Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Jetihvi75e8f2bsEcfhDqPkm6lI.roa
File:                     Jetihvi75e8f2bsEcfhDqPkm6lI.roa (raw, json)
Hash identifier:          1o7bBoj48/UShcZSdMooFK7p/7qATppggMNagPGG3gU=
Subject key identifier:   25:EB:62:86:F8:BB:E5:EF:1F:D9:BB:04:71:F8:43:A8:F9:26:EA:52
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018ED6B7B346D56F8EF55E32DB9769C37AA8
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Jetihvi75e8f2bsEcfhDqPkm6lI.roa
Signing time:             Sat 13 Apr 2024 09:09:06 +0000
ROA not before:           Sat 13 Apr 2024 09:09:06 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     212238
IP address blocks:        82.153.255.0/24 maxlen: 24
                          82.163.10.0/23 maxlen: 24
                          109.176.14.0/24 maxlen: 24
                          109.176.30.0/24 maxlen: 24
                          213.218.248.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 15 Apr 2024 07:58:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:d6:b7:b3:46:d5:6f:8e:f5:5e:32:db:97:69:c3:7a:a8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Apr 13 09:09:06 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=25eb6286f8bbe5ef1fd9bb0471f843a8f926ea52
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:c2:30:57:7d:40:dd:f4:53:f2:b4:73:8a:a2:
                    8f:21:71:0a:50:54:a8:85:27:6b:4d:04:b2:67:88:
                    4e:6d:8d:40:53:8e:8f:c4:0e:e1:d5:f9:af:45:b5:
                    75:f8:d0:a8:f5:8c:e7:c3:5d:cc:33:83:29:b8:ec:
                    39:b2:9a:ed:9c:dc:c4:b6:99:e7:f8:a5:0a:ad:c8:
                    3d:f4:42:9f:19:b8:85:68:14:70:6a:98:99:30:6f:
                    47:b8:99:6c:8b:33:b1:df:fa:72:59:6f:57:dd:37:
                    ea:02:ff:77:15:dc:cc:76:01:e0:51:2a:f5:c4:75:
                    dd:7e:65:d6:aa:e8:7f:47:6c:ff:96:77:44:5a:5f:
                    1b:8d:b7:c0:4c:70:57:66:82:ec:8d:79:c1:e1:ba:
                    29:6f:33:f0:65:95:db:29:bb:b0:37:a4:54:2a:c3:
                    08:04:32:35:5c:54:5b:a5:a4:1c:fd:c1:e3:bf:26:
                    2d:45:4c:2b:e0:81:11:15:86:23:d3:9a:95:cc:ee:
                    4e:5b:1b:83:f5:30:13:5f:c7:f4:6d:4f:23:30:d5:
                    85:41:a6:02:a2:18:ee:9e:ef:46:e4:cc:e4:4e:53:
                    e4:17:79:7a:21:87:54:64:1c:43:3e:70:88:40:a2:
                    3e:b1:bd:72:dd:f2:64:67:9b:ef:83:68:8f:8c:3a:
                    a8:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:EB:62:86:F8:BB:E5:EF:1F:D9:BB:04:71:F8:43:A8:F9:26:EA:52
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Jetihvi75e8f2bsEcfhDqPkm6lI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.255.0/24
                  82.163.10.0/23
                  109.176.14.0/24
                  109.176.30.0/24
                  213.218.248.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1f:b2:5d:aa:89:c2:57:5e:c6:73:b7:fb:85:01:45:28:78:16:
         4f:57:bf:2b:3b:da:74:ec:08:c4:6a:3d:d5:86:7c:6b:c4:fc:
         d3:8a:1a:f3:47:92:5c:57:5f:3b:42:ad:d4:2a:d4:a8:48:b4:
         64:b1:52:75:1c:2e:be:3a:c9:c8:10:58:96:30:e4:60:28:41:
         e5:fa:64:a5:43:14:c0:7e:12:07:f1:84:61:7a:85:9e:99:7a:
         7e:fe:d3:ec:3b:9a:66:4d:d2:60:cc:15:e9:5a:10:3d:d9:97:
         f0:03:55:f9:08:94:19:7f:f8:c4:15:5d:ff:a5:f2:2a:c7:9e:
         46:59:98:3d:a0:5c:b6:ee:1c:d4:24:4a:27:1c:08:e9:06:dd:
         8e:5a:4d:87:70:91:8f:29:83:2b:e1:9c:c9:47:78:f7:35:18:
         00:b6:d0:85:40:21:1e:6f:d4:26:32:41:a1:cb:a8:1d:63:fc:
         81:3c:b6:c6:8b:cf:ab:31:06:3c:83:1e:3d:16:83:13:a5:ba:
         b2:d4:8e:20:d6:17:72:4c:2d:b9:3b:99:11:77:c7:8a:8f:39:
         fc:e7:b3:9e:63:13:0d:32:00:55:7f:e8:cf:7d:91:e2:a2:06:
         0b:8b:d5:a8:93:65:22:2d:c1:9b:15:6c:47:aa:50:4d:a8:f3:
         ed:6d:1c:a7
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY7Wt7NG1W+O9V4y25dpw3qoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNDEzMDkwOTA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWViNjI4NmY4YmJlNWVmMWZkOWJiMDQ3MWY4NDNhOGY5MjZlYTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAocIwV31A3fRT8rRziqKPIXEKUFSo
hSdrTQSyZ4hObY1AU46PxA7h1fmvRbV1+NCo9Yznw13MM4MpuOw5sprtnNzEtpnn
+KUKrcg99EKfGbiFaBRwapiZMG9HuJlsizOx3/pyWW9X3TfqAv93FdzMdgHgUSr1
xHXdfmXWquh/R2z/lndEWl8bjbfATHBXZoLsjXnB4bopbzPwZZXbKbuwN6RUKsMI
BDI1XFRbpaQc/cHjvyYtRUwr4IERFYYj05qVzO5OWxuD9TATX8f0bU8jMNWFQaYC
ohjunu9G5MzkTlPkF3l6IYdUZBxDPnCIQKI+sb1y3fJkZ5vvg2iPjDqo5wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFCXrYob4u+XvH9m7BHH4Q6j5JupSMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvSmV0aWh2aTc1ZThmMmJzRWNmaERxUGttNmxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAUpn/AwQB
UqMKAwQAbbAOAwQAbbAeAwQA1dr4MA0GCSqGSIb3DQEBCwUAA4IBAQAfsl2qicJX
XsZzt/uFAUUoeBZPV78rO9p07AjEaj3VhnxrxPzTihrzR5JcV187Qq3UKtSoSLRk
sVJ1HC6+OsnIEFiWMORgKEHl+mSlQxTAfhIH8YRheoWemXp+/tPsO5pmTdJgzBXp
WhA92ZfwA1X5CJQZf/jEFV3/pfIqx55GWZg9oFy27hzUJEonHAjpBt2OWk2HcJGP
KYMr4ZzJR3j3NRgAttCFQCEeb9QmMkGhy6gdY/yBPLbGi8+rMQY8gx49FoMTpbqy
1I4g1hdyTC25O5kRd8eKjzn857OeYxMNMgBVf+jPfZHiogYLi9Wok2UiLcGbFWxH
qlBNqPPtbRyn
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:15 2024 by rpki-client on console-fra.rpki-client.org