Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Z8iEk3e4vIpfEO5NwAZOFpv-mEM.roa
File:                     Z8iEk3e4vIpfEO5NwAZOFpv-mEM.roa (raw, json)
Hash identifier:          cS38OF7VVFi32vRJL0D5zsBLySTt+hoWncbUdVPrj0A=
Subject key identifier:   67:C8:84:93:77:B8:BC:8A:5F:10:EE:4D:C0:06:4E:16:9B:FE:98:43
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018571FA2E20273095A511A76602C7E344EF
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Z8iEk3e4vIpfEO5NwAZOFpv-mEM.roa
Signing time:             Mon 02 Jan 2023 10:14:59 +0000
ROA not before:           Mon 02 Jan 2023 10:14:59 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211439
IP address blocks:        82.153.249.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 15 Feb 2023 10:06:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:fa:2e:20:27:30:95:a5:11:a7:66:02:c7:e3:44:ef
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jan  2 10:14:59 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=67c8849377b8bc8a5f10ee4dc0064e169bfe9843
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:f9:66:31:87:02:cb:e2:40:73:08:64:e6:ea:
                    c4:63:13:41:4d:d9:53:bb:9a:8f:25:6c:6a:f1:67:
                    c6:e8:e4:09:07:16:c4:7e:f1:5c:43:df:02:f2:51:
                    2b:2d:4b:9c:fb:54:b7:1f:6c:0f:3d:df:ea:29:91:
                    cf:c3:4d:e4:1e:57:c7:da:79:d0:81:12:0c:53:16:
                    35:ba:cf:32:dc:42:f9:c0:0b:e4:e0:0c:c3:de:42:
                    bb:ae:e4:6e:ff:ab:08:38:b8:27:81:53:77:6a:81:
                    c5:d7:9d:f1:e6:34:94:3c:2e:8d:14:2b:2c:f7:f4:
                    7d:53:10:1c:de:e2:6c:02:1f:bd:a3:6f:c7:79:a6:
                    b6:67:6c:f9:78:4e:3b:d1:ee:d8:ae:c6:b9:0a:67:
                    73:cd:9a:c3:da:67:ee:8d:46:47:47:39:0e:9a:56:
                    a9:59:de:f6:56:a4:05:c1:dc:36:2e:89:71:b7:40:
                    f8:7d:a2:25:4b:82:d1:9b:f3:e7:8a:4f:6f:bb:b2:
                    95:a6:90:42:05:68:55:ed:fd:41:16:e0:14:86:cd:
                    a1:2c:02:e9:28:f8:8a:c9:17:e5:af:20:f0:36:cf:
                    62:a0:0c:92:40:52:f3:c9:24:3a:d8:3a:0c:e7:b3:
                    2c:43:3b:d3:31:66:16:dd:7b:fa:eb:ed:46:42:0d:
                    85:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:C8:84:93:77:B8:BC:8A:5F:10:EE:4D:C0:06:4E:16:9B:FE:98:43
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Z8iEk3e4vIpfEO5NwAZOFpv-mEM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.249.0/24

    Signature Algorithm: sha256WithRSAEncryption
         29:8a:52:50:34:cc:2f:eb:93:fb:a0:93:4e:b0:f7:b0:ad:24:
         e6:62:de:5a:91:84:d1:c5:3b:e1:9f:39:ce:8a:45:8c:5f:c1:
         9a:e8:66:ef:d8:62:8e:87:15:a9:1b:4e:0b:94:3a:29:69:cd:
         c5:e2:c9:c7:45:6e:a0:e8:49:76:bc:4d:b8:82:46:17:d8:d3:
         b3:b0:12:5a:77:43:0e:b9:ea:bd:b8:c5:45:41:28:9a:3b:da:
         f5:1c:0b:08:9d:c1:14:ae:e7:30:f0:39:ab:93:0b:7e:15:82:
         b1:54:88:2d:1f:f0:80:ae:21:4c:10:4c:46:31:ee:c4:77:2b:
         56:77:60:ac:76:a1:de:ad:bf:c1:d4:7a:d1:06:60:77:8c:42:
         d9:fc:0c:ae:60:09:37:6d:09:3b:1c:5a:60:85:d1:2c:73:d1:
         a6:e5:0c:e2:f9:eb:b7:34:1d:f4:a8:83:d7:2d:77:5a:70:29:
         4d:65:19:61:50:a5:8e:20:cd:76:bd:fe:64:d9:c0:c8:6c:08:
         cb:7a:59:84:aa:ef:00:72:df:3b:34:13:85:c6:f8:07:bc:3a:
         d4:5c:11:57:3a:d0:fb:35:6f:b0:6b:9f:9b:30:79:b0:68:be:
         b9:f8:8c:6d:f6:5b:79:2f:08:b8:f9:d1:d8:8e:05:ef:52:c6:
         d5:97:6d:0e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVx+i4gJzCVpRGnZgLH40TvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwMTAyMTAxNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2M4ODQ5Mzc3YjhiYzhhNWYxMGVlNGRjMDA2NGUxNjliZmU5ODQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoflmMYcCy+JAcwhk5urEYxNBTdlT
u5qPJWxq8WfG6OQJBxbEfvFcQ98C8lErLUuc+1S3H2wPPd/qKZHPw03kHlfH2nnQ
gRIMUxY1us8y3EL5wAvk4AzD3kK7ruRu/6sIOLgngVN3aoHF153x5jSUPC6NFCss
9/R9UxAc3uJsAh+9o2/Heaa2Z2z5eE470e7Yrsa5CmdzzZrD2mfujUZHRzkOmlap
Wd72VqQFwdw2Lolxt0D4faIlS4LRm/Pnik9vu7KVppBCBWhV7f1BFuAUhs2hLALp
KPiKyRflryDwNs9ioAySQFLzySQ62DoM57MsQzvTMWYW3Xv66+1GQg2F7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGfIhJN3uLyKXxDuTcAGThab/phDMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvWjhpRWszZTR2SXBmRU81TndBWk9GcHYtbUVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpn5MA0G
CSqGSIb3DQEBCwUAA4IBAQApilJQNMwv65P7oJNOsPewrSTmYt5akYTRxTvhnznO
ikWMX8Ga6Gbv2GKOhxWpG04LlDopac3F4snHRW6g6El2vE24gkYX2NOzsBJad0MO
ueq9uMVFQSiaO9r1HAsIncEUrucw8Dmrkwt+FYKxVIgtH/CAriFMEExGMe7EdytW
d2CsdqHerb/B1HrRBmB3jELZ/AyuYAk3bQk7HFpghdEsc9Gm5Qzi+eu3NB30qIPX
LXdacClNZRlhUKWOIM12vf5k2cDIbAjLelmEqu8Act87NBOFxvgHvDrUXBFXOtD7
NW+wa5+bMHmwaL65+Ixt9lt5Lwi4+dHYjgXvUsbVl20O
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:16 2024 by rpki-client on console-fra.rpki-client.org