Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/YZa1hxs9FRqkIP0qNRdBx4HoKTA.roa
File:                     YZa1hxs9FRqkIP0qNRdBx4HoKTA.roa (raw, json)
Hash identifier:          rY2Q4QVmhyrkKn4gM6TrEBqLxy9/ob+oPuU5eXyQZX4=
Subject key identifier:   61:96:B5:87:1B:3D:15:1A:A4:20:FD:2A:35:17:41:C7:81:E8:29:30
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       01891C7D74E891F4E1CB90631FD4B1E87870
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/YZa1hxs9FRqkIP0qNRdBx4HoKTA.roa
Signing time:             Mon 03 Jul 2023 16:02:11 +0000
ROA not before:           Mon 03 Jul 2023 16:02:11 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     63023
IP address blocks:        82.153.245.0/24 maxlen: 24
                          81.168.123.0/24 maxlen: 24
                          89.213.144.0/24 maxlen: 24
                          82.153.10.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 21 Sep 2023 16:02:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:1c:7d:74:e8:91:f4:e1:cb:90:63:1f:d4:b1:e8:78:70
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jul  3 16:02:11 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6196b5871b3d151aa420fd2a351741c781e82930
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:ac:28:af:b6:32:38:09:30:34:ff:15:b1:4a:
                    ef:80:d9:a2:28:81:57:e7:04:1c:09:c5:b4:c9:e5:
                    e6:a5:9b:96:4a:c4:69:2d:bc:a2:96:d3:ab:83:d1:
                    f1:2d:f5:e0:95:f2:40:7f:33:3a:a3:d3:c7:ca:75:
                    c8:b2:7d:b8:0e:c8:b6:22:e8:87:3a:d8:35:de:b7:
                    dc:03:f5:43:6f:e2:90:7b:4b:40:b7:89:d3:04:11:
                    ad:3d:cb:90:0e:98:16:01:c0:27:b0:f2:b5:b8:ec:
                    d4:37:b1:52:e8:50:42:e9:dd:eb:f0:fb:0f:25:22:
                    f5:46:2d:d0:1d:3f:08:2f:cf:29:73:7c:6f:28:80:
                    c2:88:de:61:9d:99:a8:5b:93:6c:13:60:82:b1:84:
                    04:a8:68:64:61:10:e5:64:09:d0:85:17:92:63:2e:
                    f7:3a:20:4d:1d:15:fc:d6:1d:78:ce:d1:fa:1d:f3:
                    ae:1a:2a:e4:f9:43:e7:38:fa:54:2a:25:94:47:8b:
                    3d:3f:ad:7f:db:18:62:4f:fe:aa:0b:f8:59:8a:13:
                    82:86:2f:fb:c7:28:9f:67:eb:f1:72:25:37:7a:a5:
                    47:1f:7c:66:34:b4:be:cd:ab:b6:a0:70:36:5a:00:
                    f6:e5:5b:9a:cf:a3:56:1d:36:85:73:6f:eb:78:80:
                    36:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:96:B5:87:1B:3D:15:1A:A4:20:FD:2A:35:17:41:C7:81:E8:29:30
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/YZa1hxs9FRqkIP0qNRdBx4HoKTA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.168.123.0/24
                  82.153.10.0/24
                  82.153.245.0/24
                  89.213.144.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7d:13:af:68:40:a5:1f:c1:35:99:30:7b:f2:e8:82:9a:26:4d:
         2b:36:6f:d8:22:10:98:6d:48:fc:a2:73:c0:2d:ae:3d:7f:91:
         dd:db:c7:59:d1:ef:56:2e:cc:a7:13:2f:86:69:b2:41:d3:16:
         d6:db:cc:97:0c:2c:bd:03:16:35:74:2f:c6:76:79:97:b4:2b:
         e4:4e:33:36:81:02:4b:33:6b:1a:ce:b3:94:a0:62:9f:c8:b9:
         3f:04:6a:05:63:9c:3e:bd:d7:f8:5a:c4:5b:d2:c3:60:98:01:
         74:7a:97:a2:e4:13:86:de:c9:b6:a4:4b:c0:77:6b:85:92:04:
         8a:73:48:9f:fc:7d:ff:7c:89:42:8d:fd:a7:dd:ba:08:f5:bb:
         94:9d:c9:08:a8:fd:a3:fe:0c:e5:fe:83:e2:b7:0b:80:44:11:
         e0:6d:88:78:f1:16:55:5e:4c:7c:1e:13:8a:f0:49:e9:85:90:
         44:da:0f:57:13:f8:6e:10:ca:52:63:49:98:18:3f:72:72:4f:
         a6:37:63:54:47:46:03:7a:d1:66:50:12:43:1a:89:36:eb:fc:
         db:e5:9a:b7:77:3e:53:b1:2e:ce:37:85:dc:94:82:89:be:2e:
         2b:8d:a4:7b:a6:13:7e:c2:f2:d9:48:30:85:8b:dd:b2:58:ec:
         bc:33:c4:5b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYkcfXTokfThy5BjH9Sx6HhwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNzAzMTYwMjExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTk2YjU4NzFiM2QxNTFhYTQyMGZkMmEzNTE3NDFjNzgxZTgyOTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiqwor7YyOAkwNP8VsUrvgNmiKIFX
5wQcCcW0yeXmpZuWSsRpLbyiltOrg9HxLfXglfJAfzM6o9PHynXIsn24Dsi2IuiH
Otg13rfcA/VDb+KQe0tAt4nTBBGtPcuQDpgWAcAnsPK1uOzUN7FS6FBC6d3r8PsP
JSL1Ri3QHT8IL88pc3xvKIDCiN5hnZmoW5NsE2CCsYQEqGhkYRDlZAnQhReSYy73
OiBNHRX81h14ztH6HfOuGirk+UPnOPpUKiWUR4s9P61/2xhiT/6qC/hZihOChi/7
xyifZ+vxciU3eqVHH3xmNLS+zau2oHA2WgD25Vuaz6NWHTaFc2/reIA2lwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGGWtYcbPRUapCD9KjUXQceB6CkwMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvWVphMWh4czlGUnFrSVAwcU5SZEJ4NEhvS1RBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAUah7AwQA
UpkKAwQAUpn1AwQAWdWQMA0GCSqGSIb3DQEBCwUAA4IBAQB9E69oQKUfwTWZMHvy
6IKaJk0rNm/YIhCYbUj8onPALa49f5Hd28dZ0e9WLsynEy+GabJB0xbW28yXDCy9
AxY1dC/GdnmXtCvkTjM2gQJLM2sazrOUoGKfyLk/BGoFY5w+vdf4WsRb0sNgmAF0
epei5BOG3sm2pEvAd2uFkgSKc0if/H3/fIlCjf2n3boI9buUnckIqP2j/gzl/oPi
twuARBHgbYh48RZVXkx8HhOK8EnphZBE2g9XE/huEMpSY0mYGD9yck+mN2NUR0YD
etFmUBJDGok26/zb5Zq3dz5TsS7ON4XclIKJvi4rjaR7phN+wvLZSDCFi92yWOy8
M8Rb
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:24 2024 by rpki-client on console-ams.rpki-client.org