Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/RpiqLDTVPrBtPAaF0CnL9LT2r_s.roa
File:                     RpiqLDTVPrBtPAaF0CnL9LT2r_s.roa (raw, json)
Hash identifier:          JvJoN9pLdC2x+uTQAYZHuCLXgBsz9/U3TByq8zuI3l4=
Subject key identifier:   46:98:AA:2C:34:D5:3E:B0:6D:3C:06:85:D0:29:CB:F4:B4:F6:AF:FB
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018E04C857CC6F39E9A275B6DD2C0C94B70D
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/RpiqLDTVPrBtPAaF0CnL9LT2r_s.roa
Signing time:             Sun 03 Mar 2024 14:47:02 +0000
ROA not before:           Sun 03 Mar 2024 14:47:02 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     52041
IP address blocks:        82.153.50.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 29 Apr 2024 07:07:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:04:c8:57:cc:6f:39:e9:a2:75:b6:dd:2c:0c:94:b7:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Mar  3 14:47:02 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=4698aa2c34d53eb06d3c0685d029cbf4b4f6affb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:6f:b8:72:04:7d:73:05:d6:a8:81:44:06:84:
                    bf:62:1e:20:e4:49:12:ed:8b:9b:1b:fd:b0:d8:0c:
                    4f:11:f4:e3:fb:6a:a4:d4:9f:79:95:28:ad:60:99:
                    4d:ad:03:7b:2a:3f:49:03:3a:65:cb:67:f7:f9:cb:
                    a0:8b:f9:ff:a9:82:fe:95:79:c3:6c:4d:aa:41:7a:
                    69:ae:7c:2f:fc:f7:d1:c2:5b:a0:af:bd:4f:0e:67:
                    51:01:68:74:35:3a:26:7c:3b:1a:4d:22:e3:d4:7c:
                    68:64:9d:c6:f9:49:85:cb:08:78:2c:d5:db:00:66:
                    5d:b8:b9:89:95:75:bd:10:bb:ff:58:2a:0a:ed:54:
                    a7:9a:76:1c:e1:d3:c3:f7:f5:2a:67:d3:ac:65:11:
                    91:a8:2d:5f:dd:cf:b8:0c:b5:80:8f:c1:86:04:b6:
                    ed:fe:94:bb:b6:fb:89:88:b2:ce:c6:a5:1a:50:c7:
                    bc:ee:27:36:95:d6:50:1c:7e:65:05:dc:c7:21:b3:
                    ad:95:bf:dc:1a:0d:e1:bc:fa:ae:e5:c8:fa:22:dd:
                    45:84:63:b6:6f:38:a1:1b:de:0e:b0:1f:96:80:a8:
                    8d:7b:99:4a:42:66:bf:5b:71:f0:30:d1:f1:7c:39:
                    e7:d9:75:75:bf:b0:49:29:62:81:e5:7a:16:74:43:
                    d4:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:98:AA:2C:34:D5:3E:B0:6D:3C:06:85:D0:29:CB:F4:B4:F6:AF:FB
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/RpiqLDTVPrBtPAaF0CnL9LT2r_s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.50.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0d:da:13:07:ab:84:fd:2b:2f:a0:af:86:92:52:82:c6:c6:42:
         44:b6:eb:14:a4:0e:77:af:b1:c4:c3:a6:3c:f9:39:33:49:b2:
         98:36:d2:e3:d5:a7:9a:7c:b9:b1:87:9b:0f:12:d3:20:0e:95:
         70:30:1a:6a:3c:a9:c2:f5:6e:e1:14:3e:f9:71:51:60:37:ff:
         18:88:ac:c9:98:27:a7:56:6c:6d:95:5d:f7:14:3e:11:b9:3f:
         c2:d7:b7:93:22:9d:0b:a6:fa:31:09:e3:62:ff:dc:d5:4a:d4:
         6e:be:f1:b9:41:d9:e8:7b:23:ab:15:69:53:4d:80:b0:0b:31:
         30:a9:d9:81:0b:7a:16:f8:89:51:54:6e:f4:ad:57:af:98:b4:
         6b:95:16:dd:db:2c:31:c8:45:33:9d:63:d1:3b:e9:63:08:24:
         87:f8:0f:be:18:06:92:5f:20:c4:33:f3:55:27:18:0d:85:11:
         5f:58:70:d5:1e:e6:47:af:1a:ce:c4:55:6e:fc:31:64:1a:d3:
         87:51:6a:c7:f6:5e:8f:1b:3e:83:8e:54:39:09:54:61:b1:73:
         1a:c0:2a:60:a6:3c:a9:f8:bb:1b:cb:65:a2:1b:e9:2b:d0:d2:
         27:12:7a:08:5a:81:95:c4:1d:dc:5c:0b:fb:21:65:56:d1:97:
         56:36:b2:25
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY4EyFfMbznponW23SwMlLcNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMzAzMTQ0NzAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Njk4YWEyYzM0ZDUzZWIwNmQzYzA2ODVkMDI5Y2JmNGI0ZjZhZmZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApG+4cgR9cwXWqIFEBoS/Yh4g5EkS
7YubG/2w2AxPEfTj+2qk1J95lSitYJlNrQN7Kj9JAzply2f3+cugi/n/qYL+lXnD
bE2qQXpprnwv/PfRwlugr71PDmdRAWh0NTomfDsaTSLj1HxoZJ3G+UmFywh4LNXb
AGZduLmJlXW9ELv/WCoK7VSnmnYc4dPD9/UqZ9OsZRGRqC1f3c+4DLWAj8GGBLbt
/pS7tvuJiLLOxqUaUMe87ic2ldZQHH5lBdzHIbOtlb/cGg3hvPqu5cj6It1FhGO2
bzihG94OsB+WgKiNe5lKQma/W3HwMNHxfDnn2XV1v7BJKWKB5XoWdEPU5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEaYqiw01T6wbTwGhdApy/S09q/7MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvUnBpcUxEVFZQckJ0UEFhRjBDbkw5TFQycl9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpkyMA0G
CSqGSIb3DQEBCwUAA4IBAQAN2hMHq4T9Ky+gr4aSUoLGxkJEtusUpA53r7HEw6Y8
+TkzSbKYNtLj1aeafLmxh5sPEtMgDpVwMBpqPKnC9W7hFD75cVFgN/8YiKzJmCen
VmxtlV33FD4RuT/C17eTIp0LpvoxCeNi/9zVStRuvvG5QdnoeyOrFWlTTYCwCzEw
qdmBC3oW+IlRVG70rVevmLRrlRbd2ywxyEUznWPRO+ljCCSH+A++GAaSXyDEM/NV
JxgNhRFfWHDVHuZHrxrOxFVu/DFkGtOHUWrH9l6PGz6DjlQ5CVRhsXMawCpgpjyp
+Lsby2WiG+kr0NInEnoIWoGVxB3cXAv7IWVW0ZdWNrIl
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:16 2024 by rpki-client on console-fra.rpki-client.org