Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/XwbhLa5sEeDPUm0pgTM9YEIs5AQ.roa
File:                     XwbhLa5sEeDPUm0pgTM9YEIs5AQ.roa (raw, json)
Hash identifier:          xJl/QANSGfK0OEyL35dLlyuvPeVRW2At5sOoruBvbIk=
Subject key identifier:   5F:06:E1:2D:AE:6C:11:E0:CF:52:6D:29:81:33:3D:60:42:2C:E4:04
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       01864A822E4BDBA64A3EE2BF790FF6EA1330
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/XwbhLa5sEeDPUm0pgTM9YEIs5AQ.roa
Signing time:             Mon 13 Feb 2023 11:21:30 +0000
ROA not before:           Mon 13 Feb 2023 11:21:30 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     3320
IP address blocks:        82.153.250.0/24 maxlen: 24
                          81.168.35.0/24 maxlen: 24
                          82.153.220.0/24 maxlen: 24
                          82.153.223.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 16 Feb 2023 09:05:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:4a:82:2e:4b:db:a6:4a:3e:e2:bf:79:0f:f6:ea:13:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Feb 13 11:21:30 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5f06e12dae6c11e0cf526d2981333d60422ce404
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:2d:4b:76:97:da:23:30:41:2a:cd:c4:ff:9f:
                    b0:7f:68:67:15:b9:fa:2e:3c:e3:aa:95:f5:03:d2:
                    af:6c:08:9b:de:5b:52:27:e6:7d:2b:c2:91:47:37:
                    49:b4:68:de:cb:05:1b:8f:66:a2:14:4c:21:f9:21:
                    45:fe:a8:f1:5a:c8:24:c4:1b:bd:04:37:9d:63:f5:
                    43:d8:a2:33:25:41:3d:9f:b0:be:e1:26:33:46:c4:
                    a4:ec:6f:b3:60:af:9a:14:6e:49:41:5e:e8:31:57:
                    e8:a0:87:b2:1f:e4:65:35:9d:05:44:77:9c:38:f9:
                    49:25:0f:ac:2f:a0:3a:d2:7c:53:4c:27:b9:26:58:
                    91:93:72:c2:77:c2:9d:08:5c:ef:d3:74:27:88:2a:
                    14:af:44:6b:6e:c5:a5:16:f4:47:71:c0:3e:00:c5:
                    e1:91:71:b3:fc:93:1e:d5:16:2e:5d:02:d3:9c:aa:
                    55:6e:05:27:d2:de:5c:86:1a:10:55:87:21:5a:32:
                    a6:b1:a8:06:90:ae:6f:d1:99:26:a4:ae:ed:e1:4b:
                    24:88:20:a4:74:c2:2a:bb:f9:86:cd:96:db:d0:4d:
                    cd:47:53:80:c1:ff:d2:72:32:ba:4c:72:92:c4:b8:
                    38:fc:07:28:27:d0:b8:ad:21:18:b7:7d:b4:27:ea:
                    d2:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:06:E1:2D:AE:6C:11:E0:CF:52:6D:29:81:33:3D:60:42:2C:E4:04
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/XwbhLa5sEeDPUm0pgTM9YEIs5AQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.168.35.0/24
                  82.153.220.0/24
                  82.153.223.0/24
                  82.153.250.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8b:ba:4b:24:f3:ca:82:91:58:ec:b8:a2:6b:8b:c7:80:0b:18:
         94:b2:23:04:22:8a:75:ae:30:a7:13:8f:0f:27:de:37:f5:98:
         aa:bd:57:5a:65:51:59:43:23:bd:79:81:02:92:d1:46:09:53:
         69:21:7e:75:b1:6d:a8:f0:7d:07:63:f5:55:bf:33:0a:78:c2:
         a2:2c:4e:6e:b2:52:bc:d5:cf:d3:1c:b4:ab:31:b8:46:03:cf:
         95:68:0c:27:30:c5:e0:39:07:a9:a9:bf:24:8c:28:f2:44:a6:
         2d:08:8a:6e:28:02:e5:18:a2:57:c5:3b:d0:0c:f6:ef:33:50:
         33:6a:ce:c9:39:d8:0d:95:a9:e8:bc:f5:9f:24:74:47:30:2b:
         f0:3a:22:de:0c:35:80:29:27:86:ad:30:95:78:1c:e3:50:1f:
         d7:ba:5a:18:e6:1f:0e:d2:d4:bd:ce:36:dc:6d:30:d9:85:6b:
         97:be:c1:92:2e:cc:15:89:66:b4:2e:8a:5f:d7:bc:38:94:83:
         4d:d0:ef:39:b3:1a:ee:87:66:99:42:04:10:b5:45:a7:54:12:
         cc:54:e1:5c:80:0a:61:b5:83:e3:a4:b5:c6:06:b5:6d:03:e1:
         19:8a:87:86:9a:b6:75:65:d4:fd:20:51:b9:ce:12:5f:9c:a1:
         3a:15:2f:0d
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYZKgi5L26ZKPuK/eQ/26hMwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwMjEzMTEyMTMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjA2ZTEyZGFlNmMxMWUwY2Y1MjZkMjk4MTMzM2Q2MDQyMmNlNDA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhC1LdpfaIzBBKs3E/5+wf2hnFbn6
LjzjqpX1A9KvbAib3ltSJ+Z9K8KRRzdJtGjeywUbj2aiFEwh+SFF/qjxWsgkxBu9
BDedY/VD2KIzJUE9n7C+4SYzRsSk7G+zYK+aFG5JQV7oMVfooIeyH+RlNZ0FRHec
OPlJJQ+sL6A60nxTTCe5JliRk3LCd8KdCFzv03QniCoUr0RrbsWlFvRHccA+AMXh
kXGz/JMe1RYuXQLTnKpVbgUn0t5chhoQVYchWjKmsagGkK5v0ZkmpK7t4UskiCCk
dMIqu/mGzZbb0E3NR1OAwf/ScjK6THKSxLg4/AcoJ9C4rSEYt320J+rSawIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFF8G4S2ubBHgz1JtKYEzPWBCLOQEMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvWHdiaExhNXNFZURQVW0wcGdUTTlZRUlzNUFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAUagjAwQA
UpncAwQAUpnfAwQAUpn6MA0GCSqGSIb3DQEBCwUAA4IBAQCLuksk88qCkVjsuKJr
i8eACxiUsiMEIop1rjCnE48PJ9439ZiqvVdaZVFZQyO9eYECktFGCVNpIX51sW2o
8H0HY/VVvzMKeMKiLE5uslK81c/THLSrMbhGA8+VaAwnMMXgOQepqb8kjCjyRKYt
CIpuKALlGKJXxTvQDPbvM1Azas7JOdgNlanovPWfJHRHMCvwOiLeDDWAKSeGrTCV
eBzjUB/XuloY5h8O0tS9zjbcbTDZhWuXvsGSLswViWa0Lopf17w4lINN0O85sxru
h2aZQgQQtUWnVBLMVOFcgAphtYPjpLXGBrVtA+EZioeGmrZ1ZdT9IFG5zhJfnKE6
FS8N
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:16 2024 by rpki-client on console-fra.rpki-client.org