Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/TpvHctCd8HWqsywuWkWWpVb6Bo8.roa
File:                     TpvHctCd8HWqsywuWkWWpVb6Bo8.roa (raw, json)
Hash identifier:          /ke1JtfHa07hh6dzUAjTxx/CnmH6vzir313xvJyvh3s=
Subject key identifier:   4E:9B:C7:72:D0:9D:F0:75:AA:B3:2C:2E:5A:45:96:A5:56:FA:06:8F
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018CC34960703937D4783C447F6738F67A01
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/TpvHctCd8HWqsywuWkWWpVb6Bo8.roa
Signing time:             Mon 01 Jan 2024 04:30:15 +0000
ROA not before:           Mon 01 Jan 2024 04:30:15 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     210907
IP address blocks:        82.153.64.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 29 Feb 2024 09:37:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:49:60:70:39:37:d4:78:3c:44:7f:67:38:f6:7a:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jan  1 04:30:15 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=4e9bc772d09df075aab32c2e5a4596a556fa068f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:96:ba:43:ab:1f:36:6f:71:67:fb:c7:24:23:
                    af:c7:a6:9b:b6:3c:99:6f:f8:00:bb:36:34:0e:1f:
                    33:9c:90:9b:f0:12:67:f6:f2:f9:df:48:7f:30:d0:
                    24:fa:3d:bd:8d:29:0a:31:87:72:45:ee:f9:84:30:
                    b7:60:cd:c9:c4:7f:41:fa:cb:d9:6b:8f:10:01:3a:
                    3d:7e:68:65:05:d7:2a:28:b3:c0:43:f8:09:3c:81:
                    b8:30:8a:fc:ac:1c:5d:db:59:28:3a:7d:0b:89:18:
                    7e:92:f9:c1:51:15:43:37:48:87:a0:f7:6b:13:e0:
                    5d:45:63:28:df:87:e8:7a:9d:38:8a:28:50:5f:0f:
                    de:07:2c:88:ad:b6:fb:d3:90:1e:48:1f:bc:e3:2b:
                    d2:8d:c6:b0:a2:93:9d:48:e9:bf:08:7a:ce:37:4c:
                    62:f8:f6:e7:e4:ee:66:46:0a:e3:ba:af:88:bf:a9:
                    d8:2c:d5:58:2c:23:21:ed:0b:6f:e4:5f:04:fb:16:
                    66:5d:e5:08:2c:62:d9:e5:11:9c:21:82:cb:84:0f:
                    25:e5:77:d3:15:7e:47:6c:1b:7e:98:00:e2:08:70:
                    71:08:c3:e5:7c:a6:03:c0:80:53:5b:f2:1f:7d:f2:
                    c6:88:7d:8d:e1:2e:a2:66:2f:90:de:bf:2d:dd:8b:
                    d4:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:9B:C7:72:D0:9D:F0:75:AA:B3:2C:2E:5A:45:96:A5:56:FA:06:8F
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/TpvHctCd8HWqsywuWkWWpVb6Bo8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.64.0/24

    Signature Algorithm: sha256WithRSAEncryption
         52:b0:ed:1b:79:f0:ff:c2:2d:3c:f5:fc:cd:a5:84:60:d9:c9:
         0b:61:16:6a:be:14:21:f6:14:de:2d:96:47:03:6c:5a:df:91:
         ba:2f:a5:15:48:fd:06:5a:fc:21:ec:1c:9f:7f:e6:6d:6a:fb:
         87:21:3b:92:cc:e1:dc:47:c5:4f:84:73:2c:34:54:9d:df:5f:
         9c:d4:5f:09:55:12:7a:d7:26:c1:ca:e2:6d:62:3a:92:0b:8e:
         07:c7:3e:dc:c6:c2:ad:df:21:91:f2:9c:15:ea:84:3e:9e:c9:
         10:bd:77:bc:3b:61:75:95:f2:27:53:03:5d:15:f3:fb:a2:d2:
         12:e8:c2:77:42:3c:17:9e:dc:93:e5:72:08:f6:a4:3e:33:72:
         0d:05:e3:0e:e1:09:79:b3:50:8d:d3:bb:dd:f3:5e:35:29:f7:
         3e:47:6c:fb:fb:d2:a6:3b:40:09:83:ed:83:41:f0:6c:66:ae:
         0f:a2:19:91:66:47:3d:7f:11:da:ca:56:eb:59:9f:ed:c5:3d:
         63:60:96:a0:f1:f5:0a:27:85:90:d0:6f:fc:87:84:42:9b:71:
         7c:dc:ba:8d:39:2f:5a:12:00:5d:43:19:6a:c3:44:3f:f0:4e:
         98:8b:63:64:40:12:03:00:6d:30:ec:8d:f6:7b:42:02:ec:26:
         80:5d:6d:5d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSWBwOTfUeDxEf2c49noBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMTAxMDQzMDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTliYzc3MmQwOWRmMDc1YWFiMzJjMmU1YTQ1OTZhNTU2ZmEwNjhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsJa6Q6sfNm9xZ/vHJCOvx6abtjyZ
b/gAuzY0Dh8znJCb8BJn9vL530h/MNAk+j29jSkKMYdyRe75hDC3YM3JxH9B+svZ
a48QATo9fmhlBdcqKLPAQ/gJPIG4MIr8rBxd21koOn0LiRh+kvnBURVDN0iHoPdr
E+BdRWMo34foep04iihQXw/eByyIrbb705AeSB+84yvSjcawopOdSOm/CHrON0xi
+Pbn5O5mRgrjuq+Iv6nYLNVYLCMh7Qtv5F8E+xZmXeUILGLZ5RGcIYLLhA8l5XfT
FX5HbBt+mADiCHBxCMPlfKYDwIBTW/IfffLGiH2N4S6iZi+Q3r8t3YvUXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE6bx3LQnfB1qrMsLlpFlqVW+gaPMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvVHB2SGN0Q2Q4SFdxc3l3dVdrV1dwVmI2Qm84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUplAMA0G
CSqGSIb3DQEBCwUAA4IBAQBSsO0befD/wi089fzNpYRg2ckLYRZqvhQh9hTeLZZH
A2xa35G6L6UVSP0GWvwh7Byff+ZtavuHITuSzOHcR8VPhHMsNFSd31+c1F8JVRJ6
1ybByuJtYjqSC44Hxz7cxsKt3yGR8pwV6oQ+nskQvXe8O2F1lfInUwNdFfP7otIS
6MJ3QjwXntyT5XII9qQ+M3INBeMO4Ql5s1CN07vd8141Kfc+R2z7+9KmO0AJg+2D
QfBsZq4PohmRZkc9fxHaylbrWZ/txT1jYJag8fUKJ4WQ0G/8h4RCm3F83LqNOS9a
EgBdQxlqw0Q/8E6Yi2NkQBIDAG0w7I32e0IC7CaAXW1d
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:16 2024 by rpki-client on console-fra.rpki-client.org