Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/5xMdFQcJEsJdfAOXb7ZcEA56vvQ.roa
File:                     5xMdFQcJEsJdfAOXb7ZcEA56vvQ.roa (raw, json)
Hash identifier:          lCEBfoMdiBpD/ZDAV1Wr5abG5mu1sx4yHCPDylnWhWM=
Subject key identifier:   E7:13:1D:15:07:09:12:C2:5D:7C:03:97:6F:B6:5C:10:0E:7A:BE:F4
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       01869C6B57A9490B7086E4226BBAD0D58707
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/5xMdFQcJEsJdfAOXb7ZcEA56vvQ.roa
Signing time:             Wed 01 Mar 2023 09:05:25 +0000
ROA not before:           Wed 01 Mar 2023 09:05:25 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     393427
IP address blocks:        82.153.240.0/24 maxlen: 24
                          82.153.243.0/24 maxlen: 24
                          81.5.189.0/24 maxlen: 24
                          82.152.178.0/24 maxlen: 24
                          82.153.69.0/24 maxlen: 24
                          81.168.35.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 17 Apr 2023 08:32:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:9c:6b:57:a9:49:0b:70:86:e4:22:6b:ba:d0:d5:87:07
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Mar  1 09:05:25 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e7131d15070912c25d7c03976fb65c100e7abef4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:54:0b:dc:53:a3:1a:f1:2c:c5:e0:29:24:d7:
                    41:98:6b:d1:ec:35:73:da:36:f3:c1:38:98:7f:66:
                    b4:f1:c9:d2:90:1b:2b:26:c2:a4:0a:f9:46:73:86:
                    1d:0a:a9:37:92:eb:5f:fa:91:56:e1:b4:9d:5c:fd:
                    fa:73:88:a8:71:7f:42:9f:9a:9e:40:18:21:f1:3f:
                    38:c2:7a:d5:99:e5:5b:41:d7:44:47:f6:45:c4:6b:
                    32:86:ce:0e:d8:ce:12:9b:f1:5d:cc:aa:7d:92:a0:
                    c3:58:b4:c0:df:57:fd:9a:5e:f4:d6:98:d7:2c:6a:
                    d3:54:ec:5a:e3:87:0a:22:05:8e:91:01:64:9f:05:
                    12:49:5f:43:3c:45:39:d5:1c:57:02:a9:ff:f8:87:
                    89:57:37:c0:46:5e:a0:82:59:5d:60:ef:27:38:0a:
                    c5:e7:6b:46:ce:89:af:f6:2c:a8:90:c2:a4:69:46:
                    e4:eb:e9:3e:a8:7e:1a:10:96:9f:8a:af:11:cf:3e:
                    79:15:d9:a5:3c:41:08:f8:29:55:ce:24:b9:ae:19:
                    e0:25:be:3a:03:bb:81:c6:b6:f9:9f:1b:ca:e2:c9:
                    20:ea:a6:cc:08:83:14:9b:c0:99:4f:e6:10:09:a3:
                    6d:a0:e1:22:cb:5e:1e:92:d1:d3:97:e8:2c:f2:86:
                    79:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:13:1D:15:07:09:12:C2:5D:7C:03:97:6F:B6:5C:10:0E:7A:BE:F4
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/5xMdFQcJEsJdfAOXb7ZcEA56vvQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.5.189.0/24
                  81.168.35.0/24
                  82.152.178.0/24
                  82.153.69.0/24
                  82.153.240.0/24
                  82.153.243.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ad:d4:8a:de:86:52:46:09:c2:ba:e1:a8:ef:7d:81:b8:a1:8f:
         4d:c5:b5:17:28:6b:2e:a8:67:64:c2:9e:91:74:d1:2b:cb:23:
         25:f0:1f:2a:1c:16:21:5f:c8:c8:e0:0c:75:25:99:fa:de:85:
         ac:b9:a4:1a:8c:e0:a4:b4:c1:d4:da:18:f1:58:b0:75:1f:ee:
         51:c9:be:9c:f7:b6:d6:24:ce:0d:6d:6a:36:98:01:b9:96:bc:
         78:d2:fd:c8:eb:37:01:fb:03:e6:37:f3:e4:35:66:9c:81:71:
         d9:4a:e1:68:99:75:2b:ab:63:e1:5d:81:61:46:fd:9a:20:29:
         ea:f4:f6:4e:b7:79:6e:94:6d:43:51:6e:ad:2d:4f:32:ff:f3:
         b0:84:42:e2:39:0a:f9:79:24:36:54:f9:3c:50:87:34:e3:b2:
         19:ea:76:ea:be:75:ee:75:d0:64:1b:62:37:a1:b8:dc:d7:79:
         ca:26:5e:13:06:c1:38:ac:c6:8d:1e:bf:06:78:88:df:3e:96:
         39:1e:d3:5d:9f:25:ef:f7:a0:2c:3e:1d:f1:b6:0c:74:f2:77:
         5e:09:dc:29:25:c4:83:96:92:67:93:4a:92:2e:19:ac:2c:b2:
         f1:e0:b1:d4:e0:96:c8:49:80:cc:82:de:b4:ec:22:88:30:cb:
         9c:ca:87:93
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYaca1epSQtwhuQia7rQ1YcHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwMzAxMDkwNTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzEzMWQxNTA3MDkxMmMyNWQ3YzAzOTc2ZmI2NWMxMDBlN2FiZWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh1QL3FOjGvEsxeApJNdBmGvR7DVz
2jbzwTiYf2a08cnSkBsrJsKkCvlGc4YdCqk3kutf+pFW4bSdXP36c4iocX9Cn5qe
QBgh8T84wnrVmeVbQddER/ZFxGsyhs4O2M4Sm/FdzKp9kqDDWLTA31f9ml701pjX
LGrTVOxa44cKIgWOkQFknwUSSV9DPEU51RxXAqn/+IeJVzfARl6gglldYO8nOArF
52tGzomv9iyokMKkaUbk6+k+qH4aEJafiq8Rzz55FdmlPEEI+ClVziS5rhngJb46
A7uBxrb5nxvK4skg6qbMCIMUm8CZT+YQCaNtoOEiy14ektHTl+gs8oZ5SwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFOcTHRUHCRLCXXwDl2+2XBAOer70MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvNXhNZEZRY0pFc0pkZkFPWGI3WmNFQTU2dnZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAUQW9AwQA
UagjAwQAUpiyAwQAUplFAwQAUpnwAwQAUpnzMA0GCSqGSIb3DQEBCwUAA4IBAQCt
1IrehlJGCcK64ajvfYG4oY9NxbUXKGsuqGdkwp6RdNEryyMl8B8qHBYhX8jI4Ax1
JZn63oWsuaQajOCktMHU2hjxWLB1H+5Ryb6c97bWJM4NbWo2mAG5lrx40v3I6zcB
+wPmN/PkNWacgXHZSuFomXUrq2PhXYFhRv2aICnq9PZOt3lulG1DUW6tLU8y//Ow
hELiOQr5eSQ2VPk8UIc047IZ6nbqvnXuddBkG2I3objc13nKJl4TBsE4rMaNHr8G
eIjfPpY5HtNdnyXv96AsPh3xtgx08ndeCdwpJcSDlpJnk0qSLhmsLLLx4LHU4JbI
SYDMgt607CKIMMucyoeT
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:14 2024 by rpki-client on console-fra.rpki-client.org