Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/SGOPGoXFAYJoppuL2P8gTilpc6k.roa
File:                     SGOPGoXFAYJoppuL2P8gTilpc6k.roa (raw, json)
Hash identifier:          0CkS6nM2JXiExbpxWyQmi1w0LYgAJJnfkEtURLeOVf4=
Subject key identifier:   48:63:8F:1A:85:C5:01:82:68:A6:9B:8B:D8:FF:20:4E:29:69:73:A9
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018D9275744CF91D634A85329516ADF8FFB9
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/SGOPGoXFAYJoppuL2P8gTilpc6k.roa
Signing time:             Sat 10 Feb 2024 09:59:47 +0000
ROA not before:           Sat 10 Feb 2024 09:59:47 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     834
IP address blocks:        82.153.136.0/22 maxlen: 22
                          89.213.148.0/22 maxlen: 24
                          89.213.152.0/22 maxlen: 24
                          89.213.156.0/22 maxlen: 24
                          89.213.165.0/24 maxlen: 24
                          89.213.172.0/22 maxlen: 24
                          89.213.173.0/24 maxlen: 24
                          89.213.180.0/24 maxlen: 24
                          185.49.126.0/23 maxlen: 24
                          213.152.42.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 18 Feb 2024 08:27:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:92:75:74:4c:f9:1d:63:4a:85:32:95:16:ad:f8:ff:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Feb 10 09:59:47 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=48638f1a85c5018268a69b8bd8ff204e296973a9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:0f:8e:ab:9c:43:fb:9a:25:7a:74:ef:1e:8c:
                    6b:2c:f4:53:13:2b:56:23:3f:46:55:e7:9c:35:ba:
                    a3:46:73:05:5a:19:2c:4c:fa:a6:3c:59:41:f1:8b:
                    0c:7c:b6:fc:3c:0c:b7:9a:67:f2:e4:c2:89:6d:4d:
                    1e:f2:1e:22:d4:7c:a4:4e:ba:df:e9:93:77:f7:23:
                    60:f3:9b:e5:41:86:8e:aa:15:3c:1a:42:d7:11:6b:
                    9c:57:53:76:58:65:60:77:10:3e:5e:3f:f0:91:bd:
                    d7:2f:4c:52:30:65:9d:a9:45:e8:20:b3:22:52:b5:
                    cc:23:b3:e8:7b:3b:60:40:9b:0f:82:3a:4c:6d:7f:
                    da:de:c8:9b:82:57:5f:03:ed:de:75:ec:9c:71:db:
                    1b:2f:6c:46:ea:ea:12:b1:7d:4c:50:74:4d:0e:60:
                    c6:55:4d:c6:3e:41:59:97:0c:44:45:ad:85:f6:66:
                    f2:2d:b4:61:c1:41:8a:13:b7:e2:6f:36:a5:8d:87:
                    83:a1:a4:72:c9:97:27:57:ef:77:cd:20:0a:35:9e:
                    5e:25:e7:d4:6b:5f:11:4a:cd:29:cf:07:3e:43:5b:
                    0d:4e:ff:d5:86:7c:25:83:e3:08:68:3f:4c:40:a0:
                    ca:4a:5b:13:e0:60:96:cb:b4:62:93:c5:02:17:1f:
                    e9:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:63:8F:1A:85:C5:01:82:68:A6:9B:8B:D8:FF:20:4E:29:69:73:A9
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/SGOPGoXFAYJoppuL2P8gTilpc6k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.136.0/22
                  89.213.148.0-89.213.159.255
                  89.213.165.0/24
                  89.213.172.0/22
                  89.213.180.0/24
                  185.49.126.0/23
                  213.152.42.0/24

    Signature Algorithm: sha256WithRSAEncryption
         45:e5:32:05:5c:b9:1f:44:50:81:45:9e:2c:13:56:83:86:4d:
         58:4b:d2:1e:8a:4e:05:c9:64:27:a7:f4:3d:23:b4:fa:dc:18:
         d2:cb:76:7e:b8:8c:15:8d:39:3a:7a:f7:09:bd:2c:c2:e8:a8:
         72:71:5e:24:9e:20:cf:b9:29:40:0d:f1:b1:dd:2d:26:7f:5b:
         41:3e:05:49:a3:30:18:c2:f9:75:c2:08:66:1b:4e:2c:1e:1d:
         ea:cd:78:7e:74:2e:d1:5c:ae:f6:81:d5:e3:b6:71:d7:49:1d:
         ac:e4:5b:19:f3:08:ac:8d:0c:6b:46:bf:09:55:12:c5:99:8d:
         66:8a:cd:51:e2:ad:86:0c:1b:54:c9:10:ee:8e:2b:f6:0e:3c:
         0b:23:ac:7d:51:f8:59:7f:07:c2:21:de:0c:6f:03:76:f9:31:
         d0:a5:e6:6e:15:93:c7:e4:c1:dc:2e:cb:5a:dc:18:a2:55:e2:
         34:80:bf:fe:08:73:09:f6:1a:40:57:a1:72:9a:5c:76:bb:cd:
         89:47:04:4e:3c:98:86:3e:71:25:c6:62:1e:4d:16:86:d9:e1:
         03:cc:69:18:b6:1b:b2:2a:c9:91:0e:8a:85:d8:f6:fd:f6:e1:
         aa:20:1b:af:d3:e5:af:a1:64:97:c6:d1:6a:f4:26:84:4c:f2:
         a9:c5:44:d0
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAY2SdXRM+R1jSoUylRat+P+5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMjEwMDk1OTQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODYzOGYxYTg1YzUwMTgyNjhhNjliOGJkOGZmMjA0ZTI5Njk3M2E5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAog+Oq5xD+5olenTvHoxrLPRTEytW
Iz9GVeecNbqjRnMFWhksTPqmPFlB8YsMfLb8PAy3mmfy5MKJbU0e8h4i1HykTrrf
6ZN39yNg85vlQYaOqhU8GkLXEWucV1N2WGVgdxA+Xj/wkb3XL0xSMGWdqUXoILMi
UrXMI7PoeztgQJsPgjpMbX/a3sibgldfA+3edeyccdsbL2xG6uoSsX1MUHRNDmDG
VU3GPkFZlwxERa2F9mbyLbRhwUGKE7fibzaljYeDoaRyyZcnV+93zSAKNZ5eJefU
a18RSs0pzwc+Q1sNTv/Vhnwlg+MIaD9MQKDKSlsT4GCWy7Rik8UCFx/pAQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFEhjjxqFxQGCaKabi9j/IE4paXOpMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvU0dPUEdvWEZBWUpvcHB1TDJQOGdUaWxwYzZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQCUpmIMAwD
BAJZ1ZQDBAVZ1YADBABZ1aUDBAJZ1awDBABZ1bQDBAG5MX4DBADVmCowDQYJKoZI
hvcNAQELBQADggEBAEXlMgVcuR9EUIFFniwTVoOGTVhL0h6KTgXJZCen9D0jtPrc
GNLLdn64jBWNOTp69wm9LMLoqHJxXiSeIM+5KUAN8bHdLSZ/W0E+BUmjMBjC+XXC
CGYbTiweHerNeH50LtFcrvaB1eO2cddJHazkWxnzCKyNDGtGvwlVEsWZjWaKzVHi
rYYMG1TJEO6OK/YOPAsjrH1R+Fl/B8Ih3gxvA3b5MdCl5m4Vk8fkwdwuy1rcGKJV
4jSAv/4Icwn2GkBXoXKaXHa7zYlHBE48mIY+cSXGYh5NFobZ4QPMaRi2G7IqyZEO
ioXY9v324aogG6/T5a+hZJfG0Wr0JoRM8qnFRNA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:23 2024 by rpki-client on console-ams.rpki-client.org