Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/_SQEs9ZMez6p9Sb7GxvtgvHukes.roa
File:                     _SQEs9ZMez6p9Sb7GxvtgvHukes.roa (raw, json)
Hash identifier:          mVraGCp7ZpF3UBi5ffwpOJdhNU3U9+36w8ULNPgCKrw=
Subject key identifier:   FD:24:04:B3:D6:4C:7B:3E:A9:F5:26:FB:1B:1B:ED:82:F1:EE:91:EB
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018CC3495414AEB9FC453F9E9A881E830B3C
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/_SQEs9ZMez6p9Sb7GxvtgvHukes.roa
Signing time:             Mon 01 Jan 2024 04:30:11 +0000
ROA not before:           Mon 01 Jan 2024 04:30:11 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     49981
IP address blocks:        82.153.220.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 15 Jan 2024 11:42:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:49:54:14:ae:b9:fc:45:3f:9e:9a:88:1e:83:0b:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jan  1 04:30:11 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=fd2404b3d64c7b3ea9f526fb1b1bed82f1ee91eb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:f2:2c:48:7a:c7:5e:a0:41:bd:c8:53:ce:bb:
                    b4:10:39:76:0f:c6:3f:1b:38:3d:21:11:87:be:a5:
                    3d:5a:f0:7f:0c:70:be:17:c7:33:b6:ff:fa:f9:8e:
                    45:2f:8e:71:c3:1c:76:e4:6f:2d:d9:5b:04:22:07:
                    88:cc:47:d9:51:25:10:34:13:eb:99:f9:f3:dc:08:
                    c3:13:f9:d7:89:62:61:bd:b1:67:5d:fd:d1:bd:f4:
                    57:5a:16:84:5a:a5:63:f3:97:a6:2c:52:99:e4:3b:
                    20:44:da:a4:d9:f2:eb:a4:74:da:e5:ec:82:64:71:
                    b7:fb:2f:39:0b:4c:55:30:b3:bd:c7:61:04:9e:07:
                    05:fe:c8:89:72:54:fa:e1:95:40:e5:b0:bc:42:af:
                    a6:ba:bf:01:48:d3:d1:2a:3e:f9:df:8c:20:c9:a5:
                    68:a3:cc:42:6a:e2:02:96:57:d5:e1:07:89:ee:2a:
                    5c:56:ca:c8:50:0f:b2:22:5f:00:43:cd:73:99:49:
                    75:a4:43:b6:0d:ca:83:df:16:a1:c2:ab:18:3a:5a:
                    d8:f7:ae:e1:8c:29:06:ef:ac:bf:13:8e:5f:a2:c4:
                    23:71:64:2a:3c:06:05:ab:10:51:8a:85:c1:c3:98:
                    d2:10:b8:85:4c:1d:b3:3f:a3:8c:f4:cf:3e:7a:19:
                    88:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:24:04:B3:D6:4C:7B:3E:A9:F5:26:FB:1B:1B:ED:82:F1:EE:91:EB
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/_SQEs9ZMez6p9Sb7GxvtgvHukes.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.220.0/24

    Signature Algorithm: sha256WithRSAEncryption
         28:0a:4e:85:d8:d3:f9:41:98:de:fe:07:05:0c:28:f9:a5:65:
         b3:e0:79:8e:09:63:55:ad:f2:71:75:e6:14:6d:16:8f:c2:c6:
         bc:21:8e:5e:b6:74:68:25:a0:81:db:5b:ee:d7:00:42:0e:fa:
         e4:b9:ef:4d:64:52:2c:d5:88:4b:6b:dc:7c:37:33:78:29:35:
         8d:7b:8f:bd:c1:db:82:40:a2:95:71:d2:7a:e5:b2:88:23:ab:
         05:30:00:fe:fd:95:6e:c8:a2:60:cc:c0:cc:a6:8c:de:69:07:
         f6:d7:c4:f8:23:49:74:3a:4b:01:dc:ef:14:55:86:c2:b1:9e:
         f7:9a:ba:5c:5b:82:9f:23:7f:ce:a1:ed:02:cb:ff:a5:83:2e:
         6c:a2:3c:9b:32:1c:9e:10:56:dc:c8:13:ac:6b:d7:ec:7b:10:
         3c:fb:2d:1e:08:da:8f:c2:f4:c6:27:37:01:a8:d7:e2:2e:f6:
         3c:96:75:b4:db:f3:e7:6f:0f:7b:8a:79:80:15:05:31:ce:dd:
         c3:51:63:9a:28:74:3f:e1:5b:cd:a1:2f:bc:00:17:fb:3f:33:
         20:15:e8:ea:7a:7c:86:0a:ba:99:72:1b:2a:c1:11:d5:c2:95:
         92:1a:49:a6:b8:39:9a:70:6c:7d:dd:93:3f:30:c0:66:9f:5a:
         63:54:1a:cd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSVQUrrn8RT+emogegws8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMTAxMDQzMDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDI0MDRiM2Q2NGM3YjNlYTlmNTI2ZmIxYjFiZWQ4MmYxZWU5MWViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuvIsSHrHXqBBvchTzru0EDl2D8Y/
Gzg9IRGHvqU9WvB/DHC+F8cztv/6+Y5FL45xwxx25G8t2VsEIgeIzEfZUSUQNBPr
mfnz3AjDE/nXiWJhvbFnXf3RvfRXWhaEWqVj85emLFKZ5DsgRNqk2fLrpHTa5eyC
ZHG3+y85C0xVMLO9x2EEngcF/siJclT64ZVA5bC8Qq+mur8BSNPRKj7534wgyaVo
o8xCauICllfV4QeJ7ipcVsrIUA+yIl8AQ81zmUl1pEO2DcqD3xahwqsYOlrY967h
jCkG76y/E45fosQjcWQqPAYFqxBRioXBw5jSELiFTB2zP6OM9M8+ehmISQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP0kBLPWTHs+qfUm+xsb7YLx7pHrMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvX1NRRXM5Wk1lejZwOVNiN0d4dnRndkh1a2VzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpncMA0G
CSqGSIb3DQEBCwUAA4IBAQAoCk6F2NP5QZje/gcFDCj5pWWz4HmOCWNVrfJxdeYU
bRaPwsa8IY5etnRoJaCB21vu1wBCDvrkue9NZFIs1YhLa9x8NzN4KTWNe4+9wduC
QKKVcdJ65bKII6sFMAD+/ZVuyKJgzMDMpozeaQf218T4I0l0OksB3O8UVYbCsZ73
mrpcW4KfI3/Ooe0Cy/+lgy5sojybMhyeEFbcyBOsa9fsexA8+y0eCNqPwvTGJzcB
qNfiLvY8lnW02/Pnbw97inmAFQUxzt3DUWOaKHQ/4VvNoS+8ABf7PzMgFejqenyG
CrqZchsqwRHVwpWSGkmmuDmacGx93ZM/MMBmn1pjVBrN
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:16 2024 by rpki-client on console-fra.rpki-client.org