Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/c1APS1kQ3w6bWLThYJmel2P0Cig.roa
File:                     c1APS1kQ3w6bWLThYJmel2P0Cig.roa (raw, json)
Hash identifier:          eqt6XVEs4dgvC8zCtavyzXEZQD09I+91cWHPQysNvo0=
Subject key identifier:   73:50:0F:4B:59:10:DF:0E:9B:58:B4:E1:60:99:9E:97:63:F4:0A:28
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018C005AD4CAFA85AF1B878BEA06795D7762
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/c1APS1kQ3w6bWLThYJmel2P0Cig.roa
Signing time:             Fri 24 Nov 2023 08:03:21 +0000
ROA not before:           Fri 24 Nov 2023 08:03:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     31863
IP address blocks:        109.176.248.0/24 maxlen: 24
                          82.153.1.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 27 Nov 2023 09:07:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:00:5a:d4:ca:fa:85:af:1b:87:8b:ea:06:79:5d:77:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Nov 24 08:03:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=73500f4b5910df0e9b58b4e160999e9763f40a28
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:0c:61:f4:59:fb:a1:de:1e:0b:6a:08:e4:87:
                    f3:b8:2a:52:45:9c:2b:80:d7:61:f9:53:e7:57:cb:
                    2f:86:b7:a4:da:91:96:2a:44:09:c6:c3:51:c8:93:
                    dc:1e:92:38:e4:63:8c:28:88:56:b1:34:df:e9:bf:
                    93:8d:e7:99:15:82:ed:f1:78:bc:09:47:1a:29:0b:
                    78:40:bc:1b:d0:b4:66:ca:fd:bb:35:3a:eb:5f:f1:
                    f8:af:dc:76:b3:bc:af:c6:c4:72:e6:8e:e7:d2:39:
                    47:97:9e:4f:38:89:35:c3:23:77:e1:54:2e:1d:d9:
                    c8:18:52:bf:8f:95:72:b6:57:3d:7b:ee:a5:40:ec:
                    d6:14:23:13:53:b1:83:4c:98:a0:59:fe:cc:29:e7:
                    1e:f7:80:81:1b:5d:56:b6:2d:c5:9c:63:33:6a:3d:
                    01:b3:30:ff:fa:95:6e:b4:93:1b:11:69:5d:6e:34:
                    dd:af:84:4a:12:b9:be:67:0a:ca:20:dd:7b:a7:db:
                    37:fb:ee:32:3b:4f:71:8e:db:09:ab:ef:68:eb:75:
                    56:ce:a6:0b:78:36:63:b7:30:91:39:e8:ca:a6:fc:
                    b2:84:6f:c3:d6:2c:21:36:9d:22:7e:2a:03:dd:7e:
                    66:ea:65:c2:da:30:2c:99:d6:07:cc:05:dc:92:18:
                    a0:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:50:0F:4B:59:10:DF:0E:9B:58:B4:E1:60:99:9E:97:63:F4:0A:28
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/c1APS1kQ3w6bWLThYJmel2P0Cig.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.1.0/24
                  109.176.248.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a8:ec:fb:90:88:a4:ee:df:6e:37:7e:ab:2e:99:1c:6d:61:f8:
         e9:fe:f0:6c:a8:38:74:18:04:60:55:99:b2:1d:b1:da:c7:41:
         84:da:01:3b:85:23:84:5d:97:46:22:ce:ca:45:a1:71:5e:71:
         d1:e8:26:37:fa:e2:98:45:56:2b:95:26:91:3f:c4:44:8f:ed:
         ff:b5:2e:88:52:11:88:ea:52:41:3d:ce:f5:89:1e:6c:8a:63:
         f5:f3:dd:6e:e5:68:2b:af:90:63:6b:92:31:c7:41:8f:10:de:
         48:2b:57:57:9a:1b:3a:2a:8f:e4:dd:73:b7:a6:3d:8d:1b:48:
         2f:ce:64:f0:1c:e2:60:eb:bb:3b:4b:e6:93:1f:fa:6f:91:5e:
         d6:80:9b:68:6f:19:95:9d:ba:eb:51:e8:8f:20:ac:a1:06:e7:
         cf:b8:54:f8:f8:46:c7:ad:93:87:b5:6a:8f:a1:ea:39:59:01:
         3f:ad:77:87:b3:f1:b2:28:9c:64:1a:ec:9a:08:ad:f8:bc:43:
         3d:49:0e:10:e4:da:7d:33:10:44:a4:b3:fd:b9:cc:89:3c:85:
         3c:39:dd:a0:58:78:79:e2:ff:c3:f7:b6:62:ea:bc:52:bd:a1:
         64:a7:a5:f6:72:fc:c6:04:30:ee:5a:e3:67:6f:db:11:34:e4:
         db:b6:31:3d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYwAWtTK+oWvG4eL6gZ5XXdiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMxMTI0MDgwMzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzUwMGY0YjU5MTBkZjBlOWI1OGI0ZTE2MDk5OWU5NzYzZjQwYTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuAxh9Fn7od4eC2oI5IfzuCpSRZwr
gNdh+VPnV8svhrek2pGWKkQJxsNRyJPcHpI45GOMKIhWsTTf6b+TjeeZFYLt8Xi8
CUcaKQt4QLwb0LRmyv27NTrrX/H4r9x2s7yvxsRy5o7n0jlHl55POIk1wyN34VQu
HdnIGFK/j5Vytlc9e+6lQOzWFCMTU7GDTJigWf7MKece94CBG11Wti3FnGMzaj0B
szD/+pVutJMbEWldbjTdr4RKErm+ZwrKIN17p9s3++4yO09xjtsJq+9o63VWzqYL
eDZjtzCROejKpvyyhG/D1iwhNp0ifioD3X5m6mXC2jAsmdYHzAXckhig4QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHNQD0tZEN8Om1i04WCZnpdj9AooMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvYzFBUFMxa1EzdzZiV0xUaFlKbWVsMlAwQ2lnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUpkBAwQA
bbD4MA0GCSqGSIb3DQEBCwUAA4IBAQCo7PuQiKTu3243fqsumRxtYfjp/vBsqDh0
GARgVZmyHbHax0GE2gE7hSOEXZdGIs7KRaFxXnHR6CY3+uKYRVYrlSaRP8REj+3/
tS6IUhGI6lJBPc71iR5simP1891u5Wgrr5Bja5Ixx0GPEN5IK1dXmhs6Ko/k3XO3
pj2NG0gvzmTwHOJg67s7S+aTH/pvkV7WgJtobxmVnbrrUeiPIKyhBufPuFT4+EbH
rZOHtWqPoeo5WQE/rXeHs/GyKJxkGuyaCK34vEM9SQ4Q5Np9MxBEpLP9ucyJPIU8
Od2gWHh54v/D97Zi6rxSvaFkp6X2cvzGBDDuWuNnb9sRNOTbtjE9
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:24 2024 by rpki-client on console-ams.rpki-client.org