Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/FGijlN4qUKiyq10KzepqQAo09c4.roa
File:                     FGijlN4qUKiyq10KzepqQAo09c4.roa (raw, json)
Hash identifier:          fH9WDdQHH/1yhq4iY1EvVl7CrtRNrcGh/ou1PoooqYo=
Subject key identifier:   14:68:A3:94:DE:2A:50:A8:B2:AB:5D:0A:CD:EA:6A:40:0A:34:F5:CE
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       01889083BA484EAE52A851B18ECB52A6C776
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/FGijlN4qUKiyq10KzepqQAo09c4.roa
Signing time:             Tue 06 Jun 2023 11:42:11 +0000
ROA not before:           Tue 06 Jun 2023 11:42:11 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        82.153.136.0/22 maxlen: 22
                          82.153.249.0/24 maxlen: 24
                          82.153.73.0/24 maxlen: 24
                          81.168.123.0/24 maxlen: 24
                          81.168.119.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 07 Jun 2023 07:59:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:90:83:ba:48:4e:ae:52:a8:51:b1:8e:cb:52:a6:c7:76
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jun  6 11:42:11 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1468a394de2a50a8b2ab5d0acdea6a400a34f5ce
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:78:a0:99:c2:65:20:14:6a:4f:04:1d:12:d8:
                    11:5a:c3:32:9c:b2:f3:b5:56:8a:ee:2c:53:d0:34:
                    53:30:7b:8b:fb:8f:52:99:01:40:67:ec:9a:ee:27:
                    b5:de:39:82:59:bf:35:b9:c4:8c:09:b8:5f:47:28:
                    e1:d6:72:08:9f:6c:c6:19:45:a9:40:53:d1:b0:10:
                    54:2f:bc:fd:48:21:e5:14:59:8c:c9:05:dd:33:a2:
                    46:87:2b:9b:d9:a5:27:9a:cf:92:c5:90:54:b5:43:
                    9b:08:f0:38:b1:35:75:b5:0d:b2:9b:3b:5b:59:b5:
                    18:4c:aa:0f:a6:cd:5c:78:fb:7b:45:42:27:c9:e0:
                    6c:1b:11:d6:18:7d:53:d6:bd:7a:c0:78:b2:b5:6c:
                    fb:b1:c6:11:6d:4e:8e:cd:da:03:c9:48:71:ca:d3:
                    33:5a:b5:8e:af:6d:52:7e:89:f7:1e:bf:cd:16:cf:
                    9a:e1:54:d3:84:59:64:bc:bc:ab:d8:d7:89:b0:06:
                    d2:9d:4f:dd:66:55:86:33:14:65:f4:76:3f:58:b4:
                    88:2e:21:04:0b:24:16:a8:49:9d:73:56:b2:00:ac:
                    ec:68:ad:0f:8b:53:aa:75:0a:46:6d:63:b5:1b:34:
                    0f:30:3c:51:ab:60:e5:eb:47:bc:6e:96:33:ac:80:
                    43:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:68:A3:94:DE:2A:50:A8:B2:AB:5D:0A:CD:EA:6A:40:0A:34:F5:CE
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/FGijlN4qUKiyq10KzepqQAo09c4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.168.119.0/24
                  81.168.123.0/24
                  82.153.73.0/24
                  82.153.136.0/22
                  82.153.249.0/24

    Signature Algorithm: sha256WithRSAEncryption
         40:cf:11:9d:a8:5b:42:28:21:d4:35:88:08:62:77:cb:74:67:
         61:26:21:97:04:2b:37:1a:a5:87:e5:b2:80:d9:0e:bf:79:6c:
         0e:2e:ae:1e:d6:d7:66:e9:91:4b:04:f6:61:ce:07:b5:fb:e8:
         1c:47:e7:8c:4f:08:4c:a7:27:40:3d:5d:43:84:d7:83:ad:1e:
         8c:5d:10:4b:81:09:75:6b:8b:74:b1:ff:df:8f:dd:e5:73:1f:
         95:27:55:36:72:76:85:f8:3d:43:90:89:31:11:7b:91:09:8c:
         3e:1e:2c:06:bf:71:28:a3:fc:4c:7d:33:5f:57:51:d5:55:f1:
         a9:44:8e:f9:e2:42:0a:c1:62:53:d2:78:26:36:80:92:77:6c:
         81:c0:49:26:bb:d5:df:9f:8d:43:93:77:3f:93:27:1a:d8:6a:
         9c:44:46:92:b1:5a:fc:44:37:cb:40:a3:e6:ac:29:ec:48:b4:
         c5:61:05:58:09:69:a8:df:28:d8:60:35:d1:12:27:c1:71:a1:
         8b:fb:5c:94:a7:78:19:3f:32:a3:85:e9:d2:9d:59:48:09:9d:
         f9:c1:fa:54:9b:21:f3:10:ae:e9:d1:76:27:fe:7a:11:1c:c1:
         6d:b7:a6:e3:71:85:60:bf:5c:a4:eb:26:7f:c9:cf:04:5b:50:
         db:41:c3:3d
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYiQg7pITq5SqFGxjstSpsd2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNjA2MTE0MjExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDY4YTM5NGRlMmE1MGE4YjJhYjVkMGFjZGVhNmE0MDBhMzRmNWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlXigmcJlIBRqTwQdEtgRWsMynLLz
tVaK7ixT0DRTMHuL+49SmQFAZ+ya7ie13jmCWb81ucSMCbhfRyjh1nIIn2zGGUWp
QFPRsBBUL7z9SCHlFFmMyQXdM6JGhyub2aUnms+SxZBUtUObCPA4sTV1tQ2ymztb
WbUYTKoPps1cePt7RUInyeBsGxHWGH1T1r16wHiytWz7scYRbU6OzdoDyUhxytMz
WrWOr21Sfon3Hr/NFs+a4VTThFlkvLyr2NeJsAbSnU/dZlWGMxRl9HY/WLSILiEE
CyQWqEmdc1ayAKzsaK0Pi1OqdQpGbWO1GzQPMDxRq2Dl60e8bpYzrIBDCwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFBRoo5TeKlCosqtdCs3qakAKNPXOMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvRkdpamxONHFVS2l5cTEwS3plcHFRQW8wOWM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAUah3AwQA
Uah7AwQAUplJAwQCUpmIAwQAUpn5MA0GCSqGSIb3DQEBCwUAA4IBAQBAzxGdqFtC
KCHUNYgIYnfLdGdhJiGXBCs3GqWH5bKA2Q6/eWwOLq4e1tdm6ZFLBPZhzge1++gc
R+eMTwhMpydAPV1DhNeDrR6MXRBLgQl1a4t0sf/fj93lcx+VJ1U2cnaF+D1DkIkx
EXuRCYw+HiwGv3Eoo/xMfTNfV1HVVfGpRI754kIKwWJT0ngmNoCSd2yBwEkmu9Xf
n41Dk3c/kyca2GqcREaSsVr8RDfLQKPmrCnsSLTFYQVYCWmo3yjYYDXREifBcaGL
+1yUp3gZPzKjhenSnVlICZ35wfpUmyHzEK7p0XYn/noRHMFtt6bjcYVgv1yk6yZ/
yc8EW1DbQcM9
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:21 2024 by rpki-client on console-ams.rpki-client.org