Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/NHx9ZjSaComY6UbsJc4_S9rSl70.roa
File:                     NHx9ZjSaComY6UbsJc4_S9rSl70.roa (raw, json)
Hash identifier:          /yQV3xMYQi6dEQbyWd4dtXkLaSmBmgX9TWzd3R10h1w=
Subject key identifier:   34:7C:7D:66:34:9A:0A:89:98:E9:46:EC:25:CE:3F:4B:DA:D2:97:BD
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       0188D317FA34FC05967BEE67AF5B3038E33B
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/NHx9ZjSaComY6UbsJc4_S9rSl70.roa
Signing time:             Mon 19 Jun 2023 09:59:03 +0000
ROA not before:           Mon 19 Jun 2023 09:59:03 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204843
IP address blocks:        82.153.246.0/24 maxlen: 24
                          82.153.242.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 27 Jun 2023 09:16:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:d3:17:fa:34:fc:05:96:7b:ee:67:af:5b:30:38:e3:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jun 19 09:59:03 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=347c7d66349a0a8998e946ec25ce3f4bdad297bd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:c4:98:af:1c:da:6b:de:06:5c:65:4f:6a:8c:
                    fc:ee:e9:e5:2d:17:bc:ab:14:13:50:2d:df:82:6c:
                    ba:e0:b9:4a:b8:d3:c9:33:7f:75:08:02:45:c9:f0:
                    f0:d9:84:6e:b2:ee:af:ae:b9:cb:57:82:1c:6e:94:
                    7c:47:6c:66:8e:64:ae:8f:dd:1d:30:ca:92:fa:85:
                    40:f8:99:02:17:b0:e7:69:87:fd:15:7a:ef:27:f6:
                    a7:c5:88:84:e7:21:bd:b7:6e:34:91:49:e7:29:06:
                    e1:c4:32:66:b1:20:bb:aa:e3:5d:70:78:26:eb:13:
                    e2:fd:41:e7:a1:0b:3c:df:38:c0:ee:ea:ce:c6:c2:
                    a8:bd:e9:b5:84:1a:ea:89:bf:47:4c:d7:6d:90:ae:
                    f2:2c:cc:04:4c:56:67:fa:ff:3d:c0:27:13:e1:b7:
                    f9:ca:93:1a:2c:14:2e:1b:c4:7b:d5:87:05:99:39:
                    94:4a:92:3e:46:ff:1a:37:9c:92:7c:de:22:ac:ed:
                    d3:a5:2b:c9:c0:3a:82:41:81:ec:3b:53:f8:79:c0:
                    2a:a4:f7:d0:8c:d6:a4:c0:21:2f:07:6b:05:50:f7:
                    16:ef:c6:29:0a:47:47:6b:04:fa:65:df:16:ff:b5:
                    94:b6:76:42:98:fe:39:55:92:6d:74:f0:ae:08:8f:
                    93:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:7C:7D:66:34:9A:0A:89:98:E9:46:EC:25:CE:3F:4B:DA:D2:97:BD
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/NHx9ZjSaComY6UbsJc4_S9rSl70.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.242.0/24
                  82.153.246.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6a:25:90:79:f9:09:3f:86:0c:49:dc:96:fb:6b:2d:35:28:9d:
         a4:9f:01:82:c4:cc:24:33:33:c7:05:4f:d4:c0:2b:02:f5:c6:
         b9:14:88:52:64:2f:a4:f1:4f:53:30:5d:3c:90:89:29:44:0d:
         bd:47:0e:24:d6:24:66:68:29:8d:e9:a0:1f:2f:ec:52:a4:80:
         09:48:4a:08:e8:83:7f:b6:f7:0d:13:32:5c:c1:3f:cc:f8:88:
         45:e1:68:67:3a:69:45:98:e2:8a:a8:62:b1:78:c5:0a:6d:e5:
         c6:01:5a:3e:35:54:b0:90:74:97:05:1d:69:ba:a4:36:44:cc:
         3e:bb:09:f1:17:29:72:55:ca:a9:5a:ed:93:8b:7c:b3:14:29:
         21:b7:fe:ab:94:16:31:35:37:f0:e9:21:3f:46:a7:66:f5:8d:
         38:29:33:c8:2a:62:8b:4d:4b:07:48:99:0e:a8:fe:9c:3c:eb:
         f0:ca:c5:d9:e9:29:92:9c:0c:46:eb:94:5d:5c:ea:95:55:f1:
         da:ef:17:7b:e6:0a:73:43:b6:50:0c:34:44:e6:1c:6d:24:60:
         37:37:bc:f5:48:eb:35:3e:df:e7:1f:6f:15:57:4d:5e:40:10:
         01:c7:c5:aa:4a:c6:98:ce:e7:73:4c:82:68:83:fd:f9:61:b3:
         01:5f:54:71
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYjTF/o0/AWWe+5nr1swOOM7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNjE5MDk1OTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDdjN2Q2NjM0OWEwYTg5OThlOTQ2ZWMyNWNlM2Y0YmRhZDI5N2JkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo8SYrxzaa94GXGVPaoz87unlLRe8
qxQTUC3fgmy64LlKuNPJM391CAJFyfDw2YRusu6vrrnLV4IcbpR8R2xmjmSuj90d
MMqS+oVA+JkCF7DnaYf9FXrvJ/anxYiE5yG9t240kUnnKQbhxDJmsSC7quNdcHgm
6xPi/UHnoQs83zjA7urOxsKovem1hBrqib9HTNdtkK7yLMwETFZn+v89wCcT4bf5
ypMaLBQuG8R71YcFmTmUSpI+Rv8aN5ySfN4irO3TpSvJwDqCQYHsO1P4ecAqpPfQ
jNakwCEvB2sFUPcW78YpCkdHawT6Zd8W/7WUtnZCmP45VZJtdPCuCI+TkQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDR8fWY0mgqJmOlG7CXOP0va0pe9MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvTkh4OVpqU2FDb21ZNlVic0pjNF9TOXJTbDcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUpnyAwQA
Upn2MA0GCSqGSIb3DQEBCwUAA4IBAQBqJZB5+Qk/hgxJ3Jb7ay01KJ2knwGCxMwk
MzPHBU/UwCsC9ca5FIhSZC+k8U9TMF08kIkpRA29Rw4k1iRmaCmN6aAfL+xSpIAJ
SEoI6IN/tvcNEzJcwT/M+IhF4WhnOmlFmOKKqGKxeMUKbeXGAVo+NVSwkHSXBR1p
uqQ2RMw+uwnxFylyVcqpWu2Ti3yzFCkht/6rlBYxNTfw6SE/Rqdm9Y04KTPIKmKL
TUsHSJkOqP6cPOvwysXZ6SmSnAxG65RdXOqVVfHa7xd75gpzQ7ZQDDRE5hxtJGA3
N7z1SOs1Pt/nH28VV01eQBABx8WqSsaYzudzTIJog/35YbMBX1Rx
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:15 2024 by rpki-client on console-fra.rpki-client.org