Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/7Z6GLQzy72HcQ2lGkIFM-07Ni34.roa
File:                     7Z6GLQzy72HcQ2lGkIFM-07Ni34.roa (raw, json)
Hash identifier:          lK/l2sfd0I+5fmhH2y2iwL1Fw9Jqf/PTf0928C3JQRA=
Subject key identifier:   ED:9E:86:2D:0C:F2:EF:61:DC:43:69:46:90:81:4C:FB:4E:CD:8B:7E
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       01864A8317ED3CB56A9A14BB351FB8D496F6
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/7Z6GLQzy72HcQ2lGkIFM-07Ni34.roa
Signing time:             Mon 13 Feb 2023 11:22:30 +0000
ROA not before:           Mon 13 Feb 2023 11:22:30 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     135752
IP address blocks:        82.152.248.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 06 Mar 2023 13:35:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:4a:83:17:ed:3c:b5:6a:9a:14:bb:35:1f:b8:d4:96:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Feb 13 11:22:30 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ed9e862d0cf2ef61dc43694690814cfb4ecd8b7e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:17:23:99:a0:fb:37:9d:eb:86:4e:9d:94:d4:
                    68:31:b1:7f:2c:f9:da:c0:3b:b4:20:d6:aa:ed:28:
                    82:bc:d2:ea:02:29:21:d9:2e:91:af:90:29:9c:a0:
                    15:0f:c1:da:ab:98:7c:7e:fa:a8:81:5c:21:02:d3:
                    c7:4f:33:82:96:18:eb:f5:5f:5b:c3:74:ce:2d:49:
                    06:b1:d4:73:25:76:62:1e:36:40:55:3a:47:80:d8:
                    00:ee:aa:17:02:84:8f:3d:56:21:57:32:9f:1f:0a:
                    83:b6:e2:b0:56:0f:bd:3f:e9:f0:03:40:61:3c:5a:
                    4f:2f:cc:41:a5:35:48:72:d3:7c:fa:c7:43:89:ad:
                    b1:5a:6d:05:fe:60:6d:3f:1e:68:bf:6d:52:41:51:
                    e3:34:a8:3c:5b:19:d2:ee:93:84:78:36:be:96:c2:
                    fd:ee:57:fa:34:c2:0e:b3:52:64:95:28:cf:ff:57:
                    51:7f:22:54:97:19:8c:6c:cf:9b:95:10:55:dd:0f:
                    ce:1b:d5:45:96:d2:16:17:91:ca:0e:4d:f2:de:4d:
                    f4:f6:76:0d:6f:a1:03:f9:92:d1:fb:97:8c:e3:48:
                    71:79:8e:f3:7d:3a:cc:90:c7:ac:f0:00:fd:2b:a2:
                    32:22:33:90:1e:60:c7:6b:69:1b:7d:56:b8:d6:2f:
                    f0:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:9E:86:2D:0C:F2:EF:61:DC:43:69:46:90:81:4C:FB:4E:CD:8B:7E
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/7Z6GLQzy72HcQ2lGkIFM-07Ni34.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.152.248.0/24

    Signature Algorithm: sha256WithRSAEncryption
         22:cd:c7:3c:86:67:91:7f:49:2c:9c:e4:e8:cd:84:b7:6e:91:
         50:4a:ca:da:4d:01:9c:d1:28:e2:c0:30:e0:3b:d4:65:00:ef:
         05:9d:a6:c3:41:71:7f:58:5c:04:bb:07:8e:b3:17:22:ce:c9:
         bc:b4:ec:fe:57:ab:61:ad:b0:b6:e1:0c:d9:6f:58:5f:f6:0c:
         2c:4a:98:90:d7:3d:a8:59:16:71:b9:53:3f:85:5f:94:57:b5:
         37:47:8f:f8:e8:bd:e0:6a:3e:ea:1b:42:bb:50:7e:07:20:f6:
         3d:59:a5:e7:53:24:38:61:8c:28:73:5e:50:1d:eb:59:e7:30:
         39:e2:2d:37:ce:5b:f9:e3:78:a7:ab:29:f9:11:e7:50:68:3e:
         42:f1:ed:e6:5e:4d:dc:f2:b0:30:5a:07:12:bc:89:1b:59:56:
         c9:23:79:4a:8a:78:fd:69:43:7e:44:ec:7c:7b:64:e6:2b:f8:
         54:8c:76:91:ce:83:4a:c3:dd:92:53:71:10:9b:2c:75:35:16:
         e6:a5:c9:35:6f:9e:de:12:47:59:87:18:0f:4f:d7:16:0d:2e:
         68:c6:e5:b8:31:cf:72:72:79:77:3d:b4:ce:1b:52:24:20:b0:
         cd:07:83:47:d6:5c:31:ae:79:8f:7e:78:a9:6f:7d:4d:57:4b:
         7b:9b:de:cf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYZKgxftPLVqmhS7NR+41Jb2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwMjEzMTEyMjMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDllODYyZDBjZjJlZjYxZGM0MzY5NDY5MDgxNGNmYjRlY2Q4YjdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjRcjmaD7N53rhk6dlNRoMbF/LPna
wDu0INaq7SiCvNLqAikh2S6Rr5ApnKAVD8Haq5h8fvqogVwhAtPHTzOClhjr9V9b
w3TOLUkGsdRzJXZiHjZAVTpHgNgA7qoXAoSPPVYhVzKfHwqDtuKwVg+9P+nwA0Bh
PFpPL8xBpTVIctN8+sdDia2xWm0F/mBtPx5ov21SQVHjNKg8WxnS7pOEeDa+lsL9
7lf6NMIOs1JklSjP/1dRfyJUlxmMbM+blRBV3Q/OG9VFltIWF5HKDk3y3k309nYN
b6ED+ZLR+5eM40hxeY7zfTrMkMes8AD9K6IyIjOQHmDHa2kbfVa41i/woQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO2ehi0M8u9h3ENpRpCBTPtOzYt+MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvN1o2R0xRenk3MkhjUTJsR2tJRk0tMDdOaTM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpj4MA0G
CSqGSIb3DQEBCwUAA4IBAQAizcc8hmeRf0ksnOTozYS3bpFQSsraTQGc0SjiwDDg
O9RlAO8FnabDQXF/WFwEuweOsxcizsm8tOz+V6thrbC24QzZb1hf9gwsSpiQ1z2o
WRZxuVM/hV+UV7U3R4/46L3gaj7qG0K7UH4HIPY9WaXnUyQ4YYwoc15QHetZ5zA5
4i03zlv543inqyn5EedQaD5C8e3mXk3c8rAwWgcSvIkbWVbJI3lKinj9aUN+ROx8
e2TmK/hUjHaRzoNKw92SU3EQmyx1NRbmpck1b57eEkdZhxgPT9cWDS5oxuW4Mc9y
cnl3PbTOG1IkILDNB4NH1lwxrnmPfnipb31NV0t7m97P
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:14 2024 by rpki-client on console-fra.rpki-client.org