Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Xux2M4drVY9cGYIrU4olR1NfnLk.roa
File:                     Xux2M4drVY9cGYIrU4olR1NfnLk.roa (raw, json)
Hash identifier:          C94LLo3wfFHHjGRv4zBCB+HZWcIKdh0H/4sZB6lWwQo=
Subject key identifier:   5E:EC:76:33:87:6B:55:8F:5C:19:82:2B:53:8A:25:47:53:5F:9C:B9
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       0188AEA5F7501A38ED8041FFF4257FA73FB3
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Xux2M4drVY9cGYIrU4olR1NfnLk.roa
Signing time:             Mon 12 Jun 2023 08:08:12 +0000
ROA not before:           Mon 12 Jun 2023 08:08:12 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     147186
IP address blocks:        82.153.139.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 11 Aug 2023 09:40:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:ae:a5:f7:50:1a:38:ed:80:41:ff:f4:25:7f:a7:3f:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jun 12 08:08:12 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5eec7633876b558f5c19822b538a2547535f9cb9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:8b:62:8c:6c:d0:88:02:9a:96:90:79:7e:53:
                    d9:b8:09:1e:33:4c:42:54:d8:3d:ad:82:be:52:9a:
                    98:6e:2c:1c:50:d2:13:ec:9b:df:c9:32:97:8f:39:
                    47:93:29:4d:48:69:9a:e1:6e:18:ad:12:9c:b4:df:
                    74:f7:24:fd:71:31:e5:cc:f5:b2:0c:43:4e:e7:b0:
                    a8:d8:ff:0e:af:42:e9:e0:7e:b7:37:14:4b:c5:d5:
                    f2:97:1c:cd:da:f9:14:20:ce:60:9b:d6:4a:3c:c3:
                    8e:72:4a:47:22:4d:10:2e:66:34:b0:48:50:cd:fa:
                    1a:ba:59:a0:57:d5:bd:82:ff:9d:cf:cd:f5:dd:9f:
                    54:b7:da:4f:9d:fd:69:58:bd:55:1e:e9:0a:ee:86:
                    f0:7f:a7:a2:1c:df:bc:c4:9f:53:b6:f4:bb:0c:83:
                    85:0b:85:f7:23:d5:ba:e7:bd:33:c0:a8:5e:20:b1:
                    6d:97:3e:b6:6e:a1:42:c6:fe:12:57:f9:3c:76:15:
                    c5:4c:af:84:16:c6:d6:0b:08:f1:a3:74:25:35:a1:
                    b3:cf:8a:07:9b:81:c8:53:cb:6b:aa:90:c8:62:b5:
                    5b:d5:85:5a:70:0a:54:3c:e7:c6:e6:69:b3:cc:b9:
                    69:5d:e4:76:97:ad:db:8b:ac:37:e9:1f:e9:e2:de:
                    6f:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:EC:76:33:87:6B:55:8F:5C:19:82:2B:53:8A:25:47:53:5F:9C:B9
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Xux2M4drVY9cGYIrU4olR1NfnLk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.139.0/24

    Signature Algorithm: sha256WithRSAEncryption
         85:ea:1f:a9:f9:f5:66:df:73:05:70:8a:0f:1e:91:6a:fc:51:
         d2:ba:c2:50:a8:35:26:f0:c4:eb:6a:c3:d0:08:7b:17:c1:bc:
         91:fc:10:37:1d:ac:57:af:3c:1c:cb:89:16:4f:9e:7f:d1:f1:
         ea:7f:16:c5:30:62:7f:d1:32:4e:47:58:1d:54:2a:67:c1:12:
         cb:24:19:c5:97:e4:d9:d2:88:11:d3:e0:43:40:e0:99:08:85:
         5b:36:2a:31:0d:08:a5:d9:f6:d7:ea:5f:21:87:2e:1b:02:8d:
         f8:a9:04:3a:62:dd:30:7c:45:75:d7:87:65:5b:72:00:8b:6d:
         42:d5:4a:ad:19:77:8b:40:16:a0:9f:38:f3:94:0a:b5:7a:a9:
         26:ed:41:1e:b7:54:37:e4:2c:be:7b:d1:48:f8:27:fb:a4:8b:
         24:3b:fe:a0:ec:06:c3:9b:92:2b:29:88:d7:39:c0:86:4a:84:
         b6:6c:db:d5:70:b5:65:5e:9d:40:b9:5e:b5:d7:e1:88:ff:db:
         80:93:a8:78:26:11:e3:66:11:21:c8:8e:1b:3f:60:dd:85:f4:
         2f:1f:88:1d:54:e3:cb:9d:c2:b7:56:22:89:09:9f:43:2d:93:
         2c:d1:0f:cc:04:31:16:61:2a:59:7f:6e:a0:90:cf:9b:7e:65:
         6c:91:f9:f2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYiupfdQGjjtgEH/9CV/pz+zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNjEyMDgwODEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWVjNzYzMzg3NmI1NThmNWMxOTgyMmI1MzhhMjU0NzUzNWY5Y2I5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjYtijGzQiAKalpB5flPZuAkeM0xC
VNg9rYK+UpqYbiwcUNIT7JvfyTKXjzlHkylNSGma4W4YrRKctN909yT9cTHlzPWy
DENO57Co2P8Or0Lp4H63NxRLxdXylxzN2vkUIM5gm9ZKPMOOckpHIk0QLmY0sEhQ
zfoaulmgV9W9gv+dz8313Z9Ut9pPnf1pWL1VHukK7obwf6eiHN+8xJ9TtvS7DIOF
C4X3I9W6570zwKheILFtlz62bqFCxv4SV/k8dhXFTK+EFsbWCwjxo3QlNaGzz4oH
m4HIU8trqpDIYrVb1YVacApUPOfG5mmzzLlpXeR2l63bi6w36R/p4t5v7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF7sdjOHa1WPXBmCK1OKJUdTX5y5MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvWHV4Mk00ZHJWWTljR1lJclU0b2xSMU5mbkxrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpmLMA0G
CSqGSIb3DQEBCwUAA4IBAQCF6h+p+fVm33MFcIoPHpFq/FHSusJQqDUm8MTrasPQ
CHsXwbyR/BA3HaxXrzwcy4kWT55/0fHqfxbFMGJ/0TJOR1gdVCpnwRLLJBnFl+TZ
0ogR0+BDQOCZCIVbNioxDQil2fbX6l8hhy4bAo34qQQ6Yt0wfEV114dlW3IAi21C
1UqtGXeLQBagnzjzlAq1eqkm7UEet1Q35Cy+e9FI+Cf7pIskO/6g7AbDm5IrKYjX
OcCGSoS2bNvVcLVlXp1AuV611+GI/9uAk6h4JhHjZhEhyI4bP2DdhfQvH4gdVOPL
ncK3ViKJCZ9DLZMs0Q/MBDEWYSpZf26gkM+bfmVskfny
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:23 2024 by rpki-client on console-ams.rpki-client.org