Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/blSivS_xVnhwiAihQ_HPdyUJ75k.roa
File:                     blSivS_xVnhwiAihQ_HPdyUJ75k.roa (raw, json)
Hash identifier:          ogSOe42oFr+Mr4JcSHZcpxaNmQNWjioOLZ5j252RI7Q=
Subject key identifier:   6E:54:A2:BD:2F:F1:56:78:70:88:08:A1:43:F1:CF:77:25:09:EF:99
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018CAB1794E649EF3D891992F54F1B1049C8
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/blSivS_xVnhwiAihQ_HPdyUJ75k.roa
Signing time:             Wed 27 Dec 2023 11:44:58 +0000
ROA not before:           Wed 27 Dec 2023 11:44:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61112
IP address blocks:        82.153.1.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:30:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:ab:17:94:e6:49:ef:3d:89:19:92:f5:4f:1b:10:49:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Dec 27 11:44:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6e54a2bd2ff15678708808a143f1cf772509ef99
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:29:e9:03:0b:1e:06:e0:81:a4:e5:43:a3:fb:
                    67:ca:23:8d:e1:1d:6b:64:c8:f2:e2:14:bd:30:c9:
                    24:7f:58:52:a4:40:f7:15:41:df:2d:90:11:2e:17:
                    89:64:71:a9:0f:93:6d:ee:9c:8c:64:48:d2:97:27:
                    8a:fb:ac:0d:66:4e:77:c9:3e:db:a7:08:13:a3:1c:
                    dd:4d:ad:14:72:3b:cf:9a:83:c7:60:f1:7d:c9:aa:
                    40:8d:cf:ef:17:eb:f8:b7:85:93:5e:6e:28:38:59:
                    c2:02:8b:41:3c:7c:84:d7:54:ab:e6:2e:fb:c2:ea:
                    ec:f7:79:dc:bd:a9:5c:a6:25:f7:81:b8:2b:38:d6:
                    db:6b:e0:db:bf:91:62:7c:9a:2c:68:94:4f:48:e8:
                    69:eb:a8:10:bf:36:9b:1d:75:7c:19:c8:e2:49:be:
                    f6:9c:01:64:ca:17:59:9f:53:36:1c:7b:75:8d:dd:
                    e9:ea:b3:fc:b5:fa:96:72:e0:8d:d6:e3:76:2a:19:
                    c2:b4:d3:04:97:81:e3:8b:3d:28:cc:30:52:3f:2e:
                    07:ca:0d:70:13:ff:6b:69:4e:79:b9:53:9f:d1:e2:
                    54:83:76:7c:6e:c6:98:0c:af:88:50:41:83:e4:e0:
                    d7:d9:fa:87:54:d6:e8:42:83:8e:c9:a9:33:64:bb:
                    0c:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:54:A2:BD:2F:F1:56:78:70:88:08:A1:43:F1:CF:77:25:09:EF:99
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/blSivS_xVnhwiAihQ_HPdyUJ75k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.1.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1b:3e:48:b4:37:6c:b7:27:19:c9:6e:b7:08:d8:63:f9:43:31:
         18:9d:bf:27:09:2a:8c:b2:a0:14:c4:22:87:4f:0b:8f:6f:c8:
         ae:fb:95:ea:31:f9:96:5c:e9:82:40:bb:ea:eb:37:65:8b:ce:
         88:f5:e6:43:73:e7:34:15:c1:15:ae:6e:90:1f:27:0a:3b:0b:
         a7:e1:f2:6c:a1:05:be:60:50:9d:4c:ea:0a:1a:17:4a:44:45:
         01:b1:6b:f6:aa:2e:d5:ed:ac:9c:08:62:2a:8d:45:f9:97:96:
         4c:e8:61:cd:e0:f8:bb:0f:89:76:21:ab:64:10:76:3f:2c:46:
         bf:92:4b:80:5d:f1:d2:d3:6d:0f:f0:dd:b5:28:a1:25:a8:2e:
         8c:7f:f5:68:0d:32:c4:75:ac:b1:10:b9:7a:c8:bd:4a:f7:ac:
         fa:af:18:28:3f:a0:88:f7:52:11:c3:4a:e7:90:22:d5:27:17:
         0a:aa:7c:2d:84:ba:92:e6:18:3e:3d:c9:9c:52:95:72:db:4d:
         0d:52:20:a7:89:93:57:bc:c3:59:a6:bd:1b:47:97:bd:7c:87:
         85:be:c9:a9:b0:4d:1d:de:6b:f6:1f:57:c8:a8:a3:4e:fa:14:
         9c:33:63:be:e6:d9:fe:73:96:7c:d4:92:ca:59:6b:60:51:92:
         fa:3d:e4:fe
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYyrF5TmSe89iRmS9U8bEEnIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMxMjI3MTE0NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTU0YTJiZDJmZjE1Njc4NzA4ODA4YTE0M2YxY2Y3NzI1MDllZjk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiSnpAwseBuCBpOVDo/tnyiON4R1r
ZMjy4hS9MMkkf1hSpED3FUHfLZARLheJZHGpD5Nt7pyMZEjSlyeK+6wNZk53yT7b
pwgToxzdTa0UcjvPmoPHYPF9yapAjc/vF+v4t4WTXm4oOFnCAotBPHyE11Sr5i77
wurs93ncvalcpiX3gbgrONbba+Dbv5FifJosaJRPSOhp66gQvzabHXV8GcjiSb72
nAFkyhdZn1M2HHt1jd3p6rP8tfqWcuCN1uN2KhnCtNMEl4Hjiz0ozDBSPy4Hyg1w
E/9raU55uVOf0eJUg3Z8bsaYDK+IUEGD5ODX2fqHVNboQoOOyakzZLsMJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG5Uor0v8VZ4cIgIoUPxz3clCe+ZMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvYmxTaXZTX3hWbmh3aUFpaFFfSFBkeVVKNzVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpkBMA0G
CSqGSIb3DQEBCwUAA4IBAQAbPki0N2y3JxnJbrcI2GP5QzEYnb8nCSqMsqAUxCKH
TwuPb8iu+5XqMfmWXOmCQLvq6zdli86I9eZDc+c0FcEVrm6QHycKOwun4fJsoQW+
YFCdTOoKGhdKREUBsWv2qi7V7aycCGIqjUX5l5ZM6GHN4Pi7D4l2IatkEHY/LEa/
kkuAXfHS020P8N21KKElqC6Mf/VoDTLEdayxELl6yL1K96z6rxgoP6CI91IRw0rn
kCLVJxcKqnwthLqS5hg+PcmcUpVy200NUiCniZNXvMNZpr0bR5e9fIeFvsmpsE0d
3mv2H1fIqKNO+hScM2O+5tn+c5Z81JLKWWtgUZL6PeT+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:16 2024 by rpki-client on console-fra.rpki-client.org