Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/LyxL_VC7iJfMw_d2vM82EeUK2JQ.roa
File:                     LyxL_VC7iJfMw_d2vM82EeUK2JQ.roa (raw, json)
Hash identifier:          Lg4Ui3o/n/2ef9CeEKblroAhG6ClAWpZU5JB2SL1G1g=
Subject key identifier:   2F:2C:4B:FD:50:BB:88:97:CC:C3:F7:76:BC:CF:36:11:E5:0A:D8:94
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018C7C41F47BB57D031E0ABCC0854DB03D82
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/LyxL_VC7iJfMw_d2vM82EeUK2JQ.roa
Signing time:             Mon 18 Dec 2023 09:29:06 +0000
ROA not before:           Mon 18 Dec 2023 09:29:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     25369
IP address blocks:        109.176.208.0/24 maxlen: 24
                          89.213.145.0/24 maxlen: 24
                          89.213.43.0/24 maxlen: 24
                          89.213.146.0/24 maxlen: 24
                          82.153.225.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:30:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:7c:41:f4:7b:b5:7d:03:1e:0a:bc:c0:85:4d:b0:3d:82
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Dec 18 09:29:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2f2c4bfd50bb8897ccc3f776bccf3611e50ad894
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:85:db:ec:8f:db:fd:6e:c8:5a:40:52:83:5c:
                    90:ba:76:1b:4d:65:4f:9c:b5:7e:5d:45:e8:c6:e2:
                    7b:14:7d:4f:0b:ed:e7:26:04:e1:a4:c6:ea:81:7c:
                    8f:1d:75:d3:df:88:6e:74:cd:cd:76:d4:87:af:ec:
                    ed:2f:db:79:ba:6a:3e:1b:ca:6b:fc:f5:aa:72:0b:
                    81:87:06:f4:be:3d:ff:4e:cf:30:9a:8a:4d:98:43:
                    98:f6:b4:91:5c:7b:30:9b:c3:02:ca:9c:3a:67:82:
                    37:cb:2c:bc:8f:04:3e:29:a4:15:fd:f7:e0:1f:c2:
                    f9:37:87:db:fc:5d:28:64:ab:91:80:e7:46:07:33:
                    c2:31:32:3c:67:8a:c7:6c:67:34:c3:80:8c:95:74:
                    34:32:15:f0:92:c9:b5:bd:1b:47:ab:d8:26:b3:d6:
                    a7:10:56:ef:4f:38:a9:e2:6f:6d:99:2f:73:ad:9b:
                    21:1f:5c:7c:24:5f:b7:5c:53:ac:62:b4:0b:f5:f1:
                    73:2d:4d:6e:79:b0:54:58:ed:70:88:45:27:2a:d1:
                    d2:9e:6e:c1:77:bf:d6:02:ee:a5:79:c8:a6:ac:72:
                    83:e3:22:4b:8d:87:a1:a6:54:d8:44:64:69:33:37:
                    62:77:27:57:c6:d5:da:15:22:aa:0f:6e:3c:e7:c2:
                    34:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:2C:4B:FD:50:BB:88:97:CC:C3:F7:76:BC:CF:36:11:E5:0A:D8:94
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/LyxL_VC7iJfMw_d2vM82EeUK2JQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.225.0/24
                  89.213.43.0/24
                  89.213.145.0-89.213.146.255
                  109.176.208.0/24

    Signature Algorithm: sha256WithRSAEncryption
         39:69:71:91:49:1e:b8:5c:eb:9a:78:bf:cc:00:88:b5:83:57:
         48:c3:7c:3c:2a:cd:ad:8e:a8:da:1c:ef:66:91:b0:0d:cb:d9:
         f5:58:cd:8f:54:6a:29:28:92:a0:4b:83:74:27:e0:3d:67:23:
         a9:93:a5:00:67:1b:ae:db:81:93:ec:ab:9b:fe:6c:a8:78:77:
         1b:89:54:a9:93:14:21:73:fc:5d:46:ef:3b:f7:4e:ec:5a:b9:
         2c:af:54:6f:28:54:43:4f:b8:5a:68:2c:17:41:43:8d:a3:75:
         51:c6:ec:77:6b:ec:81:17:ea:2e:37:8e:a6:0a:25:36:e5:54:
         57:da:ed:e8:ea:12:a7:cf:e4:69:8b:2b:5a:9f:98:d9:0d:74:
         65:a0:dd:62:f3:b1:51:ea:e0:1a:a1:96:cb:cf:d2:a2:d0:d1:
         73:fc:09:8a:bc:7b:a4:c1:52:40:b5:04:28:f6:c1:cd:05:4e:
         22:7a:38:41:19:ec:12:15:2d:4f:1e:f1:8a:6f:74:d6:5d:34:
         7d:6d:39:c8:c3:24:d2:e3:23:cd:95:2c:11:c2:7f:a9:58:ab:
         84:a5:b4:f1:97:66:76:9f:8a:c6:f6:25:36:27:ab:a8:81:6d:
         f8:89:4e:ad:8c:32:4b:37:f0:7b:3d:a6:e5:14:fa:f2:01:c5:
         b0:41:fc:6c
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYx8QfR7tX0DHgq8wIVNsD2CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMxMjE4MDkyOTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjJjNGJmZDUwYmI4ODk3Y2NjM2Y3NzZiY2NmMzYxMWU1MGFkODk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvYXb7I/b/W7IWkBSg1yQunYbTWVP
nLV+XUXoxuJ7FH1PC+3nJgThpMbqgXyPHXXT34hudM3NdtSHr+ztL9t5umo+G8pr
/PWqcguBhwb0vj3/Ts8wmopNmEOY9rSRXHswm8MCypw6Z4I3yyy8jwQ+KaQV/ffg
H8L5N4fb/F0oZKuRgOdGBzPCMTI8Z4rHbGc0w4CMlXQ0MhXwksm1vRtHq9gms9an
EFbvTzip4m9tmS9zrZshH1x8JF+3XFOsYrQL9fFzLU1uebBUWO1wiEUnKtHSnm7B
d7/WAu6lecimrHKD4yJLjYehplTYRGRpMzdidydXxtXaFSKqD24858I0NwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFC8sS/1Qu4iXzMP3drzPNhHlCtiUMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvTHl4TF9WQzdpSmZNd19kMnZNODJFZVVLMkpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAUpnhAwQA
WdUrMAwDBABZ1ZEDBABZ1ZIDBABtsNAwDQYJKoZIhvcNAQELBQADggEBADlpcZFJ
Hrhc65p4v8wAiLWDV0jDfDwqza2OqNoc72aRsA3L2fVYzY9UaikokqBLg3Qn4D1n
I6mTpQBnG67bgZPsq5v+bKh4dxuJVKmTFCFz/F1G7zv3TuxauSyvVG8oVENPuFpo
LBdBQ42jdVHG7Hdr7IEX6i43jqYKJTblVFfa7ejqEqfP5GmLK1qfmNkNdGWg3WLz
sVHq4BqhlsvP0qLQ0XP8CYq8e6TBUkC1BCj2wc0FTiJ6OEEZ7BIVLU8e8YpvdNZd
NH1tOcjDJNLjI82VLBHCf6lYq4SltPGXZnafisb2JTYnq6iBbfiJTq2MMks38Hs9
puUU+vIBxbBB/Gw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:15 2024 by rpki-client on console-fra.rpki-client.org