Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/_8pbHZdRmHjgLbLXxwybpNKpp3Q.roa
File:                     _8pbHZdRmHjgLbLXxwybpNKpp3Q.roa (raw, json)
Hash identifier:          qJlSqsDL5cmJtxq51f2t0dXHGfSQf2k7LLrn3xC8RbQ=
Subject key identifier:   FF:CA:5B:1D:97:51:98:78:E0:2D:B2:D7:C7:0C:9B:A4:D2:A9:A7:74
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018ECD9E99F8F9626EFD78E74B35FAEDE5BC
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/_8pbHZdRmHjgLbLXxwybpNKpp3Q.roa
Signing time:             Thu 11 Apr 2024 14:45:07 +0000
ROA not before:           Thu 11 Apr 2024 14:45:07 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     201670
IP address blocks:        82.153.245.0/24 maxlen: 24
                          82.163.16.0/24 maxlen: 24
                          109.176.193.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 24 Apr 2024 14:42:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:cd:9e:99:f8:f9:62:6e:fd:78:e7:4b:35:fa:ed:e5:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Apr 11 14:45:07 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=ffca5b1d97519878e02db2d7c70c9ba4d2a9a774
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:74:ae:7b:c6:f8:c9:2d:e8:5a:db:45:ef:88:
                    1c:5d:e7:6a:11:0a:76:66:d4:1b:30:f2:12:d3:a9:
                    6c:34:15:82:35:b2:42:f8:23:43:7f:be:34:af:05:
                    f4:3a:a7:91:29:ff:51:b1:d1:23:f7:d3:e7:12:38:
                    4a:e4:de:c7:91:68:c1:09:18:b6:87:22:21:4c:49:
                    95:86:58:e0:fe:93:49:a4:25:ac:08:de:d2:ea:cc:
                    ac:2b:d1:cc:d2:29:f5:7c:17:34:d7:14:b1:b2:10:
                    79:8f:89:fc:a5:bd:04:16:4a:e6:81:58:94:b2:23:
                    5f:e0:fd:02:57:2f:7f:6f:65:0c:8e:10:51:2e:cc:
                    2e:3e:63:c4:0e:52:1f:1b:97:92:63:82:7d:1b:87:
                    73:c7:93:ad:7e:73:11:c4:b6:2a:86:41:cc:69:c9:
                    50:03:6f:4c:8e:5b:c5:3d:34:4a:7b:37:1a:e3:e5:
                    2a:20:b6:c1:d5:f4:86:9b:8d:b0:7f:bc:16:31:b5:
                    de:b0:b4:f7:54:d3:e4:f6:b9:2d:33:a2:02:88:d6:
                    49:e3:6b:d5:7d:a4:7e:c3:f4:8c:80:c8:09:6d:3d:
                    ec:c7:d9:19:b0:8e:60:3c:ad:b8:45:ac:ea:8b:1e:
                    5b:05:c3:f4:55:92:31:5f:1a:a2:2c:9f:43:3a:1e:
                    bd:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:CA:5B:1D:97:51:98:78:E0:2D:B2:D7:C7:0C:9B:A4:D2:A9:A7:74
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/_8pbHZdRmHjgLbLXxwybpNKpp3Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.245.0/24
                  82.163.16.0/24
                  109.176.193.0/24

    Signature Algorithm: sha256WithRSAEncryption
         65:1d:e0:37:6f:1c:03:e6:b8:0d:57:5c:f5:34:4d:80:7a:b1:
         05:5e:49:78:c1:48:bc:c8:08:07:9b:68:63:7b:54:c3:60:a7:
         59:3a:7f:48:33:01:7d:55:5d:d0:c8:aa:de:5b:0b:1a:74:45:
         e6:a6:c1:c7:8c:cf:15:84:f5:4d:81:dc:39:45:2d:02:60:16:
         02:b5:5b:31:a4:a3:06:b5:2d:f7:72:7c:6a:bb:54:21:82:27:
         a1:ea:02:b7:43:b4:9a:1e:ed:7c:bc:7a:d8:22:8c:26:f1:e0:
         a9:7a:fb:d3:6a:71:73:62:53:31:0d:f5:97:35:99:6e:e0:6b:
         8d:b5:a8:87:13:a8:28:b7:3a:91:bd:94:1b:ca:7f:71:2e:ea:
         7a:d5:b3:1c:36:fa:f3:ef:d5:f6:92:1b:61:38:8c:43:ea:e5:
         11:45:2b:49:61:0e:5b:7a:ab:fc:cf:55:28:64:d5:23:1b:0e:
         be:4c:71:c3:03:6e:e8:1f:1d:d5:eb:1a:87:70:2a:16:8d:0a:
         bd:dd:9a:57:f7:b6:69:4a:5d:92:a3:f0:26:6c:ad:53:89:40:
         ea:2b:e7:26:48:0a:7e:5f:39:65:96:16:a4:f5:0b:2b:fe:92:
         19:fa:c1:8e:97:4e:2a:69:a7:ed:e5:cb:0d:a5:6a:28:b3:05:
         22:75:d2:43
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY7Nnpn4+WJu/XjnSzX67eW8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNDExMTQ0NTA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZmNhNWIxZDk3NTE5ODc4ZTAyZGIyZDdjNzBjOWJhNGQyYTlhNzc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo3Sue8b4yS3oWttF74gcXedqEQp2
ZtQbMPIS06lsNBWCNbJC+CNDf740rwX0OqeRKf9RsdEj99PnEjhK5N7HkWjBCRi2
hyIhTEmVhljg/pNJpCWsCN7S6sysK9HM0in1fBc01xSxshB5j4n8pb0EFkrmgViU
siNf4P0CVy9/b2UMjhBRLswuPmPEDlIfG5eSY4J9G4dzx5OtfnMRxLYqhkHMaclQ
A29MjlvFPTRKezca4+UqILbB1fSGm42wf7wWMbXesLT3VNPk9rktM6ICiNZJ42vV
faR+w/SMgMgJbT3sx9kZsI5gPK24Razqix5bBcP0VZIxXxqiLJ9DOh69QQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFP/KWx2XUZh44C2y18cMm6TSqad0MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvXzhwYkhaZFJtSGpnTGJMWHh3eWJwTktwcDNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUpn1AwQA
UqMQAwQAbbDBMA0GCSqGSIb3DQEBCwUAA4IBAQBlHeA3bxwD5rgNV1z1NE2AerEF
Xkl4wUi8yAgHm2hje1TDYKdZOn9IMwF9VV3QyKreWwsadEXmpsHHjM8VhPVNgdw5
RS0CYBYCtVsxpKMGtS33cnxqu1Qhgieh6gK3Q7SaHu18vHrYIowm8eCpevvTanFz
YlMxDfWXNZlu4GuNtaiHE6gotzqRvZQbyn9xLup61bMcNvrz79X2khthOIxD6uUR
RStJYQ5beqv8z1UoZNUjGw6+THHDA27oHx3V6xqHcCoWjQq93ZpX97ZpSl2So/Am
bK1TiUDqK+cmSAp+Xzlllhak9Qsr/pIZ+sGOl04qaaft5csNpWooswUiddJD
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:16 2024 by rpki-client on console-fra.rpki-client.org