Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/_7Qg6dH-CAIdE1NYDpmrH-WcC6Q.roa
File:                     _7Qg6dH-CAIdE1NYDpmrH-WcC6Q.roa (raw, json)
Hash identifier:          9jNZWORmHfZfG7CSTS/TObCA0ydE2kuomChgBIGSWxY=
Subject key identifier:   FF:B4:20:E9:D1:FE:08:02:1D:13:53:58:0E:99:AB:1F:E5:9C:0B:A4
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       01885BFFE043CD48CFE465EE004B3F9007D1
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/_7Qg6dH-CAIdE1NYDpmrH-WcC6Q.roa
Signing time:             Sat 27 May 2023 06:57:55 +0000
ROA not before:           Sat 27 May 2023 06:57:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     3320
IP address blocks:        82.153.240.0/24 maxlen: 24
                          81.5.189.0/24 maxlen: 24
                          82.152.178.0/24 maxlen: 24
                          82.153.250.0/24 maxlen: 24
                          82.153.221.0/24 maxlen: 24
                          82.153.220.0/24 maxlen: 24
                          82.153.223.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 31 May 2023 08:27:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:5b:ff:e0:43:cd:48:cf:e4:65:ee:00:4b:3f:90:07:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: May 27 06:57:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ffb420e9d1fe08021d1353580e99ab1fe59c0ba4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:08:cf:a5:9a:15:e0:49:9b:cd:35:03:3f:4c:
                    21:79:46:1c:8e:30:71:23:0e:6d:74:c1:69:eb:35:
                    05:37:0f:f6:1f:51:e8:71:6d:eb:7e:fc:7d:04:04:
                    7c:b7:c3:8c:6e:6b:ae:18:fd:d0:f8:8a:24:9e:ed:
                    49:d1:87:e5:14:a8:13:63:ab:50:d8:75:f5:68:02:
                    6c:9c:3b:c9:53:25:01:0d:5d:3d:9a:0f:f2:72:c3:
                    b2:6a:08:90:e2:aa:c3:71:e8:e0:5d:61:26:9e:ef:
                    9d:8c:c7:7b:35:24:1d:47:45:54:05:40:c5:f1:ee:
                    82:53:a8:1c:c1:a9:5e:0f:3a:c7:9f:0b:f6:91:3e:
                    f7:27:71:c3:67:64:1b:4e:51:47:fa:3c:77:2d:e2:
                    16:51:b2:64:9b:fb:10:65:f0:2e:d2:48:e6:b2:f7:
                    3c:b6:f5:33:86:fc:d4:96:d5:11:75:17:7b:ca:bd:
                    2f:8c:f8:df:ba:a0:0c:5e:22:23:2f:1e:fe:f8:64:
                    b6:cd:6f:e3:8f:47:51:7c:ab:f7:fd:5f:4c:50:74:
                    ad:aa:ed:66:69:b5:ce:3d:12:24:fb:b8:35:9e:fa:
                    6b:45:62:61:24:8b:59:87:c9:d3:54:fe:f7:d8:63:
                    e5:a5:53:60:30:e4:1a:ce:f8:d4:da:18:ce:97:6c:
                    37:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:B4:20:E9:D1:FE:08:02:1D:13:53:58:0E:99:AB:1F:E5:9C:0B:A4
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/_7Qg6dH-CAIdE1NYDpmrH-WcC6Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.5.189.0/24
                  82.152.178.0/24
                  82.153.220.0/23
                  82.153.223.0/24
                  82.153.240.0/24
                  82.153.250.0/24

    Signature Algorithm: sha256WithRSAEncryption
         13:39:e3:40:6a:9a:b4:46:3a:46:c3:e2:8e:06:07:a0:9d:30:
         ba:e0:cf:3a:07:7d:01:f1:15:87:db:e4:43:0f:b7:bc:6e:d7:
         bd:5c:14:f9:f4:6c:2c:9d:12:91:d2:2d:a5:63:4f:20:68:25:
         1b:ed:4b:38:01:4b:a6:86:66:b4:08:ae:be:8f:75:30:e0:ba:
         21:ee:c1:b9:af:00:59:74:f3:c9:c4:ae:2d:37:23:3d:70:78:
         62:ff:cb:4e:d6:57:6a:6d:7e:61:fc:5a:a9:8f:c2:5e:70:7c:
         47:0d:e6:7a:35:30:47:bd:76:5d:7d:1b:f2:45:bf:00:f2:91:
         1f:54:99:7b:fc:59:61:d8:54:14:4a:64:47:a5:e3:be:77:b6:
         4c:61:48:61:1d:c5:ba:f2:1e:13:c2:19:e2:c5:8a:6e:f9:2a:
         de:55:fd:81:ec:86:69:e0:8e:cf:67:75:83:8e:7f:f0:03:be:
         ac:42:2f:59:bd:a0:7e:d0:91:30:40:aa:74:77:30:1b:af:67:
         90:5e:f1:35:48:4f:57:28:35:a9:ee:1a:36:9b:d2:2b:25:7d:
         d4:2e:c9:34:03:e7:e3:f6:ad:ed:4a:84:2e:8d:00:33:7f:bc:
         7c:60:ac:e9:96:de:82:bd:10:62:33:3f:d0:5e:fa:a6:68:bb:
         0f:ce:e3:eb
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYhb/+BDzUjP5GXuAEs/kAfRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNTI3MDY1NzU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZmI0MjBlOWQxZmUwODAyMWQxMzUzNTgwZTk5YWIxZmU1OWMwYmE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhQjPpZoV4EmbzTUDP0wheUYcjjBx
Iw5tdMFp6zUFNw/2H1HocW3rfvx9BAR8t8OMbmuuGP3Q+Ioknu1J0YflFKgTY6tQ
2HX1aAJsnDvJUyUBDV09mg/ycsOyagiQ4qrDcejgXWEmnu+djMd7NSQdR0VUBUDF
8e6CU6gcwaleDzrHnwv2kT73J3HDZ2QbTlFH+jx3LeIWUbJkm/sQZfAu0kjmsvc8
tvUzhvzUltURdRd7yr0vjPjfuqAMXiIjLx7++GS2zW/jj0dRfKv3/V9MUHStqu1m
abXOPRIk+7g1nvprRWJhJItZh8nTVP732GPlpVNgMOQazvjU2hjOl2w3FQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFP+0IOnR/ggCHRNTWA6Zqx/lnAukMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvXzdRZzZkSC1DQUlkRTFOWURwbXJILVdjQzZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAUQW9AwQA
UpiyAwQBUpncAwQAUpnfAwQAUpnwAwQAUpn6MA0GCSqGSIb3DQEBCwUAA4IBAQAT
OeNAapq0RjpGw+KOBgegnTC64M86B30B8RWH2+RDD7e8bte9XBT59GwsnRKR0i2l
Y08gaCUb7Us4AUumhma0CK6+j3Uw4Loh7sG5rwBZdPPJxK4tNyM9cHhi/8tO1ldq
bX5h/Fqpj8JecHxHDeZ6NTBHvXZdfRvyRb8A8pEfVJl7/Flh2FQUSmRHpeO+d7ZM
YUhhHcW68h4TwhnixYpu+SreVf2B7IZp4I7PZ3WDjn/wA76sQi9ZvaB+0JEwQKp0
dzAbr2eQXvE1SE9XKDWp7ho2m9IrJX3ULsk0A+fj9q3tSoQujQAzf7x8YKzplt6C
vRBiMz/QXvqmaLsPzuPr
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:16 2024 by rpki-client on console-fra.rpki-client.org