Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Sg6h2ZILBPqOSrBkwNPjsuR7eYM.roa
File:                     Sg6h2ZILBPqOSrBkwNPjsuR7eYM.roa (raw, json)
Hash identifier:          FX+HQigjD8MRdp4Q4Pds2BajZEUdai33AapL9NPcgqU=
Subject key identifier:   4A:0E:A1:D9:92:0B:04:FA:8E:4A:B0:64:C0:D3:E3:B2:E4:7B:79:83
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018DD19831E8F1660B2AECF39055A876567E
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Sg6h2ZILBPqOSrBkwNPjsuR7eYM.roa
Signing time:             Thu 22 Feb 2024 16:13:48 +0000
ROA not before:           Thu 22 Feb 2024 16:13:48 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     21859
IP address blocks:        82.152.176.0/23 maxlen: 23
                          82.153.228.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Fri 15 Mar 2024 08:58:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:d1:98:31:e8:f1:66:0b:2a:ec:f3:90:55:a8:76:56:7e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Feb 22 16:13:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=4a0ea1d9920b04fa8e4ab064c0d3e3b2e47b7983
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:f1:aa:24:be:72:0c:ba:7e:16:e3:41:ba:56:
                    21:41:a8:49:bb:1b:ee:33:f6:7b:52:46:96:31:ac:
                    91:dc:98:db:86:49:4e:82:73:01:c6:9b:72:ba:3f:
                    80:e9:86:22:62:93:f7:86:5e:2e:71:8e:c9:4a:a6:
                    0f:14:73:a7:89:5c:dc:f3:da:01:7e:65:bf:7b:54:
                    46:9c:4a:28:d7:b0:b5:ca:72:8b:88:16:b8:61:13:
                    a8:f6:f3:10:a9:1c:18:d3:91:00:a5:74:16:13:d1:
                    97:45:7c:59:56:51:80:3d:60:64:69:69:23:8b:40:
                    25:71:e3:fc:d5:73:37:cd:3c:65:76:47:1a:d2:2f:
                    47:23:4a:50:36:a6:7b:5b:dc:d6:33:33:32:06:24:
                    23:94:5c:e3:54:85:3a:bf:6a:11:b2:ad:4f:8f:f7:
                    82:13:ff:b5:3f:c5:f3:1b:9e:5d:58:10:f3:15:d6:
                    ff:38:c5:e1:b8:85:ca:68:a2:ed:bf:c8:64:ec:ba:
                    94:10:61:e5:53:48:53:ba:15:72:2e:c9:5f:96:4c:
                    42:22:69:00:84:1c:17:ef:3e:20:e0:a2:a5:b5:d7:
                    f3:50:22:45:f0:7e:54:b9:fd:ea:03:ee:67:0f:73:
                    f7:cc:33:ab:94:34:2e:c2:0a:30:19:01:ee:ee:00:
                    11:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:0E:A1:D9:92:0B:04:FA:8E:4A:B0:64:C0:D3:E3:B2:E4:7B:79:83
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Sg6h2ZILBPqOSrBkwNPjsuR7eYM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.152.176.0/23
                  82.153.228.0/23

    Signature Algorithm: sha256WithRSAEncryption
         6c:2a:39:57:ee:41:09:f9:7c:c0:aa:c5:78:61:b4:8f:2b:84:
         b8:1e:f0:e6:10:eb:87:ea:bf:50:94:ce:8b:1d:ea:72:78:03:
         fc:dc:c9:b1:4c:1f:d2:79:87:9b:39:93:9a:1a:81:87:ef:d2:
         4e:f2:1c:f1:b8:69:ad:1d:be:a1:71:97:57:47:8a:ed:06:45:
         89:b7:77:57:b1:d0:be:32:d5:17:5f:52:e1:ea:54:5c:c9:2b:
         38:a2:b8:be:39:06:20:cc:47:c2:43:84:b0:01:6b:04:ec:55:
         14:1c:cd:fd:31:98:37:ff:2b:18:4d:f3:29:3f:9b:41:27:51:
         da:3d:bf:8f:cc:5a:a0:c2:24:67:25:01:72:97:b9:cf:81:97:
         92:5a:94:10:25:38:41:65:46:70:d9:3d:fd:d1:fd:8e:86:6f:
         17:ec:b8:b4:0b:31:27:5b:7f:f0:7a:1f:20:4a:7f:ce:9b:c9:
         d0:89:da:7d:a8:b8:34:24:c2:4d:10:58:ae:54:0b:5f:4b:f6:
         57:3e:7d:a8:0f:8b:01:3c:57:ae:78:47:f3:26:05:48:06:65:
         95:54:8f:45:71:95:c1:14:a0:6c:2e:09:93:3b:db:0f:36:41:
         10:71:e0:14:e6:ce:91:e6:70:e2:69:1b:82:d3:33:76:a2:24:
         c2:61:00:8d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY3RmDHo8WYLKuzzkFWodlZ+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMjIyMTYxMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTBlYTFkOTkyMGIwNGZhOGU0YWIwNjRjMGQzZTNiMmU0N2I3OTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqPGqJL5yDLp+FuNBulYhQahJuxvu
M/Z7UkaWMayR3JjbhklOgnMBxptyuj+A6YYiYpP3hl4ucY7JSqYPFHOniVzc89oB
fmW/e1RGnEoo17C1ynKLiBa4YROo9vMQqRwY05EApXQWE9GXRXxZVlGAPWBkaWkj
i0AlceP81XM3zTxldkca0i9HI0pQNqZ7W9zWMzMyBiQjlFzjVIU6v2oRsq1Pj/eC
E/+1P8XzG55dWBDzFdb/OMXhuIXKaKLtv8hk7LqUEGHlU0hTuhVyLslflkxCImkA
hBwX7z4g4KKltdfzUCJF8H5Uuf3qA+5nD3P3zDOrlDQuwgowGQHu7gARbQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEoOodmSCwT6jkqwZMDT47Lke3mDMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvU2c2aDJaSUxCUHFPU3JCa3dOUGpzdVI3ZVlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBUpiwAwQB
UpnkMA0GCSqGSIb3DQEBCwUAA4IBAQBsKjlX7kEJ+XzAqsV4YbSPK4S4HvDmEOuH
6r9QlM6LHepyeAP83MmxTB/SeYebOZOaGoGH79JO8hzxuGmtHb6hcZdXR4rtBkWJ
t3dXsdC+MtUXX1Lh6lRcySs4ori+OQYgzEfCQ4SwAWsE7FUUHM39MZg3/ysYTfMp
P5tBJ1HaPb+PzFqgwiRnJQFyl7nPgZeSWpQQJThBZUZw2T390f2Ohm8X7Li0CzEn
W3/weh8gSn/Om8nQidp9qLg0JMJNEFiuVAtfS/ZXPn2oD4sBPFeueEfzJgVIBmWV
VI9FcZXBFKBsLgmTO9sPNkEQceAU5s6R5nDiaRuC0zN2oiTCYQCN
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:23 2024 by rpki-client on console-ams.rpki-client.org