Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/E_1cp3hklLO7hg8p1LAGycKXQr8.roa
File:                     E_1cp3hklLO7hg8p1LAGycKXQr8.roa (raw, json)
Hash identifier:          eBMCUm/jFAJLTmuc8PXYySq6SBY8pyz8tbHW8Zpuujw=
Subject key identifier:   13:FD:5C:A7:78:64:94:B3:BB:86:0F:29:D4:B0:06:C9:C2:97:42:BF
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       01885BF8FE9C9F601E406547E808B7BF4041
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/E_1cp3hklLO7hg8p1LAGycKXQr8.roa
Signing time:             Sat 27 May 2023 06:50:24 +0000
ROA not before:           Sat 27 May 2023 06:50:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     400509
IP address blocks:        82.153.4.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 05 Jul 2023 15:48:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:5b:f8:fe:9c:9f:60:1e:40:65:47:e8:08:b7:bf:40:41
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: May 27 06:50:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=13fd5ca7786494b3bb860f29d4b006c9c29742bf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:66:f3:ee:50:7f:d9:00:a5:7b:c9:b5:79:ae:
                    ef:a3:34:17:db:9a:cf:f6:d2:e2:e5:68:2c:c1:94:
                    32:88:ec:d8:3f:53:5f:76:26:e8:5b:40:87:20:6e:
                    87:ab:4f:e0:1e:de:40:e8:e9:90:6f:14:09:9b:46:
                    a7:c0:d4:93:9f:fa:37:7d:1c:fc:82:d1:03:8c:e9:
                    e1:9c:35:0a:1a:1b:be:54:24:cd:ee:52:db:26:b6:
                    05:39:c6:3a:8b:85:a0:c7:6e:6d:b6:3c:34:da:c1:
                    ef:7e:2f:e6:8d:af:81:54:f2:85:29:36:56:49:27:
                    f5:83:a9:16:b6:99:d5:7e:4c:d7:03:59:52:74:bf:
                    01:74:54:8e:09:41:00:4a:37:38:63:78:5f:4d:08:
                    5c:a5:b1:d8:3d:21:0f:38:c9:d3:1c:ee:7f:a3:73:
                    f5:e4:38:8b:bd:59:56:e7:bb:2d:cf:b7:a4:ee:98:
                    58:14:e2:12:3a:9b:41:23:dd:05:ae:c9:31:61:99:
                    4b:bc:8e:fd:b6:27:20:10:14:32:36:56:9d:33:38:
                    4a:00:b1:fa:0c:1a:0f:29:f5:b6:ef:32:f9:41:50:
                    76:3c:5f:c2:2f:81:6a:02:cd:21:17:a0:bf:82:4f:
                    94:19:dd:35:58:f2:a3:5c:56:75:82:af:7b:98:59:
                    6c:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:FD:5C:A7:78:64:94:B3:BB:86:0F:29:D4:B0:06:C9:C2:97:42:BF
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/E_1cp3hklLO7hg8p1LAGycKXQr8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.4.0/24

    Signature Algorithm: sha256WithRSAEncryption
         86:18:2e:14:dc:b3:08:48:b8:31:38:44:db:b1:9c:2d:c9:cf:
         c7:b0:fd:4d:23:58:b5:64:92:b0:73:ad:87:01:1c:cb:67:0b:
         47:2e:1a:fc:51:ee:6e:7a:a9:e0:ba:c5:0b:38:a6:fc:12:65:
         7f:d5:5f:e3:54:ae:0e:46:69:2a:52:6f:50:08:a4:38:ad:ee:
         b7:20:81:ea:09:19:e5:41:23:1a:03:8f:8f:19:44:2d:ab:5b:
         ee:00:35:99:40:54:1d:85:1f:5e:b2:55:99:a7:0a:72:a2:07:
         23:2d:cd:d5:f6:c3:81:c8:af:7a:19:98:c6:f8:4c:b0:86:46:
         82:5d:a2:49:1d:ec:43:ea:15:33:ed:45:08:ae:39:14:1c:af:
         e1:f4:65:cd:a8:26:b6:9f:a9:45:b2:e6:15:72:71:7a:7d:ba:
         ef:e7:fc:70:28:c9:86:13:5b:a8:63:09:c9:06:14:49:36:4d:
         26:39:b5:7a:c2:08:92:90:d5:c2:2c:48:f6:8a:91:20:10:d4:
         6c:d4:3f:a6:a3:2b:8d:58:b8:ec:e4:89:a8:86:86:a9:f1:1d:
         a5:a8:6e:45:2c:39:cc:22:ec:c0:f3:46:c1:1a:13:d6:81:e0:
         62:2f:0e:76:d8:da:48:27:e3:76:33:6b:18:6d:fb:98:ee:ca:
         fb:80:a5:d0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYhb+P6cn2AeQGVH6Ai3v0BBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNTI3MDY1MDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxM2ZkNWNhNzc4NjQ5NGIzYmI4NjBmMjlkNGIwMDZjOWMyOTc0MmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm2bz7lB/2QCle8m1ea7vozQX25rP
9tLi5WgswZQyiOzYP1NfdiboW0CHIG6Hq0/gHt5A6OmQbxQJm0anwNSTn/o3fRz8
gtEDjOnhnDUKGhu+VCTN7lLbJrYFOcY6i4Wgx25ttjw02sHvfi/mja+BVPKFKTZW
SSf1g6kWtpnVfkzXA1lSdL8BdFSOCUEASjc4Y3hfTQhcpbHYPSEPOMnTHO5/o3P1
5DiLvVlW57stz7ek7phYFOISOptBI90FrskxYZlLvI79ticgEBQyNladMzhKALH6
DBoPKfW27zL5QVB2PF/CL4FqAs0hF6C/gk+UGd01WPKjXFZ1gq97mFls8QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBP9XKd4ZJSzu4YPKdSwBsnCl0K/MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvRV8xY3AzaGtsTE83aGc4cDFMQUd5Y0tYUXI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpkEMA0G
CSqGSIb3DQEBCwUAA4IBAQCGGC4U3LMISLgxOETbsZwtyc/HsP1NI1i1ZJKwc62H
ARzLZwtHLhr8Ue5ueqngusULOKb8EmV/1V/jVK4ORmkqUm9QCKQ4re63IIHqCRnl
QSMaA4+PGUQtq1vuADWZQFQdhR9eslWZpwpyogcjLc3V9sOByK96GZjG+EywhkaC
XaJJHexD6hUz7UUIrjkUHK/h9GXNqCa2n6lFsuYVcnF6fbrv5/xwKMmGE1uoYwnJ
BhRJNk0mObV6wgiSkNXCLEj2ipEgENRs1D+moyuNWLjs5Imohoap8R2lqG5FLDnM
IuzA80bBGhPWgeBiLw522NpIJ+N2M2sYbfuY7sr7gKXQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:14 2024 by rpki-client on console-fra.rpki-client.org