Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/J-nCExgyWjBez3b9ruxLZwgbxEI.roa
File:                     J-nCExgyWjBez3b9ruxLZwgbxEI.roa (raw, json)
Hash identifier:          bviY3YPbypiOtloCSMv33H4ib8iAyoFlPFf2l6X3Gnw=
Subject key identifier:   27:E9:C2:13:18:32:5A:30:5E:CF:76:FD:AE:EC:4B:67:08:1B:C4:42
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018B41A4461DFE349940767F2818E18BB2D6
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/J-nCExgyWjBez3b9ruxLZwgbxEI.roa
Signing time:             Wed 18 Oct 2023 07:16:06 +0000
ROA not before:           Wed 18 Oct 2023 07:16:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211936
IP address blocks:        82.153.32.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:30:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:41:a4:46:1d:fe:34:99:40:76:7f:28:18:e1:8b:b2:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Oct 18 07:16:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=27e9c21318325a305ecf76fdaeec4b67081bc442
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:4d:63:fd:c0:b7:1d:c9:7c:b3:e0:0d:65:21:
                    d1:c4:2f:d4:09:57:fc:e0:af:17:10:40:95:80:c1:
                    d6:99:df:2e:f5:9a:3a:63:4a:23:3f:7b:f0:cf:9f:
                    c3:2d:81:06:f5:f1:35:e1:5c:e2:82:84:0c:e7:48:
                    2d:38:72:ba:c4:b1:e7:51:4c:20:4c:a8:98:ba:82:
                    7b:25:51:d7:50:b4:3e:a7:42:8b:2b:73:22:8a:58:
                    2b:e3:65:cb:e2:ed:89:a5:40:c2:fa:13:04:05:be:
                    8a:e2:0a:8a:55:1f:ed:b9:8e:9a:eb:29:25:db:7f:
                    92:2b:fa:8c:ef:e5:8b:16:36:79:ef:50:3e:f9:f2:
                    9a:84:9f:dc:f2:34:4b:49:b9:d2:91:b2:66:8c:86:
                    53:97:39:e2:f0:0d:25:9c:00:de:4f:2e:5b:94:0d:
                    0e:39:b8:0b:e0:11:d6:65:10:96:94:d7:0c:45:ec:
                    b7:68:cb:0b:4e:64:f9:7c:9b:a0:c3:f2:59:d0:19:
                    01:b0:dc:4d:f1:93:d9:3a:d1:92:c0:d4:cf:ff:bf:
                    cb:ac:e8:16:51:2a:40:c7:ea:31:e4:fe:35:b0:14:
                    21:9e:40:9b:db:d5:44:e7:a7:81:1a:91:0e:53:0b:
                    dc:e8:08:7f:eb:9d:42:30:1b:39:4d:68:70:47:b7:
                    c7:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:E9:C2:13:18:32:5A:30:5E:CF:76:FD:AE:EC:4B:67:08:1B:C4:42
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/J-nCExgyWjBez3b9ruxLZwgbxEI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.32.0/24

    Signature Algorithm: sha256WithRSAEncryption
         02:83:70:4a:07:fa:e5:84:0a:2b:0d:8b:2b:be:5a:52:e2:85:
         4d:14:4d:9f:c1:2d:ec:e3:f8:f0:12:a5:b0:b6:15:2a:33:a7:
         f3:c3:78:94:ce:16:8c:f9:20:6e:11:2e:bf:35:21:69:2c:07:
         33:55:a3:3e:43:72:2a:b0:09:c6:3d:8e:50:f6:63:d6:ec:75:
         ea:2d:1f:f5:36:48:47:a7:8c:08:ff:78:29:67:e8:d7:33:95:
         88:0a:d8:e0:2a:88:d0:81:a1:a6:a3:fd:1f:21:b5:92:ae:5e:
         bc:00:5e:99:73:db:2a:5f:dd:d8:f1:fa:5f:0e:fa:f1:cd:b3:
         52:0f:9c:0b:df:f3:11:39:c2:8a:6c:b3:99:53:23:0d:2a:6d:
         75:0a:ff:22:0d:3a:4a:41:ac:bc:50:1a:8e:95:c0:65:f3:66:
         cd:df:e4:74:96:6b:b1:25:93:68:68:0c:7b:4e:72:3e:e3:5e:
         c0:ad:5e:a6:b5:17:40:dd:b0:73:29:f8:c4:5d:76:10:59:8b:
         a9:d1:b2:42:7a:a4:75:cf:62:e2:14:23:c0:2b:9c:9f:be:be:
         7a:8b:ff:96:ec:26:a8:c7:c4:a6:4a:1c:e3:36:7f:5c:70:a5:
         05:be:b9:97:eb:85:6b:ee:c6:34:e9:b0:84:f6:e0:e7:67:5a:
         74:ad:f3:70
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYtBpEYd/jSZQHZ/KBjhi7LWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMxMDE4MDcxNjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyN2U5YzIxMzE4MzI1YTMwNWVjZjc2ZmRhZWVjNGI2NzA4MWJjNDQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvU1j/cC3Hcl8s+ANZSHRxC/UCVf8
4K8XEECVgMHWmd8u9Zo6Y0ojP3vwz5/DLYEG9fE14VzigoQM50gtOHK6xLHnUUwg
TKiYuoJ7JVHXULQ+p0KLK3Miilgr42XL4u2JpUDC+hMEBb6K4gqKVR/tuY6a6ykl
23+SK/qM7+WLFjZ571A++fKahJ/c8jRLSbnSkbJmjIZTlzni8A0lnADeTy5blA0O
ObgL4BHWZRCWlNcMRey3aMsLTmT5fJugw/JZ0BkBsNxN8ZPZOtGSwNTP/7/LrOgW
USpAx+ox5P41sBQhnkCb29VE56eBGpEOUwvc6Ah/651CMBs5TWhwR7fHwwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCfpwhMYMlowXs92/a7sS2cIG8RCMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvSi1uQ0V4Z3lXakJlejNiOXJ1eExad2dieEVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpkgMA0G
CSqGSIb3DQEBCwUAA4IBAQACg3BKB/rlhAorDYsrvlpS4oVNFE2fwS3s4/jwEqWw
thUqM6fzw3iUzhaM+SBuES6/NSFpLAczVaM+Q3IqsAnGPY5Q9mPW7HXqLR/1NkhH
p4wI/3gpZ+jXM5WICtjgKojQgaGmo/0fIbWSrl68AF6Zc9sqX93Y8fpfDvrxzbNS
D5wL3/MROcKKbLOZUyMNKm11Cv8iDTpKQay8UBqOlcBl82bN3+R0lmuxJZNoaAx7
TnI+417ArV6mtRdA3bBzKfjEXXYQWYup0bJCeqR1z2LiFCPAK5yfvr56i/+W7Cao
x8SmShzjNn9ccKUFvrmX64Vr7sY06bCE9uDnZ1p0rfNw
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:22 2024 by rpki-client on console-ams.rpki-client.org