Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/QO_nSNfOMBg-pG7y482VkpVAK9E.roa
File:                     QO_nSNfOMBg-pG7y482VkpVAK9E.roa (raw, json)
Hash identifier:          Ev61733kgDxabUR8B8pK4ULKqTEeAFbiPHrFCM0u7QE=
Subject key identifier:   40:EF:E7:48:D7:CE:30:18:3E:A4:6E:F2:E3:CD:95:92:95:40:2B:D1
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       0186548822F346D9130BFA8DC7B0433E664C
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/QO_nSNfOMBg-pG7y482VkpVAK9E.roa
Signing time:             Wed 15 Feb 2023 10:04:13 +0000
ROA not before:           Wed 15 Feb 2023 10:04:13 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     60721
IP address blocks:        82.152.176.0/24 maxlen: 24
                          82.152.177.0/24 maxlen: 24
                          82.153.243.0/24 maxlen: 24
                          82.153.68.0/24 maxlen: 24
                          82.152.249.0/24 maxlen: 24
                          82.152.254.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 07 Mar 2023 12:20:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:54:88:22:f3:46:d9:13:0b:fa:8d:c7:b0:43:3e:66:4c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Feb 15 10:04:13 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=40efe748d7ce30183ea46ef2e3cd959295402bd1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:fa:3f:90:f6:60:0d:65:92:9d:1a:32:79:c4:
                    f0:71:47:1e:62:65:18:03:02:de:c0:bb:ba:d5:e8:
                    96:bb:e1:7b:47:87:8b:52:ad:72:bc:db:0b:6b:61:
                    06:7c:35:d6:53:28:01:e9:4d:8e:e6:77:70:86:3a:
                    9c:10:be:0a:e2:61:f2:7c:ef:3e:f0:47:e8:ca:97:
                    b2:a8:58:45:9a:25:90:eb:77:c0:02:db:06:aa:db:
                    9c:9e:06:d2:14:2f:f6:14:c8:37:87:7b:7e:77:a6:
                    28:11:81:dd:98:4e:b6:1a:86:7b:43:29:f6:80:30:
                    1b:2d:74:58:6e:5b:b7:e1:9a:66:1b:33:0e:5d:b8:
                    3e:2e:59:2f:0e:42:23:0b:4c:db:aa:f7:dc:2b:33:
                    1a:ce:7b:e7:8b:2c:70:4d:e7:9a:7f:e5:f4:0e:44:
                    cb:bf:d0:2f:00:1e:20:eb:8d:12:9b:61:cb:86:9a:
                    61:13:fe:e6:3e:ec:c1:25:cb:a1:0f:c4:10:d9:06:
                    e4:12:90:5a:8e:cc:72:d8:71:2e:85:f1:b5:14:cb:
                    11:91:c5:36:ad:90:17:0b:10:28:5b:4b:32:38:40:
                    f4:b6:c2:9d:b5:11:3e:1b:9b:05:02:f5:f4:60:d3:
                    83:db:de:c3:6e:eb:d9:8a:af:d7:86:64:82:14:69:
                    9c:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:EF:E7:48:D7:CE:30:18:3E:A4:6E:F2:E3:CD:95:92:95:40:2B:D1
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/QO_nSNfOMBg-pG7y482VkpVAK9E.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.152.176.0/23
                  82.152.249.0/24
                  82.152.254.0/24
                  82.153.68.0/24
                  82.153.243.0/24

    Signature Algorithm: sha256WithRSAEncryption
         27:ee:99:af:99:c5:95:26:07:2d:ae:b9:14:a0:3f:ff:3c:a3:
         81:e1:13:18:8a:83:1d:0d:bc:db:03:d9:44:a4:a3:0c:1f:13:
         83:5e:d8:f0:81:f3:87:01:d8:d3:03:3f:bd:f1:08:06:4c:dd:
         7d:96:2c:31:48:87:92:0d:c7:bd:85:29:e0:0b:c0:6e:50:8b:
         61:95:14:56:d8:a5:45:fc:bd:e9:89:03:d5:29:a4:27:12:e0:
         73:61:3d:99:5d:a6:63:7a:af:9f:58:36:47:f4:b3:22:95:25:
         e4:fa:68:1f:32:52:e8:7d:27:e2:19:9e:21:d0:29:3f:0d:85:
         1b:09:d2:78:a4:07:4d:bb:b6:c6:15:c8:e7:c3:1a:00:34:bf:
         af:78:60:4b:9d:35:66:71:9c:b4:f0:1d:79:f5:42:aa:bd:44:
         23:8c:23:11:67:38:52:85:3d:46:6b:2a:7e:1c:56:b2:d4:9a:
         3e:a8:fe:d2:ae:fc:c9:fc:6b:90:50:88:34:03:5c:fd:fa:44:
         de:0a:4e:38:fe:c7:7a:dc:15:13:21:6c:0e:38:4d:70:9c:30:
         2f:64:ce:35:5b:b6:95:18:de:e3:a1:ea:02:b6:53:73:63:06:
         e3:27:90:94:5c:04:0d:b7:38:1b:83:f2:32:14:22:d7:4a:6c:
         b7:f1:60:42
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYZUiCLzRtkTC/qNx7BDPmZMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwMjE1MTAwNDEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGVmZTc0OGQ3Y2UzMDE4M2VhNDZlZjJlM2NkOTU5Mjk1NDAyYmQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhfo/kPZgDWWSnRoyecTwcUceYmUY
AwLewLu61eiWu+F7R4eLUq1yvNsLa2EGfDXWUygB6U2O5ndwhjqcEL4K4mHyfO8+
8EfoypeyqFhFmiWQ63fAAtsGqtucngbSFC/2FMg3h3t+d6YoEYHdmE62GoZ7Qyn2
gDAbLXRYblu34ZpmGzMOXbg+LlkvDkIjC0zbqvfcKzMaznvniyxwTeeaf+X0DkTL
v9AvAB4g640Sm2HLhpphE/7mPuzBJcuhD8QQ2QbkEpBajsxy2HEuhfG1FMsRkcU2
rZAXCxAoW0syOED0tsKdtRE+G5sFAvX0YNOD297DbuvZiq/XhmSCFGmcRQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFEDv50jXzjAYPqRu8uPNlZKVQCvRMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvUU9fblNOZk9NQmctcEc3eTQ4MlZrcFZBSzlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBUpiwAwQA
Upj5AwQAUpj+AwQAUplEAwQAUpnzMA0GCSqGSIb3DQEBCwUAA4IBAQAn7pmvmcWV
JgctrrkUoD//PKOB4RMYioMdDbzbA9lEpKMMHxODXtjwgfOHAdjTAz+98QgGTN19
liwxSIeSDce9hSngC8BuUIthlRRW2KVF/L3piQPVKaQnEuBzYT2ZXaZjeq+fWDZH
9LMilSXk+mgfMlLofSfiGZ4h0Ck/DYUbCdJ4pAdNu7bGFcjnwxoANL+veGBLnTVm
cZy08B159UKqvUQjjCMRZzhShT1Gayp+HFay1Jo+qP7SrvzJ/GuQUIg0A1z9+kTe
Ck44/sd63BUTIWwOOE1wnDAvZM41W7aVGN7joeoCtlNzYwbjJ5CUXAQNtzgbg/Iy
FCLXSmy38WBC
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:23 2024 by rpki-client on console-ams.rpki-client.org