Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Q7Y7CpI8PAsiFEfIMC-vjRN1TIA.roa
File:                     Q7Y7CpI8PAsiFEfIMC-vjRN1TIA.roa (raw, json)
Hash identifier:          IHjEDwtC7FUDlhDoyeqYDkbFgQBtfLq4qbNOrv78xHE=
Subject key identifier:   43:B6:3B:0A:92:3C:3C:0B:22:14:47:C8:30:2F:AF:8D:13:75:4C:80
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018571FA235A6D3879EB565568B18570D491
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Q7Y7CpI8PAsiFEfIMC-vjRN1TIA.roa
Signing time:             Mon 02 Jan 2023 10:14:56 +0000
ROA not before:           Mon 02 Jan 2023 10:14:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     14445
IP address blocks:        82.153.132.0/24 maxlen: 24
                          82.153.4.0/24 maxlen: 24
                          82.153.10.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 20 Feb 2023 09:34:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:fa:23:5a:6d:38:79:eb:56:55:68:b1:85:70:d4:91
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jan  2 10:14:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=43b63b0a923c3c0b221447c8302faf8d13754c80
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:2a:20:ee:de:be:47:44:62:bb:fc:df:bf:78:
                    99:b4:98:10:a4:7c:5a:57:6c:de:63:4e:bc:b5:71:
                    55:c0:97:d6:92:4f:78:55:d3:ff:ba:de:37:df:1d:
                    fe:26:47:65:89:8d:8b:f8:58:e7:76:99:07:c1:23:
                    b0:66:fe:5a:ab:f9:9c:56:bb:28:97:c5:40:a5:b0:
                    b8:91:75:ff:b7:00:d3:58:e1:d5:18:d3:a4:4e:57:
                    51:b6:63:62:c9:e8:6d:86:46:ea:a9:1e:cc:37:e5:
                    2b:a2:6d:25:c7:9d:50:51:91:64:4f:a4:65:1c:b1:
                    9b:f6:6a:ae:1e:d4:3e:ba:aa:3d:f4:4c:a9:b8:7e:
                    29:21:a1:1d:52:0f:fe:1b:99:45:06:d5:f0:76:92:
                    35:05:48:63:1c:90:3a:1c:cb:b7:31:bb:78:52:2d:
                    ac:16:6c:68:b2:48:c2:af:f4:84:3d:85:bb:c2:4b:
                    bb:1c:53:cf:9a:6e:2b:bc:e8:d6:ff:39:9b:58:b6:
                    fb:f7:03:8e:b8:99:a5:19:d7:d3:d3:17:8d:e4:df:
                    d8:c5:ac:d4:6d:3a:f5:c5:00:52:1b:5e:77:f4:e4:
                    d1:a9:61:b4:a3:48:fe:2e:ac:de:e2:ff:d1:95:10:
                    3e:16:5f:e4:4c:ef:8d:11:5e:8f:fc:78:23:e8:ec:
                    29:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:B6:3B:0A:92:3C:3C:0B:22:14:47:C8:30:2F:AF:8D:13:75:4C:80
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Q7Y7CpI8PAsiFEfIMC-vjRN1TIA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.4.0/24
                  82.153.10.0/24
                  82.153.132.0/24

    Signature Algorithm: sha256WithRSAEncryption
         49:c9:e2:9e:19:c2:85:1e:d5:91:c6:52:1e:ee:92:92:57:29:
         18:31:86:90:7b:eb:46:d1:6e:ee:b3:07:6a:e1:89:1c:9d:f4:
         fe:28:95:6d:a6:92:d6:c3:6a:27:a7:66:11:6e:ca:f7:77:16:
         4a:b1:19:15:3b:92:39:5a:a0:dd:a8:d7:d9:ed:0d:3d:57:ed:
         29:62:15:ad:9c:f7:65:63:05:b5:e3:f2:9c:73:df:21:10:51:
         aa:09:0b:9a:72:ef:00:0a:a4:c0:e3:ae:17:41:42:61:1c:59:
         7c:f1:c9:46:db:e4:02:60:fe:86:06:ad:13:04:a6:a5:35:e7:
         ef:b9:61:91:df:bb:6b:c6:ba:15:58:ca:58:a5:ba:8c:34:71:
         16:8d:69:57:7e:41:b2:b8:2b:7b:90:17:b1:de:24:f1:21:53:
         11:ff:e8:e2:5b:33:b6:e3:b9:86:17:74:b9:46:93:69:a7:76:
         14:ca:b1:58:31:84:91:cc:b7:ff:ea:87:5e:b0:dd:be:3d:79:
         7a:5f:2a:98:4b:86:1c:17:06:73:db:54:59:19:57:a4:25:92:
         27:eb:2d:57:d9:73:fa:dc:b9:c5:03:61:61:c2:b3:54:a1:b5:
         b4:05:a6:30:e7:34:a0:00:02:49:4a:20:45:a9:e8:f2:91:04:
         87:21:ad:20
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVx+iNabTh561ZVaLGFcNSRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwMTAyMTAxNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2I2M2IwYTkyM2MzYzBiMjIxNDQ3YzgzMDJmYWY4ZDEzNzU0YzgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkyog7t6+R0Riu/zfv3iZtJgQpHxa
V2zeY068tXFVwJfWkk94VdP/ut433x3+JkdliY2L+FjndpkHwSOwZv5aq/mcVrso
l8VApbC4kXX/twDTWOHVGNOkTldRtmNiyehthkbqqR7MN+Urom0lx51QUZFkT6Rl
HLGb9mquHtQ+uqo99EypuH4pIaEdUg/+G5lFBtXwdpI1BUhjHJA6HMu3Mbt4Ui2s
FmxoskjCr/SEPYW7wku7HFPPmm4rvOjW/zmbWLb79wOOuJmlGdfT0xeN5N/YxazU
bTr1xQBSG1539OTRqWG0o0j+Lqze4v/RlRA+Fl/kTO+NEV6P/Hgj6OwpSQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEO2OwqSPDwLIhRHyDAvr40TdUyAMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvUTdZN0NwSThQQXNpRkVmSU1DLXZqUk4xVElBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUpkEAwQA
UpkKAwQAUpmEMA0GCSqGSIb3DQEBCwUAA4IBAQBJyeKeGcKFHtWRxlIe7pKSVykY
MYaQe+tG0W7uswdq4YkcnfT+KJVtppLWw2onp2YRbsr3dxZKsRkVO5I5WqDdqNfZ
7Q09V+0pYhWtnPdlYwW14/Kcc98hEFGqCQuacu8ACqTA464XQUJhHFl88clG2+QC
YP6GBq0TBKalNefvuWGR37trxroVWMpYpbqMNHEWjWlXfkGyuCt7kBex3iTxIVMR
/+jiWzO247mGF3S5RpNpp3YUyrFYMYSRzLf/6odesN2+PXl6XyqYS4YcFwZz21RZ
GVekJZIn6y1X2XP63LnFA2FhwrNUobW0BaYw5zSgAAJJSiBFqejykQSHIa0g
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:15 2024 by rpki-client on console-fra.rpki-client.org