Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ULZgf5FLxLaCtQkjaqr_iMmwMTE.roa
File:                     ULZgf5FLxLaCtQkjaqr_iMmwMTE.roa (raw, json)
Hash identifier:          3msH/CpU7OD5UrMzazahhv17o3rndt/NsMR+Tl+OVVo=
Subject key identifier:   50:B6:60:7F:91:4B:C4:B6:82:B5:09:23:6A:AA:FF:88:C9:B0:31:31
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018C359520AA3F13E3EFD56B6D9DAFB2CDB5
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ULZgf5FLxLaCtQkjaqr_iMmwMTE.roa
Signing time:             Mon 04 Dec 2023 16:06:54 +0000
ROA not before:           Mon 04 Dec 2023 16:06:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     216081
IP address blocks:        82.153.4.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:30:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:35:95:20:aa:3f:13:e3:ef:d5:6b:6d:9d:af:b2:cd:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Dec  4 16:06:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=50b6607f914bc4b682b509236aaaff88c9b03131
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:30:dc:9a:70:a8:e0:1d:d6:78:aa:c0:cd:35:
                    cb:66:ae:2f:7e:cd:62:bd:b5:62:a7:39:27:0a:a0:
                    87:4b:80:b7:24:3c:32:cd:c4:5c:b8:cb:79:c4:8f:
                    5c:3c:f8:14:69:55:83:a2:2e:0a:5e:ec:83:92:04:
                    f2:80:6f:92:49:20:2f:d6:71:3f:0a:56:ce:8d:5a:
                    1e:ec:3a:ee:d2:13:9d:40:01:4d:df:23:ee:03:6f:
                    77:fb:90:0c:56:d9:43:4d:72:60:60:02:cc:3f:9c:
                    e4:c6:7f:ac:7f:fc:f7:2c:92:13:f7:ca:ee:3d:96:
                    01:90:dc:e8:7c:d0:ae:c6:05:b1:25:80:5e:a7:92:
                    01:af:bc:69:5c:e5:67:25:c8:3d:6f:58:3c:4b:a2:
                    71:d1:7b:99:25:0b:64:68:77:31:f5:7e:17:38:5f:
                    48:e7:c4:27:95:9f:e9:b9:59:6d:3e:e3:af:ee:a7:
                    70:24:95:0d:b0:a9:62:53:1b:7a:48:cc:5b:18:6d:
                    45:c3:e9:ea:4a:fd:ab:e6:c9:34:de:f0:d8:37:2c:
                    f5:60:12:45:25:69:fb:06:63:f2:d2:fb:75:aa:8d:
                    dd:c0:a8:ee:77:73:f8:23:b3:f8:7a:33:db:28:e5:
                    ac:58:2e:f2:6e:3d:13:00:ba:d0:c7:b2:77:38:eb:
                    d3:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:B6:60:7F:91:4B:C4:B6:82:B5:09:23:6A:AA:FF:88:C9:B0:31:31
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ULZgf5FLxLaCtQkjaqr_iMmwMTE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.4.0/24

    Signature Algorithm: sha256WithRSAEncryption
         62:e3:1b:d1:da:36:1f:d8:0c:47:65:72:5e:e7:3b:2c:ec:4f:
         7f:14:a9:80:da:09:53:f9:a6:f0:27:3b:6c:c0:02:91:8d:c0:
         b4:b3:8e:1d:7f:a8:0f:a8:87:5a:78:f1:a8:70:1e:44:b6:fe:
         6d:c0:19:38:ae:2e:55:96:a4:86:a9:db:84:e7:36:da:29:53:
         18:2f:71:12:43:a7:59:47:2e:64:ff:34:25:51:7e:eb:3b:83:
         63:d2:44:15:23:ad:62:69:9d:12:a6:dc:2a:c2:34:19:cc:af:
         4f:d9:eb:9e:3a:95:85:b0:a2:28:9b:1c:b0:d2:00:22:dc:54:
         a2:52:42:ff:94:30:89:c0:8f:d1:c7:20:af:80:d0:29:53:95:
         39:12:89:60:34:86:b5:0a:1a:36:2c:f2:c9:17:16:2f:40:5a:
         11:1b:6a:9e:24:f1:9f:df:34:48:bc:6e:2f:2a:de:cd:07:29:
         8a:5f:b1:92:92:4c:bb:fc:b0:21:9c:73:91:ee:72:14:05:f3:
         c5:d0:75:6f:69:f5:7a:54:d0:75:32:f7:36:e0:33:c4:56:9c:
         12:59:62:76:88:e2:f7:c0:d7:83:44:78:4b:ee:31:e2:6a:ab:
         43:e7:58:e4:d5:d4:7e:bc:d1:61:01:4a:a6:02:df:c6:38:af:
         d7:07:3a:b2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYw1lSCqPxPj79VrbZ2vss21MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMxMjA0MTYwNjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGI2NjA3ZjkxNGJjNGI2ODJiNTA5MjM2YWFhZmY4OGM5YjAzMTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlTDcmnCo4B3WeKrAzTXLZq4vfs1i
vbVipzknCqCHS4C3JDwyzcRcuMt5xI9cPPgUaVWDoi4KXuyDkgTygG+SSSAv1nE/
ClbOjVoe7Dru0hOdQAFN3yPuA293+5AMVtlDTXJgYALMP5zkxn+sf/z3LJIT98ru
PZYBkNzofNCuxgWxJYBep5IBr7xpXOVnJcg9b1g8S6Jx0XuZJQtkaHcx9X4XOF9I
58QnlZ/puVltPuOv7qdwJJUNsKliUxt6SMxbGG1Fw+nqSv2r5sk03vDYNyz1YBJF
JWn7BmPy0vt1qo3dwKjud3P4I7P4ejPbKOWsWC7ybj0TALrQx7J3OOvTcQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFC2YH+RS8S2grUJI2qq/4jJsDExMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvVUxaZ2Y1Rkx4TGFDdFFramFxcl9pTW13TVRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpkEMA0G
CSqGSIb3DQEBCwUAA4IBAQBi4xvR2jYf2AxHZXJe5zss7E9/FKmA2glT+abwJzts
wAKRjcC0s44df6gPqIdaePGocB5Etv5twBk4ri5VlqSGqduE5zbaKVMYL3ESQ6dZ
Ry5k/zQlUX7rO4Nj0kQVI61iaZ0SptwqwjQZzK9P2eueOpWFsKIomxyw0gAi3FSi
UkL/lDCJwI/RxyCvgNApU5U5EolgNIa1Cho2LPLJFxYvQFoRG2qeJPGf3zRIvG4v
Kt7NBymKX7GSkky7/LAhnHOR7nIUBfPF0HVvafV6VNB1Mvc24DPEVpwSWWJ2iOL3
wNeDRHhL7jHiaqtD51jk1dR+vNFhAUqmAt/GOK/XBzqy
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:23 2024 by rpki-client on console-ams.rpki-client.org