Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/N1ojT1U0150emt08F1nFnr57HaY.roa
File:                     N1ojT1U0150emt08F1nFnr57HaY.roa (raw, json)
Hash identifier:          SqrKb6LpL0yX54lSvMnc7q8lj4qLYTayTrdDR+oKiAA=
Subject key identifier:   37:5A:23:4F:55:34:D7:9D:1E:9A:DD:3C:17:59:C5:9E:BE:7B:1D:A6
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       0189A607FB9A432CD827CEB05FB8828CDC78
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/N1ojT1U0150emt08F1nFnr57HaY.roa
Signing time:             Sun 30 Jul 2023 09:01:28 +0000
ROA not before:           Sun 30 Jul 2023 09:01:28 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     49981
IP address blocks:        82.153.220.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 02 Aug 2023 16:07:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:a6:07:fb:9a:43:2c:d8:27:ce:b0:5f:b8:82:8c:dc:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jul 30 09:01:28 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=375a234f5534d79d1e9add3c1759c59ebe7b1da6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:8c:e9:17:24:9d:cf:a3:9b:26:79:92:3a:5e:
                    14:b5:1c:f3:76:f3:81:fd:fa:3f:8e:ca:b6:eb:b1:
                    69:69:69:b2:85:f2:56:9b:85:dc:4e:07:00:31:20:
                    a2:2c:46:b4:6e:77:aa:47:c8:79:b5:be:59:2d:51:
                    ca:dd:61:ac:d2:48:fb:6b:f0:f8:2b:b5:77:96:ab:
                    df:01:42:1f:40:00:ef:9e:83:7d:fa:81:09:3b:bb:
                    b3:bc:b6:4b:3d:5b:66:64:51:83:23:89:bb:ed:a5:
                    51:95:a6:4f:c5:58:b5:aa:4b:04:84:ee:d3:c2:c8:
                    d2:13:75:9f:59:54:f8:a0:df:a0:68:5f:5a:19:96:
                    20:58:a3:81:7d:c4:0c:86:58:5a:2c:94:8c:a3:b0:
                    4a:e6:25:6e:07:aa:39:87:86:d8:13:53:e8:97:45:
                    da:49:dd:c5:bd:da:56:06:16:04:85:97:fe:90:a8:
                    76:43:9d:b3:af:bf:2e:68:0d:ff:78:e5:83:90:57:
                    69:0d:40:9f:55:a5:1a:7b:c4:fe:2b:7f:7f:e7:69:
                    8b:7c:00:4d:06:d6:58:4b:d5:14:ad:e6:4d:8d:a4:
                    77:ba:e3:4e:8b:02:de:08:df:c5:8b:f3:a7:ec:43:
                    80:43:98:24:3c:d1:5a:77:be:91:1e:7b:3d:a3:20:
                    53:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:5A:23:4F:55:34:D7:9D:1E:9A:DD:3C:17:59:C5:9E:BE:7B:1D:A6
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/N1ojT1U0150emt08F1nFnr57HaY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.220.0/24

    Signature Algorithm: sha256WithRSAEncryption
         75:f5:c5:2b:e9:d2:25:6f:64:22:a5:30:24:48:44:e7:81:f5:
         10:78:7c:9b:14:86:76:cd:3b:e8:ba:34:e5:86:2c:31:1e:ea:
         46:d4:b6:9c:37:3c:80:59:6a:ec:77:b9:d9:0e:c8:ef:a8:41:
         dc:f1:48:62:96:4d:ec:60:11:f0:35:99:59:95:47:74:e7:57:
         86:8b:d5:7f:75:85:14:cc:2b:e5:b5:33:a7:1a:3a:65:54:8b:
         6d:39:8b:99:b9:50:88:3d:32:20:ef:0c:da:e2:80:26:7e:22:
         e0:4d:38:a3:a1:81:4c:f2:78:b3:5b:90:36:cf:55:1e:fb:d5:
         28:26:2d:9d:41:5d:e7:a4:c5:e3:cb:70:cf:88:db:e1:6e:b9:
         cb:a4:e4:e8:dc:cc:97:15:d1:bb:54:30:95:84:06:32:9e:6e:
         61:dc:a3:59:0f:26:4d:3c:0b:df:54:ca:6b:d1:e6:df:ad:a1:
         bc:05:37:d3:46:1c:91:10:32:f3:7d:99:57:02:7d:81:2a:ac:
         aa:db:70:ba:62:0e:09:69:c6:63:9d:2c:9c:3d:62:e7:a4:20:
         4e:05:e7:b4:b7:ac:d6:2e:8d:08:19:11:75:c5:82:a0:e7:e2:
         ac:9e:9f:ea:43:e9:e2:d7:cd:99:43:f3:8b:50:de:33:30:5d:
         70:9a:de:e5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYmmB/uaQyzYJ86wX7iCjNx4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNzMwMDkwMTI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzVhMjM0ZjU1MzRkNzlkMWU5YWRkM2MxNzU5YzU5ZWJlN2IxZGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkYzpFySdz6ObJnmSOl4UtRzzdvOB
/fo/jsq267FpaWmyhfJWm4XcTgcAMSCiLEa0bneqR8h5tb5ZLVHK3WGs0kj7a/D4
K7V3lqvfAUIfQADvnoN9+oEJO7uzvLZLPVtmZFGDI4m77aVRlaZPxVi1qksEhO7T
wsjSE3WfWVT4oN+gaF9aGZYgWKOBfcQMhlhaLJSMo7BK5iVuB6o5h4bYE1Pol0Xa
Sd3FvdpWBhYEhZf+kKh2Q52zr78uaA3/eOWDkFdpDUCfVaUae8T+K39/52mLfABN
BtZYS9UUreZNjaR3uuNOiwLeCN/Fi/On7EOAQ5gkPNFad76RHns9oyBTCQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDdaI09VNNedHprdPBdZxZ6+ex2mMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvTjFvalQxVTAxNTBlbXQwOEYxbkZucjU3SGFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpncMA0G
CSqGSIb3DQEBCwUAA4IBAQB19cUr6dIlb2QipTAkSETngfUQeHybFIZ2zTvoujTl
hiwxHupG1LacNzyAWWrsd7nZDsjvqEHc8Uhilk3sYBHwNZlZlUd051eGi9V/dYUU
zCvltTOnGjplVIttOYuZuVCIPTIg7wza4oAmfiLgTTijoYFM8nizW5A2z1Ue+9Uo
Ji2dQV3npMXjy3DPiNvhbrnLpOTo3MyXFdG7VDCVhAYynm5h3KNZDyZNPAvfVMpr
0ebfraG8BTfTRhyREDLzfZlXAn2BKqyq23C6Yg4JacZjnSycPWLnpCBOBee0t6zW
Lo0IGRF1xYKg5+Ksnp/qQ+ni182ZQ/OLUN4zMF1wmt7l
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:15 2024 by rpki-client on console-fra.rpki-client.org