Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Sz6dU9xrc9Yuv7Km9xx_oy8FW8Y.roa
File:                     Sz6dU9xrc9Yuv7Km9xx_oy8FW8Y.roa (raw, json)
Hash identifier:          Q8a0DWzZbzqKndX9QbKNrCBnJG7N3BSLacoPdx3VdlU=
Subject key identifier:   4B:3E:9D:53:DC:6B:73:D6:2E:BF:B2:A6:F7:1C:7F:A3:2F:05:5B:C6
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       0186976071B5C3DBF221442C8AF0B036BF4C
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Sz6dU9xrc9Yuv7Km9xx_oy8FW8Y.roa
Signing time:             Tue 28 Feb 2023 09:35:25 +0000
ROA not before:           Tue 28 Feb 2023 09:35:25 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     3320
IP address blocks:        82.153.240.0/24 maxlen: 24
                          82.153.243.0/24 maxlen: 24
                          82.153.250.0/24 maxlen: 24
                          82.153.69.0/24 maxlen: 24
                          81.168.35.0/24 maxlen: 24
                          82.153.221.0/24 maxlen: 24
                          82.153.220.0/24 maxlen: 24
                          82.153.223.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 01 Mar 2023 09:05:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:97:60:71:b5:c3:db:f2:21:44:2c:8a:f0:b0:36:bf:4c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Feb 28 09:35:25 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4b3e9d53dc6b73d62ebfb2a6f71c7fa32f055bc6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:68:ca:9c:cf:b9:a6:b2:72:5b:1f:15:00:c9:
                    bc:ad:e3:4a:09:f7:43:a1:56:b2:38:62:32:69:0b:
                    e3:d5:f8:af:a2:6e:5b:3e:2d:eb:10:64:01:94:b2:
                    d6:a9:cf:1e:38:31:68:1f:5b:3c:8d:a8:03:5f:fe:
                    70:54:ce:f1:be:24:f1:63:88:68:3d:9e:40:41:86:
                    ae:d4:8d:a5:e8:24:b0:45:9a:9f:4d:62:f9:ad:a8:
                    8b:ed:fb:c4:48:fc:b0:37:37:c5:29:a2:2b:e3:29:
                    b1:cd:8a:4b:8f:41:1b:a4:9a:7e:2e:d9:46:9b:41:
                    d6:e0:6d:c0:39:40:e2:b4:e6:a6:a4:61:11:fc:24:
                    bf:10:97:5f:5a:13:2e:bd:5c:6f:c8:f2:d8:00:df:
                    b6:41:c1:17:c3:08:cc:0e:2b:13:2d:61:14:7a:96:
                    a3:bf:d2:a2:ff:8d:b8:65:04:39:ab:40:00:1c:ae:
                    75:7f:64:26:69:a2:08:7a:bb:32:30:d0:bb:2e:6d:
                    64:bc:2e:2c:b3:b7:69:ab:86:28:21:28:a3:b1:15:
                    57:ff:ad:49:59:b3:22:46:4d:3f:36:d6:20:9b:0b:
                    d8:d9:6e:4a:c1:c6:41:ed:b0:7b:77:ed:3d:36:7a:
                    a1:62:a2:0b:1f:5a:b4:77:5b:e5:7e:70:63:4b:f4:
                    07:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:3E:9D:53:DC:6B:73:D6:2E:BF:B2:A6:F7:1C:7F:A3:2F:05:5B:C6
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Sz6dU9xrc9Yuv7Km9xx_oy8FW8Y.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.168.35.0/24
                  82.153.69.0/24
                  82.153.220.0/23
                  82.153.223.0/24
                  82.153.240.0/24
                  82.153.243.0/24
                  82.153.250.0/24

    Signature Algorithm: sha256WithRSAEncryption
         61:a7:30:3a:64:02:c8:fa:a5:17:50:ea:76:c7:ea:eb:ab:51:
         2a:45:b7:77:d8:67:4b:e2:a6:30:02:63:86:d9:36:bd:3c:79:
         db:77:99:3c:f5:e1:a0:d5:88:b3:73:04:fb:72:3e:ee:21:65:
         a0:b0:6b:83:5a:bd:81:a3:7e:ab:e9:23:76:eb:62:3b:17:e5:
         42:20:62:08:32:1c:54:c8:a4:ab:76:32:8b:65:c5:27:8f:f0:
         09:a3:66:93:aa:06:f7:4f:54:1e:05:7a:87:55:0a:c7:26:e9:
         34:5b:7a:4f:1a:2e:12:eb:cc:9a:da:37:49:83:70:f6:95:c0:
         6b:7f:98:ef:cc:d3:f6:ee:00:1f:c2:f1:57:f2:3c:6a:e2:d2:
         3e:44:88:2a:4f:3e:c1:7e:42:04:60:64:1e:7f:01:06:7d:67:
         9a:34:86:8f:b4:1a:f4:71:8b:1c:2f:b2:9a:fa:c1:57:c0:4f:
         0b:26:e3:57:8d:22:0e:e7:48:f4:12:75:ca:64:22:ad:8d:90:
         9a:d2:d2:bd:a6:a1:cd:4e:71:5c:40:47:ff:7d:fe:84:de:95:
         8a:1e:e0:29:69:7b:55:f1:4d:6e:29:86:33:09:ea:37:07:a2:
         42:41:f5:2b:78:55:f9:29:64:83:3b:5f:c4:58:b9:4c:40:8e:
         09:53:56:d2
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYaXYHG1w9vyIUQsivCwNr9MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwMjI4MDkzNTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjNlOWQ1M2RjNmI3M2Q2MmViZmIyYTZmNzFjN2ZhMzJmMDU1YmM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlWjKnM+5prJyWx8VAMm8reNKCfdD
oVayOGIyaQvj1fivom5bPi3rEGQBlLLWqc8eODFoH1s8jagDX/5wVM7xviTxY4ho
PZ5AQYau1I2l6CSwRZqfTWL5raiL7fvESPywNzfFKaIr4ymxzYpLj0EbpJp+LtlG
m0HW4G3AOUDitOampGER/CS/EJdfWhMuvVxvyPLYAN+2QcEXwwjMDisTLWEUepaj
v9Ki/424ZQQ5q0AAHK51f2QmaaIIersyMNC7Lm1kvC4ss7dpq4YoISijsRVX/61J
WbMiRk0/NtYgmwvY2W5KwcZB7bB7d+09NnqhYqILH1q0d1vlfnBjS/QHjwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFEs+nVPca3PWLr+ypvccf6MvBVvGMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvU3o2ZFU5eHJjOVl1djdLbTl4eF9veThGVzhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAUagjAwQA
UplFAwQBUpncAwQAUpnfAwQAUpnwAwQAUpnzAwQAUpn6MA0GCSqGSIb3DQEBCwUA
A4IBAQBhpzA6ZALI+qUXUOp2x+rrq1EqRbd32GdL4qYwAmOG2Ta9PHnbd5k89eGg
1YizcwT7cj7uIWWgsGuDWr2Bo36r6SN262I7F+VCIGIIMhxUyKSrdjKLZcUnj/AJ
o2aTqgb3T1QeBXqHVQrHJuk0W3pPGi4S68ya2jdJg3D2lcBrf5jvzNP27gAfwvFX
8jxq4tI+RIgqTz7BfkIEYGQefwEGfWeaNIaPtBr0cYscL7Ka+sFXwE8LJuNXjSIO
50j0EnXKZCKtjZCa0tK9pqHNTnFcQEf/ff6E3pWKHuApaXtV8U1uKYYzCeo3B6JC
QfUreFX5KWSDO1/EWLlMQI4JU1bS
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:23 2024 by rpki-client on console-ams.rpki-client.org