:f1:14:2f:b9:7c:db:5c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: May 29 17:14:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e0e4b500cf11e2d2c13c810cb51302f655d9878e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:62:23:34:7c:a7:d4:df:ff:d7:d2:e2:91:b7:
                    1b:eb:a4:13:2e:da:09:93:d3:ff:1a:a4:b1:b9:ac:
                    1f:75:dd:30:78:89:e2:af:b1:13:f8:34:fd:7d:aa:
                    15:5e:ec:b6:48:f6:4a:ce:4a:40:7f:70:7a:68:a4:
                    f6:65:db:f7:73:a3:ba:b2:85:be:8b:4a:03:92:82:
                    17:f8:d1:73:be:b7:6b:1c:20:2c:ff:30:c1:e6:5b:
                    03:a6:d7:9f:7a:1d:0e:50:82:19:95:95:e3:0e:9b:
                    47:2e:13:d1:17:cc:50:ce:99:49:35:92:95:43:d8:
                    6e:0d:0f:13:5b:e4:b1:b5:86:75:33:03:73:b7:87:
                    86:b6:7c:2e:fd:14:ef:0b:fd:f2:cf:2b:a8:7f:da:
                    8d:42:fd:f2:92:47:db:4d:12:e2:1c:e6:29:88:87:
                    bc:40:e7:d5:9f:35:7a:35:04:75:00:2a:30:ee:5f:
                    2f:de:8b:dd:d2:ee:fa:c2:d3:6b:8d:15:90:d1:88:
                    25:1c:47:2d:82:4d:c6:13:9e:80:97:66:a0:7e:cf:
                    da:59:89:b1:8c:2c:33:f2:83:d9:7f:fd:2a:93:52:
                    6a:03:cd:f5:1f:d3:d6:13:c4:7d:cf:64:0c:15:9c:
                    65:df:a4:ad:76:42:20:ce:29:2e:53:24:20:f4:25:
                    bd:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:E4:B5:00:CF:11:E2:D2:C1:3C:81:0C:B5:13:02:F6:55:D9:87:8E
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/4OS1AM8R4tLBPIEMtRMC9lXZh44.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.208.0/22

    Signature Algorithm: sha256WithRSAEncryption
         9e:a4:3b:3b:03:e5:df:2b:09:b2:69:38:0c:33:0a:d7:8b:83:
         10:9e:ad:f9:0d:3e:4b:8f:3b:35:2d:07:95:22:90:7f:c2:c6:
         af:03:77:b4:07:4b:19:7f:23:32:f5:44:94:ba:cc:8c:03:ff:
         1a:da:c9:c4:6b:cd:d5:f8:5f:cf:34:83:bf:04:cf:c4:6f:e2:
         ef:5c:dc:36:71:08:2f:92:f6:46:29:34:a3:f2:e1:f5:77:d9:
         b0:95:3b:2d:7b:88:81:dd:34:f9:75:41:61:e9:ae:cb:4e:a6:
         c4:93:5a:bd:a2:6f:f1:a4:07:14:75:60:56:55:b9:5b:1c:45:
         a7:36:e7:a4:d7:d8:da:82:25:bc:dc:27:a5:5d:fe:96:59:2e:
         45:dc:40:16:59:69:fa:5e:32:e0:39:bb:30:4c:6f:95:9d:f4:
         3e:76:cf:76:d7:e0:3c:df:97:55:71:a2:f7:a4:6c:7d:19:ee:
         44:a2:12:0b:1d:67:3e:96:e3:d0:31:ce:cb:24:3f:5b:0e:be:
         1b:a5:49:6f:9a:72:98:82:82:1b:f4:cf:08:85:b9:f6:e3:14:
         70:6f:7c:e6:22:9f:5d:6f:6e:b7:77:5f:d7:62:9b:97:83:de:
         00:c0:0e:2e:1c:05:40:24:d8:3a:15:32:05:11:01:d9:95:0a:
         1d:2c:43:c0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYhogQBgFdOe2sLxFC+5fNtcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNTI5MTcxNDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGU0YjUwMGNmMTFlMmQyYzEzYzgxMGNiNTEzMDJmNjU1ZDk4NzhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArGIjNHyn1N//19Likbcb66QTLtoJ
k9P/GqSxuawfdd0weInir7ET+DT9faoVXuy2SPZKzkpAf3B6aKT2Zdv3c6O6soW+
i0oDkoIX+NFzvrdrHCAs/zDB5lsDptefeh0OUIIZlZXjDptHLhPRF8xQzplJNZKV
Q9huDQ8TW+SxtYZ1MwNzt4eGtnwu/RTvC/3yzyuof9qNQv3ykkfbTRLiHOYpiIe8
QOfVnzV6NQR1ACow7l8v3ovd0u76wtNrjRWQ0YglHEctgk3GE56Al2agfs/aWYmx
jCwz8oPZf/0qk1JqA831H9PWE8R9z2QMFZxl36StdkIgzikuUyQg9CW9UwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFODktQDPEeLSwTyBDLUTAvZV2YeOMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvNE9TMUFNOFI0dExCUElFTXRSTUM5bFhaaDQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCUpnQMA0G
CSqGSIb3DQEBCwUAA4IBAQCepDs7A+XfKwmyaTgMMwrXi4MQnq35DT5Ljzs1LQeV
IpB/wsavA3e0B0sZfyMy9USUusyMA/8a2snEa83V+F/PNIO/BM/Eb+LvXNw2cQgv
kvZGKTSj8uH1d9mwlTste4iB3TT5dUFh6a7LTqbEk1q9om/xpAcUdWBWVblbHEWn
Nuek19jagiW83CelXf6WWS5F3EAWWWn6XjLgObswTG+VnfQ+ds921+A835dVcaL3
pGx9Ge5EohILHWc+luPQMc7LJD9bDr4bpUlvmnKYgoIb9M8Ihbn24xRwb3zmIp9d
b263d1/XYpuXg94AwA4uHAVAJNg6FTIFEQHZlQodLEPA
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:13 2024 by rpki-client on console-fra.rpki-client.org