Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/AUXdwGym54d1YBEGn5FQu7VlGm8.roa
File:                     AUXdwGym54d1YBEGn5FQu7VlGm8.roa (raw, json)
Hash identifier:          utvPRxzx/WVDmuIn9zcmHWMcMloPi7VyY20S7/u2bJI=
Subject key identifier:   01:45:DD:C0:6C:A6:E7:87:75:60:11:06:9F:91:50:BB:B5:65:1A:6F
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018703642535B5864603FEBEE6B977FFF9C1
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/AUXdwGym54d1YBEGn5FQu7VlGm8.roa
Signing time:             Tue 21 Mar 2023 08:58:27 +0000
ROA not before:           Tue 21 Mar 2023 08:58:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     60707
IP address blocks:        82.153.4.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 14 Apr 2023 08:37:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:03:64:25:35:b5:86:46:03:fe:be:e6:b9:77:ff:f9:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Mar 21 08:58:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0145ddc06ca6e787756011069f9150bbb5651a6f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:e0:52:cf:e6:8b:8c:7f:f4:a3:af:fd:f7:ae:
                    10:de:02:a1:b6:40:18:63:b5:39:f8:1b:74:55:27:
                    36:a4:d2:04:5e:69:d9:b8:dd:77:bf:fc:4a:44:eb:
                    44:e9:c7:49:f6:88:3e:e6:2d:86:3f:af:a4:40:ce:
                    7e:b8:87:ec:cf:1e:8d:40:f6:7c:e1:86:7f:f8:c0:
                    aa:8a:29:c0:19:52:ac:3f:60:d6:82:bc:e8:95:5c:
                    ea:94:e6:f9:92:c1:99:e7:29:34:3d:0e:20:ad:0e:
                    26:e7:e0:f8:cb:ad:23:3e:3b:31:a4:cc:ad:2c:6f:
                    32:ab:7e:6a:41:2c:5e:23:24:7c:18:72:d1:82:ca:
                    42:6d:64:e7:b9:60:50:5f:92:42:06:ec:13:fd:a7:
                    07:5c:3b:cb:39:19:bb:51:88:a9:f5:af:84:82:23:
                    55:48:c6:87:2f:3f:47:1f:94:6e:81:66:39:89:8c:
                    a3:c6:9d:bf:fa:74:f4:04:a9:94:38:ad:97:0c:ff:
                    7b:a2:32:3e:62:f7:d3:fe:96:72:6e:22:01:68:2f:
                    21:5a:15:82:ef:1f:0d:5c:7d:38:58:33:25:53:fe:
                    b2:01:73:69:33:5a:cb:85:25:83:99:52:65:d1:f3:
                    fe:9e:be:3b:35:e5:f1:91:e3:df:e1:ff:7b:5e:39:
                    af:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:45:DD:C0:6C:A6:E7:87:75:60:11:06:9F:91:50:BB:B5:65:1A:6F
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/AUXdwGym54d1YBEGn5FQu7VlGm8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.4.0/24

    Signature Algorithm: sha256WithRSAEncryption
         75:22:54:bb:52:82:a3:fa:df:70:9b:6f:97:11:c7:20:f8:47:
         e8:50:59:53:9e:81:26:8f:0f:9d:4e:2e:3f:3a:8c:a9:60:cb:
         a2:64:42:a1:e7:f0:77:ad:55:77:d2:15:45:04:7e:60:4e:5e:
         7f:75:59:53:a2:c9:ba:25:11:77:46:3e:de:b8:81:d0:8a:48:
         48:4f:0a:0b:d6:50:71:89:49:6a:e8:9a:82:e8:24:c8:28:f7:
         94:8e:7e:12:8a:96:ca:60:52:75:0d:c5:a4:14:05:13:6f:95:
         8f:4c:2e:5d:11:37:27:1a:69:c4:ef:c3:d0:34:5b:3b:33:ec:
         c8:a2:33:d9:cd:65:8d:c2:2b:f5:cf:44:1b:c4:56:23:11:94:
         03:ec:96:96:77:bb:b4:2b:e7:47:8e:50:c2:38:d5:68:23:b5:
         ec:62:88:32:cf:85:ee:2b:1e:b6:56:22:c8:65:a0:16:1a:7c:
         17:b5:e6:ec:68:4b:bf:34:15:ff:92:63:27:6f:97:4b:65:d2:
         91:9d:58:32:6b:e9:65:3b:d7:1e:5e:a8:82:b5:40:c8:fb:08:
         4c:b5:a9:2f:90:d4:4f:62:37:e8:eb:14:7e:73:e1:a9:d2:94:
         a5:90:ec:97:5d:ff:a2:7b:4a:ed:de:2e:95:f8:97:0c:17:5d:
         30:01:71:ed
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYcDZCU1tYZGA/6+5rl3//nBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwMzIxMDg1ODI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTQ1ZGRjMDZjYTZlNzg3NzU2MDExMDY5ZjkxNTBiYmI1NjUxYTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5OBSz+aLjH/0o6/9964Q3gKhtkAY
Y7U5+Bt0VSc2pNIEXmnZuN13v/xKROtE6cdJ9og+5i2GP6+kQM5+uIfszx6NQPZ8
4YZ/+MCqiinAGVKsP2DWgrzolVzqlOb5ksGZ5yk0PQ4grQ4m5+D4y60jPjsxpMyt
LG8yq35qQSxeIyR8GHLRgspCbWTnuWBQX5JCBuwT/acHXDvLORm7UYip9a+EgiNV
SMaHLz9HH5RugWY5iYyjxp2/+nT0BKmUOK2XDP97ojI+YvfT/pZybiIBaC8hWhWC
7x8NXH04WDMlU/6yAXNpM1rLhSWDmVJl0fP+nr47NeXxkePf4f97XjmvtwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAFF3cBspueHdWARBp+RULu1ZRpvMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvQVVYZHdHeW01NGQxWUJFR241RlF1N1ZsR204LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpkEMA0G
CSqGSIb3DQEBCwUAA4IBAQB1IlS7UoKj+t9wm2+XEccg+EfoUFlTnoEmjw+dTi4/
OoypYMuiZEKh5/B3rVV30hVFBH5gTl5/dVlTosm6JRF3Rj7euIHQikhITwoL1lBx
iUlq6JqC6CTIKPeUjn4SipbKYFJ1DcWkFAUTb5WPTC5dETcnGmnE78PQNFs7M+zI
ojPZzWWNwiv1z0QbxFYjEZQD7JaWd7u0K+dHjlDCONVoI7XsYogyz4XuKx62ViLI
ZaAWGnwXtebsaEu/NBX/kmMnb5dLZdKRnVgya+llO9ceXqiCtUDI+whMtakvkNRP
Yjfo6xR+c+Gp0pSlkOyXXf+ie0rt3i6V+JcMF10wAXHt
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:14 2024 by rpki-client on console-fra.rpki-client.org