Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/KiMeVgKEe6GDaeOWOkZX6PSwShg.roa
File:                     KiMeVgKEe6GDaeOWOkZX6PSwShg.roa (raw, json)
Hash identifier:          pKSPjmPIYjcYYfDJDIMnAzjfalIWNhh1zNyyMx/NZMg=
Subject key identifier:   2A:23:1E:56:02:84:7B:A1:83:69:E3:96:3A:46:57:E8:F4:B0:4A:18
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       01865489F5BE5F93B5F473DAB90B29DDC242
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/KiMeVgKEe6GDaeOWOkZX6PSwShg.roa
Signing time:             Wed 15 Feb 2023 10:06:12 +0000
ROA not before:           Wed 15 Feb 2023 10:06:12 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211439
IP address blocks:        82.153.249.0/24 maxlen: 24
                          82.152.250.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 14 Sep 2023 07:36:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:54:89:f5:be:5f:93:b5:f4:73:da:b9:0b:29:dd:c2:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Feb 15 10:06:12 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2a231e5602847ba18369e3963a4657e8f4b04a18
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:7a:9c:d8:0e:9c:0b:4e:51:60:39:73:cd:26:
                    96:0b:df:98:c7:60:d4:69:05:99:c6:62:65:b6:9c:
                    35:43:51:5c:ff:68:9b:74:11:f4:d4:63:63:6a:d0:
                    58:4d:f4:4d:c2:bd:96:35:2a:a9:f3:7b:97:77:e2:
                    7e:5a:36:69:b0:06:ff:a4:b2:27:0e:a8:0f:11:f7:
                    2f:f2:00:ea:7d:06:f7:b1:04:08:01:d6:0c:9c:d4:
                    a7:28:eb:a4:25:38:69:b2:0c:7b:b3:87:5a:5d:e8:
                    ea:a9:6e:7e:20:f6:3b:e2:a1:69:28:10:52:90:2b:
                    a5:6e:a6:0d:c0:9f:16:30:f5:2f:28:49:4f:3e:6a:
                    70:eb:fc:90:44:59:00:8f:e0:0c:5e:62:08:78:f5:
                    59:43:37:13:b9:95:68:df:11:8a:90:c6:a4:fb:4b:
                    3d:2b:76:91:45:47:84:63:41:4d:b8:d1:66:df:6f:
                    28:e8:83:c1:b4:ef:ad:21:c9:bf:cb:d3:bb:59:bb:
                    ea:f0:bd:21:fd:7d:97:ab:77:e6:38:2b:32:04:34:
                    49:da:79:26:a8:d8:b5:17:99:27:6a:96:58:49:88:
                    6b:e6:03:c7:71:3f:37:6d:2f:ac:c5:97:3a:9e:d0:
                    b4:6d:7c:38:0f:6a:9b:df:26:c4:da:ce:9b:cd:4c:
                    cd:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:23:1E:56:02:84:7B:A1:83:69:E3:96:3A:46:57:E8:F4:B0:4A:18
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/KiMeVgKEe6GDaeOWOkZX6PSwShg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.152.250.0/24
                  82.153.249.0/24

    Signature Algorithm: sha256WithRSAEncryption
         02:0e:83:f6:28:55:6d:5c:3a:5b:39:45:73:5d:ff:0f:49:71:
         37:9f:33:12:41:60:21:2a:3c:f2:73:9b:a2:b3:d1:00:96:d6:
         ef:96:52:fb:2d:70:96:9a:ac:54:cb:e0:23:aa:b9:c5:04:db:
         f6:b9:9d:5b:a8:43:09:e7:e8:5a:7e:98:de:b9:8f:6d:ce:db:
         3b:48:c1:16:1a:5c:eb:57:6d:c2:e3:6a:00:64:34:55:a9:cc:
         a6:2f:30:7e:23:72:cb:08:e3:b2:fa:d4:5f:ac:3c:6c:e0:a4:
         1f:82:55:05:e6:fe:84:8d:8c:5b:b6:27:00:24:25:51:1a:d7:
         eb:93:b6:e7:b5:f3:d0:9b:b3:7d:56:b4:1e:aa:de:12:ac:de:
         6e:08:06:50:33:6f:07:f5:08:7e:3f:88:1e:07:4e:85:5d:3f:
         db:c4:4d:7c:b8:d8:63:84:b5:c2:9e:96:3c:12:f1:59:b8:f8:
         78:48:97:10:5d:c4:40:6e:d3:cb:bf:b4:0b:00:6e:f2:1a:39:
         94:6e:28:d0:e2:fa:18:4d:f2:09:91:36:bd:56:c5:4a:95:c6:
         07:8e:7b:e3:6b:a8:1f:9b:03:5b:d2:ff:0a:39:a7:57:a2:83:
         71:6c:f9:7d:9e:5b:1b:3e:bc:f8:75:70:54:fa:48:e8:e4:4b:
         66:d9:8d:76
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYZUifW+X5O19HPauQsp3cJCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwMjE1MTAwNjEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTIzMWU1NjAyODQ3YmExODM2OWUzOTYzYTQ2NTdlOGY0YjA0YTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl3qc2A6cC05RYDlzzSaWC9+Yx2DU
aQWZxmJltpw1Q1Fc/2ibdBH01GNjatBYTfRNwr2WNSqp83uXd+J+WjZpsAb/pLIn
DqgPEfcv8gDqfQb3sQQIAdYMnNSnKOukJThpsgx7s4daXejqqW5+IPY74qFpKBBS
kCulbqYNwJ8WMPUvKElPPmpw6/yQRFkAj+AMXmIIePVZQzcTuZVo3xGKkMak+0s9
K3aRRUeEY0FNuNFm328o6IPBtO+tIcm/y9O7Wbvq8L0h/X2Xq3fmOCsyBDRJ2nkm
qNi1F5knapZYSYhr5gPHcT83bS+sxZc6ntC0bXw4D2qb3ybE2s6bzUzNCwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCojHlYChHuhg2njljpGV+j0sEoYMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvS2lNZVZnS0VlNkdEYWVPV09rWlg2UFN3U2hnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUpj6AwQA
Upn5MA0GCSqGSIb3DQEBCwUAA4IBAQACDoP2KFVtXDpbOUVzXf8PSXE3nzMSQWAh
Kjzyc5uis9EAltbvllL7LXCWmqxUy+AjqrnFBNv2uZ1bqEMJ5+hafpjeuY9tzts7
SMEWGlzrV23C42oAZDRVqcymLzB+I3LLCOOy+tRfrDxs4KQfglUF5v6EjYxbticA
JCVRGtfrk7bntfPQm7N9VrQeqt4SrN5uCAZQM28H9Qh+P4geB06FXT/bxE18uNhj
hLXCnpY8EvFZuPh4SJcQXcRAbtPLv7QLAG7yGjmUbijQ4voYTfIJkTa9VsVKlcYH
jnvja6gfmwNb0v8KOadXooNxbPl9nlsbPrz4dXBU+kjo5Etm2Y12
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:22 2024 by rpki-client on console-ams.rpki-client.org