Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/8HoiZjUCxmdsjA7ZHHIM62_WCb4.roa
File:                     8HoiZjUCxmdsjA7ZHHIM62_WCb4.roa (raw, json)
Hash identifier:          91b9oC4mNKfeG5t7px3lnlvXZ7ajxsRHs2dD+sw4bss=
Subject key identifier:   F0:7A:22:66:35:02:C6:67:6C:8C:0E:D9:1C:72:0C:EB:6F:D6:09:BE
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018CD47E7D28BEDC22D5F5ECA2D70ED471D0
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/8HoiZjUCxmdsjA7ZHHIM62_WCb4.roa
Signing time:             Thu 04 Jan 2024 12:41:48 +0000
ROA not before:           Thu 04 Jan 2024 12:41:48 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     203758
IP address blocks:        82.153.70.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 01 Feb 2024 08:58:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:d4:7e:7d:28:be:dc:22:d5:f5:ec:a2:d7:0e:d4:71:d0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jan  4 12:41:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=f07a22663502c6676c8c0ed91c720ceb6fd609be
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:89:31:36:37:d4:1d:88:b4:0a:22:98:54:36:
                    00:fa:9c:43:63:34:dd:54:d6:0f:e5:7e:54:63:6c:
                    40:97:7a:d6:69:02:45:fe:b2:f2:43:69:4d:08:de:
                    1d:d0:6c:7c:4f:8d:e4:6e:75:51:e9:2a:54:43:5e:
                    5b:d6:20:36:0a:82:37:d1:a5:bb:6e:8a:1c:21:1b:
                    18:00:64:22:53:2c:1d:c7:21:bf:88:68:33:a5:ef:
                    f7:5c:4e:26:0c:57:76:84:33:a3:87:26:b4:15:5d:
                    40:1f:1b:e3:fe:eb:9c:03:9f:af:53:9f:f7:aa:17:
                    ff:b4:90:53:cf:cf:65:6f:cc:a6:93:b7:09:71:2a:
                    e0:56:19:dc:1a:89:3e:0b:57:3f:44:c9:a7:45:e8:
                    30:de:0e:a9:92:79:9e:35:75:8a:ab:e9:d9:30:f9:
                    32:5e:d7:82:8c:ff:6f:55:89:3f:f5:17:98:7a:91:
                    27:d3:7f:1d:8d:7c:06:3a:77:c1:58:99:96:d8:6e:
                    2a:d4:6a:a7:a2:f9:32:a4:34:a6:76:c9:75:d0:40:
                    88:5a:49:c9:51:4b:3c:2c:95:09:a5:81:ae:e8:3c:
                    0a:a0:f9:26:f6:c9:59:40:89:cf:d6:f4:d7:54:53:
                    64:82:55:46:29:2a:a6:da:99:58:56:8d:56:33:2a:
                    4c:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:7A:22:66:35:02:C6:67:6C:8C:0E:D9:1C:72:0C:EB:6F:D6:09:BE
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/8HoiZjUCxmdsjA7ZHHIM62_WCb4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.70.0/24

    Signature Algorithm: sha256WithRSAEncryption
         76:36:19:1b:14:38:77:e6:56:4f:d5:d9:9b:09:39:78:94:21:
         52:ac:2d:ce:d0:65:d0:28:66:05:b8:e4:be:7c:8f:7c:da:8d:
         a3:a0:9e:66:31:b5:3c:cf:5c:e5:61:e8:d6:01:59:78:14:5e:
         27:b5:85:95:80:db:ab:46:f5:de:6c:27:1a:10:62:a8:39:de:
         da:8f:44:4f:ed:fb:6d:7d:f0:d6:c9:c6:4d:32:f9:4e:29:57:
         b5:85:c1:64:15:86:95:05:f7:12:5f:c9:d1:49:cc:c0:19:f8:
         45:95:c4:e4:dd:20:5d:76:b7:5d:6e:58:6d:9d:b0:a5:92:99:
         c0:49:93:88:0e:e4:a6:5c:98:f8:de:37:f7:62:63:36:f8:aa:
         43:42:26:cc:59:fd:24:e0:a4:a6:c2:92:87:10:02:27:df:b7:
         d1:39:a3:e3:cb:49:8d:9b:64:d3:3a:e9:80:ae:25:36:29:5d:
         00:86:7b:a7:0c:50:10:b3:63:25:2f:c4:af:38:ab:a2:66:81:
         b9:60:92:77:60:77:27:bd:e5:da:2f:70:9f:64:52:a8:86:44:
         07:d9:fe:c4:3b:7c:d3:f1:05:fb:8b:87:a7:27:6a:77:89:37:
         c5:eb:56:bf:41:27:8b:3d:ee:3a:f3:48:ba:5d:35:ec:b2:c5:
         15:8b:ec:4e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzUfn0ovtwi1fXsotcO1HHQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMTA0MTI0MTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDdhMjI2NjM1MDJjNjY3NmM4YzBlZDkxYzcyMGNlYjZmZDYwOWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxYkxNjfUHYi0CiKYVDYA+pxDYzTd
VNYP5X5UY2xAl3rWaQJF/rLyQ2lNCN4d0Gx8T43kbnVR6SpUQ15b1iA2CoI30aW7
boocIRsYAGQiUywdxyG/iGgzpe/3XE4mDFd2hDOjhya0FV1AHxvj/uucA5+vU5/3
qhf/tJBTz89lb8ymk7cJcSrgVhncGok+C1c/RMmnRegw3g6pknmeNXWKq+nZMPky
XteCjP9vVYk/9ReYepEn038djXwGOnfBWJmW2G4q1GqnovkypDSmdsl10ECIWknJ
UUs8LJUJpYGu6DwKoPkm9slZQInP1vTXVFNkglVGKSqm2plYVo1WMypMHwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPB6ImY1AsZnbIwO2RxyDOtv1gm+MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvOEhvaVpqVUN4bWRzakE3WkhISU02Ml9XQ2I0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUplGMA0G
CSqGSIb3DQEBCwUAA4IBAQB2NhkbFDh35lZP1dmbCTl4lCFSrC3O0GXQKGYFuOS+
fI982o2joJ5mMbU8z1zlYejWAVl4FF4ntYWVgNurRvXebCcaEGKoOd7aj0RP7ftt
ffDWycZNMvlOKVe1hcFkFYaVBfcSX8nRSczAGfhFlcTk3SBddrddblhtnbClkpnA
SZOIDuSmXJj43jf3YmM2+KpDQibMWf0k4KSmwpKHEAIn37fROaPjy0mNm2TTOumA
riU2KV0AhnunDFAQs2MlL8SvOKuiZoG5YJJ3YHcnveXaL3CfZFKohkQH2f7EO3zT
8QX7i4enJ2p3iTfF61a/QSeLPe4680i6XTXsssUVi+xO
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:20 2024 by rpki-client on console-ams.rpki-client.org