Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/688BWxv0XHnWaLr3-AbL0EEYGfM.roa
File:                     688BWxv0XHnWaLr3-AbL0EEYGfM.roa (raw, json)
Hash identifier:          o6hm4DwLBqWd/dlYTedd2YzOrFlzAFoo0W9iLZZQ8FI=
Subject key identifier:   EB:CF:01:5B:1B:F4:5C:79:D6:68:BA:F7:F8:06:CB:D0:41:18:19:F3
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       0187B2469003DD2EFB9FA84044F26993C2AB
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/688BWxv0XHnWaLr3-AbL0EEYGfM.roa
Signing time:             Mon 24 Apr 2023 07:59:41 +0000
ROA not before:           Mon 24 Apr 2023 07:59:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     996
IP address blocks:        82.153.231.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:30:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:b2:46:90:03:dd:2e:fb:9f:a8:40:44:f2:69:93:c2:ab
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Apr 24 07:59:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ebcf015b1bf45c79d668baf7f806cbd0411819f3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:5e:d2:5f:46:53:16:74:e5:d9:f6:87:9e:03:
                    a8:61:fb:1d:71:e9:52:89:34:9a:e4:ac:ff:90:c9:
                    2e:a8:00:19:14:7a:d5:5d:00:c7:c7:aa:67:4f:ae:
                    59:ff:e1:5e:d5:e7:e6:f1:4d:1d:44:a6:db:55:9d:
                    b8:1d:71:63:61:57:18:a2:df:77:7c:f1:99:c0:e1:
                    95:ff:45:60:e0:fc:2a:17:12:8d:1b:4e:8d:a3:63:
                    df:f1:cb:57:41:e5:a9:6c:f0:4f:b2:4b:83:ef:e7:
                    8a:b4:05:53:fd:52:ec:ba:b6:f0:a1:a6:fe:c8:83:
                    84:ae:af:77:9e:27:47:86:3b:05:1c:50:34:dd:16:
                    fb:04:ab:72:4e:3f:25:0e:93:a3:d9:90:51:f7:e4:
                    27:4d:90:82:da:e3:de:90:ac:30:bd:84:f7:a1:dc:
                    38:0f:88:c2:23:5e:3c:8f:53:62:d8:f8:ca:6f:4c:
                    c2:85:1e:87:80:11:ea:bc:c3:5d:1d:ff:67:ca:45:
                    b3:1e:85:f6:ce:11:99:42:97:c6:b8:6a:3a:a0:70:
                    e9:52:c4:90:f3:d4:ce:e9:5b:2d:6e:c0:99:63:7f:
                    ef:59:43:58:7d:b2:d0:01:8e:5c:3a:95:34:7c:58:
                    61:97:4f:0f:fc:0a:16:52:d1:d2:fc:1b:81:99:aa:
                    56:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:CF:01:5B:1B:F4:5C:79:D6:68:BA:F7:F8:06:CB:D0:41:18:19:F3
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/688BWxv0XHnWaLr3-AbL0EEYGfM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.231.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5d:e7:16:6b:37:df:d9:29:25:9c:a9:52:d8:0b:bc:03:b6:b8:
         aa:2d:46:76:4d:5f:ad:22:63:cb:b1:06:d8:8e:9b:0a:ef:2a:
         a4:98:9a:63:55:6f:06:23:9e:2a:fa:be:19:be:78:f7:d2:61:
         79:7a:0e:7d:86:92:01:b3:c5:6e:71:5e:5d:e2:2a:68:83:9f:
         63:e6:77:1c:2b:c1:a6:1a:31:bf:18:eb:06:28:5b:ef:93:aa:
         67:73:0b:db:36:45:9d:8a:5c:97:a1:56:b0:dc:58:66:21:2c:
         ed:07:bd:b1:f5:56:d2:61:bf:dc:c5:2f:7d:09:b5:92:16:e8:
         28:dc:2d:b6:13:ea:a5:af:16:f2:18:2f:64:55:28:c0:cd:8b:
         47:e3:57:36:65:95:00:99:9e:1c:cd:54:1c:a9:f6:8b:58:a5:
         5f:4b:69:96:a7:08:98:40:7d:57:94:a5:19:05:79:2d:6d:d1:
         a4:f5:26:b4:7b:27:57:28:2d:6e:fd:c0:7b:ef:9a:6e:3f:80:
         c1:21:ca:b8:66:97:f2:33:ed:bc:72:e4:7a:a1:a4:cc:a1:7a:
         07:ce:0e:ad:a3:b1:cd:9c:15:ef:f7:68:d1:1a:f0:7f:02:8a:
         20:90:27:5c:ad:0e:5f:23:b9:29:64:93:16:31:07:8a:f0:7c:
         16:20:ab:f9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYeyRpAD3S77n6hARPJpk8KrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNDI0MDc1OTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYmNmMDE1YjFiZjQ1Yzc5ZDY2OGJhZjdmODA2Y2JkMDQxMTgxOWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqV7SX0ZTFnTl2faHngOoYfsdcelS
iTSa5Kz/kMkuqAAZFHrVXQDHx6pnT65Z/+Fe1efm8U0dRKbbVZ24HXFjYVcYot93
fPGZwOGV/0Vg4PwqFxKNG06No2Pf8ctXQeWpbPBPskuD7+eKtAVT/VLsurbwoab+
yIOErq93nidHhjsFHFA03Rb7BKtyTj8lDpOj2ZBR9+QnTZCC2uPekKwwvYT3odw4
D4jCI148j1Ni2PjKb0zChR6HgBHqvMNdHf9nykWzHoX2zhGZQpfGuGo6oHDpUsSQ
89TO6VstbsCZY3/vWUNYfbLQAY5cOpU0fFhhl08P/AoWUtHS/BuBmapWewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOvPAVsb9Fx51mi69/gGy9BBGBnzMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvNjg4Qld4djBYSG5XYUxyMy1BYkwwRUVZR2ZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpnnMA0G
CSqGSIb3DQEBCwUAA4IBAQBd5xZrN9/ZKSWcqVLYC7wDtriqLUZ2TV+tImPLsQbY
jpsK7yqkmJpjVW8GI54q+r4Zvnj30mF5eg59hpIBs8VucV5d4ipog59j5nccK8Gm
GjG/GOsGKFvvk6pncwvbNkWdilyXoVaw3FhmISztB72x9VbSYb/cxS99CbWSFugo
3C22E+qlrxbyGC9kVSjAzYtH41c2ZZUAmZ4czVQcqfaLWKVfS2mWpwiYQH1XlKUZ
BXktbdGk9Sa0eydXKC1u/cB775puP4DBIcq4ZpfyM+28cuR6oaTMoXoHzg6to7HN
nBXv92jRGvB/AoogkCdcrQ5fI7kpZJMWMQeK8HwWIKv5
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:14 2024 by rpki-client on console-fra.rpki-client.org