Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/XWtckJkv5YL6W6yYdZbJ_pwksUc.roa
File:                     XWtckJkv5YL6W6yYdZbJ_pwksUc.roa (raw, json)
Hash identifier:          SEzCw99ixBr/M4MTEfkag3nNXl3wqbDKWf3cOQiXnY8=
Subject key identifier:   5D:6B:5C:90:99:2F:E5:82:FA:5B:AC:98:75:96:C9:FE:9C:24:B1:47
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018EB8459EC47BB80463D9B95D94D9A3FC74
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/XWtckJkv5YL6W6yYdZbJ_pwksUc.roa
Signing time:             Sun 07 Apr 2024 11:15:54 +0000
ROA not before:           Sun 07 Apr 2024 11:15:54 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     215287
IP address blocks:        82.163.0.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 07 May 2024 07:19:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:b8:45:9e:c4:7b:b8:04:63:d9:b9:5d:94:d9:a3:fc:74
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Apr  7 11:15:54 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=5d6b5c90992fe582fa5bac987596c9fe9c24b147
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:b3:6c:a3:d9:01:f9:6f:a7:5c:0d:2b:78:ab:
                    59:0e:20:82:d8:84:ad:cf:63:8d:79:e0:69:48:f3:
                    11:28:33:00:58:dc:69:c7:4b:d4:d1:41:07:2d:ce:
                    12:44:26:b0:85:72:ce:d2:c5:da:d2:30:08:4c:3e:
                    a3:3e:b8:23:ba:a4:bc:62:3e:cc:f1:05:52:38:c1:
                    ea:98:d8:c2:91:51:d8:e6:cd:16:5b:80:6b:fa:9c:
                    94:89:4c:54:27:2e:a8:e0:0d:a4:3b:8f:ed:1b:18:
                    d3:28:ae:fb:ab:76:7a:0c:b6:28:28:ba:0b:96:49:
                    38:59:90:21:33:bb:b3:04:25:8d:45:b1:7c:9c:20:
                    64:65:bf:92:84:39:5b:c6:d0:0e:c4:d7:40:02:ec:
                    8e:30:93:6d:fc:03:6f:75:9b:f0:29:df:6c:95:78:
                    96:5d:ad:47:79:81:ed:ee:f5:d6:df:31:13:d4:59:
                    ee:92:4d:4e:c3:f4:96:e4:52:66:79:0f:a3:26:ce:
                    77:2c:05:3f:23:b2:ad:7c:c7:05:30:3f:2a:fa:10:
                    6f:bd:f9:ba:2f:23:2e:8e:77:96:19:8f:32:5d:c8:
                    23:02:f1:ba:f8:92:25:1a:c7:11:79:89:50:ec:36:
                    84:51:5e:b8:9e:34:c0:35:55:69:ef:a8:de:79:0a:
                    c6:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:6B:5C:90:99:2F:E5:82:FA:5B:AC:98:75:96:C9:FE:9C:24:B1:47
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/XWtckJkv5YL6W6yYdZbJ_pwksUc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.163.0.0/24

    Signature Algorithm: sha256WithRSAEncryption
         97:3d:48:8d:9e:04:2e:6a:9a:b7:c0:60:7c:3d:56:fc:00:d2:
         92:c0:c2:75:ab:a6:61:76:ad:ae:fa:cc:3a:19:aa:89:98:5a:
         26:a6:8d:6c:36:8c:d7:60:37:87:45:6c:eb:a9:48:c1:d2:de:
         7b:68:22:0d:30:c1:f8:cb:63:9c:18:39:6b:20:ca:7d:47:d8:
         d6:e4:8c:93:35:cf:a7:5a:68:63:52:75:33:6b:57:04:6f:27:
         c9:b5:a0:07:c2:2b:3a:09:24:76:c2:52:6c:cd:6c:b3:e1:4c:
         ff:bf:91:98:aa:fb:89:95:1b:b9:11:87:58:5c:bd:ff:6b:b9:
         95:a6:0f:62:44:da:da:d8:8d:6f:5b:09:16:69:38:c6:95:7a:
         59:04:8a:d7:05:9d:36:ac:49:08:bc:3a:95:71:cf:99:30:36:
         64:92:5a:4e:e7:e7:e8:00:e0:1d:b3:55:38:54:4d:4c:7c:31:
         f2:58:dd:e3:4e:b5:fb:b9:5f:8e:23:f0:f6:a2:b6:21:be:10:
         ff:10:2d:ea:0a:dc:20:a2:c5:22:c5:75:bb:14:ea:90:62:71:
         ae:e2:0d:28:a6:5b:67:76:14:a0:b9:3e:c5:23:7f:3f:a5:89:
         a7:ad:5f:1a:6e:0e:d6:b5:d8:bb:39:4b:29:f8:27:d4:d7:65:
         bb:c9:2f:1d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY64RZ7Ee7gEY9m5XZTZo/x0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNDA3MTExNTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDZiNWM5MDk5MmZlNTgyZmE1YmFjOTg3NTk2YzlmZTljMjRiMTQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh7Nso9kB+W+nXA0reKtZDiCC2ISt
z2ONeeBpSPMRKDMAWNxpx0vU0UEHLc4SRCawhXLO0sXa0jAITD6jPrgjuqS8Yj7M
8QVSOMHqmNjCkVHY5s0WW4Br+pyUiUxUJy6o4A2kO4/tGxjTKK77q3Z6DLYoKLoL
lkk4WZAhM7uzBCWNRbF8nCBkZb+ShDlbxtAOxNdAAuyOMJNt/ANvdZvwKd9slXiW
Xa1HeYHt7vXW3zET1Fnukk1Ow/SW5FJmeQ+jJs53LAU/I7KtfMcFMD8q+hBvvfm6
LyMujneWGY8yXcgjAvG6+JIlGscReYlQ7DaEUV64njTANVVp76jeeQrGtQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF1rXJCZL+WC+lusmHWWyf6cJLFHMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvWFd0Y2tKa3Y1WUw2VzZ5WWRaYkpfcHdrc1VjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUqMAMA0G
CSqGSIb3DQEBCwUAA4IBAQCXPUiNngQuapq3wGB8PVb8ANKSwMJ1q6Zhdq2u+sw6
GaqJmFompo1sNozXYDeHRWzrqUjB0t57aCINMMH4y2OcGDlrIMp9R9jW5IyTNc+n
WmhjUnUza1cEbyfJtaAHwis6CSR2wlJszWyz4Uz/v5GYqvuJlRu5EYdYXL3/a7mV
pg9iRNra2I1vWwkWaTjGlXpZBIrXBZ02rEkIvDqVcc+ZMDZkklpO5+foAOAds1U4
VE1MfDHyWN3jTrX7uV+OI/D2orYhvhD/EC3qCtwgosUixXW7FOqQYnGu4g0opltn
dhSguT7FI38/pYmnrV8abg7Wtdi7OUsp+CfU12W7yS8d
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:16 2024 by rpki-client on console-fra.rpki-client.org