Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Y7n0_7LUA9kNz-RPJSexXLk6mOg.roa
File:                     Y7n0_7LUA9kNz-RPJSexXLk6mOg.roa (raw, json)
Hash identifier:          Zy2UtbzC/KAoN55G4dPo+4AiDOg9t0xUgz+zutZ79bU=
Subject key identifier:   63:B9:F4:FF:B2:D4:03:D9:0D:CF:E4:4F:25:27:B1:5C:B9:3A:98:E8
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018F9BE9D80E662817F451DB137B5DE4C2A7
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Y7n0_7LUA9kNz-RPJSexXLk6mOg.roa
Signing time:             Tue 21 May 2024 16:09:04 +0000
ROA not before:           Tue 21 May 2024 16:09:04 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     62164
IP address blocks:        82.163.23.0/24 maxlen: 24
                          217.145.69.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 27 May 2024 08:51:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:9b:e9:d8:0e:66:28:17:f4:51:db:13:7b:5d:e4:c2:a7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: May 21 16:09:04 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=63b9f4ffb2d403d90dcfe44f2527b15cb93a98e8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:47:c0:a3:23:ae:20:ec:75:b2:16:fc:00:c9:
                    45:ad:e9:cd:ca:f9:1e:63:fc:be:69:48:fc:14:b5:
                    27:48:29:05:26:15:d6:a3:79:49:2d:f7:fc:cb:73:
                    82:83:14:4b:b1:e9:dc:62:d4:e3:43:75:50:31:d4:
                    77:70:bb:e8:99:9f:b7:2e:45:c9:04:9b:2a:4c:c7:
                    b8:58:d9:2e:43:5a:f0:b2:ec:73:2f:35:70:cc:60:
                    96:7c:d7:ea:77:a3:db:36:78:4e:95:63:ac:22:cd:
                    c8:b6:9a:7c:10:a0:5c:6d:6b:e1:e0:66:7e:33:06:
                    6f:36:d5:26:dd:1a:b0:0c:7b:4d:04:4f:b5:e3:af:
                    1c:34:2d:9a:9d:c1:12:c4:e1:24:f9:e7:85:da:fa:
                    ca:81:06:ef:35:fc:d1:7f:15:e6:a3:1e:50:c6:f7:
                    2b:b7:c0:46:55:fe:7b:76:2f:c3:2f:da:62:11:fb:
                    a5:3e:60:30:c8:4f:6e:ba:c9:7f:52:9d:e9:f5:be:
                    3f:88:46:7d:e7:5a:49:7c:0e:9b:72:89:48:42:71:
                    9d:06:bf:ac:6b:98:3f:0a:d3:5c:47:61:c5:5a:cb:
                    68:eb:8f:2b:9a:9c:1d:e1:e3:b6:21:a4:a8:89:a0:
                    73:ea:67:59:09:b1:9d:48:ab:c7:56:be:51:cf:eb:
                    69:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:B9:F4:FF:B2:D4:03:D9:0D:CF:E4:4F:25:27:B1:5C:B9:3A:98:E8
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Y7n0_7LUA9kNz-RPJSexXLk6mOg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.163.23.0/24
                  217.145.69.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4d:ec:c9:db:9f:1b:a4:53:25:79:db:81:23:ae:0d:b9:5a:66:
         3c:f0:ce:65:12:e9:68:07:c4:88:50:1b:61:2b:12:64:88:da:
         ae:c1:d8:b9:ce:fc:51:ea:79:57:46:fd:b8:a7:52:bc:e2:64:
         dc:67:a3:40:9b:ac:61:d8:94:45:fa:a2:4d:c5:31:b4:45:0a:
         39:91:65:3a:07:64:6f:1f:bc:93:c5:43:c6:6d:b5:ac:a1:d6:
         4a:68:e3:7c:1e:b0:a5:4b:12:35:e4:3c:c3:3d:ac:a7:7b:c5:
         16:9e:18:f5:7a:08:20:e0:f4:de:72:b4:79:71:9f:3d:0d:66:
         00:ad:e6:1b:df:94:9d:14:af:28:e9:48:7e:7c:83:43:41:df:
         38:26:db:06:32:6e:70:eb:87:97:a4:25:e8:a0:e9:dc:38:d9:
         7c:2f:16:b3:a5:ef:82:5d:cd:59:d5:a1:02:7f:96:86:a0:9c:
         54:e9:cb:c5:1a:61:6f:29:a1:83:27:16:86:3a:1f:b0:74:3d:
         00:cc:ff:90:5e:41:40:d9:8f:f2:88:bd:61:5d:9b:4e:d5:00:
         f0:e0:8e:0f:4a:00:a6:90:d6:7d:6c:cc:e6:0b:d4:70:82:ae:
         29:be:ae:cd:57:44:c7:1d:e1:d6:db:61:9c:5b:87:87:53:26:
         75:1a:07:01
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY+b6dgOZigX9FHbE3td5MKnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNTIxMTYwOTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2I5ZjRmZmIyZDQwM2Q5MGRjZmU0NGYyNTI3YjE1Y2I5M2E5OGU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxEfAoyOuIOx1shb8AMlFrenNyvke
Y/y+aUj8FLUnSCkFJhXWo3lJLff8y3OCgxRLsencYtTjQ3VQMdR3cLvomZ+3LkXJ
BJsqTMe4WNkuQ1rwsuxzLzVwzGCWfNfqd6PbNnhOlWOsIs3Itpp8EKBcbWvh4GZ+
MwZvNtUm3RqwDHtNBE+1468cNC2ancESxOEk+eeF2vrKgQbvNfzRfxXmox5Qxvcr
t8BGVf57di/DL9piEfulPmAwyE9uusl/Up3p9b4/iEZ951pJfA6bcolIQnGdBr+s
a5g/CtNcR2HFWsto648rmpwd4eO2IaSoiaBz6mdZCbGdSKvHVr5Rz+tpYwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGO59P+y1APZDc/kTyUnsVy5OpjoMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvWTduMF83TFVBOWtOei1SUEpTZXhYTGs2bU9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUqMXAwQA
2ZFFMA0GCSqGSIb3DQEBCwUAA4IBAQBN7MnbnxukUyV524Ejrg25WmY88M5lEulo
B8SIUBthKxJkiNquwdi5zvxR6nlXRv24p1K84mTcZ6NAm6xh2JRF+qJNxTG0RQo5
kWU6B2RvH7yTxUPGbbWsodZKaON8HrClSxI15DzDPayne8UWnhj1eggg4PTecrR5
cZ89DWYAreYb35SdFK8o6Uh+fINDQd84JtsGMm5w64eXpCXooOncONl8Lxazpe+C
Xc1Z1aECf5aGoJxU6cvFGmFvKaGDJxaGOh+wdD0AzP+QXkFA2Y/yiL1hXZtO1QDw
4I4PSgCmkNZ9bMzmC9Rwgq4pvq7NV0THHeHW22GcW4eHUyZ1GgcB
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:16 2024 by rpki-client on console-fra.rpki-client.org