Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/D09kCfm9aSMSJf8zZCgqRaeFAKM.roa
File:                     D09kCfm9aSMSJf8zZCgqRaeFAKM.roa (raw, json)
Hash identifier:          SBIZ4Q36xunFSus+wdJ7luNlYSlX17b/fznwb2POyL8=
Subject key identifier:   0F:4F:64:09:F9:BD:69:23:12:25:FF:33:64:28:2A:45:A7:85:00:A3
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       01879DB2A01866FFDF4E3136D6F0F1B2E986
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/D09kCfm9aSMSJf8zZCgqRaeFAKM.roa
Signing time:             Thu 20 Apr 2023 08:05:41 +0000
ROA not before:           Thu 20 Apr 2023 08:05:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     58061
IP address blocks:        82.153.243.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 29 Jun 2023 07:30:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:9d:b2:a0:18:66:ff:df:4e:31:36:d6:f0:f1:b2:e9:86
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Apr 20 08:05:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0f4f6409f9bd69231225ff3364282a45a78500a3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:78:4f:5c:3b:6c:f8:7a:10:df:43:73:3b:d6:
                    86:70:61:66:d4:ca:41:3e:5a:ed:0b:d9:ec:46:29:
                    1a:22:d2:69:9b:cd:ab:d9:a2:f6:f9:3f:76:79:58:
                    46:e9:84:37:7d:54:d5:8d:50:25:cd:63:d1:3f:df:
                    19:a7:0a:49:d3:49:02:05:3d:a4:21:d3:08:75:3c:
                    fc:24:e4:68:cc:f5:0d:d3:e5:46:8f:9d:45:05:ba:
                    99:1d:7d:cc:7c:7c:1c:87:65:80:a1:0b:84:79:ec:
                    45:f8:06:3f:46:0b:64:43:63:6b:df:08:3c:f2:52:
                    76:00:0e:a4:cc:54:b0:12:97:70:9d:45:4b:2a:1e:
                    49:27:dc:3d:37:23:4a:1f:4c:7a:22:0a:4e:89:3a:
                    c8:86:0b:c4:84:27:41:bc:12:a7:b8:44:55:71:b9:
                    87:ae:c2:a4:25:ae:5f:d9:81:82:dd:e1:cc:67:49:
                    c8:80:3a:8b:3d:2c:3d:f4:61:24:1d:af:63:64:6e:
                    24:33:c9:ab:df:ed:99:2b:ec:17:1c:40:ee:ca:1b:
                    f3:3f:ac:3d:0e:ad:9a:3a:39:92:7d:2a:54:d9:a2:
                    6a:0b:55:07:14:f4:df:97:1f:cc:b0:22:0b:fa:1f:
                    bb:8a:d4:f0:84:a8:e0:00:e3:7f:b3:53:d7:09:9a:
                    71:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:4F:64:09:F9:BD:69:23:12:25:FF:33:64:28:2A:45:A7:85:00:A3
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/D09kCfm9aSMSJf8zZCgqRaeFAKM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.243.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5a:78:df:4d:80:d2:97:87:41:a8:76:54:51:5a:d5:e3:34:5c:
         35:61:61:10:83:02:b9:4f:42:09:f7:d1:96:62:b9:6e:ad:ae:
         ef:cf:29:96:53:e0:3a:fd:26:eb:93:78:f0:cd:d1:2c:f6:71:
         ee:d8:ec:bd:71:3e:f1:47:48:21:66:7d:64:d2:16:a1:59:63:
         df:6b:86:20:aa:45:94:8b:7e:40:03:db:21:cc:1d:a3:a8:14:
         d4:a8:1d:0c:9b:16:ea:41:e7:a8:0e:da:61:4a:ad:ec:73:aa:
         ec:69:44:5a:1c:6a:f9:d5:dc:93:d0:48:13:f5:7a:5d:c2:ff:
         57:32:fd:23:3b:9c:aa:46:0e:f9:33:b4:26:bd:7a:ce:86:61:
         24:4d:9e:99:65:6a:20:c1:a9:60:58:3e:b5:2f:31:22:bf:38:
         15:42:96:4b:49:5d:7a:a9:74:d7:5c:64:40:bd:a8:6a:ce:77:
         f8:75:ed:3e:97:23:02:ee:3b:46:20:06:d2:05:f5:94:97:7d:
         50:ff:41:cf:82:39:6d:b7:ed:4d:ff:b7:e4:92:1f:28:ef:91:
         28:6a:d1:a3:68:34:91:ca:bc:5e:0f:4a:a5:30:88:e7:10:a5:
         8b:51:e5:36:4d:ca:b4:9a:bb:50:8f:50:9d:61:56:c7:3b:fe:
         96:b0:89:b4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYedsqAYZv/fTjE21vDxsumGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNDIwMDgwNTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjRmNjQwOWY5YmQ2OTIzMTIyNWZmMzM2NDI4MmE0NWE3ODUwMGEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjHhPXDts+HoQ30NzO9aGcGFm1MpB
PlrtC9nsRikaItJpm82r2aL2+T92eVhG6YQ3fVTVjVAlzWPRP98ZpwpJ00kCBT2k
IdMIdTz8JORozPUN0+VGj51FBbqZHX3MfHwch2WAoQuEeexF+AY/RgtkQ2Nr3wg8
8lJ2AA6kzFSwEpdwnUVLKh5JJ9w9NyNKH0x6IgpOiTrIhgvEhCdBvBKnuERVcbmH
rsKkJa5f2YGC3eHMZ0nIgDqLPSw99GEkHa9jZG4kM8mr3+2ZK+wXHEDuyhvzP6w9
Dq2aOjmSfSpU2aJqC1UHFPTflx/MsCIL+h+7itTwhKjgAON/s1PXCZpxEQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA9PZAn5vWkjEiX/M2QoKkWnhQCjMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvRDA5a0NmbTlhU01TSmY4elpDZ3FSYWVGQUtNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpnzMA0G
CSqGSIb3DQEBCwUAA4IBAQBaeN9NgNKXh0GodlRRWtXjNFw1YWEQgwK5T0IJ99GW
Yrlura7vzymWU+A6/Sbrk3jwzdEs9nHu2Oy9cT7xR0ghZn1k0hahWWPfa4YgqkWU
i35AA9shzB2jqBTUqB0MmxbqQeeoDtphSq3sc6rsaURaHGr51dyT0EgT9Xpdwv9X
Mv0jO5yqRg75M7QmvXrOhmEkTZ6ZZWogwalgWD61LzEivzgVQpZLSV16qXTXXGRA
vahqznf4de0+lyMC7jtGIAbSBfWUl31Q/0HPgjltt+1N/7fkkh8o75EoatGjaDSR
yrxeD0qlMIjnEKWLUeU2Tcq0mrtQj1CdYVbHO/6WsIm0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:14 2024 by rpki-client on console-fra.rpki-client.org