Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/YDrnfJ9QhgfAG3-pNLOoUBv_dMU.roa
File:                     YDrnfJ9QhgfAG3-pNLOoUBv_dMU.roa (raw, json)
Hash identifier:          nZKU+Z/ZBntNTeFC2eVIFd2G/fBrI/+XKZ2YQ/jx7Tk=
Subject key identifier:   60:3A:E7:7C:9F:50:86:07:C0:1B:7F:A9:34:B3:A8:50:1B:FF:74:C5
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       01868325257B7D7F79DB7458A6EC52957635
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/YDrnfJ9QhgfAG3-pNLOoUBv_dMU.roa
Signing time:             Fri 24 Feb 2023 11:18:15 +0000
ROA not before:           Fri 24 Feb 2023 11:18:15 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204843
IP address blocks:        82.153.242.0/24 maxlen: 24
                          82.153.65.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 15 Mar 2023 11:22:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:83:25:25:7b:7d:7f:79:db:74:58:a6:ec:52:95:76:35
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Feb 24 11:18:15 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=603ae77c9f508607c01b7fa934b3a8501bff74c5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:8c:45:76:59:21:51:0e:cb:da:36:22:23:cd:
                    45:a4:bf:67:24:ae:0d:27:f6:ca:7e:39:a4:35:6f:
                    96:a5:c9:c4:b4:f9:d8:38:31:34:d0:7f:2a:18:83:
                    ab:d7:68:dc:c0:ec:70:c1:2d:9d:d0:8f:2c:25:c2:
                    1d:ba:c8:e0:13:80:58:83:60:5e:d8:2a:fb:e5:60:
                    1e:84:8b:85:52:39:1a:b4:49:1a:a4:71:7c:18:a5:
                    dd:0a:54:06:34:48:d5:67:b8:84:e9:40:01:99:40:
                    97:20:76:63:28:0c:a6:50:af:d8:c8:ee:f4:09:bb:
                    d1:11:8e:bd:4e:c3:0d:67:ff:ee:e5:c8:b2:a1:60:
                    cf:66:91:b7:19:3c:ff:1f:a0:74:dd:90:a0:b0:59:
                    7f:c0:c6:52:c2:cf:6b:3f:87:21:bb:0e:0b:3c:98:
                    ee:ba:62:05:2e:33:50:f7:06:ec:e5:01:d3:c1:22:
                    74:18:f3:60:71:63:fb:14:3e:7e:ba:6a:68:59:97:
                    d4:f1:55:14:9b:34:db:3c:50:de:b1:37:f7:3d:39:
                    da:99:54:29:98:94:63:9c:01:fd:2b:5a:80:60:3b:
                    4c:16:e6:69:de:60:0b:fe:86:dd:ba:12:fc:7e:13:
                    55:2c:44:78:f4:7d:51:81:ca:a1:7b:3f:02:a7:bf:
                    05:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:3A:E7:7C:9F:50:86:07:C0:1B:7F:A9:34:B3:A8:50:1B:FF:74:C5
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/YDrnfJ9QhgfAG3-pNLOoUBv_dMU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.65.0/24
                  82.153.242.0/24

    Signature Algorithm: sha256WithRSAEncryption
         89:ba:13:92:b7:90:bb:5a:73:0e:f0:bb:dc:08:86:9f:bf:e7:
         3e:63:50:e6:c0:0f:e5:42:09:28:70:73:4b:53:8f:ef:4c:ef:
         df:7b:41:d1:e7:fc:1a:0f:87:34:9f:66:fb:09:d0:76:78:a9:
         37:0b:44:24:18:e9:2a:74:5c:94:ab:0f:25:78:01:8f:4a:2f:
         94:0d:d6:fe:e9:92:77:b1:ce:af:f2:75:58:e5:ec:c4:c7:7e:
         ce:a6:8e:6c:f4:cf:24:38:0c:0d:07:35:06:ab:19:d3:17:06:
         75:b2:3c:47:e4:9d:16:00:55:d8:5c:bb:8a:39:41:0c:46:f5:
         a8:d5:41:bd:e2:ca:3a:ff:d4:a6:a5:77:cf:03:40:7c:b6:04:
         a9:85:c4:4a:6a:fd:35:95:c7:64:bb:4e:2e:04:c6:4c:1f:e9:
         d5:5e:9a:81:6a:d0:10:0f:49:79:0a:32:67:d6:49:b0:2d:85:
         ec:49:a9:eb:e0:ca:c2:db:d5:97:d2:43:be:15:d8:90:03:a2:
         6a:7d:98:e4:fe:93:96:1b:d2:1d:a4:f5:70:96:90:dd:9e:df:
         92:84:47:69:9b:9d:d1:cd:20:cf:55:95:ff:54:25:27:6c:a0:
         9e:6b:f9:0e:2f:6d:8f:14:04:26:c8:7a:a5:3f:9c:6e:22:29:
         85:45:44:c1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYaDJSV7fX9523RYpuxSlXY1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwMjI0MTExODE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDNhZTc3YzlmNTA4NjA3YzAxYjdmYTkzNGIzYTg1MDFiZmY3NGM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgIxFdlkhUQ7L2jYiI81FpL9nJK4N
J/bKfjmkNW+WpcnEtPnYODE00H8qGIOr12jcwOxwwS2d0I8sJcIdusjgE4BYg2Be
2Cr75WAehIuFUjkatEkapHF8GKXdClQGNEjVZ7iE6UABmUCXIHZjKAymUK/YyO70
CbvREY69TsMNZ//u5ciyoWDPZpG3GTz/H6B03ZCgsFl/wMZSws9rP4chuw4LPJju
umIFLjNQ9wbs5QHTwSJ0GPNgcWP7FD5+umpoWZfU8VUUmzTbPFDesTf3PTnamVQp
mJRjnAH9K1qAYDtMFuZp3mAL/obduhL8fhNVLER49H1Rgcqhez8Cp78FGwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGA653yfUIYHwBt/qTSzqFAb/3TFMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvWURybmZKOVFoZ2ZBRzMtcE5MT29VQnZfZE1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUplBAwQA
UpnyMA0GCSqGSIb3DQEBCwUAA4IBAQCJuhOSt5C7WnMO8LvcCIafv+c+Y1DmwA/l
QgkocHNLU4/vTO/fe0HR5/waD4c0n2b7CdB2eKk3C0QkGOkqdFyUqw8leAGPSi+U
Ddb+6ZJ3sc6v8nVY5ezEx37Opo5s9M8kOAwNBzUGqxnTFwZ1sjxH5J0WAFXYXLuK
OUEMRvWo1UG94so6/9SmpXfPA0B8tgSphcRKav01lcdku04uBMZMH+nVXpqBatAQ
D0l5CjJn1kmwLYXsSanr4MrC29WX0kO+FdiQA6JqfZjk/pOWG9IdpPVwlpDdnt+S
hEdpm53RzSDPVZX/VCUnbKCea/kOL22PFAQmyHqlP5xuIimFRUTB
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:24 2024 by rpki-client on console-ams.rpki-client.org