Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/EdSm5FToejxAZTb83THlYD-1eBU.roa
File:                     EdSm5FToejxAZTb83THlYD-1eBU.roa (raw, json)
Hash identifier:          QW2q4hQCmVU3I8d4SyV77F0r0QeG6BQN+Ijar4Q61Tk=
Subject key identifier:   11:D4:A6:E4:54:E8:7A:3C:40:65:36:FC:DD:31:E5:60:3F:B5:78:15
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018CC34954A127F720BF7F050C1F942E50F5
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/EdSm5FToejxAZTb83THlYD-1eBU.roa
Signing time:             Mon 01 Jan 2024 04:30:12 +0000
ROA not before:           Mon 01 Jan 2024 04:30:12 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     58061
IP address blocks:        82.153.243.0/24 maxlen: 24
                          82.153.224.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 20 Mar 2024 19:33:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:49:54:a1:27:f7:20:bf:7f:05:0c:1f:94:2e:50:f5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jan  1 04:30:12 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=11d4a6e454e87a3c406536fcdd31e5603fb57815
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:d1:c7:a7:e1:5f:9f:de:0d:45:a8:3b:f1:d6:
                    90:10:65:2b:93:2d:61:27:77:42:1e:d2:aa:af:df:
                    06:45:fc:1e:ac:59:4e:c9:5b:12:fa:6b:84:3b:47:
                    a8:db:70:6b:3a:d5:f6:fc:8b:ce:0c:dc:ac:9b:64:
                    0f:90:01:71:0e:56:1a:20:87:fe:46:20:ed:4d:b8:
                    9d:42:18:42:2f:5c:72:b1:88:23:15:04:96:df:62:
                    ff:66:97:dd:0f:c0:1e:d8:cc:24:5d:ce:a2:2c:f8:
                    f2:be:7b:89:70:45:77:c6:ef:84:e9:7b:60:43:67:
                    5b:fa:0d:85:09:76:86:7e:7b:75:b6:aa:1b:55:a9:
                    c2:0b:e0:da:50:ff:c0:40:89:56:e6:25:2b:1f:0f:
                    46:0d:aa:50:8f:52:e5:4b:5f:3d:fa:e5:cf:3b:26:
                    ff:82:ce:d0:fe:4a:2d:2d:e4:8b:bb:66:4d:48:21:
                    d8:26:53:34:67:0c:b2:04:55:77:59:5e:ad:66:43:
                    31:45:9d:86:5b:07:8a:43:3f:b6:c6:50:41:41:e6:
                    d3:0b:85:2f:8f:e3:ec:e5:36:82:1d:b2:e4:a4:89:
                    5e:6f:f4:e8:60:bb:50:74:1d:d1:ce:73:04:54:da:
                    e9:9b:61:00:50:0a:b2:2b:25:4c:00:6e:2b:b8:bb:
                    10:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:D4:A6:E4:54:E8:7A:3C:40:65:36:FC:DD:31:E5:60:3F:B5:78:15
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/EdSm5FToejxAZTb83THlYD-1eBU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.224.0/24
                  82.153.243.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5e:17:5f:b8:70:be:85:8b:f8:65:e2:70:d7:10:32:ba:a3:0f:
         91:cf:32:3e:da:79:0b:7e:6e:43:f2:dd:d4:93:78:3c:0f:ef:
         6a:da:a3:6e:4a:f0:71:02:05:4d:e1:a8:df:cc:3c:a3:9f:f8:
         c9:8e:5d:24:b2:d9:78:af:f0:48:04:d0:ca:47:ee:5d:6f:e1:
         3f:2c:29:10:8b:8b:93:d0:c3:8c:87:1f:38:1f:37:24:7d:b4:
         73:af:a4:0c:cd:c9:88:65:ab:72:a9:c9:cd:b6:fd:fc:b3:13:
         94:14:c0:fd:94:81:93:e7:d9:ba:08:41:1b:3a:ce:80:0e:0a:
         3c:d9:ae:02:1f:72:68:f2:40:6e:ac:20:c5:e0:e1:bf:fd:84:
         e6:ec:0e:87:b1:d2:af:3f:54:97:03:14:b0:22:d1:10:1e:0c:
         66:9a:c0:aa:1d:b6:84:6a:bc:45:a7:0e:d8:df:81:85:28:91:
         cd:f6:9f:65:35:38:4a:f3:4c:9f:21:ca:c1:1f:31:f8:80:97:
         f3:7e:1c:71:16:8b:be:1f:25:a3:df:23:8d:c6:22:97:70:c3:
         8e:59:79:e2:53:12:35:a6:ea:90:e0:6c:e8:ba:41:23:8f:ed:
         40:04:45:5b:55:b3:6b:73:a3:21:42:4e:54:9b:1e:9f:35:dc:
         94:33:35:ac
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzDSVShJ/cgv38FDB+ULlD1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMTAxMDQzMDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMWQ0YTZlNDU0ZTg3YTNjNDA2NTM2ZmNkZDMxZTU2MDNmYjU3ODE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt9HHp+Ffn94NRag78daQEGUrky1h
J3dCHtKqr98GRfwerFlOyVsS+muEO0eo23BrOtX2/IvODNysm2QPkAFxDlYaIIf+
RiDtTbidQhhCL1xysYgjFQSW32L/ZpfdD8Ae2MwkXc6iLPjyvnuJcEV3xu+E6Xtg
Q2db+g2FCXaGfnt1tqobVanCC+DaUP/AQIlW5iUrHw9GDapQj1LlS189+uXPOyb/
gs7Q/kotLeSLu2ZNSCHYJlM0ZwyyBFV3WV6tZkMxRZ2GWweKQz+2xlBBQebTC4Uv
j+Ps5TaCHbLkpIleb/ToYLtQdB3RznMEVNrpm2EAUAqyKyVMAG4ruLsQawIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBHUpuRU6Ho8QGU2/N0x5WA/tXgVMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvRWRTbTVGVG9lanhBWlRiODNUSGxZRC0xZUJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUpngAwQA
UpnzMA0GCSqGSIb3DQEBCwUAA4IBAQBeF1+4cL6Fi/hl4nDXEDK6ow+RzzI+2nkL
fm5D8t3Uk3g8D+9q2qNuSvBxAgVN4ajfzDyjn/jJjl0kstl4r/BIBNDKR+5db+E/
LCkQi4uT0MOMhx84HzckfbRzr6QMzcmIZatyqcnNtv38sxOUFMD9lIGT59m6CEEb
Os6ADgo82a4CH3Jo8kBurCDF4OG//YTm7A6HsdKvP1SXAxSwItEQHgxmmsCqHbaE
arxFpw7Y34GFKJHN9p9lNThK80yfIcrBHzH4gJfzfhxxFou+HyWj3yONxiKXcMOO
WXniUxI1puqQ4GzoukEjj+1ABEVbVbNrc6MhQk5Umx6fNdyUMzWs
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:14 2024 by rpki-client on console-fra.rpki-client.org