Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/PRGtsVnGSPq4o1ymnDodb2VOZnk.roa
File:                     PRGtsVnGSPq4o1ymnDodb2VOZnk.roa (raw, json)
Hash identifier:          jiDfpXS1nuDDE/+7on1BmsZpsvbw+ahWfBeh5NiYCFw=
Subject key identifier:   3D:11:AD:B1:59:C6:48:FA:B8:A3:5C:A6:9C:3A:1D:6F:65:4E:66:79
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       0186EF531F011021C2A2EF6D457EE532FF94
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/PRGtsVnGSPq4o1ymnDodb2VOZnk.roa
Signing time:             Fri 17 Mar 2023 11:27:27 +0000
ROA not before:           Fri 17 Mar 2023 11:27:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212953
IP address blocks:        82.153.210.0/24 maxlen: 24
                          82.153.222.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 21 Mar 2023 11:42:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:ef:53:1f:01:10:21:c2:a2:ef:6d:45:7e:e5:32:ff:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Mar 17 11:27:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3d11adb159c648fab8a35ca69c3a1d6f654e6679
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:87:70:61:6b:01:53:95:1f:f8:d4:b9:82:f1:
                    92:94:df:1b:1f:cf:ee:00:2c:b8:c0:8c:bb:45:6f:
                    c7:59:7c:f1:e2:6c:92:94:01:1f:05:49:f1:0e:aa:
                    7f:56:2b:f3:70:84:57:29:e7:c7:b7:a2:6d:8e:f5:
                    83:ce:dd:54:0a:69:6b:60:03:3d:49:4b:a6:a8:be:
                    bb:0f:40:43:eb:ea:dd:5b:20:1e:48:8a:f1:39:29:
                    8f:19:3a:83:36:0f:db:ce:da:04:42:68:ac:49:6f:
                    c0:8a:97:42:99:f3:98:6d:2b:3f:1e:ab:70:33:84:
                    3f:ca:71:03:95:62:de:1f:cf:96:d8:81:d4:1d:5c:
                    c2:d1:0c:95:7a:86:2f:90:fe:8a:fd:fa:ac:8e:9f:
                    05:d2:39:02:47:c9:de:29:89:58:09:ab:cf:b5:06:
                    bf:1e:0f:98:b3:66:a1:a1:c6:f8:5e:41:f9:34:47:
                    48:b4:96:ea:c5:93:31:f4:00:27:75:64:b3:ce:47:
                    30:6a:03:63:c0:bc:37:c7:17:2a:10:7a:88:f2:4b:
                    c4:7d:99:67:e3:d1:f4:31:6d:fb:fb:c9:7b:61:f0:
                    a4:00:e0:0f:ab:81:2f:60:60:3b:0d:d7:03:b3:fb:
                    ae:4a:bf:29:8d:f1:bf:18:33:11:4e:e0:f8:80:41:
                    16:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:11:AD:B1:59:C6:48:FA:B8:A3:5C:A6:9C:3A:1D:6F:65:4E:66:79
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/PRGtsVnGSPq4o1ymnDodb2VOZnk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.210.0/24
                  82.153.222.0/24

    Signature Algorithm: sha256WithRSAEncryption
         07:fc:26:f9:34:5c:2a:94:6e:5b:80:ca:c1:d7:6d:df:70:11:
         04:1b:20:e5:e7:f2:10:37:a9:cd:07:51:a0:be:ff:60:86:a5:
         38:0f:3d:1c:fc:e7:8d:2b:b5:20:bb:91:81:d6:a2:6e:6c:e9:
         af:b6:d6:b7:8d:77:2d:f8:74:22:e0:8c:72:77:31:17:8c:cf:
         12:fd:bc:d0:f7:2c:4e:9b:3e:ab:b6:40:03:13:36:85:e9:7b:
         d8:f6:80:ef:4f:18:1c:5f:aa:79:8a:36:39:f5:0e:09:cd:2d:
         9f:d0:af:de:8b:c3:68:fe:43:93:70:26:68:e7:4b:ab:a3:7a:
         af:d9:3b:38:16:80:5a:7a:f2:7d:8f:3d:80:50:db:59:32:33:
         53:c5:df:ef:47:e6:9a:8f:83:61:90:ef:49:85:9c:77:cd:3f:
         c0:73:c6:96:b0:16:f1:94:d0:98:60:7f:fb:28:c5:d3:4c:07:
         21:67:e5:1c:89:af:5b:1e:12:bd:32:5e:e5:50:6b:0e:4b:a3:
         51:29:dc:3f:38:50:e8:f6:9d:a7:88:b1:5d:4f:de:67:04:39:
         e1:01:6f:a3:13:9e:8b:1c:ce:7a:dd:4d:df:12:e1:42:b6:66:
         04:22:86:78:d5:76:ac:60:b5:bd:30:98:9e:25:c0:fb:2b:a9:
         96:0e:b0:bd
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYbvUx8BECHCou9tRX7lMv+UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwMzE3MTEyNzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDExYWRiMTU5YzY0OGZhYjhhMzVjYTY5YzNhMWQ2ZjY1NGU2Njc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs4dwYWsBU5Uf+NS5gvGSlN8bH8/u
ACy4wIy7RW/HWXzx4mySlAEfBUnxDqp/VivzcIRXKefHt6JtjvWDzt1UCmlrYAM9
SUumqL67D0BD6+rdWyAeSIrxOSmPGTqDNg/bztoEQmisSW/AipdCmfOYbSs/Hqtw
M4Q/ynEDlWLeH8+W2IHUHVzC0QyVeoYvkP6K/fqsjp8F0jkCR8neKYlYCavPtQa/
Hg+Ys2ahocb4XkH5NEdItJbqxZMx9AAndWSzzkcwagNjwLw3xxcqEHqI8kvEfZln
49H0MW37+8l7YfCkAOAPq4EvYGA7DdcDs/uuSr8pjfG/GDMRTuD4gEEWFwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFD0RrbFZxkj6uKNcppw6HW9lTmZ5MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvUFJHdHNWbkdTUHE0bzF5bW5Eb2RiMlZPWm5rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUpnSAwQA
UpneMA0GCSqGSIb3DQEBCwUAA4IBAQAH/Cb5NFwqlG5bgMrB123fcBEEGyDl5/IQ
N6nNB1Ggvv9ghqU4Dz0c/OeNK7Ugu5GB1qJubOmvtta3jXct+HQi4IxydzEXjM8S
/bzQ9yxOmz6rtkADEzaF6XvY9oDvTxgcX6p5ijY59Q4JzS2f0K/ei8No/kOTcCZo
50uro3qv2Ts4FoBaevJ9jz2AUNtZMjNTxd/vR+aaj4NhkO9JhZx3zT/Ac8aWsBbx
lNCYYH/7KMXTTAchZ+Ucia9bHhK9Ml7lUGsOS6NRKdw/OFDo9p2niLFdT95nBDnh
AW+jE56LHM563U3fEuFCtmYEIoZ41XasYLW9MJieJcD7K6mWDrC9
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:23 2024 by rpki-client on console-ams.rpki-client.org