Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/XedV6zIiZZOn0BvpwzWgmXlozuw.roa
File:                     XedV6zIiZZOn0BvpwzWgmXlozuw.roa (raw, json)
Hash identifier:          rdYYBoCRqITsPFzyStSThcIFGgGq2q9QPKZvLdUT9+c=
Subject key identifier:   5D:E7:55:EB:32:22:65:93:A7:D0:1B:E9:C3:35:A0:99:79:68:CE:EC
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       01888A95C914393DB3DD7049E4EF51E85946
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/XedV6zIiZZOn0BvpwzWgmXlozuw.roa
Signing time:             Mon 05 Jun 2023 08:04:12 +0000
ROA not before:           Mon 05 Jun 2023 08:04:12 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        82.153.136.0/22 maxlen: 22
                          82.153.249.0/24 maxlen: 24
                          82.153.73.0/24 maxlen: 24
                          81.168.123.0/24 maxlen: 24
                          81.168.119.0/24 maxlen: 24
                          82.153.222.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 06 Jun 2023 11:42:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:8a:95:c9:14:39:3d:b3:dd:70:49:e4:ef:51:e8:59:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jun  5 08:04:12 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5de755eb32226593a7d01be9c335a0997968ceec
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:c4:d4:db:44:0f:09:e4:8e:a5:27:71:7a:06:
                    1e:63:f0:31:06:18:c8:3c:30:b4:dd:26:59:f1:07:
                    d3:1c:4c:79:9c:3b:82:49:1e:20:df:9c:e6:54:97:
                    66:03:94:31:06:bc:aa:41:1a:3c:61:62:9f:21:39:
                    96:fb:88:67:8b:a2:6d:f0:a9:53:4a:46:19:04:47:
                    6e:2d:f0:6e:0d:f9:9c:83:ef:fd:b2:79:63:d0:72:
                    9e:4a:be:02:d3:02:31:d6:65:18:90:ce:d7:6a:88:
                    51:7e:b0:fe:be:e2:c9:4d:6e:8c:7e:8f:46:67:82:
                    4d:21:b4:2f:8a:f5:2b:67:e0:f4:b5:c2:2c:ba:95:
                    b9:76:0f:a4:e0:db:79:69:11:d4:32:58:71:ce:ba:
                    cb:8f:c9:d7:a3:8e:6c:2e:5a:8b:69:6a:c5:d8:d1:
                    e6:9e:01:6b:d4:40:34:77:c3:a4:da:3a:a8:a1:58:
                    d3:df:35:17:f4:9a:2b:50:fc:be:05:69:b9:39:ce:
                    29:05:a4:75:2a:f4:ed:18:58:91:90:7d:1a:7e:2a:
                    54:af:e4:cb:d5:62:32:12:30:33:88:e8:0f:3e:f6:
                    b2:dd:07:9a:14:49:07:8d:ee:95:09:fb:70:22:a4:
                    6f:ec:1b:ee:8a:ba:0a:b1:38:10:73:ed:d9:e9:e1:
                    55:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:E7:55:EB:32:22:65:93:A7:D0:1B:E9:C3:35:A0:99:79:68:CE:EC
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/XedV6zIiZZOn0BvpwzWgmXlozuw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.168.119.0/24
                  81.168.123.0/24
                  82.153.73.0/24
                  82.153.136.0/22
                  82.153.222.0/24
                  82.153.249.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2f:e8:77:bf:3c:92:32:f8:76:93:8d:b9:5b:d7:ce:f6:82:c8:
         c3:e0:75:b7:6b:b1:bd:c5:bd:30:ef:01:be:1b:02:ad:fc:cc:
         c0:5f:c2:23:96:a9:f6:95:2d:5b:e6:51:42:fe:46:29:24:38:
         7e:c1:c7:4c:ac:15:39:57:18:bd:7f:2a:1a:cf:30:9f:fe:be:
         5a:8d:85:27:7b:7f:70:ed:a1:f2:5a:c6:b9:4e:64:95:77:82:
         58:da:bf:e6:80:11:3a:d9:91:82:b7:b3:6a:cf:03:57:9f:b2:
         b7:e8:23:87:32:7e:9b:55:dd:f7:40:a9:8a:89:18:c7:28:d8:
         3f:3d:9e:c6:6e:11:41:b9:57:b6:fa:4e:1e:29:95:20:24:3a:
         15:ce:58:f3:43:e4:2d:d6:41:40:88:13:ab:bc:ec:62:d7:9b:
         d6:4c:3a:eb:ff:96:08:50:5a:de:db:b5:f0:b5:fe:9d:34:43:
         43:90:be:2b:17:de:54:53:1e:9e:f8:5c:86:22:ba:8d:a2:9c:
         02:35:b9:d2:76:bc:35:0a:88:c6:1f:7d:f9:9f:29:dc:9f:80:
         dd:7c:c0:83:ce:70:a1:13:b4:73:1c:3a:ec:c7:b7:9a:97:67:
         20:9e:90:2b:21:c8:4c:04:fe:35:41:17:2a:7c:d3:b4:25:2e:
         b8:81:9f:f7
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYiKlckUOT2z3XBJ5O9R6FlGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNjA1MDgwNDEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGU3NTVlYjMyMjI2NTkzYTdkMDFiZTljMzM1YTA5OTc5NjhjZWVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2cTU20QPCeSOpSdxegYeY/AxBhjI
PDC03SZZ8QfTHEx5nDuCSR4g35zmVJdmA5QxBryqQRo8YWKfITmW+4hni6Jt8KlT
SkYZBEduLfBuDfmcg+/9snlj0HKeSr4C0wIx1mUYkM7XaohRfrD+vuLJTW6Mfo9G
Z4JNIbQvivUrZ+D0tcIsupW5dg+k4Nt5aRHUMlhxzrrLj8nXo45sLlqLaWrF2NHm
ngFr1EA0d8Ok2jqooVjT3zUX9JorUPy+BWm5Oc4pBaR1KvTtGFiRkH0afipUr+TL
1WIyEjAziOgPPvay3QeaFEkHje6VCftwIqRv7BvuiroKsTgQc+3Z6eFVZQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFF3nVesyImWTp9Ab6cM1oJl5aM7sMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvWGVkVjZ6SWlaWk9uMEJ2cHd6V2dtWGxvenV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAUah3AwQA
Uah7AwQAUplJAwQCUpmIAwQAUpneAwQAUpn5MA0GCSqGSIb3DQEBCwUAA4IBAQAv
6He/PJIy+HaTjblb1872gsjD4HW3a7G9xb0w7wG+GwKt/MzAX8Ijlqn2lS1b5lFC
/kYpJDh+wcdMrBU5Vxi9fyoazzCf/r5ajYUne39w7aHyWsa5TmSVd4JY2r/mgBE6
2ZGCt7NqzwNXn7K36COHMn6bVd33QKmKiRjHKNg/PZ7GbhFBuVe2+k4eKZUgJDoV
zljzQ+Qt1kFAiBOrvOxi15vWTDrr/5YIUFre27Xwtf6dNENDkL4rF95UUx6e+FyG
IrqNopwCNbnSdrw1CojGH335nyncn4DdfMCDznChE7RzHDrsx7eal2cgnpArIchM
BP41QRcqfNO0JS64gZ/3
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:16 2024 by rpki-client on console-fra.rpki-client.org