Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/LdlCx994yFcY-pwviE_I1DXpZNM.roa
File:                     LdlCx994yFcY-pwviE_I1DXpZNM.roa (raw, json)
Hash identifier:          wsNBasBtVNH4d/oFHpxDrlivYOj0uWqzOHBMjJDm6Es=
Subject key identifier:   2D:D9:42:C7:DF:78:C8:57:18:FA:9C:2F:88:4F:C8:D4:35:E9:64:D3
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       01877EEB978750829E257580A0FBF9DB49F8
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/LdlCx994yFcY-pwviE_I1DXpZNM.roa
Signing time:             Fri 14 Apr 2023 08:39:41 +0000
ROA not before:           Fri 14 Apr 2023 08:39:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     60721
IP address blocks:        82.153.208.0/24 maxlen: 24
                          82.153.211.0/24 maxlen: 24
                          82.152.252.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 09 May 2023 08:25:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:7e:eb:97:87:50:82:9e:25:75:80:a0:fb:f9:db:49:f8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Apr 14 08:39:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2dd942c7df78c85718fa9c2f884fc8d435e964d3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:66:a8:36:ae:e4:d0:06:0b:83:a0:dc:20:26:
                    f8:80:22:72:0f:f3:e6:90:7c:d8:02:a5:be:5f:85:
                    2a:e6:b5:65:95:53:3b:68:e3:42:54:d1:8e:73:3b:
                    03:ff:66:5f:30:92:e2:1a:41:95:38:f2:76:86:32:
                    53:7f:be:a5:1d:9a:e7:61:df:98:7e:a8:96:34:0e:
                    48:58:f9:21:df:59:97:e2:5f:cb:5f:39:dd:15:7c:
                    d5:15:f7:ee:17:6b:26:21:e1:ff:ee:6b:c9:91:81:
                    40:86:d4:ba:a5:98:32:1b:35:66:6c:e0:f2:05:18:
                    bc:7b:7c:62:12:cd:e0:4d:0c:37:ad:d3:73:24:35:
                    9d:40:35:6a:c2:31:d0:53:8f:d5:c3:f7:2c:6c:78:
                    5d:d6:3b:9f:bf:fb:d7:78:54:b2:21:40:cb:36:90:
                    bd:be:04:a5:0e:8f:f7:f4:b4:6a:e2:4f:84:1a:f4:
                    e1:6d:2e:22:23:d0:c8:83:0a:c2:55:75:1b:77:9d:
                    3e:39:f6:6a:ba:54:81:58:f5:d9:f8:5d:72:84:b7:
                    5e:56:a4:3f:e6:d3:22:2e:f6:b9:cf:1d:69:1b:50:
                    af:40:d4:b4:38:75:18:2f:79:ab:e8:f5:73:92:9f:
                    d5:33:a7:eb:4b:d4:cd:e8:31:bb:95:a5:83:ea:c3:
                    0e:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:D9:42:C7:DF:78:C8:57:18:FA:9C:2F:88:4F:C8:D4:35:E9:64:D3
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/LdlCx994yFcY-pwviE_I1DXpZNM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.152.252.0/24
                  82.153.208.0/24
                  82.153.211.0/24

    Signature Algorithm: sha256WithRSAEncryption
         76:3c:d7:b4:09:4b:56:df:08:e3:26:16:e1:6d:d6:18:f0:9c:
         78:b7:ad:1a:c9:d1:8c:91:b1:0e:da:c7:37:7e:87:a8:cb:c0:
         ee:f3:b4:d6:23:aa:73:e4:0a:ae:39:37:7d:6f:9c:7d:b5:57:
         b6:f5:68:86:1e:94:2d:dc:80:06:1a:d8:11:29:9f:41:51:9a:
         80:97:b1:d2:f6:2d:12:e4:b7:0e:55:40:11:5e:9f:ef:fa:76:
         0e:a1:72:bd:da:ec:fc:8c:e4:ee:b1:ea:ee:f8:41:6f:e7:8b:
         c5:1e:1a:02:a8:69:b6:0f:a6:a3:96:19:79:c7:69:4a:79:5a:
         af:b4:ae:19:ff:7c:e0:f1:70:69:7b:a0:88:75:34:f5:b9:72:
         b2:07:3d:0c:09:59:ce:75:f5:a3:50:87:70:93:91:9e:b5:af:
         ad:8f:76:9b:2a:3a:9b:bb:8d:93:3b:3e:f4:8d:52:5d:c6:eb:
         9e:6f:e3:37:7e:72:d3:a9:80:c4:a6:7a:38:d5:7e:09:fb:22:
         93:1b:18:21:1c:2f:69:44:a0:4e:13:00:24:21:b8:4c:cf:17:
         fe:26:28:f8:ce:7a:5e:d5:4a:2b:70:19:68:f8:3d:df:dd:55:
         c9:2f:70:9b:fd:28:ab:b4:4a:41:68:14:23:3c:8c:f7:7a:8a:
         27:ca:00:02
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYd+65eHUIKeJXWAoPv520n4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNDE0MDgzOTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGQ5NDJjN2RmNzhjODU3MThmYTljMmY4ODRmYzhkNDM1ZTk2NGQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl2aoNq7k0AYLg6DcICb4gCJyD/Pm
kHzYAqW+X4Uq5rVllVM7aONCVNGOczsD/2ZfMJLiGkGVOPJ2hjJTf76lHZrnYd+Y
fqiWNA5IWPkh31mX4l/LXzndFXzVFffuF2smIeH/7mvJkYFAhtS6pZgyGzVmbODy
BRi8e3xiEs3gTQw3rdNzJDWdQDVqwjHQU4/Vw/csbHhd1jufv/vXeFSyIUDLNpC9
vgSlDo/39LRq4k+EGvThbS4iI9DIgwrCVXUbd50+OfZqulSBWPXZ+F1yhLdeVqQ/
5tMiLva5zx1pG1CvQNS0OHUYL3mr6PVzkp/VM6frS9TN6DG7laWD6sMO3QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFC3ZQsffeMhXGPqcL4hPyNQ16WTTMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvTGRsQ3g5OTR5RmNZLXB3dmlFX0kxRFhwWk5NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUpj8AwQA
UpnQAwQAUpnTMA0GCSqGSIb3DQEBCwUAA4IBAQB2PNe0CUtW3wjjJhbhbdYY8Jx4
t60aydGMkbEO2sc3foeoy8Du87TWI6pz5AquOTd9b5x9tVe29WiGHpQt3IAGGtgR
KZ9BUZqAl7HS9i0S5LcOVUARXp/v+nYOoXK92uz8jOTuseru+EFv54vFHhoCqGm2
D6ajlhl5x2lKeVqvtK4Z/3zg8XBpe6CIdTT1uXKyBz0MCVnOdfWjUIdwk5Geta+t
j3abKjqbu42TOz70jVJdxuueb+M3fnLTqYDEpno41X4J+yKTGxghHC9pRKBOEwAk
IbhMzxf+Jij4znpe1UorcBlo+D3f3VXJL3Cb/SirtEpBaBQjPIz3eoonygAC
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:15 2024 by rpki-client on console-fra.rpki-client.org