Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/7TW3xw6o33plN4lhZ9G_ZZl4s0I.roa
File:                     7TW3xw6o33plN4lhZ9G_ZZl4s0I.roa (raw, json)
Hash identifier:          +XCipzFPQYfTuwc//VaiAwMNJujLkskU7qMTHGTEh2E=
Subject key identifier:   ED:35:B7:C7:0E:A8:DF:7A:65:37:89:61:67:D1:BF:65:99:78:B3:42
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       0186921462DBF74222FA5BAD91F17FF85C5B
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/7TW3xw6o33plN4lhZ9G_ZZl4s0I.roa
Signing time:             Mon 27 Feb 2023 08:54:14 +0000
ROA not before:           Mon 27 Feb 2023 08:54:14 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211826
IP address blocks:        82.152.179.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 10 Nov 2023 08:53:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:92:14:62:db:f7:42:22:fa:5b:ad:91:f1:7f:f8:5c:5b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Feb 27 08:54:14 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ed35b7c70ea8df7a6537896167d1bf659978b342
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:0d:58:67:c6:29:87:24:81:cd:48:64:18:53:
                    4a:19:79:46:b2:09:35:67:43:8e:9a:c4:c9:9a:c7:
                    4e:88:ce:70:9b:cd:8a:1e:04:c9:5d:64:15:3b:6b:
                    d1:c7:76:91:d5:f4:ab:b7:f8:24:21:c7:93:a6:41:
                    04:90:34:9e:c7:e1:43:9a:81:14:a5:5a:52:79:9f:
                    b6:f6:40:44:e6:a7:0e:3e:e9:cf:00:26:60:88:fc:
                    78:f3:18:9f:ac:95:a7:53:99:79:b1:55:b1:9b:ec:
                    9a:50:0d:08:fe:3d:8d:0d:4b:13:43:d3:0f:3d:ec:
                    f3:df:97:57:b5:b4:bf:d8:82:98:3f:9e:92:d1:a5:
                    8c:93:ed:03:6c:1b:77:14:2f:dd:bf:c3:84:37:15:
                    d4:aa:9e:ce:5d:5c:fa:f1:ca:1b:42:df:ab:29:2a:
                    cd:90:b9:b9:78:08:3c:6e:72:14:a1:5f:10:d1:d9:
                    1d:63:5d:1f:c9:63:fd:64:98:01:ea:1e:91:f8:60:
                    a9:a1:06:70:56:23:64:bd:75:72:bd:81:4e:2a:39:
                    fa:c2:5c:4f:68:40:c4:70:56:e2:fc:35:23:7e:85:
                    ee:f4:73:ed:70:23:6a:6b:06:e7:25:81:00:21:68:
                    ce:17:9f:4f:41:dc:95:da:4d:50:ed:fe:21:1a:f9:
                    5e:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:35:B7:C7:0E:A8:DF:7A:65:37:89:61:67:D1:BF:65:99:78:B3:42
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/7TW3xw6o33plN4lhZ9G_ZZl4s0I.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.152.179.0/24

    Signature Algorithm: sha256WithRSAEncryption
         07:3c:d4:15:47:db:81:0a:ef:71:aa:e4:44:c8:6b:1a:c9:94:
         77:6a:16:90:d0:ee:ce:4d:56:14:d8:41:28:20:a5:c1:27:ee:
         61:62:ed:07:33:c2:90:86:56:94:4d:2f:f8:ea:90:87:c5:ac:
         bd:25:0c:6c:a7:ae:f0:1f:dd:cf:b4:93:d8:6f:71:3f:70:2b:
         e8:9a:d3:ef:5e:a9:42:a4:31:b3:8c:37:9c:d9:e5:94:8f:02:
         03:1d:a5:84:af:23:6f:06:fd:73:4e:23:9b:e5:1d:15:51:cf:
         1a:a4:3e:9f:27:b9:d9:71:ef:df:c8:ba:99:35:9d:d2:32:52:
         93:eb:12:5f:75:6f:0a:e8:80:37:b5:e8:36:26:e9:f5:48:cf:
         06:5a:6d:50:5f:0a:31:5a:54:66:f9:61:7c:59:33:28:f4:cc:
         69:c7:7f:f9:b7:5c:87:da:fb:62:5c:6e:b0:c2:94:50:6c:b6:
         b6:0e:15:90:f4:00:db:9f:7c:aa:6d:9a:8d:3c:06:94:22:f7:
         f1:25:e1:2b:80:72:52:fe:e8:b5:b0:35:3a:9b:75:77:54:95:
         54:6a:26:9f:d2:c6:cb:17:2e:7e:7e:23:fc:b8:84:0d:05:c8:
         fc:c6:2e:9a:71:50:3a:da:41:0e:45:52:d0:3c:58:43:3d:2a:
         1f:3f:35:37
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYaSFGLb90Ii+lutkfF/+FxbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwMjI3MDg1NDE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDM1YjdjNzBlYThkZjdhNjUzNzg5NjE2N2QxYmY2NTk5NzhiMzQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0A1YZ8YphySBzUhkGFNKGXlGsgk1
Z0OOmsTJmsdOiM5wm82KHgTJXWQVO2vRx3aR1fSrt/gkIceTpkEEkDSex+FDmoEU
pVpSeZ+29kBE5qcOPunPACZgiPx48xifrJWnU5l5sVWxm+yaUA0I/j2NDUsTQ9MP
Pezz35dXtbS/2IKYP56S0aWMk+0DbBt3FC/dv8OENxXUqp7OXVz68cobQt+rKSrN
kLm5eAg8bnIUoV8Q0dkdY10fyWP9ZJgB6h6R+GCpoQZwViNkvXVyvYFOKjn6wlxP
aEDEcFbi/DUjfoXu9HPtcCNqawbnJYEAIWjOF59PQdyV2k1Q7f4hGvleFQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO01t8cOqN96ZTeJYWfRv2WZeLNCMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvN1RXM3h3Nm8zM3BsTjRsaFo5R19aWmw0czBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpizMA0G
CSqGSIb3DQEBCwUAA4IBAQAHPNQVR9uBCu9xquREyGsayZR3ahaQ0O7OTVYU2EEo
IKXBJ+5hYu0HM8KQhlaUTS/46pCHxay9JQxsp67wH93PtJPYb3E/cCvomtPvXqlC
pDGzjDec2eWUjwIDHaWEryNvBv1zTiOb5R0VUc8apD6fJ7nZce/fyLqZNZ3SMlKT
6xJfdW8K6IA3teg2Jun1SM8GWm1QXwoxWlRm+WF8WTMo9Mxpx3/5t1yH2vtiXG6w
wpRQbLa2DhWQ9ADbn3yqbZqNPAaUIvfxJeErgHJS/ui1sDU6m3V3VJVUaiaf0sbL
Fy5+fiP8uIQNBcj8xi6acVA62kEORVLQPFhDPSofPzU3
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:14 2024 by rpki-client on console-fra.rpki-client.org