Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/5y1zt3vp7dY9Lg5tRFfAbthkSTo.roa
File:                     5y1zt3vp7dY9Lg5tRFfAbthkSTo.roa (raw, json)
Hash identifier:          qwecLvf/ou/fpNd3YsaoolIm+gtaPjpJVMbaaDOjL+0=
Subject key identifier:   E7:2D:73:B7:7B:E9:ED:D6:3D:2E:0E:6D:44:57:C0:6E:D8:64:49:3A
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       01896DCA6169F7A450132E0751C3A2067BD3
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/5y1zt3vp7dY9Lg5tRFfAbthkSTo.roa
Signing time:             Wed 19 Jul 2023 10:55:26 +0000
ROA not before:           Wed 19 Jul 2023 10:55:26 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212815
IP address blocks:        82.153.248.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 18 Sep 2023 07:38:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:6d:ca:61:69:f7:a4:50:13:2e:07:51:c3:a2:06:7b:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jul 19 10:55:26 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e72d73b77be9edd63d2e0e6d4457c06ed864493a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:e9:97:20:a9:1a:c2:42:e9:af:bd:ed:9b:1c:
                    d1:f9:3d:6e:59:1a:c7:51:6a:91:dd:78:7a:df:a0:
                    da:97:05:d6:5f:35:e9:db:15:b7:7e:83:72:c1:89:
                    f4:b0:3e:bd:0a:56:0a:60:cd:3d:23:01:4a:00:3c:
                    d9:6d:b0:5c:0a:27:46:4d:44:05:0e:c8:15:f2:e1:
                    5c:a1:ae:4c:e0:28:2b:10:a6:de:bf:40:1d:c4:eb:
                    56:bd:be:f4:17:c5:18:5c:c4:04:3e:de:95:9f:aa:
                    e5:90:3e:50:11:66:d2:6a:6b:78:ee:02:1d:05:11:
                    88:d8:57:39:0c:78:8c:3b:c4:0a:35:99:97:22:11:
                    65:10:9d:5f:ee:b7:a3:28:30:42:70:9f:04:2e:79:
                    0b:34:39:a4:b6:83:48:6d:6c:f0:a7:46:f1:63:e9:
                    6f:59:9f:71:ca:6f:98:9c:43:23:9d:64:e0:8a:09:
                    19:ef:b3:cf:17:9a:ff:1e:9c:4c:9f:5d:ac:f4:9b:
                    62:bd:19:40:a4:1a:6a:99:25:ba:39:08:d5:ce:7d:
                    e5:d0:c9:b1:b9:89:7d:8e:c1:d0:9d:0c:bd:9b:28:
                    78:70:6c:50:3e:67:3d:af:1d:1c:dc:8f:d1:d0:da:
                    9c:8b:84:dd:58:74:02:dc:e4:d3:56:c0:a3:26:fa:
                    f7:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:2D:73:B7:7B:E9:ED:D6:3D:2E:0E:6D:44:57:C0:6E:D8:64:49:3A
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/5y1zt3vp7dY9Lg5tRFfAbthkSTo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.248.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3b:42:ad:93:dd:1f:13:d9:9c:85:a8:54:d6:78:bc:32:9c:cd:
         a9:d1:68:a8:68:f4:35:35:32:46:70:b8:3d:0d:2f:7a:35:dc:
         e7:a0:d1:f2:0b:c5:bd:bc:29:ce:e5:61:20:c7:26:ef:96:5c:
         89:15:f3:b2:34:e9:f6:6e:de:30:eb:41:a4:9f:34:3a:0e:c4:
         f8:ed:ba:12:79:eb:26:3d:a7:17:90:ca:33:3f:ca:67:20:5e:
         2a:60:80:a9:00:01:f3:e4:dd:1f:2f:60:a2:9f:30:68:a0:7c:
         4d:35:f4:21:0b:81:23:9c:21:7d:a1:c3:a1:3b:9c:ab:e4:be:
         a6:9c:9e:2c:f6:cd:3f:e2:8c:8e:f7:49:6f:e0:05:98:21:a4:
         cb:14:af:3d:a5:b5:3f:f2:61:bc:6b:bb:8e:75:dc:45:a0:1f:
         ba:66:6c:cf:87:fc:fb:be:c2:1e:1c:ac:85:3d:68:1e:b8:f6:
         b9:a6:57:31:6b:dd:0f:cb:4c:3a:18:6f:d1:0f:df:c8:93:93:
         a6:50:07:d9:ed:50:7a:35:bc:f0:e2:e3:24:40:b3:5c:78:ed:
         42:bd:68:0e:3e:5a:91:18:40:40:d5:1d:fb:4d:d9:e3:79:92:
         b2:1c:01:68:bb:60:85:f3:e2:23:b4:eb:33:72:1a:ee:10:e9:
         43:5f:22:01
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYltymFp96RQEy4HUcOiBnvTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNzE5MTA1NTI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzJkNzNiNzdiZTllZGQ2M2QyZTBlNmQ0NDU3YzA2ZWQ4NjQ0OTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw+mXIKkawkLpr73tmxzR+T1uWRrH
UWqR3Xh636DalwXWXzXp2xW3foNywYn0sD69ClYKYM09IwFKADzZbbBcCidGTUQF
DsgV8uFcoa5M4CgrEKbev0AdxOtWvb70F8UYXMQEPt6Vn6rlkD5QEWbSamt47gId
BRGI2Fc5DHiMO8QKNZmXIhFlEJ1f7rejKDBCcJ8ELnkLNDmktoNIbWzwp0bxY+lv
WZ9xym+YnEMjnWTgigkZ77PPF5r/HpxMn12s9JtivRlApBpqmSW6OQjVzn3l0Mmx
uYl9jsHQnQy9myh4cGxQPmc9rx0c3I/R0Nqci4TdWHQC3OTTVsCjJvr3sQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOctc7d76e3WPS4ObURXwG7YZEk6MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvNXkxenQzdnA3ZFk5TGc1dFJGZkFidGhrU1RvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpn4MA0G
CSqGSIb3DQEBCwUAA4IBAQA7Qq2T3R8T2ZyFqFTWeLwynM2p0WioaPQ1NTJGcLg9
DS96NdznoNHyC8W9vCnO5WEgxybvllyJFfOyNOn2bt4w60GknzQ6DsT47boSeesm
PacXkMozP8pnIF4qYICpAAHz5N0fL2CinzBooHxNNfQhC4EjnCF9ocOhO5yr5L6m
nJ4s9s0/4oyO90lv4AWYIaTLFK89pbU/8mG8a7uOddxFoB+6ZmzPh/z7vsIeHKyF
PWgeuPa5plcxa90Py0w6GG/RD9/Ik5OmUAfZ7VB6Nbzw4uMkQLNceO1CvWgOPlqR
GEBA1R37TdnjeZKyHAFou2CF8+IjtOszchruEOlDXyIB
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:20 2024 by rpki-client on console-ams.rpki-client.org