Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/XIWdK7U3MTZoqKOnE7_acpOkesU.roa
File:                     XIWdK7U3MTZoqKOnE7_acpOkesU.roa (raw, json)
Hash identifier:          HdC9wP98qfUJt+qHKwFFN1vpAVYiHwxubAwXUH20gp0=
Subject key identifier:   5C:85:9D:2B:B5:37:31:36:68:A8:A3:A7:13:BF:DA:72:93:A4:7A:C5
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       0188AEA50C33D8791036D5E304FACC4CC5A3
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/XIWdK7U3MTZoqKOnE7_acpOkesU.roa
Signing time:             Mon 12 Jun 2023 08:07:12 +0000
ROA not before:           Mon 12 Jun 2023 08:07:12 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     200385
IP address blocks:        82.153.138.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 15 Jun 2023 16:01:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:ae:a5:0c:33:d8:79:10:36:d5:e3:04:fa:cc:4c:c5:a3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jun 12 08:07:12 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5c859d2bb537313668a8a3a713bfda7293a47ac5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:d9:d1:38:b7:04:f3:9c:38:ef:e9:b0:d5:e2:
                    fa:20:17:34:5e:91:eb:c4:69:ab:fe:26:60:2c:d9:
                    10:be:c4:a0:43:87:b0:7a:3c:d2:2f:1c:97:a8:b6:
                    8c:71:15:0f:91:a8:d3:f7:69:eb:ab:bf:39:40:8e:
                    8b:1f:de:06:32:a0:56:9f:29:8d:ae:d6:2a:fd:4f:
                    a6:98:bf:fa:57:5d:71:e4:3b:24:00:59:f7:ce:cc:
                    bc:b4:15:bb:ea:23:f4:d4:a8:cd:8f:f3:12:ed:c6:
                    95:63:7d:b8:c2:ce:6b:c2:7a:b3:ab:92:53:8a:67:
                    04:e7:e6:40:c7:8e:bc:df:f6:00:bd:c0:be:ac:85:
                    fa:4e:f7:0a:a9:58:c1:de:14:6c:87:e3:7c:ae:e5:
                    04:8f:7e:81:23:16:2b:57:9a:53:35:d7:bd:a4:32:
                    6f:ff:7b:6f:e0:f1:17:c5:31:e1:53:4c:cc:0a:5b:
                    9a:a6:14:82:25:34:7f:46:a8:85:aa:8a:77:5e:1a:
                    1f:cb:47:9d:81:92:66:99:9d:05:c9:71:0b:4d:9f:
                    9c:d2:95:2e:87:1f:d6:71:96:fc:28:d6:69:26:e7:
                    bc:c3:da:e6:d7:cc:be:fb:40:e5:b9:a9:36:47:21:
                    04:ae:83:e5:ca:d8:75:d5:cc:ba:bd:4b:1d:e6:d5:
                    b2:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:85:9D:2B:B5:37:31:36:68:A8:A3:A7:13:BF:DA:72:93:A4:7A:C5
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/XIWdK7U3MTZoqKOnE7_acpOkesU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.138.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6f:f9:80:6a:d2:34:9d:c5:47:b5:45:ad:60:98:6c:8a:9c:a5:
         8c:a3:c9:5c:76:ac:f0:62:bb:68:64:cb:a3:39:52:5c:d9:ff:
         2d:0f:16:88:eb:7e:6b:26:ae:23:2a:4c:ef:3d:a8:46:2b:ef:
         84:7f:f9:a9:b3:21:4a:0a:a4:1a:a3:15:99:b8:bb:fe:45:b2:
         19:88:83:5a:02:a7:00:a2:c5:41:a4:7e:07:55:54:29:a4:c5:
         22:e1:67:a4:40:11:ea:f1:b8:62:cd:d9:8d:b8:84:4e:59:d0:
         6d:86:57:a2:50:8c:e3:a2:dc:7d:4c:a6:57:8e:8a:ab:ba:31:
         40:bc:7e:8f:ff:c6:36:8d:83:3d:49:48:7d:81:fa:e1:09:0c:
         af:8c:43:36:4c:7b:fc:9b:da:5e:1a:f0:cd:38:5a:e6:58:6c:
         6f:13:62:54:d6:6d:1d:55:f9:81:06:86:77:25:31:44:7f:eb:
         dc:2d:62:c6:ba:d1:8f:7f:3c:fa:90:77:97:43:de:b7:d8:36:
         aa:de:e1:c9:1b:0c:29:25:bc:24:40:b8:10:61:c3:12:c2:d6:
         39:ad:90:c6:20:76:2c:d7:3c:47:9a:1b:7c:88:cc:b3:31:98:
         63:82:0e:44:9d:78:11:d4:84:6e:e1:2c:b7:6c:ad:4a:c0:13:
         f3:7f:22:09
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYiupQwz2HkQNtXjBPrMTMWjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNjEyMDgwNzEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Yzg1OWQyYmI1MzczMTM2NjhhOGEzYTcxM2JmZGE3MjkzYTQ3YWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1dnROLcE85w47+mw1eL6IBc0XpHr
xGmr/iZgLNkQvsSgQ4ewejzSLxyXqLaMcRUPkajT92nrq785QI6LH94GMqBWnymN
rtYq/U+mmL/6V11x5DskAFn3zsy8tBW76iP01KjNj/MS7caVY324ws5rwnqzq5JT
imcE5+ZAx4683/YAvcC+rIX6TvcKqVjB3hRsh+N8ruUEj36BIxYrV5pTNde9pDJv
/3tv4PEXxTHhU0zMCluaphSCJTR/RqiFqop3Xhofy0edgZJmmZ0FyXELTZ+c0pUu
hx/WcZb8KNZpJue8w9rm18y++0Dluak2RyEEroPlyth11cy6vUsd5tWyVQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFyFnSu1NzE2aKijpxO/2nKTpHrFMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvWElXZEs3VTNNVFpvcUtPbkU3X2FjcE9rZXNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpmKMA0G
CSqGSIb3DQEBCwUAA4IBAQBv+YBq0jSdxUe1Ra1gmGyKnKWMo8lcdqzwYrtoZMuj
OVJc2f8tDxaI635rJq4jKkzvPahGK++Ef/mpsyFKCqQaoxWZuLv+RbIZiINaAqcA
osVBpH4HVVQppMUi4WekQBHq8bhizdmNuIROWdBthleiUIzjotx9TKZXjoqrujFA
vH6P/8Y2jYM9SUh9gfrhCQyvjEM2THv8m9peGvDNOFrmWGxvE2JU1m0dVfmBBoZ3
JTFEf+vcLWLGutGPfzz6kHeXQ9632Daq3uHJGwwpJbwkQLgQYcMSwtY5rZDGIHYs
1zxHmht8iMyzMZhjgg5EnXgR1IRu4Sy3bK1KwBPzfyIJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:23 2024 by rpki-client on console-ams.rpki-client.org