Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/d67kXbg0IuyS-LSLNYZ-nSIynPQ.roa
File:                     d67kXbg0IuyS-LSLNYZ-nSIynPQ.roa (raw, json)
Hash identifier:          TPolZ5WL5k0c7QnAU71tCf4ouvJ1bKsTyPWlPIPd7H0=
Subject key identifier:   77:AE:E4:5D:B8:34:22:EC:92:F8:B4:8B:35:86:7E:9D:22:32:9C:F4
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       01888A921F71ADE8801958381AED348745BC
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/d67kXbg0IuyS-LSLNYZ-nSIynPQ.roa
Signing time:             Mon 05 Jun 2023 08:00:12 +0000
ROA not before:           Mon 05 Jun 2023 08:00:12 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     16509
IP address blocks:        82.152.174.0/23 maxlen: 23
                          82.153.208.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Fri 17 Nov 2023 14:01:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:8a:92:1f:71:ad:e8:80:19:58:38:1a:ed:34:87:45:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jun  5 08:00:12 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=77aee45db83422ec92f8b48b35867e9d22329cf4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:87:eb:65:0f:b8:c1:2c:5a:2a:c9:0a:e2:a4:
                    22:92:a5:8e:89:d8:d9:4c:7e:c3:99:c5:35:de:df:
                    ea:38:3a:b9:8a:1b:44:6e:cb:05:fe:ac:ea:41:7a:
                    cb:16:3f:77:53:cc:6c:80:c1:40:61:80:8b:0b:0e:
                    9d:81:a4:2a:31:94:4c:32:03:16:8e:03:10:53:0f:
                    fb:55:13:37:37:c5:cd:ea:2b:dd:11:e0:3c:83:39:
                    ff:22:3b:3f:80:72:fe:b0:fd:87:06:ab:2b:b2:59:
                    d7:d3:44:35:78:fc:20:04:b8:69:b3:30:20:3c:a5:
                    49:24:f3:93:68:53:63:c0:2b:2b:6b:b1:82:41:4d:
                    26:df:0a:ea:58:91:65:b3:ee:7a:3f:37:a0:86:71:
                    14:69:e9:0b:99:58:43:f1:12:eb:36:ff:fa:86:d0:
                    2e:e0:c1:4b:57:fe:38:46:8e:0a:7d:a8:b2:aa:b8:
                    91:eb:1c:11:76:b7:81:9b:6e:fd:b6:26:3b:c9:18:
                    66:bb:1d:da:ca:dc:e1:dd:43:a7:d9:fa:ce:03:2f:
                    d2:c1:cd:91:a5:ce:3a:32:d9:4a:79:47:1a:51:03:
                    66:8a:03:74:3c:23:ba:76:5e:52:26:51:c5:15:93:
                    57:2d:d0:1c:a6:21:c4:2d:cb:44:75:90:29:fc:1c:
                    47:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:AE:E4:5D:B8:34:22:EC:92:F8:B4:8B:35:86:7E:9D:22:32:9C:F4
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/d67kXbg0IuyS-LSLNYZ-nSIynPQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.152.174.0/23
                  82.153.208.0/22

    Signature Algorithm: sha256WithRSAEncryption
         61:bb:14:68:9a:93:8a:c5:72:f7:7d:da:a2:46:b1:e7:f0:fd:
         d1:07:35:fc:e8:33:2f:08:c5:44:01:7c:d4:d3:42:50:30:0c:
         47:eb:6c:a7:cd:41:18:54:16:8e:e0:25:f4:2b:82:78:bd:7f:
         79:51:ee:f7:bd:3a:ed:34:6f:16:ca:9b:fa:ca:5d:9b:44:77:
         ec:25:f4:99:47:a2:19:d6:98:71:cf:06:8d:40:2e:76:ac:2b:
         ee:56:40:f7:88:2e:e7:08:94:c1:bc:4d:dc:7e:23:58:a2:23:
         04:4d:a1:50:c1:51:20:f8:05:4b:d7:4f:28:5e:72:03:35:32:
         d8:7f:bc:8f:a9:58:76:6a:8e:03:f8:05:d4:14:17:26:c4:a1:
         80:2d:4f:2e:f1:54:de:01:a3:9c:65:67:d7:85:1b:86:fd:84:
         dd:4a:4d:05:e1:1d:7e:f2:7d:77:2d:83:f8:56:c5:af:a8:02:
         19:3f:42:9a:a9:c9:89:aa:26:17:d7:3d:55:05:a8:17:6d:3f:
         ea:31:0d:c7:ea:a0:d8:ec:1d:e4:ed:a6:ae:06:33:e4:b9:1b:
         6f:2b:62:fe:1b:28:f8:db:de:a0:54:e5:6c:43:7b:d9:fb:77:
         53:56:da:ff:80:08:9c:4e:41:85:de:42:2f:77:68:50:ad:8f:
         77:e6:5e:ae
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYiKkh9xreiAGVg4Gu00h0W8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNjA1MDgwMDEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2FlZTQ1ZGI4MzQyMmVjOTJmOGI0OGIzNTg2N2U5ZDIyMzI5Y2Y0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk4frZQ+4wSxaKskK4qQikqWOidjZ
TH7DmcU13t/qODq5ihtEbssF/qzqQXrLFj93U8xsgMFAYYCLCw6dgaQqMZRMMgMW
jgMQUw/7VRM3N8XN6ivdEeA8gzn/Ijs/gHL+sP2HBqsrslnX00Q1ePwgBLhpszAg
PKVJJPOTaFNjwCsra7GCQU0m3wrqWJFls+56PzeghnEUaekLmVhD8RLrNv/6htAu
4MFLV/44Ro4KfaiyqriR6xwRdreBm279tiY7yRhmux3aytzh3UOn2frOAy/Swc2R
pc46MtlKeUcaUQNmigN0PCO6dl5SJlHFFZNXLdAcpiHELctEdZAp/BxHrwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHeu5F24NCLskvi0izWGfp0iMpz0MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvZDY3a1hiZzBJdXlTLUxTTE5ZWi1uU0l5blBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBUpiuAwQC
UpnQMA0GCSqGSIb3DQEBCwUAA4IBAQBhuxRompOKxXL3fdqiRrHn8P3RBzX86DMv
CMVEAXzU00JQMAxH62ynzUEYVBaO4CX0K4J4vX95Ue73vTrtNG8Wypv6yl2bRHfs
JfSZR6IZ1phxzwaNQC52rCvuVkD3iC7nCJTBvE3cfiNYoiMETaFQwVEg+AVL108o
XnIDNTLYf7yPqVh2ao4D+AXUFBcmxKGALU8u8VTeAaOcZWfXhRuG/YTdSk0F4R1+
8n13LYP4VsWvqAIZP0KaqcmJqiYX1z1VBagXbT/qMQ3H6qDY7B3k7aauBjPkuRtv
K2L+Gyj4296gVOVsQ3vZ+3dTVtr/gAicTkGF3kIvd2hQrY935l6u
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:17 2024 by rpki-client on console-fra.rpki-client.org