Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/WtpPq5CCBfNv26ycih5Wo9MWYGQ.roa
File:                     WtpPq5CCBfNv26ycih5Wo9MWYGQ.roa (raw, json)
Hash identifier:          BIr8+ecC/Z6PjQ9X7LrUSquZKg6Cu8Pqs5VAKGJfZGU=
Subject key identifier:   5A:DA:4F:AB:90:82:05:F3:6F:DB:AC:9C:8A:1E:56:A3:D3:16:60:64
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018D7D86647790ECDB9A4AB5ADE0A7960304
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/WtpPq5CCBfNv26ycih5Wo9MWYGQ.roa
Signing time:             Tue 06 Feb 2024 08:26:15 +0000
ROA not before:           Tue 06 Feb 2024 08:26:15 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     60781
IP address blocks:        82.153.246.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 27 Mar 2024 10:08:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:7d:86:64:77:90:ec:db:9a:4a:b5:ad:e0:a7:96:03:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Feb  6 08:26:15 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=5ada4fab908205f36fdbac9c8a1e56a3d3166064
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:79:ec:68:93:bd:a4:9d:c5:a6:29:04:90:38:
                    6a:e2:f4:ed:8c:5e:66:4f:9d:71:1c:38:b3:ed:b8:
                    32:22:fc:db:bb:ea:5b:56:c1:fc:a2:7b:1f:39:3b:
                    e1:0b:6e:f7:e8:ac:25:c8:b2:95:f1:68:e3:74:e0:
                    b1:56:fb:9e:6b:e7:8a:97:87:fc:62:98:cc:7e:67:
                    c9:83:64:95:d4:c6:44:3b:4b:e6:df:d2:e4:41:5e:
                    59:94:45:1d:47:97:42:65:56:98:d8:68:55:05:e1:
                    40:e5:2b:2b:30:59:98:a9:37:92:81:a7:8d:00:8f:
                    79:21:06:f4:8c:d6:ad:ce:b7:29:91:7f:1e:ed:58:
                    47:b2:2a:6f:c4:9b:1f:cc:68:0b:a2:4a:ca:7c:c2:
                    2b:5c:19:1a:41:c6:1a:39:22:20:d1:64:09:4c:20:
                    4b:3c:7c:a8:05:2e:80:98:3d:7f:3b:db:15:e8:16:
                    91:32:40:6b:42:e7:c0:c9:38:90:cf:5f:f4:51:a4:
                    7e:cf:13:a5:84:cb:0d:a6:71:de:47:7c:a5:e9:f0:
                    d4:4f:35:c9:60:31:56:b9:86:5e:8a:a5:98:77:04:
                    a0:fa:3f:f6:3a:e7:20:90:8c:bd:98:5c:71:e1:18:
                    eb:86:70:fe:a3:90:f2:9e:60:5c:dd:da:5b:b1:1c:
                    26:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:DA:4F:AB:90:82:05:F3:6F:DB:AC:9C:8A:1E:56:A3:D3:16:60:64
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/WtpPq5CCBfNv26ycih5Wo9MWYGQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.246.0/24

    Signature Algorithm: sha256WithRSAEncryption
         99:8f:95:cc:ea:10:85:36:81:e5:e4:1b:c9:9f:ad:d5:be:fe:
         a2:24:ab:1d:7f:d9:5f:83:60:35:29:49:cd:ad:01:2d:32:bb:
         c0:d1:cd:fe:f5:7d:ce:fb:0c:59:ee:b5:81:c1:f0:ab:87:ae:
         33:f1:99:48:e4:a1:e8:f7:da:f7:fa:eb:0c:aa:b8:d1:7f:69:
         2a:df:d8:ad:86:e2:84:66:30:83:56:d6:43:a8:4f:36:63:f4:
         70:f8:bd:49:67:bb:a5:fa:32:49:d0:b7:ea:ff:af:83:0c:3e:
         bc:c8:31:00:b5:8e:21:14:71:1d:2b:c9:af:ed:c5:5c:5c:24:
         e5:5c:53:db:f3:ec:f9:6f:0d:0d:5f:c5:02:b2:c5:3a:d1:2f:
         de:db:29:c4:f0:c6:2d:b4:16:34:a3:b1:95:b0:15:dc:97:62:
         6f:e6:31:ad:c0:88:5a:c3:4e:6f:0f:45:ce:04:36:e0:ce:05:
         d3:0d:ae:06:b6:d8:13:2a:7d:48:07:d7:64:e3:5c:29:31:1c:
         ea:e6:36:1f:81:6b:57:45:53:35:2e:10:8c:13:92:23:f5:e3:
         36:9d:c7:57:0d:80:75:ae:9e:ec:7b:e6:3a:45:71:7d:12:53:
         04:67:52:17:fb:fb:42:62:27:56:d3:78:c8:fc:b4:e8:bc:e1:
         26:83:da:af
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY19hmR3kOzbmkq1reCnlgMEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMjA2MDgyNjE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YWRhNGZhYjkwODIwNWYzNmZkYmFjOWM4YTFlNTZhM2QzMTY2MDY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlXnsaJO9pJ3FpikEkDhq4vTtjF5m
T51xHDiz7bgyIvzbu+pbVsH8onsfOTvhC2736KwlyLKV8WjjdOCxVvuea+eKl4f8
YpjMfmfJg2SV1MZEO0vm39LkQV5ZlEUdR5dCZVaY2GhVBeFA5SsrMFmYqTeSgaeN
AI95IQb0jNatzrcpkX8e7VhHsipvxJsfzGgLokrKfMIrXBkaQcYaOSIg0WQJTCBL
PHyoBS6AmD1/O9sV6BaRMkBrQufAyTiQz1/0UaR+zxOlhMsNpnHeR3yl6fDUTzXJ
YDFWuYZeiqWYdwSg+j/2OucgkIy9mFxx4RjrhnD+o5DynmBc3dpbsRwmyQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFraT6uQggXzb9usnIoeVqPTFmBkMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvV3RwUHE1Q0NCZk52MjZ5Y2loNVdvOU1XWUdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpn2MA0G
CSqGSIb3DQEBCwUAA4IBAQCZj5XM6hCFNoHl5BvJn63Vvv6iJKsdf9lfg2A1KUnN
rQEtMrvA0c3+9X3O+wxZ7rWBwfCrh64z8ZlI5KHo99r3+usMqrjRf2kq39ithuKE
ZjCDVtZDqE82Y/Rw+L1JZ7ul+jJJ0Lfq/6+DDD68yDEAtY4hFHEdK8mv7cVcXCTl
XFPb8+z5bw0NX8UCssU60S/e2ynE8MYttBY0o7GVsBXcl2Jv5jGtwIhaw05vD0XO
BDbgzgXTDa4GttgTKn1IB9dk41wpMRzq5jYfgWtXRVM1LhCME5Ij9eM2ncdXDYB1
rp7se+Y6RXF9ElMEZ1IX+/tCYidW03jI/LTovOEmg9qv
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:16 2024 by rpki-client on console-fra.rpki-client.org