Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/RzIIyDssSfzHNv8bmHl6vIrad2w.roa
File:                     RzIIyDssSfzHNv8bmHl6vIrad2w.roa (raw, json)
Hash identifier:          2b8kTd3X9QmkMPddZdJ2jFnIj34x3gtKliw1mD7rYwU=
Subject key identifier:   47:32:08:C8:3B:2C:49:FC:C7:36:FF:1B:98:79:7A:BC:8A:DA:77:6C
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018AA736A291F6A1D138DA3EFFFCFD52E0A6
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/RzIIyDssSfzHNv8bmHl6vIrad2w.roa
Signing time:             Mon 18 Sep 2023 07:34:50 +0000
ROA not before:           Mon 18 Sep 2023 07:34:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     49981
IP address blocks:        82.153.65.0/24 maxlen: 24
                          109.176.245.0/24 maxlen: 24
                          82.153.220.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 02 Oct 2023 06:47:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:a7:36:a2:91:f6:a1:d1:38:da:3e:ff:fc:fd:52:e0:a6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Sep 18 07:34:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=473208c83b2c49fcc736ff1b98797abc8ada776c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:fa:a8:64:14:e6:23:7e:af:76:91:26:c1:54:
                    e4:d2:b1:8c:5d:17:f5:2f:6c:7d:27:e3:17:e9:d4:
                    d1:a3:9d:6f:f7:e7:16:1b:d6:cf:15:13:fa:6c:19:
                    1b:ff:73:52:be:ae:57:43:cd:40:c5:91:73:b2:f9:
                    20:02:c5:4f:87:61:f9:55:3f:90:65:ab:ed:6d:8c:
                    c5:e3:d8:e7:dd:a1:92:5f:03:86:7b:ec:f3:3b:a3:
                    a5:2f:fb:7a:13:7e:eb:cb:13:61:b5:00:e0:d1:1d:
                    21:8e:5e:f7:72:9c:7b:29:21:82:e3:5c:99:ad:a0:
                    7c:c0:ee:ce:5c:ba:37:9d:3f:83:c7:3d:3a:66:70:
                    43:57:e4:1c:df:25:b5:4f:77:fa:2f:4b:6e:f2:ff:
                    3c:54:95:77:7f:85:9b:cf:c8:8a:0d:71:c2:9e:54:
                    e5:1b:ab:03:a0:e0:09:56:e1:fb:1b:b3:07:7f:da:
                    6e:7a:88:6c:07:66:5f:1f:59:77:2a:f3:4d:e2:d0:
                    14:03:a7:5d:a8:be:25:9e:80:a1:83:bd:8b:b3:15:
                    b9:a2:a9:b9:18:90:a2:96:23:72:c8:23:14:10:17:
                    e3:5a:76:01:5f:77:49:6f:f0:39:68:77:5f:cd:06:
                    c1:25:e9:58:a6:8d:76:c7:16:b7:f0:68:a7:c2:4e:
                    a6:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:32:08:C8:3B:2C:49:FC:C7:36:FF:1B:98:79:7A:BC:8A:DA:77:6C
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/RzIIyDssSfzHNv8bmHl6vIrad2w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.65.0/24
                  82.153.220.0/24
                  109.176.245.0/24

    Signature Algorithm: sha256WithRSAEncryption
         11:cb:d9:65:54:87:52:5f:b1:7f:9d:5a:0f:4b:84:39:e6:11:
         dd:de:31:69:c6:99:ac:35:61:3e:b7:f2:ff:78:49:74:67:59:
         76:1d:81:fa:21:f8:a8:ae:4c:43:5d:89:fb:83:9a:a6:78:d0:
         8f:fd:3b:92:e2:70:ce:6e:ca:fb:af:de:2a:5b:06:5b:4e:02:
         84:4b:17:da:9d:48:e8:7f:ca:ef:29:a3:19:54:b3:b3:3e:4c:
         28:77:72:a8:fa:8d:85:ad:68:39:50:2e:a8:62:52:02:f9:a1:
         3e:ba:68:27:73:03:32:0b:6a:f3:0e:8e:de:e1:ef:94:88:f9:
         6c:0b:78:cb:0f:7b:c3:51:dd:67:79:97:47:4f:6c:7f:fd:23:
         ac:e7:56:eb:a6:d2:32:b0:5a:6e:82:95:58:91:fd:57:8d:26:
         51:96:6e:4b:d3:54:c6:e9:82:03:39:6e:72:97:c7:f6:32:c9:
         73:5c:34:42:bf:e5:19:57:6b:fe:bc:47:5d:ae:63:0a:c3:8f:
         51:8f:dc:40:c6:d9:0c:6c:a7:1b:f8:e9:be:4f:a7:8c:6b:11:
         f0:be:10:9d:47:dd:6e:0e:1d:6a:57:d6:64:a9:5c:82:64:63:
         ba:48:77:3c:3b:de:c7:c9:18:85:be:1d:85:29:4f:c1:a8:98:
         a3:e8:2b:64
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYqnNqKR9qHRONo+//z9UuCmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwOTE4MDczNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzMyMDhjODNiMmM0OWZjYzczNmZmMWI5ODc5N2FiYzhhZGE3NzZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5vqoZBTmI36vdpEmwVTk0rGMXRf1
L2x9J+MX6dTRo51v9+cWG9bPFRP6bBkb/3NSvq5XQ81AxZFzsvkgAsVPh2H5VT+Q
ZavtbYzF49jn3aGSXwOGe+zzO6OlL/t6E37ryxNhtQDg0R0hjl73cpx7KSGC41yZ
raB8wO7OXLo3nT+Dxz06ZnBDV+Qc3yW1T3f6L0tu8v88VJV3f4Wbz8iKDXHCnlTl
G6sDoOAJVuH7G7MHf9pueohsB2ZfH1l3KvNN4tAUA6ddqL4lnoChg72LsxW5oqm5
GJCiliNyyCMUEBfjWnYBX3dJb/A5aHdfzQbBJelYpo12xxa38Ginwk6m2wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEcyCMg7LEn8xzb/G5h5eryK2ndsMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvUnpJSXlEc3NTZnpITnY4Ym1IbDZ2SXJhZDJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUplBAwQA
UpncAwQAbbD1MA0GCSqGSIb3DQEBCwUAA4IBAQARy9llVIdSX7F/nVoPS4Q55hHd
3jFpxpmsNWE+t/L/eEl0Z1l2HYH6IfiorkxDXYn7g5qmeNCP/TuS4nDObsr7r94q
WwZbTgKESxfanUjof8rvKaMZVLOzPkwod3Ko+o2FrWg5UC6oYlIC+aE+umgncwMy
C2rzDo7e4e+UiPlsC3jLD3vDUd1neZdHT2x//SOs51brptIysFpugpVYkf1XjSZR
lm5L01TG6YIDOW5yl8f2MslzXDRCv+UZV2v+vEddrmMKw49Rj9xAxtkMbKcb+Om+
T6eMaxHwvhCdR91uDh1qV9ZkqVyCZGO6SHc8O97HyRiFvh2FKU/BqJij6Ctk
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:23 2024 by rpki-client on console-ams.rpki-client.org