Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/6UdtxCMxySQ9kuVN4V3b5KUqzJY.roa
File:                     6UdtxCMxySQ9kuVN4V3b5KUqzJY.roa (raw, json)
Hash identifier:          maEvHn66b+NtxlZzhtYxV/S/HbB/7IoXOrc8L503yQo=
Subject key identifier:   E9:47:6D:C4:23:31:C9:24:3D:92:E5:4D:E1:5D:DB:E4:A5:2A:CC:96
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018571FA2666F31482FB82690D39F7F0E22B
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/6UdtxCMxySQ9kuVN4V3b5KUqzJY.roa
Signing time:             Mon 02 Jan 2023 10:14:57 +0000
ROA not before:           Mon 02 Jan 2023 10:14:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     60721
IP address blocks:        82.153.240.0/24 maxlen: 24
                          82.152.176.0/24 maxlen: 24
                          82.153.243.0/24 maxlen: 24
                          82.153.68.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 09 Jan 2023 09:26:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:fa:26:66:f3:14:82:fb:82:69:0d:39:f7:f0:e2:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jan  2 10:14:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e9476dc42331c9243d92e54de15ddbe4a52acc96
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:af:31:82:3b:b5:ee:89:9d:92:64:9b:e9:1e:
                    03:4a:57:64:ac:c7:0d:2b:01:3b:05:63:e1:77:37:
                    c4:23:86:2e:6b:6b:11:ad:16:3b:ce:89:d1:ec:cd:
                    cf:ff:32:1a:42:61:fc:22:1b:f9:14:2b:a4:b3:14:
                    9c:e4:b9:d3:7f:20:ad:2d:a3:0e:04:f3:78:fb:78:
                    60:d2:d7:82:6b:de:9f:a1:14:bc:97:43:29:f4:4b:
                    c1:14:e1:9b:11:1f:12:01:da:1d:ca:c2:bc:09:9c:
                    75:da:95:42:c6:f7:2a:f6:a2:5e:39:7b:46:d1:c5:
                    5c:30:dc:e2:4e:c5:d9:f5:ee:b6:07:85:c2:80:68:
                    f4:ed:ff:1a:4a:da:5e:78:95:7d:f3:b0:60:08:47:
                    b3:b0:14:ba:51:d3:26:1f:37:3e:03:7b:cb:63:09:
                    f6:c0:60:ec:19:4a:ab:22:da:6a:ae:e4:7b:69:68:
                    50:76:90:00:95:78:ce:b5:4f:39:e6:6e:a3:0c:6e:
                    21:2f:bb:47:f5:79:dc:85:c2:94:47:4a:bb:0b:76:
                    b9:ed:0f:8d:83:d5:d1:93:c4:56:61:73:58:29:dc:
                    e0:b9:ef:16:7e:f6:70:3e:a2:a4:b7:84:78:9f:b4:
                    2d:33:08:34:d5:ae:83:1f:5b:f2:bf:5a:ae:17:fc:
                    44:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:47:6D:C4:23:31:C9:24:3D:92:E5:4D:E1:5D:DB:E4:A5:2A:CC:96
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/6UdtxCMxySQ9kuVN4V3b5KUqzJY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.152.176.0/24
                  82.153.68.0/24
                  82.153.240.0/24
                  82.153.243.0/24

    Signature Algorithm: sha256WithRSAEncryption
         11:66:53:b8:2c:65:87:87:43:3c:8f:47:06:fc:cd:ce:90:ad:
         ac:29:54:ae:e7:02:4e:7e:ea:94:ae:19:83:ad:cd:34:f4:d6:
         29:16:20:eb:ce:44:4f:d5:b9:ba:5d:e7:f8:3e:72:20:17:f8:
         a6:b0:2b:1c:c9:5a:c8:24:b0:f0:f1:9c:bc:ff:bd:b7:c5:eb:
         b9:c9:54:c6:07:80:5c:8e:1b:0d:b6:14:1c:17:6e:58:da:b5:
         67:af:64:e7:04:bb:7c:b8:c3:f6:a7:97:2d:0c:ea:54:bd:2b:
         da:0b:c9:2c:b8:12:31:eb:1a:da:0d:40:7b:ea:27:4e:02:26:
         71:20:e7:a1:c0:8f:fc:04:28:3b:92:72:88:21:1e:9e:c1:e4:
         67:6a:2c:9d:4b:a8:ba:51:30:06:27:8e:c4:44:4f:3d:ce:6a:
         65:93:13:17:78:8d:8c:6e:26:12:80:83:37:8c:f9:3e:ae:b9:
         fd:03:85:cd:1e:0c:ab:16:7d:f3:f8:58:6f:1e:b1:00:79:4a:
         fa:13:a2:a7:23:ac:4b:cd:10:55:d5:4d:34:2c:4f:31:9f:10:
         a8:ed:1b:cc:3e:f3:4a:07:ea:89:f9:94:46:37:76:74:81:a2:
         0b:74:c4:61:7a:5b:b5:20:47:38:84:e7:00:44:8f:43:0d:d4:
         a1:b0:2e:db
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVx+iZm8xSC+4JpDTn38OIrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwMTAyMTAxNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOTQ3NmRjNDIzMzFjOTI0M2Q5MmU1NGRlMTVkZGJlNGE1MmFjYzk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvq8xgju17omdkmSb6R4DSldkrMcN
KwE7BWPhdzfEI4Yua2sRrRY7zonR7M3P/zIaQmH8Ihv5FCuksxSc5LnTfyCtLaMO
BPN4+3hg0teCa96foRS8l0Mp9EvBFOGbER8SAdodysK8CZx12pVCxvcq9qJeOXtG
0cVcMNziTsXZ9e62B4XCgGj07f8aStpeeJV987BgCEezsBS6UdMmHzc+A3vLYwn2
wGDsGUqrItpqruR7aWhQdpAAlXjOtU855m6jDG4hL7tH9XnchcKUR0q7C3a57Q+N
g9XRk8RWYXNYKdzgue8WfvZwPqKkt4R4n7QtMwg01a6DH1vyv1quF/xE9QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOlHbcQjMckkPZLlTeFd2+SlKsyWMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvNlVkdHhDTXh5U1E5a3VWTjRWM2I1S1VxekpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAUpiwAwQA
UplEAwQAUpnwAwQAUpnzMA0GCSqGSIb3DQEBCwUAA4IBAQARZlO4LGWHh0M8j0cG
/M3OkK2sKVSu5wJOfuqUrhmDrc009NYpFiDrzkRP1bm6Xef4PnIgF/imsCscyVrI
JLDw8Zy8/723xeu5yVTGB4BcjhsNthQcF25Y2rVnr2TnBLt8uMP2p5ctDOpUvSva
C8ksuBIx6xraDUB76idOAiZxIOehwI/8BCg7knKIIR6eweRnaiydS6i6UTAGJ47E
RE89zmplkxMXeI2MbiYSgIM3jPk+rrn9A4XNHgyrFn3z+FhvHrEAeUr6E6KnI6xL
zRBV1U00LE8xnxCo7RvMPvNKB+qJ+ZRGN3Z0gaILdMRhelu1IEc4hOcARI9DDdSh
sC7b
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:20 2024 by rpki-client on console-ams.rpki-client.org