Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/5fMsA7W4ZeCU3RcBp2T358hjT-A.roa
File:                     5fMsA7W4ZeCU3RcBp2T358hjT-A.roa (raw, json)
Hash identifier:          j+pKl85N+LukMkfkN60JmNuwDZEzWro1ETeG/g/nTlg=
Subject key identifier:   E5:F3:2C:03:B5:B8:65:E0:94:DD:17:01:A7:64:F7:E7:C8:63:4F:E0
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018C005BBE58D11981DADCA9E6320330F045
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/5fMsA7W4ZeCU3RcBp2T358hjT-A.roa
Signing time:             Fri 24 Nov 2023 08:04:21 +0000
ROA not before:           Fri 24 Nov 2023 08:04:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     62816
IP address blocks:        82.153.227.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:30:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:00:5b:be:58:d1:19:81:da:dc:a9:e6:32:03:30:f0:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Nov 24 08:04:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e5f32c03b5b865e094dd1701a764f7e7c8634fe0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:e5:a3:19:a5:2c:8a:20:97:b1:d1:b7:9b:b6:
                    1c:17:30:4d:10:b6:6f:72:db:15:5e:e6:24:de:ca:
                    d3:4d:40:f6:8c:4c:f7:fa:19:6e:fc:a6:76:13:80:
                    f6:02:0c:67:a5:11:11:76:d4:c1:90:98:cd:3f:fc:
                    7f:14:9d:58:77:fe:64:f5:c5:f7:be:53:ad:f8:3c:
                    ad:11:13:40:f4:34:be:7c:6c:56:df:f1:42:88:6e:
                    45:c0:85:2f:a6:ef:94:d5:b5:05:1c:d4:c3:7d:bd:
                    13:fb:6f:fa:5f:86:22:88:3c:1f:73:15:c3:6a:36:
                    f8:d0:64:4e:54:66:06:d0:c2:81:e0:1a:1a:4c:cf:
                    21:a1:aa:97:ea:07:dd:f1:05:d9:60:18:61:d2:7a:
                    ab:4e:7e:f4:1b:b4:74:ea:1c:da:08:16:9a:97:d3:
                    d9:6b:9a:ba:d3:f6:71:ce:84:67:df:ab:aa:cb:d2:
                    75:c6:87:be:07:3f:46:9d:4e:fa:fc:4f:fc:ec:1e:
                    32:37:62:0f:75:60:9a:99:e0:16:2c:5e:c2:eb:e9:
                    8f:9d:d1:dd:ec:5e:4c:29:17:1b:7c:f3:56:81:dc:
                    92:19:3b:57:e6:4f:6b:ca:4a:5f:4b:09:0c:44:12:
                    a1:12:d6:50:da:fd:38:bf:56:d1:03:a5:cd:95:5c:
                    63:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E5:F3:2C:03:B5:B8:65:E0:94:DD:17:01:A7:64:F7:E7:C8:63:4F:E0
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/5fMsA7W4ZeCU3RcBp2T358hjT-A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.227.0/24

    Signature Algorithm: sha256WithRSAEncryption
         79:d3:9b:74:07:1a:2a:13:eb:ef:dd:e5:22:c2:c3:a3:9d:21:
         68:49:59:df:52:a8:7f:d2:9d:79:b0:ab:a9:b1:57:72:61:29:
         a7:92:9a:4a:36:08:a9:6c:b1:ef:ac:f9:01:c2:e3:78:f0:c3:
         48:8a:40:ba:db:42:cf:d6:ed:28:5d:0a:6d:d8:b5:97:ef:f6:
         5e:37:45:a8:09:90:91:c3:0b:35:d2:23:e0:b0:bd:c1:53:42:
         a6:43:62:f1:8e:fa:ca:df:e7:cb:49:15:b7:ff:f0:ca:40:e6:
         c9:27:64:45:54:21:87:55:cd:95:17:71:15:c9:9f:5a:16:a3:
         dc:9d:01:c2:62:b5:d2:24:d7:48:1e:35:16:2e:36:f7:3b:7b:
         73:80:b6:ee:5c:63:27:89:0c:3c:b6:e5:50:78:aa:27:2b:29:
         ec:78:01:af:78:ee:34:89:a4:dc:72:e0:4b:a9:25:7e:82:87:
         b0:23:9e:97:91:6f:21:f9:8d:80:45:54:a7:13:ad:11:05:05:
         bf:db:34:89:1a:0f:10:98:7d:41:c7:22:7e:2f:ee:d5:17:51:
         c8:a1:11:09:c2:b1:be:77:0f:86:af:dd:5d:82:44:42:68:e8:
         ee:c0:d7:ae:c7:b1:29:96:09:61:6b:2b:11:b4:31:16:33:04:
         dc:ba:7c:bf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYwAW75Y0RmB2typ5jIDMPBFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMxMTI0MDgwNDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWYzMmMwM2I1Yjg2NWUwOTRkZDE3MDFhNzY0ZjdlN2M4NjM0ZmUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlOWjGaUsiiCXsdG3m7YcFzBNELZv
ctsVXuYk3srTTUD2jEz3+hlu/KZ2E4D2AgxnpRERdtTBkJjNP/x/FJ1Yd/5k9cX3
vlOt+DytERNA9DS+fGxW3/FCiG5FwIUvpu+U1bUFHNTDfb0T+2/6X4YiiDwfcxXD
ajb40GROVGYG0MKB4BoaTM8hoaqX6gfd8QXZYBhh0nqrTn70G7R06hzaCBaal9PZ
a5q60/ZxzoRn36uqy9J1xoe+Bz9GnU76/E/87B4yN2IPdWCameAWLF7C6+mPndHd
7F5MKRcbfPNWgdySGTtX5k9rykpfSwkMRBKhEtZQ2v04v1bRA6XNlVxjywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOXzLAO1uGXglN0XAadk9+fIY0/gMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvNWZNc0E3VzRaZUNVM1JjQnAyVDM1OGhqVC1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpnjMA0G
CSqGSIb3DQEBCwUAA4IBAQB505t0BxoqE+vv3eUiwsOjnSFoSVnfUqh/0p15sKup
sVdyYSmnkppKNgipbLHvrPkBwuN48MNIikC620LP1u0oXQpt2LWX7/ZeN0WoCZCR
wws10iPgsL3BU0KmQ2LxjvrK3+fLSRW3//DKQObJJ2RFVCGHVc2VF3EVyZ9aFqPc
nQHCYrXSJNdIHjUWLjb3O3tzgLbuXGMniQw8tuVQeKonKynseAGveO40iaTccuBL
qSV+goewI56XkW8h+Y2ARVSnE60RBQW/2zSJGg8QmH1BxyJ+L+7VF1HIoREJwrG+
dw+Gr91dgkRCaOjuwNeux7EplglhaysRtDEWMwTcuny/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:14 2024 by rpki-client on console-fra.rpki-client.org