Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/5BJ-bjlJF2cw3ObbcDe432rSAfI.roa
File:                     5BJ-bjlJF2cw3ObbcDe432rSAfI.roa (raw, json)
Hash identifier:          cytvrzh7v2G8Y3RS2KzUrt8hBrWwo/WfHNl1tZH1DA4=
Subject key identifier:   E4:12:7E:6E:39:49:17:67:30:DC:E6:DB:70:37:B8:DF:6A:D2:01:F2
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       0189963780682EBFE5E7F3A96C11D623D982
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/5BJ-bjlJF2cw3ObbcDe432rSAfI.roa
Signing time:             Thu 27 Jul 2023 07:19:27 +0000
ROA not before:           Thu 27 Jul 2023 07:19:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     393427
IP address blocks:        82.152.178.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:30:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:96:37:80:68:2e:bf:e5:e7:f3:a9:6c:11:d6:23:d9:82
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jul 27 07:19:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e4127e6e3949176730dce6db7037b8df6ad201f2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:00:77:91:59:e2:e1:50:5c:db:7c:4a:18:25:
                    b6:74:bc:bd:1b:60:c3:77:6f:d5:d8:1c:45:9e:77:
                    f9:67:a4:55:16:02:d2:32:64:13:6e:ac:b6:cb:42:
                    a8:43:38:87:42:db:cf:27:69:a7:44:d1:44:70:ea:
                    9d:65:d0:53:35:fc:c2:e1:04:7d:39:0b:65:63:7c:
                    73:87:8c:93:51:03:4d:1f:07:58:c8:2f:5e:8e:39:
                    82:18:c5:81:c6:e9:b0:87:13:d1:aa:72:ce:4d:14:
                    57:76:a0:00:a2:91:0e:59:7d:08:11:5d:a0:15:25:
                    ad:bd:1f:9d:f8:e4:9d:80:16:40:de:50:b1:59:51:
                    de:84:61:5f:8b:f4:50:b2:af:a9:37:5d:da:64:48:
                    6a:7f:9e:3f:5f:ab:97:0d:50:05:5f:e5:57:d9:41:
                    9b:7e:35:5f:15:86:57:5c:c8:48:cb:33:0a:58:dd:
                    12:3d:c6:cb:4d:2e:cb:6a:2c:61:fc:b8:18:58:af:
                    51:28:d5:4d:b3:b2:ec:a3:ec:e8:8a:1f:9c:ba:83:
                    65:27:b3:25:7b:82:3e:4f:51:e9:df:31:a3:bc:ab:
                    b1:c7:be:05:02:1b:da:bf:d1:6e:c3:ac:0e:cb:b8:
                    fb:1c:1b:35:65:95:bd:72:e9:58:cf:a6:75:64:85:
                    96:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:12:7E:6E:39:49:17:67:30:DC:E6:DB:70:37:B8:DF:6A:D2:01:F2
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/5BJ-bjlJF2cw3ObbcDe432rSAfI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.152.178.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a5:81:42:7d:32:7a:97:53:de:74:6c:4b:2c:e7:b1:5a:4f:71:
         f7:34:da:39:ef:d0:83:84:f4:19:e7:b2:1f:0c:f3:7d:d5:36:
         63:2f:7f:69:69:dd:df:f8:f3:70:b2:f0:92:cc:ed:a1:d0:03:
         d7:25:65:f0:ea:db:5c:9b:a2:9a:83:2c:35:8e:7a:49:45:e2:
         12:ad:44:68:3f:76:43:19:68:28:a7:67:64:91:1a:0a:71:51:
         6c:84:fe:58:ec:25:62:68:46:2f:bb:dc:61:10:a1:48:2b:2e:
         24:c4:79:7c:62:dd:19:e1:c1:42:39:53:9f:e6:31:30:98:fc:
         4e:dc:f8:c4:28:4d:da:07:77:63:d5:d7:06:07:8a:93:85:a8:
         e0:22:11:4a:60:89:88:36:11:23:3f:06:bf:67:84:cd:8e:80:
         f5:07:2b:d9:ff:57:37:be:82:30:0f:8f:c4:a8:c4:0b:6f:05:
         a6:1b:9e:92:98:ed:51:58:0d:d4:00:5f:42:94:9b:a6:49:b0:
         08:16:e6:87:e3:8f:96:05:ee:b2:67:0a:9a:01:05:45:35:95:
         04:01:8d:e2:a4:cd:10:b5:bf:da:d7:63:82:76:ee:dc:06:b9:
         9a:0d:a5:75:73:a2:73:72:8e:85:20:10:8e:eb:e7:a1:67:a7:
         e9:a5:00:2d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYmWN4BoLr/l5/OpbBHWI9mCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNzI3MDcxOTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDEyN2U2ZTM5NDkxNzY3MzBkY2U2ZGI3MDM3YjhkZjZhZDIwMWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyAB3kVni4VBc23xKGCW2dLy9G2DD
d2/V2BxFnnf5Z6RVFgLSMmQTbqy2y0KoQziHQtvPJ2mnRNFEcOqdZdBTNfzC4QR9
OQtlY3xzh4yTUQNNHwdYyC9ejjmCGMWBxumwhxPRqnLOTRRXdqAAopEOWX0IEV2g
FSWtvR+d+OSdgBZA3lCxWVHehGFfi/RQsq+pN13aZEhqf54/X6uXDVAFX+VX2UGb
fjVfFYZXXMhIyzMKWN0SPcbLTS7Laixh/LgYWK9RKNVNs7Lso+zoih+cuoNlJ7Ml
e4I+T1Hp3zGjvKuxx74FAhvav9Fuw6wOy7j7HBs1ZZW9culYz6Z1ZIWWlwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOQSfm45SRdnMNzm23A3uN9q0gHyMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvNUJKLWJqbEpGMmN3M09iYmNEZTQzMnJTQWZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpiyMA0G
CSqGSIb3DQEBCwUAA4IBAQClgUJ9MnqXU950bEss57FaT3H3NNo579CDhPQZ57If
DPN91TZjL39pad3f+PNwsvCSzO2h0APXJWXw6ttcm6Kagyw1jnpJReISrURoP3ZD
GWgop2dkkRoKcVFshP5Y7CViaEYvu9xhEKFIKy4kxHl8Yt0Z4cFCOVOf5jEwmPxO
3PjEKE3aB3dj1dcGB4qThajgIhFKYImINhEjPwa/Z4TNjoD1ByvZ/1c3voIwD4/E
qMQLbwWmG56SmO1RWA3UAF9ClJumSbAIFuaH44+WBe6yZwqaAQVFNZUEAY3ipM0Q
tb/a12OCdu7cBrmaDaV1c6Jzco6FIBCO6+ehZ6fppQAt
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:13 2024 by rpki-client on console-fra.rpki-client.org