Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/coDVxjBHeYxJE61-hpw6ubmIeg4.roa
File:                     coDVxjBHeYxJE61-hpw6ubmIeg4.roa (raw, json)
Hash identifier:          iDjnGSkOZESIedebMq0fKrdl6d/M5ezwWY3YPwIKi38=
Subject key identifier:   72:80:D5:C6:30:47:79:8C:49:13:AD:7E:86:9C:3A:B9:B9:88:7A:0E
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       0188C46C7EACA170005A0E144EE6FB96124C
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/coDVxjBHeYxJE61-hpw6ubmIeg4.roa
Signing time:             Fri 16 Jun 2023 13:37:04 +0000
ROA not before:           Fri 16 Jun 2023 13:37:04 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211936
IP address blocks:        82.153.250.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 13 Aug 2023 15:29:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:c4:6c:7e:ac:a1:70:00:5a:0e:14:4e:e6:fb:96:12:4c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jun 16 13:37:04 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7280d5c63047798c4913ad7e869c3ab9b9887a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:f5:3d:61:0d:d5:e2:5a:eb:a5:b7:8a:68:08:
                    08:82:9b:a7:3b:cf:c0:19:49:57:31:d5:2b:b5:06:
                    41:69:af:fb:4f:1c:01:ce:dc:57:cf:b4:2d:65:67:
                    ef:62:ff:2a:cb:86:13:9c:9f:5f:f3:b8:5a:0a:88:
                    f0:56:5f:1b:0d:97:6d:33:93:26:e1:c7:88:4a:9f:
                    5b:85:94:09:06:eb:be:4a:15:55:61:5c:d5:ea:e5:
                    50:5e:c1:db:6d:5f:0a:03:80:72:5d:73:ae:d2:eb:
                    c4:f3:4a:a2:b4:2d:a0:ad:85:3f:22:e3:cf:a7:53:
                    29:58:92:1b:bf:54:cb:60:62:ce:62:77:cf:72:49:
                    2e:cc:f5:54:82:3c:cb:14:40:19:2b:1a:e8:2c:3d:
                    35:8d:6f:7d:bb:97:ee:57:a9:25:ad:36:fd:2f:89:
                    c1:8c:97:86:88:d3:b5:f6:3b:eb:62:75:4d:da:cc:
                    2c:bb:0b:93:7d:3c:b6:76:ea:0c:fa:97:6f:67:8e:
                    c7:55:d7:bf:42:ef:61:5e:59:26:76:4a:77:a9:31:
                    04:f0:e1:37:41:5f:ac:5c:d3:d2:ae:23:98:96:60:
                    b9:7b:6c:68:7f:9c:01:99:40:86:de:e9:64:59:1a:
                    e8:85:43:de:d6:a5:60:e4:c9:68:c7:ab:04:0e:ce:
                    38:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:80:D5:C6:30:47:79:8C:49:13:AD:7E:86:9C:3A:B9:B9:88:7A:0E
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/coDVxjBHeYxJE61-hpw6ubmIeg4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.250.0/24

    Signature Algorithm: sha256WithRSAEncryption
         83:5d:3c:af:25:73:52:8a:06:f3:0e:39:c6:fa:b7:77:d6:7d:
         75:a4:21:1c:53:2a:8a:7d:76:9d:8c:d0:12:23:17:db:90:31:
         ed:f9:ce:be:bb:22:54:34:c0:38:df:36:0a:df:69:08:c4:89:
         30:2d:99:c4:c1:2f:fb:9c:17:cd:61:0e:14:bb:b7:a8:0c:96:
         6c:21:62:f8:ff:47:b7:a2:86:37:b6:61:67:5a:9f:e9:46:c0:
         2e:c5:43:8c:fd:bf:10:d4:ad:31:1d:64:b1:c2:5d:a8:31:26:
         e1:43:e9:2c:7f:6f:43:53:4d:d9:85:c1:2a:97:8d:48:83:c5:
         2c:db:92:49:b2:99:ae:52:7f:f0:75:27:af:11:d0:e3:00:bd:
         54:18:dd:da:1a:1a:dc:6f:b4:e1:8b:e2:5d:d2:2c:79:e3:be:
         55:63:69:be:65:a5:8a:31:ca:cc:7d:9e:27:6a:02:7b:e7:03:
         6e:a6:38:a0:89:54:bc:59:d6:1a:fe:28:24:e2:b0:de:d2:64:
         e4:07:69:89:c0:a3:08:99:91:61:51:73:4e:e7:42:f1:40:e4:
         27:d4:d8:81:23:56:70:c9:7a:63:2e:fd:35:10:8d:ee:df:53:
         e2:bd:9a:d8:a4:09:21:f9:4a:53:fc:d9:e0:b1:19:0a:2d:eb:
         a1:92:eb:98
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYjEbH6soXAAWg4UTub7lhJMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNjE2MTMzNzA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjgwZDVjNjMwNDc3OThjNDkxM2FkN2U4NjljM2FiOWI5ODg3YTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAifU9YQ3V4lrrpbeKaAgIgpunO8/A
GUlXMdUrtQZBaa/7TxwBztxXz7QtZWfvYv8qy4YTnJ9f87haCojwVl8bDZdtM5Mm
4ceISp9bhZQJBuu+ShVVYVzV6uVQXsHbbV8KA4ByXXOu0uvE80qitC2grYU/IuPP
p1MpWJIbv1TLYGLOYnfPckkuzPVUgjzLFEAZKxroLD01jW99u5fuV6klrTb9L4nB
jJeGiNO19jvrYnVN2swsuwuTfTy2duoM+pdvZ47HVde/Qu9hXlkmdkp3qTEE8OE3
QV+sXNPSriOYlmC5e2xof5wBmUCG3ulkWRrohUPe1qVg5Mlox6sEDs44YwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHKA1cYwR3mMSROtfoacOrm5iHoOMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvY29EVnhqQkhlWXhKRTYxLWhwdzZ1Ym1JZWc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpn6MA0G
CSqGSIb3DQEBCwUAA4IBAQCDXTyvJXNSigbzDjnG+rd31n11pCEcUyqKfXadjNAS
IxfbkDHt+c6+uyJUNMA43zYK32kIxIkwLZnEwS/7nBfNYQ4Uu7eoDJZsIWL4/0e3
ooY3tmFnWp/pRsAuxUOM/b8Q1K0xHWSxwl2oMSbhQ+ksf29DU03ZhcEql41Ig8Us
25JJspmuUn/wdSevEdDjAL1UGN3aGhrcb7Thi+Jd0ix5475VY2m+ZaWKMcrMfZ4n
agJ75wNupjigiVS8WdYa/igk4rDe0mTkB2mJwKMImZFhUXNO50LxQOQn1NiBI1Zw
yXpjLv01EI3u31PivZrYpAkh+UpT/NngsRkKLeuhkuuY
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:24 2024 by rpki-client on console-ams.rpki-client.org