Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/EICRg5j5iRxzFjh_NCTMRh4ngys.roa
File:                     EICRg5j5iRxzFjh_NCTMRh4ngys.roa (raw, json)
Hash identifier:          z/AUjtA3OOWytQiSBB9PFUYaND2CsJ09gizS6mpltd0=
Subject key identifier:   10:80:91:83:98:F9:89:1C:73:16:38:7F:34:24:CC:46:1E:27:83:2B
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018877B8608F6B8CE2BB51D527AE45374552
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/EICRg5j5iRxzFjh_NCTMRh4ngys.roa
Signing time:             Thu 01 Jun 2023 16:09:11 +0000
ROA not before:           Thu 01 Jun 2023 16:09:11 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61138
IP address blocks:        82.152.111.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 16 Jun 2023 18:16:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:77:b8:60:8f:6b:8c:e2:bb:51:d5:27:ae:45:37:45:52
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jun  1 16:09:11 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1080918398f9891c7316387f3424cc461e27832b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:a3:54:f0:d6:95:b2:94:d8:38:99:65:15:83:
                    a9:91:69:22:6f:39:6a:44:ab:d9:89:01:57:2d:87:
                    1d:01:aa:56:34:47:a4:fc:17:25:c3:f2:6a:be:95:
                    3d:53:f2:8f:9c:4d:e5:52:27:eb:23:ff:63:7b:9c:
                    68:79:67:5d:30:b4:1c:ad:30:d0:0a:09:78:66:65:
                    0b:25:2e:24:f2:5f:6e:71:77:47:e6:02:63:77:6b:
                    f7:98:21:05:11:c6:34:31:cc:76:29:a8:47:af:27:
                    90:a3:58:d2:1f:2c:96:f9:2b:67:44:11:46:67:dc:
                    f7:d8:10:4c:a1:3e:3d:3a:6d:98:5c:65:2c:2d:47:
                    da:23:4e:dd:80:ec:30:3b:b8:02:54:4d:c8:d0:19:
                    0e:df:36:85:f8:29:58:45:c9:0b:32:a7:e6:c3:5f:
                    97:2e:78:1b:20:e2:23:ef:75:a2:6e:7e:8f:10:67:
                    0c:71:f2:1f:75:6d:7a:0d:46:c6:1e:02:a1:29:81:
                    a3:5f:65:91:f2:7f:d7:26:f4:40:02:e9:9e:19:44:
                    22:36:5e:b5:c6:5b:47:c5:13:6e:63:37:07:94:e1:
                    be:6d:c6:ef:a6:49:41:74:42:5e:9f:b7:68:2c:18:
                    0a:3b:f1:36:aa:c9:69:2e:5f:82:7f:20:32:a7:3e:
                    d0:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:80:91:83:98:F9:89:1C:73:16:38:7F:34:24:CC:46:1E:27:83:2B
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/EICRg5j5iRxzFjh_NCTMRh4ngys.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.152.111.0/24

    Signature Algorithm: sha256WithRSAEncryption
         33:86:31:cc:7f:69:a6:ab:7a:79:b0:9f:35:b6:2b:f0:80:90:
         bb:ee:f0:7d:32:8c:65:ff:a9:08:e8:f1:15:a6:24:a8:01:fe:
         2e:e7:1b:c8:44:a3:e2:a5:c4:8d:c9:97:9f:2d:e9:56:66:42:
         73:39:1a:77:49:c3:5e:99:70:f6:4c:13:c3:19:1d:af:ca:d7:
         44:29:3e:1a:85:70:cf:a9:b8:9e:fc:9a:e9:76:cd:21:d2:fa:
         8d:03:e3:69:ff:a6:38:3d:bb:b3:f8:d9:00:ee:ff:46:48:af:
         43:ef:05:d2:e4:fb:f6:6d:62:33:c1:74:bb:20:c5:9c:02:8b:
         08:ce:96:0f:a0:5b:26:51:88:2d:23:02:f3:0f:d5:6f:56:58:
         9b:85:11:cd:d1:c2:28:65:a3:3f:50:a9:02:96:f9:cb:df:61:
         fa:7b:c4:d3:39:dd:4b:84:ae:65:ed:70:39:19:68:ae:a3:84:
         31:6a:15:e2:3c:6b:9e:37:7d:12:2a:bc:49:09:02:fb:c5:c5:
         2b:8b:2e:db:14:d2:2b:73:10:14:db:d3:f2:0b:3d:64:cc:d9:
         f0:3d:89:62:f7:bf:66:f8:19:e4:f1:2a:a2:3a:58:a1:9b:d5:
         45:62:b0:87:de:f0:b2:ee:ca:3c:87:03:88:63:f2:61:b8:36:
         1c:cc:93:66
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYh3uGCPa4ziu1HVJ65FN0VSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNjAxMTYwOTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDgwOTE4Mzk4Zjk4OTFjNzMxNjM4N2YzNDI0Y2M0NjFlMjc4MzJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjKNU8NaVspTYOJllFYOpkWkibzlq
RKvZiQFXLYcdAapWNEek/Bclw/JqvpU9U/KPnE3lUifrI/9je5xoeWddMLQcrTDQ
Cgl4ZmULJS4k8l9ucXdH5gJjd2v3mCEFEcY0Mcx2KahHryeQo1jSHyyW+StnRBFG
Z9z32BBMoT49Om2YXGUsLUfaI07dgOwwO7gCVE3I0BkO3zaF+ClYRckLMqfmw1+X
LngbIOIj73Wibn6PEGcMcfIfdW16DUbGHgKhKYGjX2WR8n/XJvRAAumeGUQiNl61
xltHxRNuYzcHlOG+bcbvpklBdEJen7doLBgKO/E2qslpLl+CfyAypz7Q0QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBCAkYOY+YkccxY4fzQkzEYeJ4MrMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvRUlDUmc1ajVpUnh6RmpoX05DVE1SaDRuZ3lzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUphvMA0G
CSqGSIb3DQEBCwUAA4IBAQAzhjHMf2mmq3p5sJ81tivwgJC77vB9Moxl/6kI6PEV
piSoAf4u5xvIRKPipcSNyZefLelWZkJzORp3ScNemXD2TBPDGR2vytdEKT4ahXDP
qbie/Jrpds0h0vqNA+Np/6Y4Pbuz+NkA7v9GSK9D7wXS5Pv2bWIzwXS7IMWcAosI
zpYPoFsmUYgtIwLzD9VvVlibhRHN0cIoZaM/UKkClvnL32H6e8TTOd1LhK5l7XA5
GWiuo4QxahXiPGueN30SKrxJCQL7xcUriy7bFNIrcxAU29PyCz1kzNnwPYli979m
+Bnk8SqiOlihm9VFYrCH3vCy7so8hwOIY/JhuDYczJNm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:14 2024 by rpki-client on console-fra.rpki-client.org