Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/6iO3oCijJeQcxj04dr2Ll9MIsno.roa
File:                     6iO3oCijJeQcxj04dr2Ll9MIsno.roa (raw, json)
Hash identifier:          1lcOduoPhNX8ZVUjxXtLu0IlPN0gWQ9Ib6MGqkEkTb0=
Subject key identifier:   EA:23:B7:A0:28:A3:25:E4:1C:C6:3D:38:76:BD:8B:97:D3:08:B2:7A
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018C5D4D27F006766377A21EBF70DC403489
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/6iO3oCijJeQcxj04dr2Ll9MIsno.roa
Signing time:             Tue 12 Dec 2023 09:13:06 +0000
ROA not before:           Tue 12 Dec 2023 09:13:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     42831
IP address blocks:        89.213.191.0/24 maxlen: 24
                          82.153.66.0/24 maxlen: 24
                          82.152.110.0/24 maxlen: 24
                          89.213.131.0/24 maxlen: 24
                          109.176.253.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 13 Dec 2023 00:33:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:5d:4d:27:f0:06:76:63:77:a2:1e:bf:70:dc:40:34:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Dec 12 09:13:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ea23b7a028a325e41cc63d3876bd8b97d308b27a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:43:35:34:d1:8e:eb:a1:e0:96:92:e9:65:f2:
                    1d:e1:7a:a0:7a:58:3c:df:a7:42:bd:4e:64:e6:8a:
                    97:16:0c:b3:a3:ec:5b:70:c1:37:26:ac:f5:42:9d:
                    38:eb:7b:5b:6e:7e:0d:e6:85:4f:2c:f2:52:1f:66:
                    5c:1a:03:ba:7c:d4:ec:2e:79:b6:78:1c:d4:1b:30:
                    e5:a2:5f:c2:a8:74:ef:65:97:89:2f:d2:86:1e:37:
                    78:d8:0f:71:81:40:55:61:f3:cd:43:3b:b9:f6:5b:
                    c2:cb:b5:08:b9:3c:f1:3d:68:83:0a:77:69:97:ca:
                    4e:2d:ae:6d:88:cf:28:4c:79:03:e2:f0:53:b7:45:
                    8c:81:12:58:19:2d:b6:67:69:20:ac:f8:3d:45:1c:
                    01:9a:3a:ea:f9:76:c9:c1:a1:e1:68:00:65:7f:2c:
                    ec:d9:77:3a:9c:c0:33:7a:c9:a5:af:d8:85:6f:81:
                    29:5c:53:92:17:7d:79:99:5f:0b:ed:09:a5:ac:99:
                    9f:21:b5:cd:16:10:ac:36:d5:16:f1:a3:57:0c:df:
                    e8:a3:9d:ba:10:74:3c:81:48:40:7d:64:e6:e2:91:
                    89:ad:30:9f:9a:78:a8:82:54:04:1a:f6:42:5c:c0:
                    65:b5:5f:86:d7:b8:7d:48:19:5b:b1:22:15:cd:eb:
                    93:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:23:B7:A0:28:A3:25:E4:1C:C6:3D:38:76:BD:8B:97:D3:08:B2:7A
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/6iO3oCijJeQcxj04dr2Ll9MIsno.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.152.110.0/24
                  82.153.66.0/24
                  89.213.131.0/24
                  89.213.191.0/24
                  109.176.253.0/24

    Signature Algorithm: sha256WithRSAEncryption
         17:c0:30:a4:6b:4a:7d:51:68:7f:a0:4b:13:26:da:9b:73:ac:
         24:64:61:68:3c:42:d1:42:6a:99:41:45:33:6d:4c:d7:21:67:
         c9:51:fb:f9:8d:d4:ef:32:d5:a8:72:12:85:f7:68:8c:cb:8a:
         04:2d:29:d1:98:0d:ed:68:c2:5e:74:62:d6:c1:9a:a2:cf:0a:
         2f:f8:87:df:0b:73:f8:40:3e:ae:2d:cf:ac:dd:59:13:da:ad:
         94:d2:b8:3b:bc:9c:28:7f:c8:0c:3d:bc:17:61:15:60:b6:0d:
         31:94:a0:4a:76:d0:0d:6d:06:f3:0b:62:bd:86:2e:a5:e1:6b:
         ed:3d:41:00:68:60:64:39:40:05:47:fd:f0:7e:09:c6:8e:cf:
         36:e4:8b:d4:d5:53:80:3a:62:61:e8:5e:e0:eb:8e:58:d3:a0:
         da:a5:2d:c6:e9:d3:51:1a:68:72:b6:7d:6b:ca:dd:20:82:e7:
         b5:be:67:5b:c0:5b:5b:9f:c4:fd:4b:2b:56:7b:a3:52:59:6c:
         61:39:3f:45:b3:5f:41:76:b2:f5:6b:b0:e9:ce:93:f9:8b:5c:
         ca:95:e4:d1:b0:93:0f:9e:9f:86:b7:94:6e:78:83:77:74:88:
         06:28:8d:36:92:f5:6c:92:14:12:70:37:a0:c3:bb:57:3f:f4:
         35:2a:0f:39
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYxdTSfwBnZjd6Iev3DcQDSJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMxMjEyMDkxMzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTIzYjdhMDI4YTMyNWU0MWNjNjNkMzg3NmJkOGI5N2QzMDhiMjdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqUM1NNGO66HglpLpZfId4Xqgelg8
36dCvU5k5oqXFgyzo+xbcME3Jqz1Qp0463tbbn4N5oVPLPJSH2ZcGgO6fNTsLnm2
eBzUGzDlol/CqHTvZZeJL9KGHjd42A9xgUBVYfPNQzu59lvCy7UIuTzxPWiDCndp
l8pOLa5tiM8oTHkD4vBTt0WMgRJYGS22Z2kgrPg9RRwBmjrq+XbJwaHhaABlfyzs
2Xc6nMAzesmlr9iFb4EpXFOSF315mV8L7QmlrJmfIbXNFhCsNtUW8aNXDN/oo526
EHQ8gUhAfWTm4pGJrTCfmnioglQEGvZCXMBltV+G17h9SBlbsSIVzeuTvQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFOojt6AooyXkHMY9OHa9i5fTCLJ6MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvNmlPM29DaWpKZVFjeGowNGRyMkxsOU1Jc25vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAUphuAwQA
UplCAwQAWdWDAwQAWdW/AwQAbbD9MA0GCSqGSIb3DQEBCwUAA4IBAQAXwDCka0p9
UWh/oEsTJtqbc6wkZGFoPELRQmqZQUUzbUzXIWfJUfv5jdTvMtWochKF92iMy4oE
LSnRmA3taMJedGLWwZqizwov+IffC3P4QD6uLc+s3VkT2q2U0rg7vJwof8gMPbwX
YRVgtg0xlKBKdtANbQbzC2K9hi6l4WvtPUEAaGBkOUAFR/3wfgnGjs825IvU1VOA
OmJh6F7g645Y06DapS3G6dNRGmhytn1ryt0ggue1vmdbwFtbn8T9SytWe6NSWWxh
OT9Fs19BdrL1a7DpzpP5i1zKleTRsJMPnp+Gt5RueIN3dIgGKI02kvVskhQScDeg
w7tXP/Q1Kg85
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:14 2024 by rpki-client on console-fra.rpki-client.org