Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/IIh9GqVzSCcDppD2mnw5FpeJhuo.roa
File:                     IIh9GqVzSCcDppD2mnw5FpeJhuo.roa (raw, json)
Hash identifier:          tZB812d97J9Qbe04xjmr7ZZhmyaAOsAs1Vs6ggampqM=
Subject key identifier:   20:88:7D:1A:A5:73:48:27:03:A6:90:F6:9A:7C:39:16:97:89:86:EA
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       0186FE5685FA682BF8130214A27EDA5B85CC
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/IIh9GqVzSCcDppD2mnw5FpeJhuo.roa
Signing time:             Mon 20 Mar 2023 09:25:28 +0000
ROA not before:           Mon 20 Mar 2023 09:25:28 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     14445
IP address blocks:        82.153.10.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 30 Apr 2023 20:21:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:fe:56:85:fa:68:2b:f8:13:02:14:a2:7e:da:5b:85:cc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Mar 20 09:25:28 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=20887d1aa573482703a690f69a7c3916978986ea
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:44:73:2e:f5:88:5c:21:24:ce:79:3a:92:5a:
                    80:e3:be:81:40:ba:66:99:f3:02:39:29:d6:d5:41:
                    2b:61:56:70:51:b1:74:bb:cb:c9:66:63:3b:81:74:
                    80:44:58:9a:3d:fa:98:9e:54:3a:2a:74:3c:df:8c:
                    08:92:b5:c4:0d:0d:ad:8b:94:ea:41:41:3b:f7:c0:
                    8e:dd:93:bb:31:75:4f:d8:d0:21:3b:1a:48:83:6e:
                    8f:af:ea:5c:72:fa:aa:cb:58:48:0d:96:f7:ca:96:
                    f0:c3:15:cf:70:13:43:eb:f0:43:57:e0:4b:28:26:
                    69:f8:e3:70:27:83:d2:65:ea:14:80:ec:dc:e1:0d:
                    f8:ad:df:ec:30:e4:1b:b5:9b:a4:bb:d6:d1:dd:03:
                    8c:86:29:e1:d1:88:8a:d9:d9:45:92:0c:60:14:cb:
                    36:a9:b5:4d:b8:d6:47:13:56:f8:21:df:67:44:aa:
                    74:05:4d:b5:a6:2e:95:2c:f2:b2:d5:da:70:6c:7e:
                    db:71:f6:a3:41:90:8a:4c:bb:70:bb:ca:1f:55:7d:
                    73:f8:0c:e2:9a:e0:31:f9:9d:c8:a2:85:c6:2e:97:
                    cd:09:cf:20:1a:2e:f1:ba:b9:c9:af:4e:e7:a7:c5:
                    b7:ab:27:94:59:5f:a9:99:41:6e:d5:e1:d6:fc:f5:
                    7e:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:88:7D:1A:A5:73:48:27:03:A6:90:F6:9A:7C:39:16:97:89:86:EA
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/IIh9GqVzSCcDppD2mnw5FpeJhuo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.10.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5d:91:97:9f:59:10:0f:54:2f:de:69:c4:c4:1f:1b:82:ed:60:
         42:ed:a6:2b:99:bc:16:09:82:4b:c1:18:12:83:b9:a0:cf:fb:
         39:34:4b:6b:1a:21:24:d8:fa:04:1c:77:5f:ea:67:e2:66:d9:
         ca:b8:99:23:45:4e:40:e8:d2:02:84:38:79:07:69:fb:40:11:
         c9:24:8c:d7:85:34:ba:c1:aa:07:c4:9a:89:bc:71:3f:68:31:
         1a:6b:53:d3:df:67:3e:66:d7:d5:30:93:ce:a3:33:9b:48:30:
         43:6b:6c:42:a8:6d:5b:1a:8e:02:ca:9c:ee:cb:1d:3a:66:11:
         30:31:c2:1f:db:0b:67:da:d4:91:fb:01:3c:b4:ad:e7:ff:e6:
         ff:0c:fe:a9:f3:fe:6f:65:32:94:cf:1a:71:6c:58:f8:66:0d:
         6f:d0:d3:73:08:df:e6:e6:53:cd:ff:97:83:8e:bb:d1:90:8c:
         57:91:63:7e:2e:0f:d5:86:9e:c3:2a:39:bb:75:f4:fa:9e:64:
         6d:0c:9d:35:34:30:ff:c1:90:49:da:b6:2c:dc:b0:c9:85:d1:
         cd:5b:aa:70:17:ed:f7:22:62:62:51:e8:32:ed:87:d1:0c:91:
         81:25:0b:7e:2a:f0:a2:2e:43:90:06:88:4f:ce:7f:d7:3f:7e:
         f9:5a:b3:5b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYb+VoX6aCv4EwIUon7aW4XMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwMzIwMDkyNTI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDg4N2QxYWE1NzM0ODI3MDNhNjkwZjY5YTdjMzkxNjk3ODk4NmVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl0RzLvWIXCEkznk6klqA476BQLpm
mfMCOSnW1UErYVZwUbF0u8vJZmM7gXSARFiaPfqYnlQ6KnQ834wIkrXEDQ2ti5Tq
QUE798CO3ZO7MXVP2NAhOxpIg26Pr+pccvqqy1hIDZb3ypbwwxXPcBND6/BDV+BL
KCZp+ONwJ4PSZeoUgOzc4Q34rd/sMOQbtZuku9bR3QOMhinh0YiK2dlFkgxgFMs2
qbVNuNZHE1b4Id9nRKp0BU21pi6VLPKy1dpwbH7bcfajQZCKTLtwu8ofVX1z+Azi
muAx+Z3IooXGLpfNCc8gGi7xurnJr07np8W3qyeUWV+pmUFu1eHW/PV+dwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCCIfRqlc0gnA6aQ9pp8ORaXiYbqMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvSUloOUdxVnpTQ2NEcHBEMm1udzVGcGVKaHVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpkKMA0G
CSqGSIb3DQEBCwUAA4IBAQBdkZefWRAPVC/eacTEHxuC7WBC7aYrmbwWCYJLwRgS
g7mgz/s5NEtrGiEk2PoEHHdf6mfiZtnKuJkjRU5A6NIChDh5B2n7QBHJJIzXhTS6
waoHxJqJvHE/aDEaa1PT32c+ZtfVMJPOozObSDBDa2xCqG1bGo4Cypzuyx06ZhEw
McIf2wtn2tSR+wE8tK3n/+b/DP6p8/5vZTKUzxpxbFj4Zg1v0NNzCN/m5lPN/5eD
jrvRkIxXkWN+Lg/Vhp7DKjm7dfT6nmRtDJ01NDD/wZBJ2rYs3LDJhdHNW6pwF+33
ImJiUegy7YfRDJGBJQt+KvCiLkOQBohPzn/XP375WrNb
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:15 2024 by rpki-client on console-fra.rpki-client.org