Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ImPYRemJtoeUA9HkMLLtnhXzDMQ.roa
File:                     ImPYRemJtoeUA9HkMLLtnhXzDMQ.roa (raw, json)
Hash identifier:          pWVH2Np6rGnoXXZlcaet4E5HcnfU6P10lf16aLE0V7Y=
Subject key identifier:   22:63:D8:45:E9:89:B6:87:94:03:D1:E4:30:B2:ED:9E:15:F3:0C:C4
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       01889083BA96644FB2B4C00DB341794CA5CB
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ImPYRemJtoeUA9HkMLLtnhXzDMQ.roa
Signing time:             Tue 06 Jun 2023 11:42:12 +0000
ROA not before:           Tue 06 Jun 2023 11:42:12 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204174
IP address blocks:        82.153.222.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 19 Aug 2023 08:56:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:90:83:ba:96:64:4f:b2:b4:c0:0d:b3:41:79:4c:a5:cb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jun  6 11:42:12 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2263d845e989b6879403d1e430b2ed9e15f30cc4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f1:6f:6c:9b:b8:fd:74:fd:00:b7:e2:28:01:e1:
                    58:93:a9:a0:ad:a6:a4:2b:46:8e:a0:7e:fd:a5:68:
                    eb:ca:a7:c9:75:bd:51:8f:d5:16:d3:13:02:18:c9:
                    34:91:25:39:1d:72:f0:66:e1:51:75:c5:e2:dd:ff:
                    9f:6f:2d:76:d6:4c:84:a5:d8:90:c9:b9:f9:ac:1c:
                    e3:18:75:da:a2:90:b6:eb:91:92:a4:64:18:38:56:
                    dd:e4:a3:9a:f1:ff:49:b2:e5:5f:4b:09:89:37:ce:
                    ae:8a:4c:88:2d:12:20:c7:70:93:5f:17:88:c3:81:
                    d4:ad:63:c1:6f:90:27:80:26:f3:33:74:fe:d2:af:
                    be:58:6d:c7:48:f0:5f:e0:24:ae:b8:c9:74:a7:f6:
                    d7:c8:1d:e9:98:8e:83:76:3e:cd:7f:83:73:c4:19:
                    69:70:a5:9d:1d:ec:44:ac:88:1d:e6:41:c9:35:88:
                    82:b1:67:ea:db:3c:a2:17:09:ff:fa:d4:b6:4a:08:
                    b4:c4:2f:f5:00:83:de:d5:cb:55:5e:dd:64:6a:96:
                    72:e3:50:75:c1:d5:e0:0d:bd:d9:41:b5:73:8b:dd:
                    fd:51:fa:64:8d:79:c0:eb:c0:1a:aa:77:a9:7a:ce:
                    24:4a:dd:b2:23:56:a7:df:d7:5b:05:b6:12:ac:e4:
                    85:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:63:D8:45:E9:89:B6:87:94:03:D1:E4:30:B2:ED:9E:15:F3:0C:C4
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ImPYRemJtoeUA9HkMLLtnhXzDMQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.222.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a8:e1:63:d0:dc:21:92:fd:fe:0f:a8:0d:f2:28:24:99:d7:aa:
         a7:7b:09:95:47:d8:66:56:44:67:0d:fb:23:e1:3c:08:be:1d:
         ce:f7:09:1f:2b:75:5a:67:93:d9:88:37:1c:9d:60:2f:93:ef:
         cb:0f:59:f6:7d:b7:31:c6:13:71:71:d2:56:f5:8e:81:01:08:
         61:54:e9:a7:53:fb:bc:12:ac:87:10:aa:ca:50:4b:06:3e:29:
         c1:cf:c9:7e:c1:11:15:b9:63:e5:d0:e0:ea:90:e1:9a:ff:4b:
         f0:b6:c0:4b:bd:8e:2b:1a:1a:61:10:83:d3:5c:10:5e:40:9d:
         c5:93:33:c2:71:d7:ba:be:68:81:93:32:e9:e5:d6:71:09:69:
         b4:2a:73:69:b8:4a:b9:25:9c:48:02:fc:61:3b:b8:96:c6:ef:
         97:c1:04:f7:c4:5c:4c:93:5c:f1:d2:ca:c4:f8:7a:b1:fe:e3:
         7e:54:47:91:d0:60:e4:45:ba:4c:53:8e:34:6a:52:6f:bd:e9:
         6a:72:6a:30:7f:cc:7d:78:e6:48:05:00:a8:63:2b:56:67:7d:
         89:be:86:22:1a:7c:80:4f:86:2d:72:70:a4:27:1b:45:d9:f6:
         0a:30:ac:b3:1e:21:5d:ea:c9:27:75:01:d5:bb:4d:f4:a0:b5:
         d1:cf:bb:bc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYiQg7qWZE+ytMANs0F5TKXLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNjA2MTE0MjEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjYzZDg0NWU5ODliNjg3OTQwM2QxZTQzMGIyZWQ5ZTE1ZjMwY2M0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8W9sm7j9dP0At+IoAeFYk6mgraak
K0aOoH79pWjryqfJdb1Rj9UW0xMCGMk0kSU5HXLwZuFRdcXi3f+fby121kyEpdiQ
ybn5rBzjGHXaopC265GSpGQYOFbd5KOa8f9JsuVfSwmJN86uikyILRIgx3CTXxeI
w4HUrWPBb5AngCbzM3T+0q++WG3HSPBf4CSuuMl0p/bXyB3pmI6Ddj7Nf4NzxBlp
cKWdHexErIgd5kHJNYiCsWfq2zyiFwn/+tS2Sgi0xC/1AIPe1ctVXt1kapZy41B1
wdXgDb3ZQbVzi939UfpkjXnA68Aaqnepes4kSt2yI1an39dbBbYSrOSFkwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCJj2EXpibaHlAPR5DCy7Z4V8wzEMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvSW1QWVJlbUp0b2VVQTlIa01MTHRuaFh6RE1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpneMA0G
CSqGSIb3DQEBCwUAA4IBAQCo4WPQ3CGS/f4PqA3yKCSZ16qnewmVR9hmVkRnDfsj
4TwIvh3O9wkfK3VaZ5PZiDccnWAvk+/LD1n2fbcxxhNxcdJW9Y6BAQhhVOmnU/u8
EqyHEKrKUEsGPinBz8l+wREVuWPl0ODqkOGa/0vwtsBLvY4rGhphEIPTXBBeQJ3F
kzPCcde6vmiBkzLp5dZxCWm0KnNpuEq5JZxIAvxhO7iWxu+XwQT3xFxMk1zx0srE
+Hqx/uN+VEeR0GDkRbpMU440alJvvelqcmowf8x9eOZIBQCoYytWZ32JvoYiGnyA
T4YtcnCkJxtF2fYKMKyzHiFd6skndQHVu030oLXRz7u8
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:15 2024 by rpki-client on console-fra.rpki-client.org