Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Ztk7KCCrINYwh1Dz1wV3mj3Wa2k.roa
File:                     Ztk7KCCrINYwh1Dz1wV3mj3Wa2k.roa (raw, json)
Hash identifier:          /MOdOQPs9FYvOGGTikrZXBbD4trSuOEhZn32IO4rOT0=
Subject key identifier:   66:D9:3B:28:20:AB:20:D6:30:87:50:F3:D7:05:77:9A:3D:D6:6B:69
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018CAB1969752DA64DD3B2C1C93A2E7A8936
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Ztk7KCCrINYwh1Dz1wV3mj3Wa2k.roa
Signing time:             Wed 27 Dec 2023 11:46:58 +0000
ROA not before:           Wed 27 Dec 2023 11:46:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     42831
IP address blocks:        82.153.66.0/24 maxlen: 24
                          82.152.110.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:30:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:ab:19:69:75:2d:a6:4d:d3:b2:c1:c9:3a:2e:7a:89:36
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Dec 27 11:46:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=66d93b2820ab20d6308750f3d705779a3dd66b69
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:4d:e8:a3:95:a6:b1:5a:cd:b4:01:b2:2a:7d:
                    e6:a7:7c:a8:98:6f:44:bd:89:45:30:12:3a:1b:9c:
                    d6:c2:16:7e:4f:4f:d9:12:d3:62:7a:d7:ae:a7:cd:
                    f3:72:b1:44:3b:e7:e8:c6:b1:cd:ad:89:ff:c6:b9:
                    54:c7:65:67:b9:2f:c1:65:95:73:26:44:28:36:79:
                    0b:64:d4:be:9c:ed:45:b7:bd:25:f1:bd:e1:c0:8d:
                    55:19:74:64:01:10:31:4d:07:06:e8:09:f0:de:12:
                    bc:4b:ba:2e:70:02:9c:3e:c8:f6:c2:cd:d4:f2:6a:
                    f6:5f:a4:74:7c:0f:7d:6b:68:04:db:85:5f:d6:54:
                    b5:e7:2a:15:7b:e0:00:87:36:1a:27:38:2e:cc:ec:
                    46:06:96:e6:8a:f4:b1:43:4c:3e:25:0f:87:df:85:
                    d4:55:42:53:aa:dd:be:c9:03:0c:ee:c4:45:54:cc:
                    86:08:87:4f:a0:ff:3a:53:da:d8:69:ec:f9:98:54:
                    46:09:d0:86:73:f9:78:e3:ef:f5:8e:6b:19:77:77:
                    d7:9a:fd:ba:02:f9:99:ba:a1:af:04:54:7d:ba:01:
                    b8:3b:e4:e1:f6:3b:f4:34:69:49:20:e1:d5:c5:6a:
                    e9:cb:66:b2:b6:5d:20:1b:6b:92:16:44:dc:8d:8a:
                    86:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:D9:3B:28:20:AB:20:D6:30:87:50:F3:D7:05:77:9A:3D:D6:6B:69
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Ztk7KCCrINYwh1Dz1wV3mj3Wa2k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.152.110.0/24
                  82.153.66.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6c:af:12:23:e3:bc:28:92:e4:dc:62:4e:0c:be:21:08:3a:ba:
         82:8f:61:9b:37:aa:11:88:55:e8:bd:51:1a:a9:44:44:ec:50:
         15:d8:06:95:e2:63:2c:7c:76:3d:81:d3:8c:63:a6:a3:76:f3:
         9d:6c:68:63:80:78:bc:74:0a:7d:47:32:f2:ad:d3:9d:4a:4b:
         db:3d:67:6a:6c:54:bb:d5:06:a2:e4:f4:a1:28:2b:1f:b1:a7:
         1d:83:d6:df:0b:2a:11:4d:89:ca:28:a9:60:be:d8:fd:1b:36:
         3a:f2:f6:a7:a1:1e:a9:76:47:74:03:8d:57:52:47:35:ea:bd:
         04:f5:85:01:9a:03:20:44:a4:f4:51:25:e8:cb:c9:81:66:90:
         e2:19:19:cc:53:e5:e8:9c:83:c7:3c:e8:ca:ed:d5:29:6b:a5:
         d2:48:8b:7b:d1:cc:52:ca:37:5f:e1:19:0f:ff:fd:90:28:9a:
         a7:dd:8d:ea:b4:61:80:82:08:11:9f:85:a4:8b:2b:4a:c8:0f:
         dc:c5:c0:45:db:87:81:de:a2:68:e1:8b:a2:dc:a4:19:e4:9f:
         8b:d9:c3:4a:91:28:35:f1:29:71:19:85:9c:09:a9:e8:fa:8f:
         46:c5:c1:d9:f3:a7:d7:9f:0f:8d:f5:d0:95:be:99:3f:39:d0:
         4d:49:79:a3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYyrGWl1LaZN07LByToueok2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMxMjI3MTE0NjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NmQ5M2IyODIwYWIyMGQ2MzA4NzUwZjNkNzA1Nzc5YTNkZDY2YjY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmk3oo5WmsVrNtAGyKn3mp3yomG9E
vYlFMBI6G5zWwhZ+T0/ZEtNieteup83zcrFEO+foxrHNrYn/xrlUx2VnuS/BZZVz
JkQoNnkLZNS+nO1Ft70l8b3hwI1VGXRkARAxTQcG6Anw3hK8S7oucAKcPsj2ws3U
8mr2X6R0fA99a2gE24Vf1lS15yoVe+AAhzYaJzguzOxGBpbmivSxQ0w+JQ+H34XU
VUJTqt2+yQMM7sRFVMyGCIdPoP86U9rYaez5mFRGCdCGc/l44+/1jmsZd3fXmv26
AvmZuqGvBFR9ugG4O+Th9jv0NGlJIOHVxWrpy2aytl0gG2uSFkTcjYqGdQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGbZOyggqyDWMIdQ89cFd5o91mtpMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvWnRrN0tDQ3JJTll3aDFEejF3VjNtajNXYTJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUphuAwQA
UplCMA0GCSqGSIb3DQEBCwUAA4IBAQBsrxIj47wokuTcYk4MviEIOrqCj2GbN6oR
iFXovVEaqURE7FAV2AaV4mMsfHY9gdOMY6ajdvOdbGhjgHi8dAp9RzLyrdOdSkvb
PWdqbFS71Qai5PShKCsfsacdg9bfCyoRTYnKKKlgvtj9GzY68vanoR6pdkd0A41X
Ukc16r0E9YUBmgMgRKT0USXoy8mBZpDiGRnMU+XonIPHPOjK7dUpa6XSSIt70cxS
yjdf4RkP//2QKJqn3Y3qtGGAgggRn4WkiytKyA/cxcBF24eB3qJo4Yui3KQZ5J+L
2cNKkSg18SlxGYWcCano+o9GxcHZ86fXnw+N9dCVvpk/OdBNSXmj
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:24 2024 by rpki-client on console-ams.rpki-client.org