Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/YNEO0EFGbO7Klx2lL8VUs0uChGA.roa
File:                     YNEO0EFGbO7Klx2lL8VUs0uChGA.roa (raw, json)
Hash identifier:          gUdq90X++Md1Hj74FLrwjZ+psdmmSYdAiU4ZrjCoZQI=
Subject key identifier:   60:D1:0E:D0:41:46:6C:EE:CA:97:1D:A5:2F:C5:54:B3:4B:82:84:60
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018CC349551FA9CB41E299895439F322C99B
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/YNEO0EFGbO7Klx2lL8VUs0uChGA.roa
Signing time:             Mon 01 Jan 2024 04:30:12 +0000
ROA not before:           Mon 01 Jan 2024 04:30:12 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     59538
IP address blocks:        82.152.249.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 04 Apr 2024 10:14:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:49:55:1f:a9:cb:41:e2:99:89:54:39:f3:22:c9:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jan  1 04:30:12 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=60d10ed041466ceeca971da52fc554b34b828460
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:60:d1:55:dd:78:6f:34:38:fe:ca:bd:c3:cc:
                    55:b4:98:68:ab:95:77:30:dd:9b:c5:70:76:b5:b2:
                    a1:c4:43:7a:ce:05:ff:46:2f:f9:22:05:64:fa:d1:
                    60:e5:d8:ad:7a:79:44:44:bc:51:74:5c:4f:e7:01:
                    f2:e4:25:f6:85:14:f9:0d:f9:32:42:7e:a0:02:1c:
                    7d:f2:cf:c6:04:fe:86:65:01:bf:1c:41:79:62:6e:
                    b2:49:53:07:9c:bd:b0:45:26:b9:97:98:54:09:ff:
                    da:01:ce:b3:01:85:cb:a3:99:1e:2b:9d:65:33:cc:
                    8f:d4:ab:03:97:52:df:14:a3:df:0b:97:1a:af:cc:
                    7b:73:96:4f:a6:98:48:73:b0:61:aa:de:b6:f2:c8:
                    59:dd:7e:d2:15:5c:ef:d3:77:eb:d5:01:f3:3d:3d:
                    5c:ea:67:bd:e5:70:96:17:bf:6c:3e:d5:3d:71:fc:
                    85:4a:0c:e2:43:9f:12:b9:f2:aa:47:ea:b3:d5:d7:
                    f1:2f:b8:21:86:99:35:f4:9e:0b:bb:4f:6d:f2:11:
                    34:09:29:ca:2e:d3:ce:51:18:d3:82:df:bf:e2:14:
                    08:28:55:04:be:20:fc:1c:dc:2b:09:ff:22:42:21:
                    f7:1e:1d:bb:e3:72:7b:58:db:3b:d9:63:8c:7f:0c:
                    ce:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:D1:0E:D0:41:46:6C:EE:CA:97:1D:A5:2F:C5:54:B3:4B:82:84:60
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/YNEO0EFGbO7Klx2lL8VUs0uChGA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.152.249.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8c:39:52:ac:e6:68:07:b6:4d:d0:4b:35:fd:bc:21:23:fc:74:
         9d:44:07:f9:76:47:c6:78:80:52:5f:e1:29:ca:5f:d6:a9:90:
         2b:85:e2:a6:b1:39:e7:be:92:b1:ac:52:5c:b7:4e:7d:c2:8f:
         41:9f:b1:73:71:1e:eb:40:bf:23:2f:1a:92:0f:3c:88:8b:a1:
         e0:08:d5:9d:af:11:bf:c8:8c:49:3f:bf:ec:21:ec:12:ae:a4:
         3c:cc:d3:9d:05:7a:a7:f4:f8:46:5e:ab:6b:8e:51:b9:bb:1f:
         5f:08:18:0c:e7:d8:e2:7c:d1:91:dd:e4:d4:3e:9e:fd:a9:14:
         af:f7:b8:33:94:5b:ce:9b:b8:44:dd:e7:7b:5a:c0:dc:49:b6:
         45:c3:5f:26:d5:ae:d2:bc:1c:f2:23:8f:de:4b:9d:37:fc:c3:
         63:a6:f5:91:7a:ba:bd:8d:42:e9:3e:4c:74:69:2e:51:e1:6f:
         dc:2b:a2:11:3c:65:6a:04:76:50:45:40:ee:3f:70:c7:09:8e:
         ba:b4:ec:f9:cc:97:96:ff:50:82:a5:a0:45:8e:ef:c1:a0:09:
         74:16:71:96:94:8d:3b:b8:f0:7b:79:70:6d:b6:71:4a:95:48:
         6b:13:9e:a5:83:81:09:1a:cf:b2:22:0d:b6:17:ce:8e:bf:03:
         56:3d:49:80
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSVUfqctB4pmJVDnzIsmbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMTAxMDQzMDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGQxMGVkMDQxNDY2Y2VlY2E5NzFkYTUyZmM1NTRiMzRiODI4NDYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArWDRVd14bzQ4/sq9w8xVtJhoq5V3
MN2bxXB2tbKhxEN6zgX/Ri/5IgVk+tFg5ditenlERLxRdFxP5wHy5CX2hRT5Dfky
Qn6gAhx98s/GBP6GZQG/HEF5Ym6ySVMHnL2wRSa5l5hUCf/aAc6zAYXLo5keK51l
M8yP1KsDl1LfFKPfC5car8x7c5ZPpphIc7Bhqt628shZ3X7SFVzv03fr1QHzPT1c
6me95XCWF79sPtU9cfyFSgziQ58SufKqR+qz1dfxL7ghhpk19J4Lu09t8hE0CSnK
LtPOURjTgt+/4hQIKFUEviD8HNwrCf8iQiH3Hh2743J7WNs72WOMfwzOzwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGDRDtBBRmzuypcdpS/FVLNLgoRgMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvWU5FTzBFRkdiTzdLbHgybEw4VlVzMHVDaEdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpj5MA0G
CSqGSIb3DQEBCwUAA4IBAQCMOVKs5mgHtk3QSzX9vCEj/HSdRAf5dkfGeIBSX+Ep
yl/WqZArheKmsTnnvpKxrFJct059wo9Bn7FzcR7rQL8jLxqSDzyIi6HgCNWdrxG/
yIxJP7/sIewSrqQ8zNOdBXqn9PhGXqtrjlG5ux9fCBgM59jifNGR3eTUPp79qRSv
97gzlFvOm7hE3ed7WsDcSbZFw18m1a7SvBzyI4/eS503/MNjpvWRerq9jULpPkx0
aS5R4W/cK6IRPGVqBHZQRUDuP3DHCY66tOz5zJeW/1CCpaBFju/BoAl0FnGWlI07
uPB7eXBttnFKlUhrE56lg4EJGs+yIg22F86OvwNWPUmA
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:24 2024 by rpki-client on console-ams.rpki-client.org