Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/HGlUdfuLkxbKIjedv467sqrmTKI.roa
File:                     HGlUdfuLkxbKIjedv467sqrmTKI.roa (raw, json)
Hash identifier:          qskfnXpPjQIo1+05JedmdGLAvTIbn0/+zGzfzt8w1iw=
Subject key identifier:   1C:69:54:75:FB:8B:93:16:CA:22:37:9D:BF:8E:BB:B2:AA:E6:4C:A2
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       01879F265351525C71EBF61537FE7644903C
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/HGlUdfuLkxbKIjedv467sqrmTKI.roa
Signing time:             Thu 20 Apr 2023 14:51:41 +0000
ROA not before:           Thu 20 Apr 2023 14:51:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     20473
IP address blocks:        82.153.64.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 19 May 2023 07:04:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:9f:26:53:51:52:5c:71:eb:f6:15:37:fe:76:44:90:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Apr 20 14:51:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1c695475fb8b9316ca22379dbf8ebbb2aae64ca2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:f2:e2:71:35:21:2a:f9:d4:f2:48:14:3e:b3:
                    1d:ad:b6:d8:df:20:a3:a7:21:7f:b3:fa:d1:2b:ab:
                    9f:a3:91:16:a0:75:9c:1a:48:34:9d:0e:42:23:49:
                    d8:80:bb:61:ec:58:e1:6d:67:9e:ec:10:d2:fd:c9:
                    48:f8:26:75:44:94:e7:fb:3f:b5:23:84:1e:25:ad:
                    4d:db:6b:cc:18:68:b0:b1:bc:07:6d:d2:ad:6d:aa:
                    0b:28:ca:f8:50:41:6c:39:ac:70:3d:27:15:5a:bf:
                    5f:86:a8:af:41:f5:67:a0:d7:33:da:d7:39:84:3c:
                    bf:cf:84:b6:7a:89:15:86:90:c4:fd:7c:a7:e8:8d:
                    c7:dd:3a:b0:91:d9:28:8e:ef:ab:64:90:6f:0e:29:
                    93:1f:9f:28:09:f1:a2:9f:55:9a:e0:9e:87:a8:88:
                    0f:51:61:cc:86:65:08:89:5c:9d:91:a0:5c:ee:38:
                    3b:69:58:28:d4:1e:1d:72:95:62:b2:2c:9f:fe:f7:
                    18:dd:67:d9:18:c4:69:bf:8e:e3:2c:4a:97:e7:89:
                    8a:83:74:d7:6f:a1:64:fa:e3:71:6a:d4:ae:b7:03:
                    b9:00:bc:df:be:d9:38:b0:dc:8f:0c:32:84:76:6c:
                    01:da:90:61:04:ac:ce:f9:73:df:71:aa:9a:f7:30:
                    9f:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:69:54:75:FB:8B:93:16:CA:22:37:9D:BF:8E:BB:B2:AA:E6:4C:A2
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/HGlUdfuLkxbKIjedv467sqrmTKI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.64.0/24

    Signature Algorithm: sha256WithRSAEncryption
         13:02:77:a3:ac:72:d6:e8:18:22:04:55:e8:e9:d3:fa:77:d3:
         ba:0b:77:31:cd:16:22:c0:2e:26:ab:07:aa:2c:2b:7f:7b:09:
         d1:9e:d9:fb:e7:a5:a6:68:7d:65:c6:c4:3b:3a:95:20:5f:ea:
         a9:1f:9c:ab:6d:63:e4:d7:37:f9:59:ee:4e:db:e3:21:2b:78:
         ce:9a:0a:65:67:b8:1e:14:1e:d7:c9:21:02:0c:24:cc:7e:d6:
         ca:5f:c0:d5:5d:17:56:47:3b:46:0c:94:d0:5c:d9:33:83:b6:
         08:85:ad:7a:64:c5:0d:06:5d:11:17:ca:ad:af:d9:a0:a2:be:
         5e:43:43:c1:46:aa:d0:3f:ff:8c:54:35:24:81:bb:3c:80:ac:
         80:07:2c:a1:d6:11:4a:26:47:0b:68:31:99:bc:8f:e6:4d:9d:
         53:28:09:00:b0:6d:02:61:1f:de:59:cd:14:d8:94:4c:5c:6f:
         e3:7c:8b:c9:69:fe:b3:e8:25:6e:07:44:b1:3a:ed:a5:d9:06:
         9c:d2:31:f8:b0:13:0c:83:23:27:fa:d8:ad:97:63:70:c2:b6:
         f4:36:95:0a:82:13:54:89:52:25:8d:91:50:f4:71:37:3f:03:
         3d:f3:56:43:7c:bc:4b:59:72:b7:49:d4:ba:ef:1f:aa:c5:f7:
         09:87:b3:b9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYefJlNRUlxx6/YVN/52RJA8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNDIwMTQ1MTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzY5NTQ3NWZiOGI5MzE2Y2EyMjM3OWRiZjhlYmJiMmFhZTY0Y2EyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh/LicTUhKvnU8kgUPrMdrbbY3yCj
pyF/s/rRK6ufo5EWoHWcGkg0nQ5CI0nYgLth7FjhbWee7BDS/clI+CZ1RJTn+z+1
I4QeJa1N22vMGGiwsbwHbdKtbaoLKMr4UEFsOaxwPScVWr9fhqivQfVnoNcz2tc5
hDy/z4S2eokVhpDE/Xyn6I3H3Tqwkdkoju+rZJBvDimTH58oCfGin1Wa4J6HqIgP
UWHMhmUIiVydkaBc7jg7aVgo1B4dcpVisiyf/vcY3WfZGMRpv47jLEqX54mKg3TX
b6Fk+uNxatSutwO5ALzfvtk4sNyPDDKEdmwB2pBhBKzO+XPfcaqa9zCfjQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBxpVHX7i5MWyiI3nb+Ou7Kq5kyiMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvSEdsVWRmdUxreGJLSWplZHY0NjdzcXJtVEtJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUplAMA0G
CSqGSIb3DQEBCwUAA4IBAQATAnejrHLW6BgiBFXo6dP6d9O6C3cxzRYiwC4mqweq
LCt/ewnRntn756WmaH1lxsQ7OpUgX+qpH5yrbWPk1zf5We5O2+MhK3jOmgplZ7ge
FB7XySECDCTMftbKX8DVXRdWRztGDJTQXNkzg7YIha16ZMUNBl0RF8qtr9mgor5e
Q0PBRqrQP/+MVDUkgbs8gKyAByyh1hFKJkcLaDGZvI/mTZ1TKAkAsG0CYR/eWc0U
2JRMXG/jfIvJaf6z6CVuB0SxOu2l2Qac0jH4sBMMgyMn+titl2Nwwrb0NpUKghNU
iVIljZFQ9HE3PwM981ZDfLxLWXK3SdS67x+qxfcJh7O5
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:21 2024 by rpki-client on console-ams.rpki-client.org