Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/GgtwYEHdziX66muxrpm7-HPwnks.roa
File:                     GgtwYEHdziX66muxrpm7-HPwnks.roa (raw, json)
Hash identifier:          NFtNdkWQbs0qYOTCdQoXu8DT6M2qTYqEqnvnJzHPyCg=
Subject key identifier:   1A:0B:70:60:41:DD:CE:25:FA:EA:6B:B1:AE:99:BB:F8:73:F0:9E:4B
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018ABCD0E994636B5229B7F1687EBA7DA028
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/GgtwYEHdziX66muxrpm7-HPwnks.roa
Signing time:             Fri 22 Sep 2023 12:15:22 +0000
ROA not before:           Fri 22 Sep 2023 12:15:22 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     397422
IP address blocks:        82.153.245.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 07 Nov 2023 07:46:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:bc:d0:e9:94:63:6b:52:29:b7:f1:68:7e:ba:7d:a0:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Sep 22 12:15:22 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1a0b706041ddce25faea6bb1ae99bbf873f09e4b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:73:e7:5f:28:08:7b:4e:71:f5:15:83:2d:c3:
                    53:b7:a2:4b:d3:8d:a7:05:9f:01:37:29:43:00:f1:
                    e6:4f:51:4b:a3:7b:9b:23:37:f5:23:9a:e5:d9:4d:
                    ae:eb:a7:85:13:b6:63:7a:f8:5d:94:28:af:11:60:
                    d2:fc:28:06:6f:22:2d:e7:56:91:66:b9:f0:40:e1:
                    a9:a6:47:2e:10:44:44:dd:e3:b0:c3:69:1e:dc:a9:
                    f6:ba:e0:a3:53:d7:8d:d7:3e:09:b1:81:b2:75:f8:
                    eb:65:0a:42:30:90:55:0e:52:b5:f4:2f:b8:c6:9a:
                    49:11:1d:fb:28:cd:35:00:a8:33:06:5e:ac:b9:24:
                    f4:e9:19:44:88:4d:91:1c:19:c7:9f:6e:54:94:5b:
                    f1:f1:54:4a:f0:17:eb:fa:6f:a2:b2:ce:cc:46:9a:
                    ba:1f:4b:6a:2b:a7:d6:94:ad:a4:97:07:eb:ca:a1:
                    d2:ad:09:f3:4a:37:c7:ec:f9:b4:8c:13:aa:13:ca:
                    4d:21:40:b8:e1:13:92:94:5e:10:c5:75:76:d7:82:
                    46:64:2c:49:4d:5a:c7:81:3f:cc:81:a2:46:19:f0:
                    24:5d:f9:42:66:2a:3b:44:20:93:07:25:bc:81:41:
                    a8:89:82:3b:41:3e:d7:aa:bb:eb:50:7b:56:67:90:
                    e0:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:0B:70:60:41:DD:CE:25:FA:EA:6B:B1:AE:99:BB:F8:73:F0:9E:4B
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/GgtwYEHdziX66muxrpm7-HPwnks.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.245.0/24

    Signature Algorithm: sha256WithRSAEncryption
         37:49:b4:53:2d:68:5b:09:8b:a5:d4:d4:b5:3e:3b:93:e0:28:
         64:c6:ba:ca:a6:ae:4a:90:ce:08:a7:c5:79:61:79:7b:7e:3d:
         da:a3:0d:fb:dc:63:9e:8f:72:39:b9:cb:ac:35:29:3a:86:7a:
         24:1a:6c:2f:07:d3:d9:77:a1:e4:45:74:4d:ad:10:e1:76:b9:
         91:74:6e:b1:3c:c9:ff:2a:00:22:a4:db:74:c0:7d:7e:d7:93:
         02:99:2c:38:94:3e:c8:dc:5e:d8:ef:71:07:ec:ab:e1:e0:c1:
         91:08:83:f6:ce:c5:d1:04:74:f5:6f:0c:02:e7:5f:73:e2:06:
         91:b3:13:8b:05:dd:2c:a3:5d:5f:c2:ce:10:af:a9:d0:5b:e0:
         32:b8:73:e8:2f:74:79:cb:a8:ac:4b:2d:c6:b6:8c:17:4a:4f:
         41:c8:46:1e:58:ad:b5:0e:32:37:77:7b:bc:fa:8b:89:f8:75:
         8c:6b:a0:f5:27:35:62:da:8f:b6:7a:10:80:3e:c3:d2:34:08:
         35:15:65:b0:21:c5:5e:83:a3:51:b0:4f:b7:06:13:3d:59:e7:
         c1:ee:ec:c3:bd:e7:32:c9:99:9d:35:dd:ef:af:91:98:d6:bc:
         70:a2:69:41:8d:fc:cd:28:b9:0f:c5:ad:89:96:3e:38:4c:64:
         ee:5b:d0:9b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYq80OmUY2tSKbfxaH66faAoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwOTIyMTIxNTIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTBiNzA2MDQxZGRjZTI1ZmFlYTZiYjFhZTk5YmJmODczZjA5ZTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyHPnXygIe05x9RWDLcNTt6JL042n
BZ8BNylDAPHmT1FLo3ubIzf1I5rl2U2u66eFE7ZjevhdlCivEWDS/CgGbyIt51aR
ZrnwQOGppkcuEERE3eOww2ke3Kn2uuCjU9eN1z4JsYGydfjrZQpCMJBVDlK19C+4
xppJER37KM01AKgzBl6suST06RlEiE2RHBnHn25UlFvx8VRK8Bfr+m+iss7MRpq6
H0tqK6fWlK2klwfryqHSrQnzSjfH7Pm0jBOqE8pNIUC44ROSlF4QxXV214JGZCxJ
TVrHgT/MgaJGGfAkXflCZio7RCCTByW8gUGoiYI7QT7XqrvrUHtWZ5DgXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBoLcGBB3c4l+uprsa6Zu/hz8J5LMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvR2d0d1lFSGR6aVg2Nm11eHJwbTctSFB3bmtzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpn1MA0G
CSqGSIb3DQEBCwUAA4IBAQA3SbRTLWhbCYul1NS1PjuT4ChkxrrKpq5KkM4Ip8V5
YXl7fj3aow373GOej3I5ucusNSk6hnokGmwvB9PZd6HkRXRNrRDhdrmRdG6xPMn/
KgAipNt0wH1+15MCmSw4lD7I3F7Y73EH7Kvh4MGRCIP2zsXRBHT1bwwC519z4gaR
sxOLBd0so11fws4Qr6nQW+AyuHPoL3R5y6isSy3GtowXSk9ByEYeWK21DjI3d3u8
+ouJ+HWMa6D1JzVi2o+2ehCAPsPSNAg1FWWwIcVeg6NRsE+3BhM9WefB7uzDvecy
yZmdNd3vr5GY1rxwomlBjfzNKLkPxa2Jlj44TGTuW9Cb
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:14 2024 by rpki-client on console-fra.rpki-client.org