Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/I2NK8ztAblRMpj6YrpP670vpUEU.roa
File:                     I2NK8ztAblRMpj6YrpP670vpUEU.roa (raw, json)
Hash identifier:          ibEOEQgtk05h2HP6kGK2j2Kj5Ova4rc48qH1wTSaJ3g=
Subject key identifier:   23:63:4A:F3:3B:40:6E:54:4C:A6:3E:98:AE:93:FA:EF:4B:E9:50:45
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       0186BB2B9385578320D32457926475CA5246
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/I2NK8ztAblRMpj6YrpP670vpUEU.roa
Signing time:             Tue 07 Mar 2023 08:24:00 +0000
ROA not before:           Tue 07 Mar 2023 08:24:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212335
IP address blocks:        82.153.67.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 06 Sep 2023 07:41:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:bb:2b:93:85:57:83:20:d3:24:57:92:64:75:ca:52:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Mar  7 08:24:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=23634af33b406e544ca63e98ae93faef4be95045
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:e4:68:8b:38:77:b9:03:ed:58:04:b3:7e:dc:
                    be:e5:c7:a1:cf:be:52:b1:57:28:38:b6:23:d4:ff:
                    8d:87:89:c8:f5:93:91:17:03:db:82:bd:27:6c:e7:
                    59:1d:c0:fa:1a:ce:dd:4f:37:ef:a1:a1:33:ca:80:
                    38:2f:42:cd:80:a1:2f:cf:f1:e1:3d:c0:0f:5b:8b:
                    bf:6f:21:65:d6:00:b6:6c:ce:8a:5f:2b:bf:52:87:
                    80:5e:35:fd:6c:94:dd:97:a8:4c:07:78:cf:a2:bb:
                    a7:ab:f3:48:3d:72:53:98:5f:a8:c7:f9:71:60:92:
                    03:91:7a:42:be:99:de:b3:72:8a:38:78:68:1a:5d:
                    c2:1d:29:c8:d8:80:5f:52:d6:60:e0:be:8f:45:8e:
                    80:43:f9:2e:86:27:97:a4:e1:34:d4:4b:15:5b:f9:
                    51:59:97:a2:ca:bc:11:d7:5e:93:ba:fb:d7:7a:cd:
                    32:7b:e9:de:43:0c:d9:7d:8a:11:be:97:17:0e:5a:
                    3f:ca:34:0f:6d:fe:78:b1:5f:a3:bf:63:0d:9b:ca:
                    ba:c9:85:2e:51:fb:2a:bc:83:89:e0:4f:64:3b:7b:
                    78:4b:ae:b4:6e:7c:b6:c4:56:99:f6:da:c6:ae:da:
                    ce:99:11:c7:0f:21:ff:f8:8c:1e:56:9c:38:02:7c:
                    09:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:63:4A:F3:3B:40:6E:54:4C:A6:3E:98:AE:93:FA:EF:4B:E9:50:45
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/I2NK8ztAblRMpj6YrpP670vpUEU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.67.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8a:10:3d:d3:7d:44:b2:72:c9:aa:ea:45:62:52:a8:de:93:92:
         27:d5:b9:c3:f1:67:18:9d:06:eb:d0:0d:e2:cb:69:20:24:3b:
         c5:cb:1e:a7:ef:b1:18:f3:96:01:74:3d:e8:e5:60:76:31:ef:
         06:8d:4e:01:a0:03:b9:bf:2b:33:e4:49:cc:61:ff:0d:a1:bc:
         05:4d:06:4e:d3:b1:b8:32:a3:cb:6f:50:04:0d:03:78:59:3f:
         72:0b:63:a3:21:38:02:0c:7d:b8:c4:29:6d:1f:59:25:7a:f3:
         e1:4d:af:5b:a1:c4:bb:9f:4a:99:3a:77:21:cc:26:86:4c:f0:
         6c:35:8f:bc:34:c5:1f:d0:8d:9e:37:cc:d3:84:65:7a:74:12:
         68:2c:f2:a7:e2:18:69:fd:f1:4e:c8:6a:b9:f6:a8:f8:94:9b:
         11:a9:6e:c5:b6:72:08:d1:6e:78:8f:77:ef:6f:a2:fe:e0:82:
         99:8e:1a:34:28:90:16:7f:db:fe:65:af:71:ee:e4:dd:a0:3e:
         75:d3:33:08:67:cc:c4:9e:45:c2:e0:07:b0:00:a8:e2:2d:9a:
         5a:52:62:0d:9d:04:65:28:5d:75:ee:56:4c:5f:3e:c1:61:8c:
         da:7d:7d:c1:bc:d4:c5:16:af:23:dc:98:e0:fb:08:2e:c6:d7:
         4e:ee:56:62
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYa7K5OFV4Mg0yRXkmR1ylJGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwMzA3MDgyNDAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzYzNGFmMzNiNDA2ZTU0NGNhNjNlOThhZTkzZmFlZjRiZTk1MDQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt+Roizh3uQPtWASzfty+5cehz75S
sVcoOLYj1P+Nh4nI9ZORFwPbgr0nbOdZHcD6Gs7dTzfvoaEzyoA4L0LNgKEvz/Hh
PcAPW4u/byFl1gC2bM6KXyu/UoeAXjX9bJTdl6hMB3jPorunq/NIPXJTmF+ox/lx
YJIDkXpCvpnes3KKOHhoGl3CHSnI2IBfUtZg4L6PRY6AQ/kuhieXpOE01EsVW/lR
WZeiyrwR116TuvvXes0ye+neQwzZfYoRvpcXDlo/yjQPbf54sV+jv2MNm8q6yYUu
UfsqvIOJ4E9kO3t4S660bny2xFaZ9trGrtrOmRHHDyH/+IweVpw4AnwJjQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCNjSvM7QG5UTKY+mK6T+u9L6VBFMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvSTJOSzh6dEFibFJNcGo2WXJwUDY3MHZwVUVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUplDMA0G
CSqGSIb3DQEBCwUAA4IBAQCKED3TfUSycsmq6kViUqjek5In1bnD8WcYnQbr0A3i
y2kgJDvFyx6n77EY85YBdD3o5WB2Me8GjU4BoAO5vysz5EnMYf8NobwFTQZO07G4
MqPLb1AEDQN4WT9yC2OjITgCDH24xCltH1klevPhTa9bocS7n0qZOnchzCaGTPBs
NY+8NMUf0I2eN8zThGV6dBJoLPKn4hhp/fFOyGq59qj4lJsRqW7FtnII0W54j3fv
b6L+4IKZjho0KJAWf9v+Za9x7uTdoD510zMIZ8zEnkXC4AewAKjiLZpaUmINnQRl
KF117lZMXz7BYYzafX3BvNTFFq8j3Jjg+wguxtdO7lZi
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:15 2024 by rpki-client on console-fra.rpki-client.org