Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/YD9o7cUbFJA-G0jbNwomspI-tXw.roa
File:                     YD9o7cUbFJA-G0jbNwomspI-tXw.roa (raw, json)
Hash identifier:          VuZQSrcpPEvbkY541P7A04bCQgOao+74SDOXdN/ctcY=
Subject key identifier:   60:3F:68:ED:C5:1B:14:90:3E:1B:48:DB:37:0A:26:B2:92:3E:B5:7C
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       0186CC538E77FB1DF94732CE041DCC9B084B
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/YD9o7cUbFJA-G0jbNwomspI-tXw.roa
Signing time:             Fri 10 Mar 2023 16:21:13 +0000
ROA not before:           Fri 10 Mar 2023 16:21:13 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     207326
IP address blocks:        82.152.174.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Tue 11 Apr 2023 13:00:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:cc:53:8e:77:fb:1d:f9:47:32:ce:04:1d:cc:9b:08:4b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Mar 10 16:21:13 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=603f68edc51b14903e1b48db370a26b2923eb57c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:b7:24:14:be:90:f1:1d:81:b3:e2:f4:41:6b:
                    c0:66:12:1d:ee:87:25:26:9e:04:e2:c7:35:f8:89:
                    ef:d0:d6:70:50:52:96:ea:06:91:7a:b5:7b:ba:74:
                    84:d4:7b:e5:df:2a:2d:b4:b5:cb:ea:00:07:c4:41:
                    0c:f6:a5:c1:de:94:46:d6:11:6c:78:b5:bd:6d:b9:
                    bc:28:5b:42:33:0b:83:c6:71:d9:28:5b:e6:76:1a:
                    39:b5:eb:37:83:ce:96:e1:2f:89:97:6d:60:63:0c:
                    7e:5e:7c:7c:b9:1d:91:31:49:fd:5f:5e:f7:b6:61:
                    77:32:09:bb:a5:52:44:3f:30:18:1e:a2:71:5f:74:
                    e2:c2:36:bb:ed:b9:0b:fb:2f:26:39:e2:f6:d7:ae:
                    fe:f0:de:b5:86:6f:65:48:f4:c5:e1:77:c7:76:33:
                    c6:2f:0a:f4:a8:7e:b8:07:70:74:6e:cb:87:aa:11:
                    fa:58:aa:93:c1:07:8c:0f:b9:20:28:d6:8e:c4:4f:
                    ad:95:58:aa:56:ea:a0:50:26:a6:80:92:7a:93:9c:
                    1e:64:96:b7:5b:e6:d7:42:35:77:04:6a:ce:1a:8c:
                    ec:8b:11:7b:d4:b4:a3:72:af:0a:8c:e9:ae:b2:28:
                    89:c1:a8:71:88:4b:d9:b1:f3:f8:7a:10:df:60:5f:
                    d2:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:3F:68:ED:C5:1B:14:90:3E:1B:48:DB:37:0A:26:B2:92:3E:B5:7C
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/YD9o7cUbFJA-G0jbNwomspI-tXw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.152.174.0/23

    Signature Algorithm: sha256WithRSAEncryption
         a3:ed:c6:8e:48:96:4c:63:a6:9a:b7:44:f8:3b:c0:57:02:61:
         01:71:db:b9:ce:99:0d:b1:09:d3:af:12:74:11:42:13:38:01:
         9a:7f:66:36:78:94:28:a1:93:52:52:8b:bd:e6:01:4d:55:38:
         62:a9:55:64:63:55:ca:57:aa:01:4e:50:e1:25:79:e5:20:85:
         20:34:44:55:59:29:84:26:d0:b0:d9:b7:64:b0:16:34:de:e0:
         ab:cf:83:d1:89:a9:5a:20:cc:96:48:1a:87:2e:1b:c4:c1:52:
         48:7e:cf:b9:0c:3d:13:69:36:ac:cb:d0:0b:c1:8d:c4:38:17:
         ea:2b:2e:4f:3d:9c:c6:ee:9d:2e:d3:6b:12:ba:f0:57:5b:bb:
         28:a1:d3:ba:35:f5:21:36:8d:08:1c:37:21:5a:c2:58:25:82:
         28:4b:47:99:19:4c:fd:29:4f:c7:5f:c4:98:38:bc:8b:1c:7f:
         6a:41:94:5f:a9:a6:fe:4f:ef:db:76:00:b5:de:e0:1c:fe:e7:
         d6:c0:7d:df:08:54:5a:b1:00:ca:59:fd:76:7a:04:c3:3f:f6:
         eb:1c:1d:0f:bb:45:76:0f:40:e9:3f:b9:db:57:0d:e8:7c:10:
         e4:5f:1d:01:4c:8f:0c:0d:e3:02:c0:02:45:4c:18:0b:9f:12:
         67:88:34:74
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYbMU453+x35RzLOBB3MmwhLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwMzEwMTYyMTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDNmNjhlZGM1MWIxNDkwM2UxYjQ4ZGIzNzBhMjZiMjkyM2ViNTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5bckFL6Q8R2Bs+L0QWvAZhId7ocl
Jp4E4sc1+Inv0NZwUFKW6gaRerV7unSE1Hvl3yottLXL6gAHxEEM9qXB3pRG1hFs
eLW9bbm8KFtCMwuDxnHZKFvmdho5tes3g86W4S+Jl21gYwx+Xnx8uR2RMUn9X173
tmF3Mgm7pVJEPzAYHqJxX3Tiwja77bkL+y8mOeL2167+8N61hm9lSPTF4XfHdjPG
Lwr0qH64B3B0bsuHqhH6WKqTwQeMD7kgKNaOxE+tlViqVuqgUCamgJJ6k5weZJa3
W+bXQjV3BGrOGozsixF71LSjcq8KjOmusiiJwahxiEvZsfP4ehDfYF/SfwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGA/aO3FGxSQPhtI2zcKJrKSPrV8MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvWUQ5bzdjVWJGSkEtRzBqYk53b21zcEktdFh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBUpiuMA0G
CSqGSIb3DQEBCwUAA4IBAQCj7caOSJZMY6aat0T4O8BXAmEBcdu5zpkNsQnTrxJ0
EUITOAGaf2Y2eJQooZNSUou95gFNVThiqVVkY1XKV6oBTlDhJXnlIIUgNERVWSmE
JtCw2bdksBY03uCrz4PRialaIMyWSBqHLhvEwVJIfs+5DD0TaTasy9ALwY3EOBfq
Ky5PPZzG7p0u02sSuvBXW7soodO6NfUhNo0IHDchWsJYJYIoS0eZGUz9KU/HX8SY
OLyLHH9qQZRfqab+T+/bdgC13uAc/ufWwH3fCFRasQDKWf12egTDP/brHB0Pu0V2
D0DpP7nbVw3ofBDkXx0BTI8MDeMCwAJFTBgLnxJniDR0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:16 2024 by rpki-client on console-fra.rpki-client.org