Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/XC1RXfk8IXCSK3lkrChv-pLb1aA.roa
File:                     XC1RXfk8IXCSK3lkrChv-pLb1aA.roa (raw, json)
Hash identifier:          TJ95dIKv96mBrGmFD0WFHKxEi8Yyf0O5URb7b2WfSmk=
Subject key identifier:   5C:2D:51:5D:F9:3C:21:70:92:2B:79:64:AC:28:6F:FA:92:DB:D5:A0
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       01885BF9E976BD53D4821F2336D325276B56
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/XC1RXfk8IXCSK3lkrChv-pLb1aA.roa
Signing time:             Sat 27 May 2023 06:51:24 +0000
ROA not before:           Sat 27 May 2023 06:51:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204843
IP address blocks:        82.153.246.0/24 maxlen: 24
                          82.153.242.0/24 maxlen: 24
                          82.153.50.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 19 Jun 2023 09:59:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:5b:f9:e9:76:bd:53:d4:82:1f:23:36:d3:25:27:6b:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: May 27 06:51:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5c2d515df93c2170922b7964ac286ffa92dbd5a0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:1c:50:51:42:d3:28:2b:d6:96:10:9b:4f:30:
                    37:ff:59:fb:e1:58:c7:93:a0:a1:d8:39:44:45:e5:
                    2c:e4:9d:17:eb:d2:83:fd:81:65:9b:31:53:15:4e:
                    f1:46:eb:3c:f8:7a:92:01:d5:7f:a8:ef:53:12:ad:
                    14:98:1b:03:c8:c6:5e:9c:19:89:f9:ca:7f:88:2d:
                    64:a1:e1:92:57:54:db:46:93:48:91:86:ab:6c:58:
                    a9:32:47:d8:0a:f2:fe:02:35:ff:c7:07:9a:c4:01:
                    0f:93:27:19:18:2a:f8:39:af:84:38:fa:8f:12:05:
                    47:42:cf:12:27:9e:fc:c6:ab:d3:9b:8d:20:61:40:
                    e7:10:ee:18:1c:28:7a:09:02:64:4a:05:6e:c6:c1:
                    92:cd:a5:b8:fa:1d:a9:ce:fe:01:a4:f3:d8:f9:ed:
                    95:4c:da:66:7d:01:91:5f:01:ef:54:9e:44:28:e7:
                    82:ba:18:8e:6a:d7:34:f0:bc:62:b1:84:1e:c4:cd:
                    96:df:57:60:78:0b:5b:b4:f3:3b:4a:29:b4:6b:57:
                    b8:39:ec:e9:0e:a9:72:e4:3d:24:10:c1:81:5a:54:
                    66:4c:d0:85:71:61:f0:f4:4d:74:6f:51:56:c8:81:
                    b7:b3:a5:32:01:7e:c9:80:1e:33:83:1d:64:44:f5:
                    7d:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:2D:51:5D:F9:3C:21:70:92:2B:79:64:AC:28:6F:FA:92:DB:D5:A0
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/XC1RXfk8IXCSK3lkrChv-pLb1aA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.50.0/24
                  82.153.242.0/24
                  82.153.246.0/24

    Signature Algorithm: sha256WithRSAEncryption
         67:77:95:97:a2:32:d6:ab:4c:29:4f:3e:b8:43:60:96:02:53:
         20:d1:c5:40:3c:21:e4:0b:13:21:fa:0e:52:6b:f1:fc:19:6d:
         d6:84:fd:90:87:3b:57:95:a2:c4:6b:0d:ba:c4:2f:bd:70:09:
         d3:a4:45:c9:a6:a5:d8:84:b5:9a:e2:fd:d8:f1:d9:71:62:4b:
         4a:a0:09:ed:23:a2:6b:24:fb:02:23:82:6c:14:f0:3a:13:00:
         4a:46:61:d3:12:66:d4:5a:d2:78:4e:f1:19:40:c5:02:03:be:
         57:09:8e:92:35:b0:a0:4d:37:e1:1a:82:47:b6:a9:81:c3:e8:
         d1:d5:75:0c:aa:79:60:20:6f:e6:a9:72:5d:c5:e0:fe:4a:b9:
         2b:d5:74:99:31:b9:c0:49:71:c1:9f:56:44:2e:55:1f:15:fb:
         36:71:b4:c0:4d:42:2c:be:34:40:1c:39:88:8c:eb:94:44:60:
         2a:46:bc:06:b7:a4:cd:ef:b3:72:32:49:20:48:8c:63:a2:32:
         e6:f1:ee:2a:54:1f:10:45:f7:c3:e3:88:c5:d3:fc:8b:84:23:
         18:3f:49:17:25:e3:e6:01:18:ec:f9:0a:1a:c8:38:77:e7:41:
         a2:d2:a2:c7:8f:06:9f:1b:d2:5f:4a:84:4e:8b:35:c8:f4:06:
         99:46:a2:07
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYhb+el2vVPUgh8jNtMlJ2tWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNTI3MDY1MTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzJkNTE1ZGY5M2MyMTcwOTIyYjc5NjRhYzI4NmZmYTkyZGJkNWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArxxQUULTKCvWlhCbTzA3/1n74VjH
k6Ch2DlEReUs5J0X69KD/YFlmzFTFU7xRus8+HqSAdV/qO9TEq0UmBsDyMZenBmJ
+cp/iC1koeGSV1TbRpNIkYarbFipMkfYCvL+AjX/xweaxAEPkycZGCr4Oa+EOPqP
EgVHQs8SJ578xqvTm40gYUDnEO4YHCh6CQJkSgVuxsGSzaW4+h2pzv4BpPPY+e2V
TNpmfQGRXwHvVJ5EKOeCuhiOatc08LxisYQexM2W31dgeAtbtPM7Sim0a1e4Oezp
Dqly5D0kEMGBWlRmTNCFcWHw9E10b1FWyIG3s6UyAX7JgB4zgx1kRPV9gwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFwtUV35PCFwkit5ZKwob/qS29WgMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvWEMxUlhmazhJWENTSzNsa3JDaHYtcExiMWFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUpkyAwQA
UpnyAwQAUpn2MA0GCSqGSIb3DQEBCwUAA4IBAQBnd5WXojLWq0wpTz64Q2CWAlMg
0cVAPCHkCxMh+g5Sa/H8GW3WhP2QhztXlaLEaw26xC+9cAnTpEXJpqXYhLWa4v3Y
8dlxYktKoAntI6JrJPsCI4JsFPA6EwBKRmHTEmbUWtJ4TvEZQMUCA75XCY6SNbCg
TTfhGoJHtqmBw+jR1XUMqnlgIG/mqXJdxeD+Srkr1XSZMbnASXHBn1ZELlUfFfs2
cbTATUIsvjRAHDmIjOuURGAqRrwGt6TN77NyMkkgSIxjojLm8e4qVB8QRffD44jF
0/yLhCMYP0kXJePmARjs+QoayDh350Gi0qLHjwafG9JfSoROizXI9AaZRqIH
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:23 2024 by rpki-client on console-ams.rpki-client.org