Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/I_h__mWrZ5cQIK9fhtmOVRV02TQ.roa
File:                     I_h__mWrZ5cQIK9fhtmOVRV02TQ.roa (raw, json)
Hash identifier:          DCLiXt2zIEp+et3A6zeE7RWTTVwpFOCtoMCgW91zRek=
Subject key identifier:   23:F8:7F:FE:65:AB:67:97:10:20:AF:5F:86:D9:8E:55:15:74:D9:34
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018571FA271F6DDD12E23A1E59BE1D2C6EAB
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/I_h__mWrZ5cQIK9fhtmOVRV02TQ.roa
Signing time:             Mon 02 Jan 2023 10:14:57 +0000
ROA not before:           Mon 02 Jan 2023 10:14:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61135
IP address blocks:        82.153.246.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 13 Jan 2023 12:53:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:fa:27:1f:6d:dd:12:e2:3a:1e:59:be:1d:2c:6e:ab
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jan  2 10:14:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=23f87ffe65ab67971020af5f86d98e551574d934
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:7a:58:af:fd:71:26:6f:8d:82:fa:1a:a7:b9:
                    77:68:62:67:74:0e:bf:19:18:7b:77:d5:bb:c0:89:
                    70:40:87:7b:88:15:61:cc:57:02:fe:8f:f8:01:ed:
                    de:ef:6b:81:1e:99:22:c5:c4:31:d0:f8:b9:f8:a0:
                    94:a2:3b:34:58:dd:6c:04:d8:b3:e7:cb:a1:05:c8:
                    63:91:2a:f0:cb:04:c9:9c:a1:8d:00:c1:1b:10:3c:
                    1b:72:9a:93:07:73:24:a6:e1:ee:f5:c4:08:63:87:
                    95:e3:67:bd:ed:17:97:23:25:d2:f9:72:dc:29:04:
                    2f:f4:4b:44:90:5a:a9:2d:71:08:6c:fe:10:34:03:
                    4d:bf:c6:66:55:b8:83:89:5c:d7:f1:98:8a:63:77:
                    1d:84:98:bd:a6:1a:87:98:5c:96:2d:d8:b8:d5:e2:
                    2f:b8:05:73:f9:02:b5:bf:34:07:b4:18:68:5a:f8:
                    53:17:7c:67:75:05:a8:9f:25:af:44:f4:9e:12:20:
                    e1:82:50:7c:9b:57:3e:da:22:6e:68:00:6c:da:74:
                    d0:dd:3d:59:1d:7b:af:89:bf:63:04:1b:3c:b4:1a:
                    d0:49:a5:d9:0d:9c:e6:e5:d5:ce:b2:e0:27:08:e8:
                    a6:d2:6e:a4:a0:e8:b8:60:ae:01:c8:0d:ef:d2:bc:
                    95:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:F8:7F:FE:65:AB:67:97:10:20:AF:5F:86:D9:8E:55:15:74:D9:34
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/I_h__mWrZ5cQIK9fhtmOVRV02TQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.246.0/24

    Signature Algorithm: sha256WithRSAEncryption
         26:65:0b:f1:5f:c5:4a:32:12:52:de:07:4e:c0:5c:bd:23:2a:
         3c:1e:3a:c9:e1:ea:4e:4e:f0:7a:b6:fd:21:49:15:1a:14:ad:
         d0:ec:5d:43:ab:83:f0:49:26:3d:8c:12:76:6f:05:73:d4:82:
         67:59:df:8a:ad:bf:01:56:36:f5:75:5b:7b:75:06:55:bb:f8:
         0a:f4:75:8d:36:c3:ef:a2:66:ef:98:2d:19:1a:d0:e5:6b:3f:
         20:b5:5d:6e:30:6d:b9:e7:1b:e9:12:a7:ef:b1:ef:d2:5a:47:
         05:c2:c9:fd:8f:87:67:83:17:7c:b8:47:99:4d:b9:94:53:cf:
         a8:f7:7c:de:93:82:67:bd:1c:24:81:7d:f5:26:69:06:26:32:
         65:13:fe:b1:dd:1a:03:1a:bb:22:7b:09:2c:7b:ea:0a:fa:d5:
         cb:17:33:df:58:4d:77:e1:9c:e9:f7:d7:91:03:4a:24:a4:da:
         bf:a1:b1:40:60:00:87:68:07:6d:50:c8:0f:fd:ed:ed:b8:1a:
         ce:18:93:9a:48:51:b0:a4:80:00:da:86:a8:4c:0e:51:1e:f1:
         0b:b5:8d:5a:4c:4b:d0:24:83:51:8b:0b:62:fc:b5:89:2c:35:
         03:fc:90:e5:f4:2b:f9:9b:b7:f2:29:4a:ce:47:9c:79:0f:3f:
         21:85:8e:89
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVx+icfbd0S4joeWb4dLG6rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwMTAyMTAxNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2Y4N2ZmZTY1YWI2Nzk3MTAyMGFmNWY4NmQ5OGU1NTE1NzRkOTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq3pYr/1xJm+Ngvoap7l3aGJndA6/
GRh7d9W7wIlwQId7iBVhzFcC/o/4Ae3e72uBHpkixcQx0Pi5+KCUojs0WN1sBNiz
58uhBchjkSrwywTJnKGNAMEbEDwbcpqTB3MkpuHu9cQIY4eV42e97ReXIyXS+XLc
KQQv9EtEkFqpLXEIbP4QNANNv8ZmVbiDiVzX8ZiKY3cdhJi9phqHmFyWLdi41eIv
uAVz+QK1vzQHtBhoWvhTF3xndQWonyWvRPSeEiDhglB8m1c+2iJuaABs2nTQ3T1Z
HXuvib9jBBs8tBrQSaXZDZzm5dXOsuAnCOim0m6koOi4YK4ByA3v0ryV+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCP4f/5lq2eXECCvX4bZjlUVdNk0MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvSV9oX19tV3JaNWNRSUs5Zmh0bU9WUlYwMlRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpn2MA0G
CSqGSIb3DQEBCwUAA4IBAQAmZQvxX8VKMhJS3gdOwFy9Iyo8HjrJ4epOTvB6tv0h
SRUaFK3Q7F1Dq4PwSSY9jBJ2bwVz1IJnWd+Krb8BVjb1dVt7dQZVu/gK9HWNNsPv
ombvmC0ZGtDlaz8gtV1uMG255xvpEqfvse/SWkcFwsn9j4dngxd8uEeZTbmUU8+o
93zek4JnvRwkgX31JmkGJjJlE/6x3RoDGrsiewkse+oK+tXLFzPfWE134Zzp99eR
A0okpNq/obFAYACHaAdtUMgP/e3tuBrOGJOaSFGwpIAA2oaoTA5RHvELtY1aTEvQ
JINRiwti/LWJLDUD/JDl9Cv5m7fyKUrOR5x5Dz8hhY6J
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:15 2024 by rpki-client on console-fra.rpki-client.org