Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/XV8i2SiMyGGm6toYWujCD1ZlDAI.roa
File:                     XV8i2SiMyGGm6toYWujCD1ZlDAI.roa (raw, json)
Hash identifier:          UFNiyYNOTKbNXS+h7/nMmwfjXlSJTiavIr4+PxY+4Us=
Subject key identifier:   5D:5F:22:D9:28:8C:C8:61:A6:EA:DA:18:5A:E8:C2:0F:56:65:0C:02
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018973DEC794D9309E3AFD91748AF17DB082
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/XV8i2SiMyGGm6toYWujCD1ZlDAI.roa
Signing time:             Thu 20 Jul 2023 15:15:27 +0000
ROA not before:           Thu 20 Jul 2023 15:15:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     6939
IP address blocks:        82.153.242.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:30:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:73:de:c7:94:d9:30:9e:3a:fd:91:74:8a:f1:7d:b0:82
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jul 20 15:15:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5d5f22d9288cc861a6eada185ae8c20f56650c02
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:20:18:1f:71:25:68:9a:4f:5e:2b:6b:ca:d1:
                    8a:58:0d:a7:6e:5a:c7:ad:cb:5e:c3:8f:2c:36:82:
                    9a:0d:d1:29:18:e0:8f:68:f2:3c:a7:5f:5b:4a:62:
                    50:d4:48:57:af:8b:7e:9c:aa:99:23:4f:8f:0c:6d:
                    1e:df:47:91:eb:a9:bf:cc:55:62:a2:6f:5a:b4:a4:
                    5c:5b:8b:78:a5:ed:c0:02:ee:e5:65:24:db:d2:ae:
                    b7:80:b9:7f:d2:87:f6:64:d4:84:74:a3:2a:eb:c0:
                    38:1c:77:a6:af:2d:be:7c:6b:29:4a:26:41:b4:e9:
                    5a:e3:e5:a5:84:53:f4:79:08:9b:4c:70:9a:98:16:
                    3e:d6:9e:95:7e:63:3b:ad:68:16:ab:a5:42:79:5e:
                    95:82:bc:8e:6c:c2:a3:a8:a5:d4:22:e8:f5:29:f7:
                    10:64:a4:d7:d7:7b:02:52:8b:4e:50:cf:76:29:78:
                    90:ef:b8:1f:4e:88:2e:fa:ae:27:98:a9:ad:3b:63:
                    17:44:04:84:14:94:b5:68:93:cf:95:96:76:d1:0b:
                    42:83:7f:8e:80:59:14:bc:6d:e0:15:ac:1c:56:d9:
                    10:ad:c2:46:b1:ef:16:25:7d:18:a3:01:e0:11:e0:
                    1d:02:d9:c1:0e:26:04:90:88:5f:58:76:15:52:d3:
                    3f:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:5F:22:D9:28:8C:C8:61:A6:EA:DA:18:5A:E8:C2:0F:56:65:0C:02
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/XV8i2SiMyGGm6toYWujCD1ZlDAI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.242.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3f:67:8e:b4:de:11:42:71:9c:d3:d6:9e:44:c2:20:c9:9e:60:
         50:28:74:02:84:41:10:7e:8d:be:97:ab:56:1b:bd:42:08:4a:
         3d:dc:c4:34:49:06:b9:cb:eb:ac:25:99:51:7f:1b:1f:5c:6b:
         26:48:4d:4e:8c:86:c5:6d:f3:b4:63:86:84:b3:49:9b:15:a9:
         cb:31:46:0b:8c:b5:17:a9:53:9b:a5:16:1d:e3:dd:5d:0b:69:
         23:7e:b5:f6:5d:4a:1c:a7:d5:7d:3c:d3:50:56:47:f2:52:9c:
         fa:10:c8:4d:6a:90:91:d9:f6:f4:26:c1:cd:ae:81:69:94:57:
         95:c5:bf:46:62:6f:82:07:8b:7c:eb:90:0c:9d:3b:e5:46:de:
         47:48:43:d2:f1:00:3d:4a:62:2a:bb:05:4d:69:25:c5:37:cc:
         57:51:cd:ae:a3:7c:ba:00:af:cc:e6:96:fd:f3:30:0c:73:29:
         9a:a3:d0:fc:27:99:90:d5:97:dc:25:ed:4e:fa:6e:53:2b:9a:
         b7:9f:3b:2f:a8:65:1e:f8:e0:80:83:6e:04:8b:20:7d:fd:e6:
         07:60:08:81:2d:25:a6:a5:73:2d:f4:04:8b:1c:80:2c:38:dc:
         06:b5:b5:e2:dc:c5:68:eb:57:03:f9:4a:09:14:f4:1f:02:f3:
         5a:7d:1e:4e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYlz3seU2TCeOv2RdIrxfbCCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNzIwMTUxNTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDVmMjJkOTI4OGNjODYxYTZlYWRhMTg1YWU4YzIwZjU2NjUwYzAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtyAYH3ElaJpPXitrytGKWA2nblrH
rctew48sNoKaDdEpGOCPaPI8p19bSmJQ1EhXr4t+nKqZI0+PDG0e30eR66m/zFVi
om9atKRcW4t4pe3AAu7lZSTb0q63gLl/0of2ZNSEdKMq68A4HHemry2+fGspSiZB
tOla4+WlhFP0eQibTHCamBY+1p6VfmM7rWgWq6VCeV6VgryObMKjqKXUIuj1KfcQ
ZKTX13sCUotOUM92KXiQ77gfTogu+q4nmKmtO2MXRASEFJS1aJPPlZZ20QtCg3+O
gFkUvG3gFawcVtkQrcJGse8WJX0YowHgEeAdAtnBDiYEkIhfWHYVUtM/6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF1fItkojMhhpuraGFrowg9WZQwCMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvWFY4aTJTaU15R0dtNnRvWVd1akNEMVpsREFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpnyMA0G
CSqGSIb3DQEBCwUAA4IBAQA/Z4603hFCcZzT1p5EwiDJnmBQKHQChEEQfo2+l6tW
G71CCEo93MQ0SQa5y+usJZlRfxsfXGsmSE1OjIbFbfO0Y4aEs0mbFanLMUYLjLUX
qVObpRYd491dC2kjfrX2XUocp9V9PNNQVkfyUpz6EMhNapCR2fb0JsHNroFplFeV
xb9GYm+CB4t865AMnTvlRt5HSEPS8QA9SmIquwVNaSXFN8xXUc2uo3y6AK/M5pb9
8zAMcymao9D8J5mQ1ZfcJe1O+m5TK5q3nzsvqGUe+OCAg24EiyB9/eYHYAiBLSWm
pXMt9ASLHIAsONwGtbXi3MVo61cD+UoJFPQfAvNafR5O
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:23 2024 by rpki-client on console-ams.rpki-client.org