Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/E-epiYkcKu61aDxBjite-r8Mifg.roa
File:                     E-epiYkcKu61aDxBjite-r8Mifg.roa (raw, json)
Hash identifier:          uzSiM4vewDJnPTzZPyn70RN8Vp6AMr0JnkLmpnhbCec=
Subject key identifier:   13:E7:A9:89:89:1C:2A:EE:B5:68:3C:41:8E:2B:5E:FA:BF:0C:89:F8
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018AFEA3C3C6B5BEB15FC2A810364FB0D932
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/E-epiYkcKu61aDxBjite-r8Mifg.roa
Signing time:             Thu 05 Oct 2023 07:00:59 +0000
ROA not before:           Thu 05 Oct 2023 07:00:59 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     49468
IP address blocks:        82.153.32.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 12 Oct 2023 11:08:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:fe:a3:c3:c6:b5:be:b1:5f:c2:a8:10:36:4f:b0:d9:32
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Oct  5 07:00:59 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=13e7a989891c2aeeb5683c418e2b5efabf0c89f8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:8f:e9:29:6e:db:57:4a:c5:67:28:0c:59:59:
                    49:0d:64:36:9d:f7:3c:3b:e6:44:d8:ff:63:e7:fa:
                    22:c1:42:8d:d9:d9:95:7d:8e:f0:9c:0f:c5:d2:ee:
                    5e:13:d6:10:f2:16:28:57:29:c6:46:53:51:4f:fc:
                    1e:7c:51:35:dd:01:22:43:3d:26:89:d2:ce:21:eb:
                    86:a1:57:d5:d0:3f:f1:29:d9:dd:ca:45:c9:19:f3:
                    59:9a:a2:f6:2c:a0:87:fb:44:08:8d:c4:e2:d8:87:
                    76:45:03:90:40:c9:c8:86:93:3c:e2:0c:6b:63:7e:
                    21:25:88:8c:ce:d4:e8:4d:51:8d:2d:00:c1:66:c5:
                    61:41:e5:42:36:ce:32:df:60:a4:46:ed:06:75:9c:
                    33:8e:ac:92:0b:48:f4:f5:84:42:11:a6:3d:f2:06:
                    80:e5:be:33:a4:e5:c2:8c:8f:a5:c7:1b:32:47:a1:
                    8a:e0:86:64:0e:1b:7a:c3:7e:48:81:03:5a:27:e2:
                    33:7d:1a:0b:69:6b:42:b9:f2:43:c4:e0:7f:27:82:
                    63:26:38:8a:55:f2:0f:3e:79:76:0f:2d:5d:24:1e:
                    a4:ab:4e:a1:f9:d0:b3:7e:35:d2:ff:20:56:f5:90:
                    2f:9c:46:f0:c9:d6:62:ea:f6:0f:ea:90:07:58:ca:
                    b5:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:E7:A9:89:89:1C:2A:EE:B5:68:3C:41:8E:2B:5E:FA:BF:0C:89:F8
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/E-epiYkcKu61aDxBjite-r8Mifg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.32.0/24

    Signature Algorithm: sha256WithRSAEncryption
         32:2a:1a:8f:fc:c2:64:a2:9e:ae:31:13:89:a3:fb:f7:5f:c1:
         1a:ef:d9:5b:82:f2:e7:49:f4:1f:c6:cc:11:ad:d7:84:8e:e1:
         32:5a:0b:f4:36:ee:23:9d:80:d4:e4:a0:cb:4f:49:8a:56:23:
         45:5e:9d:f4:e8:54:65:d3:be:61:2a:4b:57:0e:d3:23:f2:be:
         aa:34:9c:36:03:04:9f:57:8b:b7:b0:15:75:33:18:91:b6:26:
         19:8c:2a:38:8b:b1:af:02:01:b0:35:5a:59:62:c5:81:2f:98:
         90:1a:a3:19:3e:b1:c3:b3:12:65:e8:fd:72:b6:19:b6:f6:de:
         70:db:ed:af:72:df:90:b7:97:68:3d:ef:bc:76:b6:b7:51:e7:
         85:b4:b2:c7:2c:67:e4:b7:e3:89:fb:89:ee:9e:1b:62:00:e9:
         16:c1:75:19:83:5f:08:6c:51:35:69:1a:9e:e6:6a:97:bc:91:
         93:12:21:eb:f1:13:e6:36:1f:53:f3:93:5d:e8:a5:7e:29:ae:
         f5:43:45:56:90:28:8c:c2:fa:10:b5:19:d8:32:9e:b7:63:78:
         51:2a:67:e6:b6:38:a8:c8:c2:5b:f8:af:3d:37:b4:10:82:7a:
         e0:33:46:ba:97:a2:19:c3:86:c8:c3:53:2a:af:79:9f:07:7a:
         9a:e6:eb:3c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYr+o8PGtb6xX8KoEDZPsNkyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMxMDA1MDcwMDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxM2U3YTk4OTg5MWMyYWVlYjU2ODNjNDE4ZTJiNWVmYWJmMGM4OWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoY/pKW7bV0rFZygMWVlJDWQ2nfc8
O+ZE2P9j5/oiwUKN2dmVfY7wnA/F0u5eE9YQ8hYoVynGRlNRT/wefFE13QEiQz0m
idLOIeuGoVfV0D/xKdndykXJGfNZmqL2LKCH+0QIjcTi2Id2RQOQQMnIhpM84gxr
Y34hJYiMztToTVGNLQDBZsVhQeVCNs4y32CkRu0GdZwzjqySC0j09YRCEaY98gaA
5b4zpOXCjI+lxxsyR6GK4IZkDht6w35IgQNaJ+IzfRoLaWtCufJDxOB/J4JjJjiK
VfIPPnl2Dy1dJB6kq06h+dCzfjXS/yBW9ZAvnEbwydZi6vYP6pAHWMq1/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBPnqYmJHCrutWg8QY4rXvq/DIn4MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvRS1lcGlZa2NLdTYxYUR4QmppdGUtcjhNaWZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpkgMA0G
CSqGSIb3DQEBCwUAA4IBAQAyKhqP/MJkop6uMROJo/v3X8Ea79lbgvLnSfQfxswR
rdeEjuEyWgv0Nu4jnYDU5KDLT0mKViNFXp306FRl075hKktXDtMj8r6qNJw2AwSf
V4u3sBV1MxiRtiYZjCo4i7GvAgGwNVpZYsWBL5iQGqMZPrHDsxJl6P1ythm29t5w
2+2vct+Qt5doPe+8dra3UeeFtLLHLGfkt+OJ+4nunhtiAOkWwXUZg18IbFE1aRqe
5mqXvJGTEiHr8RPmNh9T85Nd6KV+Ka71Q0VWkCiMwvoQtRnYMp63Y3hRKmfmtjio
yMJb+K89N7QQgnrgM0a6l6IZw4bIw1Mqr3mfB3qa5us8
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:14 2024 by rpki-client on console-fra.rpki-client.org