Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/RxPqH9bDV6eeHtQqMNjlI93VG_g.roa
File:                     RxPqH9bDV6eeHtQqMNjlI93VG_g.roa (raw, json)
Hash identifier:          7Wp9HcOfpnZD8qRTnIc/NonI3jYBC+OPE5DrkoCu9V4=
Subject key identifier:   47:13:EA:1F:D6:C3:57:A7:9E:1E:D4:2A:30:D8:E5:23:DD:D5:1B:F8
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018F331AD8CB5EB3D30BC6F9E75211CD31B7
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/RxPqH9bDV6eeHtQqMNjlI93VG_g.roa
Signing time:             Wed 01 May 2024 07:42:28 +0000
ROA not before:           Wed 01 May 2024 07:42:28 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     151872
IP address blocks:        82.153.50.0/24 maxlen: 24
                          109.176.22.0/24 maxlen: 24
                          194.105.88.0/24 maxlen: 24
                          213.218.233.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 07 May 2024 07:15:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:33:1a:d8:cb:5e:b3:d3:0b:c6:f9:e7:52:11:cd:31:b7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: May  1 07:42:28 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=4713ea1fd6c357a79e1ed42a30d8e523ddd51bf8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:57:62:62:3c:c7:9e:2e:a1:f8:ba:50:ac:c5:
                    08:50:d6:47:ad:c3:94:ca:07:b7:3c:65:0f:f2:13:
                    1f:23:f7:c3:97:84:59:ec:0a:e6:09:42:6c:5b:4a:
                    25:af:d7:f2:34:3a:78:f4:57:f2:e8:e6:13:17:cd:
                    15:24:1e:79:8c:4b:ce:04:59:c4:b6:5d:a6:50:66:
                    99:19:b8:ef:d9:5b:47:db:2e:13:60:f7:86:28:af:
                    5a:3e:cd:1e:32:a2:69:60:5a:59:97:cf:a9:e3:51:
                    db:73:38:b1:6a:d3:89:7a:a6:b3:18:1a:54:12:a3:
                    cc:54:71:28:0e:20:6f:ce:8c:27:a3:7d:28:fe:d2:
                    a1:92:61:55:37:88:05:96:ac:0d:0c:66:14:a4:5e:
                    9a:28:a7:72:a7:e8:e3:33:51:c3:be:0c:20:5b:1a:
                    83:77:9f:ea:9c:90:2c:cc:f3:88:1d:04:d0:2e:14:
                    db:12:91:41:c6:bd:f2:b6:95:52:2e:20:36:e2:8a:
                    63:e4:40:2c:79:d9:d5:14:cc:53:81:09:68:5e:9b:
                    29:c7:99:f7:fe:49:fd:9d:4a:92:da:d6:bd:e1:0d:
                    fc:ec:59:45:e7:f1:b3:68:e0:36:f7:61:86:d9:49:
                    93:09:ac:60:4f:d7:54:aa:6c:b7:9c:1b:bc:0f:d8:
                    2a:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:13:EA:1F:D6:C3:57:A7:9E:1E:D4:2A:30:D8:E5:23:DD:D5:1B:F8
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/RxPqH9bDV6eeHtQqMNjlI93VG_g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.50.0/24
                  109.176.22.0/24
                  194.105.88.0/24
                  213.218.233.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0b:85:dc:24:33:e7:4c:03:31:b3:65:6d:8c:da:a0:4b:d2:ec:
         27:4d:04:a0:aa:49:d2:4d:49:f8:5b:6f:bd:4a:97:39:f2:c1:
         7a:90:9d:a2:fe:e7:cb:c8:f2:af:49:68:e5:02:4c:7b:a0:64:
         e3:45:80:b8:38:34:76:93:96:c1:e2:70:e4:84:70:ec:92:53:
         e6:2e:42:ca:a8:cf:ec:74:d6:b5:d3:88:e5:58:3e:d9:5a:98:
         4e:f2:ba:ba:7d:b9:ec:ca:28:15:ab:b8:11:d2:07:17:e6:ca:
         a3:ff:db:46:04:69:7c:ae:62:78:a8:06:63:70:a0:15:47:f6:
         b6:cc:e5:8e:8e:b8:ea:af:0e:69:97:ce:73:b4:d1:70:8b:ca:
         a7:4f:2b:9d:9b:f0:3f:87:c6:f1:82:68:7c:91:30:fb:35:8f:
         a1:84:f2:77:c5:71:ea:07:c2:17:69:a4:26:1b:d5:8a:80:77:
         1a:95:dd:2a:52:b6:79:4b:a4:44:2d:c2:cb:47:ec:83:5d:f8:
         fe:ec:3c:e7:09:b2:0e:43:a4:af:1e:81:f8:ad:58:2b:5d:29:
         19:89:06:a3:73:59:3a:d3:13:4d:a6:06:8c:23:df:05:8c:ca:
         c0:af:b8:f1:6f:5f:d6:c6:16:2d:aa:20:45:c9:f3:ec:f1:f1:
         db:dc:76:69
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY8zGtjLXrPTC8b551IRzTG3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNTAxMDc0MjI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzEzZWExZmQ2YzM1N2E3OWUxZWQ0MmEzMGQ4ZTUyM2RkZDUxYmY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoFdiYjzHni6h+LpQrMUIUNZHrcOU
yge3PGUP8hMfI/fDl4RZ7ArmCUJsW0olr9fyNDp49Ffy6OYTF80VJB55jEvOBFnE
tl2mUGaZGbjv2VtH2y4TYPeGKK9aPs0eMqJpYFpZl8+p41HbczixatOJeqazGBpU
EqPMVHEoDiBvzowno30o/tKhkmFVN4gFlqwNDGYUpF6aKKdyp+jjM1HDvgwgWxqD
d5/qnJAszPOIHQTQLhTbEpFBxr3ytpVSLiA24opj5EAsednVFMxTgQloXpspx5n3
/kn9nUqS2ta94Q387FlF5/GzaOA292GG2UmTCaxgT9dUqmy3nBu8D9gqmQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEcT6h/Ww1ennh7UKjDY5SPd1Rv4MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvUnhQcUg5YkRWNmVlSHRRcU1OamxJOTNWR19nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAUpkyAwQA
bbAWAwQAwmlYAwQA1drpMA0GCSqGSIb3DQEBCwUAA4IBAQALhdwkM+dMAzGzZW2M
2qBL0uwnTQSgqknSTUn4W2+9Spc58sF6kJ2i/ufLyPKvSWjlAkx7oGTjRYC4ODR2
k5bB4nDkhHDsklPmLkLKqM/sdNa104jlWD7ZWphO8rq6fbnsyigVq7gR0gcX5sqj
/9tGBGl8rmJ4qAZjcKAVR/a2zOWOjrjqrw5pl85ztNFwi8qnTyudm/A/h8bxgmh8
kTD7NY+hhPJ3xXHqB8IXaaQmG9WKgHcald0qUrZ5S6RELcLLR+yDXfj+7DznCbIO
Q6SvHoH4rVgrXSkZiQajc1k60xNNpgaMI98FjMrAr7jxb1/WxhYtqiBFyfPs8fHb
3HZp
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:23 2024 by rpki-client on console-ams.rpki-client.org