Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/U3fSWPVhIYeph1KLFbq67KaNp9I.roa
File:                     U3fSWPVhIYeph1KLFbq67KaNp9I.roa (raw, json)
Hash identifier:          UnsrF3KMiJEaVr0kWAwEjeHz4gZbx65AbQJT7uyLmWg=
Subject key identifier:   53:77:D2:58:F5:61:21:87:A9:87:52:8B:15:BA:BA:EC:A6:8D:A7:D2
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       01888A94DEB37F1BC3C854A484E7B7E91393
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/U3fSWPVhIYeph1KLFbq67KaNp9I.roa
Signing time:             Mon 05 Jun 2023 08:03:12 +0000
ROA not before:           Mon 05 Jun 2023 08:03:12 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     59538
IP address blocks:        82.152.249.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 09 Aug 2023 11:21:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:8a:94:de:b3:7f:1b:c3:c8:54:a4:84:e7:b7:e9:13:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jun  5 08:03:12 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5377d258f5612187a987528b15babaeca68da7d2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:46:d8:c4:8d:de:c5:56:b0:49:2f:57:17:46:
                    42:42:2d:66:2d:fd:63:90:9e:7f:85:4a:3a:46:d5:
                    94:03:f8:e0:95:1e:0e:59:1b:e4:79:c3:ad:0d:ae:
                    ba:f8:44:95:e8:3d:d9:48:3a:7d:70:ea:ed:ff:be:
                    e6:6b:fb:7f:c6:8b:c3:37:94:35:d6:ee:ad:ce:33:
                    6f:7d:06:02:16:ac:c1:ae:ba:4c:b0:80:7a:d2:43:
                    44:76:27:59:89:89:35:2c:ad:ba:32:9f:63:0a:4c:
                    b7:64:c0:b7:33:26:8c:23:49:a6:54:1c:d7:2a:19:
                    ac:45:da:80:07:fd:18:48:8f:11:83:6b:01:23:78:
                    12:59:f4:98:de:48:1b:e4:ae:84:8a:2f:d1:21:e8:
                    e4:f3:9a:1e:21:3a:77:62:61:cb:cf:99:a0:24:9e:
                    b9:c1:92:5a:98:60:cb:72:eb:b4:1c:94:5b:d9:7c:
                    f4:ae:60:7d:74:e6:f7:28:dc:04:d1:63:00:3b:ce:
                    53:03:90:85:3c:9a:2e:4a:a7:6e:2a:52:66:91:56:
                    ba:c4:d0:82:a7:ce:46:d8:da:7b:28:d8:30:8f:08:
                    63:f9:92:0b:e8:f1:26:cf:88:2f:05:0a:70:ad:0b:
                    b1:14:d6:74:9c:8e:9f:0b:8a:50:f5:5c:15:0a:2c:
                    8b:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:77:D2:58:F5:61:21:87:A9:87:52:8B:15:BA:BA:EC:A6:8D:A7:D2
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/U3fSWPVhIYeph1KLFbq67KaNp9I.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.152.249.0/24

    Signature Algorithm: sha256WithRSAEncryption
         48:21:3f:45:cf:4e:28:22:ff:9f:57:ab:02:3d:45:4d:4d:6b:
         a7:4f:e6:08:a4:0c:c7:e9:33:78:02:f9:d7:66:b8:4e:ef:77:
         76:ea:73:11:f7:8c:dd:94:d7:aa:33:9b:65:49:e7:77:ac:ce:
         04:a9:b0:8b:25:b1:01:6b:b4:ff:54:96:5f:eb:1b:a4:7f:d4:
         8c:48:ba:25:b0:b0:90:62:de:70:fb:67:84:98:c2:8a:1e:cc:
         58:25:de:48:b6:d5:40:1c:c4:e9:d6:32:ef:05:6f:96:3e:4e:
         a6:1e:47:c6:79:7f:34:44:6b:f6:5e:b1:17:d8:c9:8d:e6:a4:
         ae:b7:de:e8:31:9f:90:01:83:48:5f:ad:12:e4:80:22:16:7b:
         64:ea:37:66:e0:4d:e4:6a:af:98:72:01:c1:1e:a2:7e:c6:c0:
         d5:8e:ce:4e:d9:82:3b:7e:db:1f:24:70:84:96:ed:9a:a9:31:
         37:a0:0a:9c:f5:b2:b7:0b:35:ca:25:b6:e3:c7:79:5a:51:19:
         c3:20:ae:d6:fb:81:62:13:91:10:e8:24:3d:54:86:65:fe:cd:
         2a:d2:81:d0:8c:0d:97:5e:8a:e8:23:c8:8b:d9:b6:4a:e3:b7:
         0a:32:e7:e5:34:b7:47:fa:c7:b8:cc:14:80:9f:79:9d:f8:5a:
         b1:2b:5b:54
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYiKlN6zfxvDyFSkhOe36ROTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNjA1MDgwMzEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Mzc3ZDI1OGY1NjEyMTg3YTk4NzUyOGIxNWJhYmFlY2E2OGRhN2QyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz0bYxI3exVawSS9XF0ZCQi1mLf1j
kJ5/hUo6RtWUA/jglR4OWRvkecOtDa66+ESV6D3ZSDp9cOrt/77ma/t/xovDN5Q1
1u6tzjNvfQYCFqzBrrpMsIB60kNEdidZiYk1LK26Mp9jCky3ZMC3MyaMI0mmVBzX
KhmsRdqAB/0YSI8Rg2sBI3gSWfSY3kgb5K6Eii/RIejk85oeITp3YmHLz5mgJJ65
wZJamGDLcuu0HJRb2Xz0rmB9dOb3KNwE0WMAO85TA5CFPJouSqduKlJmkVa6xNCC
p85G2Np7KNgwjwhj+ZIL6PEmz4gvBQpwrQuxFNZ0nI6fC4pQ9VwVCiyL4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFN30lj1YSGHqYdSixW6uuymjafSMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvVTNmU1dQVmhJWWVwaDFLTEZicTY3S2FOcDlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpj5MA0G
CSqGSIb3DQEBCwUAA4IBAQBIIT9Fz04oIv+fV6sCPUVNTWunT+YIpAzH6TN4AvnX
ZrhO73d26nMR94zdlNeqM5tlSed3rM4EqbCLJbEBa7T/VJZf6xukf9SMSLolsLCQ
Yt5w+2eEmMKKHsxYJd5IttVAHMTp1jLvBW+WPk6mHkfGeX80RGv2XrEX2MmN5qSu
t97oMZ+QAYNIX60S5IAiFntk6jdm4E3kaq+YcgHBHqJ+xsDVjs5O2YI7ftsfJHCE
lu2aqTE3oAqc9bK3CzXKJbbjx3laURnDIK7W+4FiE5EQ6CQ9VIZl/s0q0oHQjA2X
XoroI8iL2bZK47cKMuflNLdH+se4zBSAn3md+FqxK1tU
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:16 2024 by rpki-client on console-fra.rpki-client.org