Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/JC8MhN2uDseziMJSfGBrrTJ7X1U.roa
File:                     JC8MhN2uDseziMJSfGBrrTJ7X1U.roa (raw, json)
Hash identifier:          ytl76RClD8G1cn4kxE6tV8crXgy3MpfhWHL5skKNlWo=
Subject key identifier:   24:2F:0C:84:DD:AE:0E:C7:B3:88:C2:52:7C:60:6B:AD:32:7B:5F:55
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018CF7D13A16062EE32063D32463A15FFEED
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/JC8MhN2uDseziMJSfGBrrTJ7X1U.roa
Signing time:             Thu 11 Jan 2024 09:18:53 +0000
ROA not before:           Thu 11 Jan 2024 09:18:53 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     201575
IP address blocks:        82.153.245.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 09 Feb 2024 08:25:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:f7:d1:3a:16:06:2e:e3:20:63:d3:24:63:a1:5f:fe:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jan 11 09:18:53 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=242f0c84ddae0ec7b388c2527c606bad327b5f55
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:70:9d:ba:46:b4:0f:40:89:90:bb:d5:5c:21:
                    78:9a:77:bb:6a:37:4a:46:20:d7:85:03:eb:d4:e8:
                    00:d9:3e:e0:85:8e:b6:41:4b:67:7d:ce:b8:ba:b6:
                    d8:3e:0d:e8:5b:5f:e2:fa:c9:10:4a:47:6b:1f:9d:
                    a7:61:90:7b:26:2d:6e:92:69:85:d0:e8:da:fe:8c:
                    a0:55:94:3d:9d:94:72:91:09:97:0a:fb:7d:82:d4:
                    95:5e:d5:52:36:75:27:25:28:03:b3:8b:0f:f3:79:
                    b4:58:ad:df:5f:fd:e2:03:d0:20:2a:51:d9:b1:5e:
                    b6:3a:ae:e1:2c:cf:62:47:cc:f4:93:37:33:d3:41:
                    bb:a9:fe:e1:66:53:de:67:1e:8d:45:7b:97:7a:91:
                    8c:23:38:51:1c:22:a8:47:d7:f5:66:ce:d3:c0:91:
                    5c:ee:ae:ee:45:b5:b5:d7:7a:01:b5:2b:cf:03:7a:
                    6e:1d:13:7d:dd:ac:36:b8:3a:d4:d4:73:b8:9c:b0:
                    f3:48:a1:e6:f8:89:31:8c:aa:ee:cb:34:a2:3f:80:
                    69:2a:1e:7b:65:30:03:63:49:6b:2f:08:5b:1e:50:
                    36:0b:5a:6d:5a:63:27:14:70:de:fe:21:13:9f:c9:
                    bf:cc:c0:50:fb:79:55:2a:0e:23:f0:dc:24:64:1f:
                    66:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:2F:0C:84:DD:AE:0E:C7:B3:88:C2:52:7C:60:6B:AD:32:7B:5F:55
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/JC8MhN2uDseziMJSfGBrrTJ7X1U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.245.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1f:5d:04:66:1f:fe:1b:b9:cd:0a:c4:0a:34:75:cd:d9:41:53:
         37:7e:25:b3:ea:d8:60:fa:c2:5d:3d:93:11:fd:a7:52:28:57:
         07:d6:ab:5f:94:bc:b7:17:ca:88:14:63:02:52:48:49:18:3f:
         fd:92:78:12:11:8c:56:1d:1d:88:89:68:85:7e:ad:01:92:f0:
         72:ba:3b:99:3b:08:65:e9:d5:43:49:c4:99:31:58:71:cf:97:
         ab:82:de:18:87:d4:48:22:39:9c:82:64:a0:3e:58:86:19:0a:
         f7:ee:83:87:24:7f:7e:a1:4c:80:49:e7:dc:31:21:40:37:a5:
         cb:52:5f:a7:58:76:b8:e6:2e:9a:47:47:87:e9:7f:18:42:0e:
         ef:b0:12:e5:09:dc:ae:e8:d7:63:96:98:b4:d0:17:fb:e2:9a:
         d6:0a:ff:b4:36:ff:b6:14:6a:0b:f1:f5:26:d9:9c:eb:05:b8:
         0b:d5:74:6e:b2:b9:67:c7:01:83:32:59:aa:df:81:f6:11:8a:
         88:b5:d1:6c:6a:06:d7:8f:9a:fe:54:a9:9f:c1:35:7f:8e:e8:
         47:89:11:61:c9:d3:5e:bb:0e:18:42:97:77:9e:92:dd:61:e7:
         cc:73:1a:37:35:5a:8f:4f:e2:1b:36:18:4d:87:2e:3e:7f:eb:
         db:9a:07:35
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYz30ToWBi7jIGPTJGOhX/7tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMTExMDkxODUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDJmMGM4NGRkYWUwZWM3YjM4OGMyNTI3YzYwNmJhZDMyN2I1ZjU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj3Cduka0D0CJkLvVXCF4mne7ajdK
RiDXhQPr1OgA2T7ghY62QUtnfc64urbYPg3oW1/i+skQSkdrH52nYZB7Ji1ukmmF
0Oja/oygVZQ9nZRykQmXCvt9gtSVXtVSNnUnJSgDs4sP83m0WK3fX/3iA9AgKlHZ
sV62Oq7hLM9iR8z0kzcz00G7qf7hZlPeZx6NRXuXepGMIzhRHCKoR9f1Zs7TwJFc
7q7uRbW113oBtSvPA3puHRN93aw2uDrU1HO4nLDzSKHm+IkxjKruyzSiP4BpKh57
ZTADY0lrLwhbHlA2C1ptWmMnFHDe/iETn8m/zMBQ+3lVKg4j8NwkZB9mvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCQvDITdrg7Hs4jCUnxga60ye19VMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvSkM4TWhOMnVEc2V6aU1KU2ZHQnJyVEo3WDFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpn1MA0G
CSqGSIb3DQEBCwUAA4IBAQAfXQRmH/4buc0KxAo0dc3ZQVM3fiWz6thg+sJdPZMR
/adSKFcH1qtflLy3F8qIFGMCUkhJGD/9kngSEYxWHR2IiWiFfq0BkvByujuZOwhl
6dVDScSZMVhxz5ergt4Yh9RIIjmcgmSgPliGGQr37oOHJH9+oUyASefcMSFAN6XL
Ul+nWHa45i6aR0eH6X8YQg7vsBLlCdyu6Ndjlpi00Bf74prWCv+0Nv+2FGoL8fUm
2ZzrBbgL1XRusrlnxwGDMlmq34H2EYqItdFsagbXj5r+VKmfwTV/juhHiRFhydNe
uw4YQpd3npLdYefMcxo3NVqPT+IbNhhNhy4+f+vbmgc1
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:22 2024 by rpki-client on console-ams.rpki-client.org