Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/aX7_L3Z21teFQc1nOG6RvVDHWgM.roa
File:                     aX7_L3Z21teFQc1nOG6RvVDHWgM.roa (raw, json)
Hash identifier:          or5bKIhDIS8S9A/ZvVhQoKb0cl1c3imX3tT5+LRuL20=
Subject key identifier:   69:7E:FF:2F:76:76:D6:D7:85:41:CD:67:38:6E:91:BD:50:C7:5A:03
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018F2E173327427130F86CD8A3C61C7C8D92
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/aX7_L3Z21teFQc1nOG6RvVDHWgM.roa
Signing time:             Tue 30 Apr 2024 08:20:23 +0000
ROA not before:           Tue 30 Apr 2024 08:20:23 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     151872
IP address blocks:        82.153.50.0/24 maxlen: 24
                          109.176.22.0/24 maxlen: 24
                          213.218.233.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 01 May 2024 07:42:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:2e:17:33:27:42:71:30:f8:6c:d8:a3:c6:1c:7c:8d:92
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Apr 30 08:20:23 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=697eff2f7676d6d78541cd67386e91bd50c75a03
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:07:82:63:f6:4a:77:25:58:66:9b:3a:9f:c6:
                    27:98:94:d3:b0:de:30:43:1a:f8:7a:89:70:bc:e9:
                    e1:2a:a4:01:c4:39:b2:b9:8f:a1:7b:f0:f9:26:0a:
                    d2:cd:21:0b:26:76:29:fe:2a:01:89:3d:fb:55:68:
                    64:04:b5:6f:bc:d0:4b:29:e9:a5:03:44:e0:30:93:
                    9e:ee:c4:c5:25:8c:fa:a0:0d:5c:c5:67:16:63:ef:
                    a1:dd:06:0b:2a:b1:6c:a7:25:3a:7b:c9:eb:0e:22:
                    9d:28:ad:16:6c:75:6a:dc:b3:7e:9c:a8:b6:0e:23:
                    9a:f6:e5:5b:cd:68:99:73:83:ce:53:12:47:8c:4d:
                    34:2a:cf:17:a4:25:5f:d8:6c:0d:93:ac:9a:e0:dc:
                    02:0f:51:f8:69:50:b8:59:76:2a:33:b3:01:4b:f6:
                    c5:bc:a3:9f:8c:90:c4:c0:1d:f4:59:bb:c0:ac:91:
                    68:0a:70:74:50:89:32:f7:5b:70:8b:df:ba:b0:b0:
                    17:f0:a7:13:b2:54:f3:cf:39:3e:0d:dd:90:47:87:
                    4c:b6:9f:1a:b7:0c:78:7c:ec:2c:50:ea:09:7f:8a:
                    54:57:10:cd:58:c5:16:e6:43:af:cc:53:88:43:2e:
                    8c:28:8a:36:8e:f1:f9:0b:9d:22:aa:02:dd:01:8d:
                    80:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:7E:FF:2F:76:76:D6:D7:85:41:CD:67:38:6E:91:BD:50:C7:5A:03
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/aX7_L3Z21teFQc1nOG6RvVDHWgM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.50.0/24
                  109.176.22.0/24
                  213.218.233.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3b:af:9c:0d:73:f4:9d:05:f4:6a:0d:a8:09:df:c8:81:85:50:
         8e:6e:f1:10:3b:92:69:28:48:f6:1e:d3:2d:db:8e:2c:60:03:
         ef:12:c1:9d:29:d8:68:41:d0:ba:14:d8:6c:48:5f:02:94:1f:
         1e:88:96:25:99:18:9b:64:5d:31:48:a0:46:0b:84:90:2e:34:
         ef:35:ed:0a:09:bf:e5:7e:61:9e:cc:46:73:88:11:38:0f:b0:
         1e:55:f9:c9:5f:52:9b:f9:4e:d2:43:7d:2d:42:dd:c6:47:24:
         26:f0:3e:2e:63:09:c7:93:dc:6c:82:89:06:02:0f:e4:41:a5:
         e3:57:26:48:ad:d1:05:a6:e8:a7:b9:8f:cc:6f:25:81:ac:4b:
         37:09:d8:8b:0b:2b:9f:b6:46:e7:68:49:a8:da:aa:78:66:11:
         64:30:34:53:88:f2:af:04:61:00:86:ab:33:98:f6:26:1a:93:
         4b:5a:39:63:ba:78:c2:7a:c3:ad:6b:44:34:96:52:fc:cf:c5:
         5c:57:88:a6:d0:24:9e:52:48:80:71:5a:19:27:69:e4:33:a7:
         5c:9f:0e:c4:de:87:8f:30:1c:80:1d:8c:9b:26:70:96:00:b5:
         e4:9f:87:27:87:12:14:6c:f0:1d:fc:0b:d8:3f:19:91:92:66:
         43:8a:0e:cd
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY8uFzMnQnEw+GzYo8YcfI2SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNDMwMDgyMDIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTdlZmYyZjc2NzZkNmQ3ODU0MWNkNjczODZlOTFiZDUwYzc1YTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0geCY/ZKdyVYZps6n8YnmJTTsN4w
Qxr4eolwvOnhKqQBxDmyuY+he/D5JgrSzSELJnYp/ioBiT37VWhkBLVvvNBLKeml
A0TgMJOe7sTFJYz6oA1cxWcWY++h3QYLKrFspyU6e8nrDiKdKK0WbHVq3LN+nKi2
DiOa9uVbzWiZc4POUxJHjE00Ks8XpCVf2GwNk6ya4NwCD1H4aVC4WXYqM7MBS/bF
vKOfjJDEwB30WbvArJFoCnB0UIky91twi9+6sLAX8KcTslTzzzk+Dd2QR4dMtp8a
twx4fOwsUOoJf4pUVxDNWMUW5kOvzFOIQy6MKIo2jvH5C50iqgLdAY2APwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGl+/y92dtbXhUHNZzhukb1Qx1oDMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvYVg3X0wzWjIxdGVGUWMxbk9HNlJ2VkRIV2dNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUpkyAwQA
bbAWAwQA1drpMA0GCSqGSIb3DQEBCwUAA4IBAQA7r5wNc/SdBfRqDagJ38iBhVCO
bvEQO5JpKEj2HtMt244sYAPvEsGdKdhoQdC6FNhsSF8ClB8eiJYlmRibZF0xSKBG
C4SQLjTvNe0KCb/lfmGezEZziBE4D7AeVfnJX1Kb+U7SQ30tQt3GRyQm8D4uYwnH
k9xsgokGAg/kQaXjVyZIrdEFpuinuY/MbyWBrEs3CdiLCyuftkbnaEmo2qp4ZhFk
MDRTiPKvBGEAhqszmPYmGpNLWjljunjCesOta0Q0llL8z8VcV4im0CSeUkiAcVoZ
J2nkM6dcnw7E3oePMByAHYybJnCWALXkn4cnhxIUbPAd/AvYPxmRkmZDig7N
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:24 2024 by rpki-client on console-ams.rpki-client.org