Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/UrI4OhwVEPF1jUVTvju8_2A_sm4.roa
File:                     UrI4OhwVEPF1jUVTvju8_2A_sm4.roa (raw, json)
Hash identifier:          asmCHpHXwk5DxYF04uLbb5RggJ5jGsJubO33Mg4Y3iY=
Subject key identifier:   52:B2:38:3A:1C:15:10:F1:75:8D:45:53:BE:3B:BC:FF:60:3F:B2:6E
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       0188AEA5F787FF139F6DE039EF57B0F4ADBE
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/UrI4OhwVEPF1jUVTvju8_2A_sm4.roa
Signing time:             Mon 12 Jun 2023 08:08:12 +0000
ROA not before:           Mon 12 Jun 2023 08:08:12 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     200482
IP address blocks:        82.153.137.0/24 maxlen: 24
                          82.153.140.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 30 Jun 2023 15:13:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:ae:a5:f7:87:ff:13:9f:6d:e0:39:ef:57:b0:f4:ad:be
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jun 12 08:08:12 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=52b2383a1c1510f1758d4553be3bbcff603fb26e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:fc:a1:0f:00:5c:2f:92:c1:07:cf:9b:f6:33:
                    39:f3:dc:16:64:3c:92:45:fa:d3:9b:cd:cb:8e:51:
                    1e:46:8d:f6:f3:17:d1:79:b7:15:08:6a:ad:cf:35:
                    02:0f:9f:83:0a:a5:c1:63:b3:be:a3:8b:57:4e:71:
                    59:d5:f3:a8:b1:23:ac:e9:1f:bb:69:c8:50:8e:4b:
                    1b:3d:ea:97:2d:80:db:7c:c0:0f:a2:0e:3e:ea:32:
                    9c:88:5c:00:9c:3f:0c:8b:f1:aa:f6:2d:4c:c8:b9:
                    6a:37:e9:d5:f7:12:a9:d1:41:31:e9:66:7b:34:e1:
                    66:b4:d1:f8:b0:c4:37:5c:12:c7:9a:b0:04:dc:2b:
                    28:e5:ab:91:84:f9:dc:2f:e0:16:f0:bd:e2:9a:f3:
                    a7:ba:68:88:0c:8f:b3:db:69:56:e3:d4:2b:c3:d6:
                    bd:a6:da:9d:ca:ee:fb:85:31:bc:8b:99:8b:c3:ba:
                    d9:7b:34:3b:dc:8b:2e:94:72:b6:bc:d3:14:99:c1:
                    ce:64:08:30:74:40:63:7c:45:4e:f7:3d:e6:b8:79:
                    7c:5f:9d:de:bd:b9:56:36:fe:66:d5:5f:8c:ae:53:
                    83:9f:60:0d:f5:ae:ec:a0:87:51:71:03:b9:aa:3a:
                    ff:ea:b3:f0:de:64:9c:b3:68:11:c2:17:49:d7:94:
                    23:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:B2:38:3A:1C:15:10:F1:75:8D:45:53:BE:3B:BC:FF:60:3F:B2:6E
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/UrI4OhwVEPF1jUVTvju8_2A_sm4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.137.0/24
                  82.153.140.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0c:0b:59:a8:d1:12:3a:f4:f8:24:19:e8:db:64:a1:82:39:fc:
         f5:29:a1:fc:24:46:d0:b9:92:4f:66:bd:65:e7:8f:05:51:e9:
         3b:19:e5:8e:61:27:04:aa:d1:51:4b:d2:a0:37:ae:2d:3d:fe:
         2e:0e:1c:7c:8e:85:5e:6c:f9:b6:76:42:2c:e7:f1:66:80:8f:
         85:15:7b:7b:9c:54:cc:aa:c9:81:15:f4:0d:ce:b9:65:05:ff:
         39:a4:dc:bf:82:3f:b3:0e:83:35:98:60:29:7d:ac:d1:8b:a0:
         76:47:74:e2:43:e8:a6:f4:af:34:28:04:a0:0a:05:38:05:86:
         2a:1d:5c:08:36:8c:92:88:17:7f:bc:ac:19:60:fa:01:fd:7b:
         7a:f2:78:9d:1e:b3:db:38:df:66:d8:63:c4:fc:62:f5:2d:d2:
         22:cd:d7:92:84:0a:39:df:94:5f:44:5f:36:3c:1f:e1:de:c9:
         a1:42:54:b3:bd:0e:49:23:0b:08:41:a3:5e:7c:e9:8a:3d:08:
         4b:df:b0:63:30:bc:dc:99:21:b8:9b:10:e3:ea:26:97:38:d2:
         1d:83:bb:8d:d2:4b:f4:78:b1:52:07:ea:68:3b:28:7c:6a:bf:
         f0:63:0a:1c:25:a0:bd:a6:23:62:b3:dc:58:30:09:93:50:ac:
         ad:89:cf:fc
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYiupfeH/xOfbeA571ew9K2+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNjEyMDgwODEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmIyMzgzYTFjMTUxMGYxNzU4ZDQ1NTNiZTNiYmNmZjYwM2ZiMjZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwvyhDwBcL5LBB8+b9jM589wWZDyS
RfrTm83LjlEeRo328xfRebcVCGqtzzUCD5+DCqXBY7O+o4tXTnFZ1fOosSOs6R+7
achQjksbPeqXLYDbfMAPog4+6jKciFwAnD8Mi/Gq9i1MyLlqN+nV9xKp0UEx6WZ7
NOFmtNH4sMQ3XBLHmrAE3Cso5auRhPncL+AW8L3imvOnumiIDI+z22lW49Qrw9a9
ptqdyu77hTG8i5mLw7rZezQ73IsulHK2vNMUmcHOZAgwdEBjfEVO9z3muHl8X53e
vblWNv5m1V+MrlODn2AN9a7soIdRcQO5qjr/6rPw3mScs2gRwhdJ15Qj/QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFKyODocFRDxdY1FU747vP9gP7JuMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvVXJJNE9od1ZFUEYxalVWVHZqdThfMkFfc200LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUpmJAwQA
UpmMMA0GCSqGSIb3DQEBCwUAA4IBAQAMC1mo0RI69PgkGejbZKGCOfz1KaH8JEbQ
uZJPZr1l548FUek7GeWOYScEqtFRS9KgN64tPf4uDhx8joVebPm2dkIs5/FmgI+F
FXt7nFTMqsmBFfQNzrllBf85pNy/gj+zDoM1mGApfazRi6B2R3TiQ+im9K80KASg
CgU4BYYqHVwINoySiBd/vKwZYPoB/Xt68nidHrPbON9m2GPE/GL1LdIizdeShAo5
35RfRF82PB/h3smhQlSzvQ5JIwsIQaNefOmKPQhL37BjMLzcmSG4mxDj6iaXONId
g7uN0kv0eLFSB+poOyh8ar/wYwocJaC9piNis9xYMAmTUKytic/8
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:16 2024 by rpki-client on console-fra.rpki-client.org