Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/757GWgoAJuHq-j7bwjmTkxyc4aI.roa
File:                     757GWgoAJuHq-j7bwjmTkxyc4aI.roa (raw, json)
Hash identifier:          eeIerOtOFu+f1thzN7dE33QgCykm5o2zc9lKc2gNrB0=
Subject key identifier:   EF:9E:C6:5A:0A:00:26:E1:EA:FA:3E:DB:C2:39:93:93:1C:9C:E1:A2
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       01877EE8D88D4145AD0E05E9D3DF9D527DC9
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/757GWgoAJuHq-j7bwjmTkxyc4aI.roa
Signing time:             Fri 14 Apr 2023 08:36:41 +0000
ROA not before:           Fri 14 Apr 2023 08:36:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     60721
IP address blocks:        82.153.243.0/24 maxlen: 24
                          82.153.208.0/24 maxlen: 24
                          82.153.211.0/24 maxlen: 24
                          82.152.252.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 14 Apr 2023 08:39:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:7e:e8:d8:8d:41:45:ad:0e:05:e9:d3:df:9d:52:7d:c9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Apr 14 08:36:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ef9ec65a0a0026e1eafa3edbc23993931c9ce1a2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:25:f7:45:c2:28:90:02:20:71:8a:30:b0:f6:
                    6e:7d:b9:b4:2b:9f:22:2d:63:3d:6e:d0:1e:73:99:
                    f0:82:24:2d:d3:9d:a4:98:87:a0:fa:1d:7f:91:b3:
                    29:17:d9:0c:60:1a:8b:11:d1:07:9b:31:5f:f1:4e:
                    db:80:fb:e0:3e:04:f7:12:3d:54:07:f9:fa:3f:52:
                    60:b1:89:d4:21:84:b2:01:d9:0f:2b:4e:2c:02:d0:
                    4d:1e:90:70:54:03:02:71:47:bf:ee:37:3c:cd:81:
                    94:4a:99:24:f3:6f:82:77:4c:38:43:ea:9d:a4:a6:
                    a3:3a:7e:9b:30:1c:ee:9d:e4:cb:35:e4:c0:4d:30:
                    2f:b9:57:94:f8:4c:1e:32:c7:a3:8e:a9:61:9d:05:
                    8c:df:e8:1f:ce:cd:9f:1c:24:8b:8b:85:14:f2:46:
                    be:72:de:ab:3b:40:4a:71:4a:25:a9:a4:56:24:e3:
                    17:72:22:b1:51:e8:d1:0c:e7:be:a2:46:1e:10:11:
                    56:05:3b:3c:f0:6e:04:74:89:50:6d:84:12:0b:83:
                    5e:9a:33:9e:12:8d:9b:df:45:1e:f0:78:57:85:64:
                    21:05:c1:09:af:30:3e:4f:d5:3b:f2:80:fa:da:87:
                    25:7b:01:57:66:f6:b8:d6:f6:59:1b:61:25:bb:e4:
                    a3:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:9E:C6:5A:0A:00:26:E1:EA:FA:3E:DB:C2:39:93:93:1C:9C:E1:A2
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/757GWgoAJuHq-j7bwjmTkxyc4aI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.152.252.0/24
                  82.153.208.0/24
                  82.153.211.0/24
                  82.153.243.0/24

    Signature Algorithm: sha256WithRSAEncryption
         40:e0:4c:60:16:d6:5f:40:fb:9b:87:56:be:1c:c7:b0:08:51:
         d5:61:04:94:6d:18:e8:e1:9d:7a:3c:53:2f:51:83:81:86:60:
         2d:14:c3:12:b1:f6:21:13:b6:6b:09:3e:15:93:fd:67:83:06:
         fd:a3:a9:97:1d:31:0d:f1:86:03:23:08:34:f4:79:7d:71:89:
         44:e1:89:5f:8b:e1:9d:44:66:45:18:2b:06:48:e2:db:f3:38:
         a8:5b:69:16:34:c4:68:8d:96:bb:95:cf:ce:df:89:63:11:b7:
         d8:01:fd:80:fd:ab:f0:fb:da:f5:ab:c6:37:34:73:36:f8:00:
         ac:68:54:9a:0e:91:11:09:a6:0c:39:99:97:1e:f8:61:c9:93:
         e7:65:18:ec:6e:78:52:70:57:4e:a7:2f:af:59:ba:87:97:11:
         fc:1f:44:09:02:40:8c:a2:c5:7f:9b:50:aa:32:f8:14:43:e4:
         5f:32:37:60:f2:f9:4a:f5:52:91:ee:44:71:30:da:16:91:16:
         9d:29:4f:a0:da:ba:77:60:66:26:a2:a8:b5:ce:1c:e1:de:76:
         1a:d4:94:82:04:0e:10:75:a6:02:c3:cc:b7:48:89:2e:9c:fa:
         ce:8d:4e:a3:ad:17:b2:2d:70:ee:45:27:ea:54:30:ae:84:a4:
         93:e7:25:2e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYd+6NiNQUWtDgXp09+dUn3JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNDE0MDgzNjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjllYzY1YTBhMDAyNmUxZWFmYTNlZGJjMjM5OTM5MzFjOWNlMWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmSX3RcIokAIgcYowsPZufbm0K58i
LWM9btAec5nwgiQt052kmIeg+h1/kbMpF9kMYBqLEdEHmzFf8U7bgPvgPgT3Ej1U
B/n6P1JgsYnUIYSyAdkPK04sAtBNHpBwVAMCcUe/7jc8zYGUSpkk82+Cd0w4Q+qd
pKajOn6bMBzuneTLNeTATTAvuVeU+EweMsejjqlhnQWM3+gfzs2fHCSLi4UU8ka+
ct6rO0BKcUolqaRWJOMXciKxUejRDOe+okYeEBFWBTs88G4EdIlQbYQSC4NemjOe
Eo2b30Ue8HhXhWQhBcEJrzA+T9U78oD62oclewFXZva41vZZG2Elu+SjsQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFO+exloKACbh6vo+28I5k5McnOGiMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvNzU3R1dnb0FKdUhxLWo3YndqbVRreHljNGFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAUpj8AwQA
UpnQAwQAUpnTAwQAUpnzMA0GCSqGSIb3DQEBCwUAA4IBAQBA4ExgFtZfQPubh1a+
HMewCFHVYQSUbRjo4Z16PFMvUYOBhmAtFMMSsfYhE7ZrCT4Vk/1ngwb9o6mXHTEN
8YYDIwg09Hl9cYlE4Ylfi+GdRGZFGCsGSOLb8zioW2kWNMRojZa7lc/O34ljEbfY
Af2A/avw+9r1q8Y3NHM2+ACsaFSaDpERCaYMOZmXHvhhyZPnZRjsbnhScFdOpy+v
WbqHlxH8H0QJAkCMosV/m1CqMvgUQ+RfMjdg8vlK9VKR7kRxMNoWkRadKU+g2rp3
YGYmoqi1zhzh3nYa1JSCBA4QdaYCw8y3SIkunPrOjU6jrReyLXDuRSfqVDCuhKST
5yUu
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:14 2024 by rpki-client on console-fra.rpki-client.org