Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/OCkpdTFaSYrReN7YgZ9vDEMlLgc.roa
File:                     OCkpdTFaSYrReN7YgZ9vDEMlLgc.roa (raw, json)
Hash identifier:          gLBM4kR+f6XNb42gZ+RcO3v+BrzyMDb22rOpolgsvAk=
Subject key identifier:   38:29:29:75:31:5A:49:8A:D1:78:DE:D8:81:9F:6F:0C:43:25:2E:07
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018C8123A701846CBFFD6DB4B4E27F747EE1
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/OCkpdTFaSYrReN7YgZ9vDEMlLgc.roa
Signing time:             Tue 19 Dec 2023 08:14:06 +0000
ROA not before:           Tue 19 Dec 2023 08:14:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     20473
IP address blocks:        89.213.176.0/24 maxlen: 24
                          81.5.189.0/24 maxlen: 24
                          82.153.65.0/24 maxlen: 24
                          89.213.152.0/24 maxlen: 24
                          82.152.49.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 19 Dec 2023 12:20:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:81:23:a7:01:84:6c:bf:fd:6d:b4:b4:e2:7f:74:7e:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Dec 19 08:14:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=38292975315a498ad178ded8819f6f0c43252e07
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:5e:03:ea:9f:e9:13:0c:97:c3:9c:16:2c:54:
                    5a:1b:c1:be:ff:2e:67:4c:59:98:ad:7d:93:94:29:
                    5b:fb:96:ac:4b:d7:7f:96:0a:02:49:85:c0:87:be:
                    79:d2:52:49:d6:ef:3f:bc:fe:75:87:94:d1:61:a2:
                    3e:a4:fa:9f:ac:23:22:23:07:5a:f7:d9:32:bd:cb:
                    31:6c:e6:cc:68:c2:da:ec:5b:a8:8b:74:bb:b6:f0:
                    0d:42:46:10:e4:ee:d8:d0:d4:5d:a7:32:90:61:8c:
                    2e:ec:01:7d:dc:aa:b4:b5:b5:07:c2:bb:0f:04:03:
                    f2:4f:c8:98:00:ff:8f:3d:d0:1e:ea:2a:5c:ea:9c:
                    0f:ba:bc:ae:17:3f:36:a0:77:45:92:2d:d9:3d:58:
                    75:48:e6:b6:92:15:03:8c:03:50:e1:c9:1f:88:8a:
                    c0:34:51:8a:f6:52:82:8c:02:5f:18:51:a6:56:d0:
                    07:56:69:1f:39:ac:42:24:6b:41:ae:e3:c2:26:01:
                    75:42:19:9f:76:6d:bc:72:8a:ed:bb:a3:a0:08:b0:
                    1f:62:06:01:c9:fe:a2:26:f0:c1:f7:74:31:c6:c2:
                    56:53:7d:dc:f2:c1:8a:0b:46:eb:0c:e6:e6:39:4b:
                    2a:bd:3d:4a:b2:67:29:1c:0c:c1:80:b3:96:7d:a8:
                    61:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:29:29:75:31:5A:49:8A:D1:78:DE:D8:81:9F:6F:0C:43:25:2E:07
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/OCkpdTFaSYrReN7YgZ9vDEMlLgc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.5.189.0/24
                  82.152.49.0/24
                  82.153.65.0/24
                  89.213.152.0/24
                  89.213.176.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a9:2d:68:af:8a:fc:cf:15:2f:df:37:9c:75:6a:a5:b1:6a:54:
         57:62:de:c9:45:24:ff:b9:79:5b:31:75:7f:23:58:2e:49:cc:
         8e:3c:8c:3a:4d:2b:6a:d4:37:60:b7:f6:e1:68:3e:fb:c9:04:
         e3:bd:08:71:35:ed:ac:57:39:a5:f7:ae:dc:53:9e:cb:de:69:
         b9:88:d6:60:f5:8e:41:38:f1:68:14:4f:08:9e:b4:c1:4d:9e:
         95:07:e2:46:75:40:e2:01:9c:1f:02:58:31:ba:9e:a1:f4:d9:
         7c:d1:5b:fa:84:5c:de:2e:6a:22:20:d5:b3:90:0a:19:e9:17:
         33:e9:25:ea:f0:b7:ad:c3:2b:78:bd:93:ea:ce:48:39:92:36:
         39:9e:d8:a7:e1:1c:62:b1:bf:88:b7:fc:cc:0d:63:54:41:4a:
         53:4c:b7:71:94:9c:77:16:e5:43:56:e8:f9:c3:34:56:17:1a:
         e7:7f:12:50:d2:fa:c3:b4:fa:65:6f:85:bc:dd:bb:09:b2:65:
         36:7d:87:2e:2c:d9:12:b3:0a:9c:f9:c3:d5:4d:bc:19:ac:28:
         3d:3c:e7:83:e6:dc:f2:27:45:13:ed:3a:b8:64:74:53:f2:91:
         01:8f:fe:9d:9b:a3:5c:f3:38:c0:c3:ab:45:9e:9c:12:b8:18:
         d2:d2:4d:36
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYyBI6cBhGy//W20tOJ/dH7hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMxMjE5MDgxNDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODI5Mjk3NTMxNWE0OThhZDE3OGRlZDg4MTlmNmYwYzQzMjUyZTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmF4D6p/pEwyXw5wWLFRaG8G+/y5n
TFmYrX2TlClb+5asS9d/lgoCSYXAh7550lJJ1u8/vP51h5TRYaI+pPqfrCMiIwda
99kyvcsxbObMaMLa7Fuoi3S7tvANQkYQ5O7Y0NRdpzKQYYwu7AF93Kq0tbUHwrsP
BAPyT8iYAP+PPdAe6ipc6pwPuryuFz82oHdFki3ZPVh1SOa2khUDjANQ4ckfiIrA
NFGK9lKCjAJfGFGmVtAHVmkfOaxCJGtBruPCJgF1Qhmfdm28cortu6OgCLAfYgYB
yf6iJvDB93QxxsJWU33c8sGKC0brDObmOUsqvT1KsmcpHAzBgLOWfahhAQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFDgpKXUxWkmK0Xje2IGfbwxDJS4HMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvT0NrcGRURmFTWXJSZU43WWdaOXZERU1sTGdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAUQW9AwQA
UpgxAwQAUplBAwQAWdWYAwQAWdWwMA0GCSqGSIb3DQEBCwUAA4IBAQCpLWivivzP
FS/fN5x1aqWxalRXYt7JRST/uXlbMXV/I1guScyOPIw6TStq1Ddgt/bhaD77yQTj
vQhxNe2sVzml967cU57L3mm5iNZg9Y5BOPFoFE8InrTBTZ6VB+JGdUDiAZwfAlgx
up6h9Nl80Vv6hFzeLmoiINWzkAoZ6Rcz6SXq8Letwyt4vZPqzkg5kjY5ntin4Rxi
sb+It/zMDWNUQUpTTLdxlJx3FuVDVuj5wzRWFxrnfxJQ0vrDtPplb4W83bsJsmU2
fYcuLNkSswqc+cPVTbwZrCg9POeD5tzyJ0UT7Tq4ZHRT8pEBj/6dm6Nc8zjAw6tF
npwSuBjS0k02
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:15 2024 by rpki-client on console-fra.rpki-client.org