Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/dAgbV9Z2ZpC1Rmrka3rz871e0pY.roa
File:                     dAgbV9Z2ZpC1Rmrka3rz871e0pY.roa (raw, json)
Hash identifier:          FQw11EkcmAw6KIa28qW4RTcJ8B56RrS6xTmopfVDj90=
Subject key identifier:   74:08:1B:57:D6:76:66:90:B5:46:6A:E4:6B:7A:F3:F3:BD:5E:D2:96
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018CD45E24CE839C79D2D7B81AED865A23B8
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/dAgbV9Z2ZpC1Rmrka3rz871e0pY.roa
Signing time:             Thu 04 Jan 2024 12:06:28 +0000
ROA not before:           Thu 04 Jan 2024 12:06:28 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     150698
IP address blocks:        82.153.241.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Apr 2024 07:59:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:d4:5e:24:ce:83:9c:79:d2:d7:b8:1a:ed:86:5a:23:b8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jan  4 12:06:28 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=74081b57d6766690b5466ae46b7af3f3bd5ed296
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:f4:8c:89:f0:73:62:09:43:a3:d7:9d:23:4f:
                    ec:ed:bb:70:be:0d:90:21:01:e0:cb:02:27:46:ef:
                    5f:50:18:68:ba:ea:c0:b3:32:8f:df:a9:bf:18:3c:
                    0a:34:cf:6d:99:3a:82:37:b8:92:ad:cd:5e:0d:e0:
                    38:84:4f:df:1c:fc:ee:17:f5:4c:01:4b:5f:65:d3:
                    06:b4:97:c2:99:ef:c2:ea:e6:27:83:bc:b8:47:da:
                    e5:71:f0:53:80:3e:b4:e7:73:42:a2:24:ea:8a:a9:
                    86:99:8a:3c:08:2b:4b:6e:f6:32:f4:c0:b5:23:08:
                    b3:72:5c:d2:c8:f8:70:a4:4e:b1:cb:bd:fd:de:c9:
                    71:e2:f6:9c:63:e9:83:77:fe:91:fc:41:f7:07:1f:
                    63:4c:a3:82:87:09:d4:a2:2c:ed:69:4c:51:f0:1d:
                    79:1d:55:72:f3:76:6a:a8:c2:5f:1c:85:c0:7b:d3:
                    24:09:04:6c:16:94:6e:35:f7:2b:77:b2:7d:ec:30:
                    ad:3f:8c:30:53:5c:30:9d:45:5e:3b:de:2a:c4:e1:
                    b6:39:50:32:d7:62:9b:64:e7:03:a8:bb:38:be:27:
                    67:b9:37:e6:93:85:1c:54:d9:50:03:fd:1b:95:29:
                    6a:53:66:4a:57:5d:89:24:53:84:c5:b2:3d:dc:4e:
                    68:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:08:1B:57:D6:76:66:90:B5:46:6A:E4:6B:7A:F3:F3:BD:5E:D2:96
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/dAgbV9Z2ZpC1Rmrka3rz871e0pY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.241.0/24

    Signature Algorithm: sha256WithRSAEncryption
         97:6d:ad:33:56:49:97:5a:36:6e:5d:66:69:83:1c:8b:ca:5b:
         b9:55:d0:25:1e:90:8d:93:d9:a2:b6:01:97:76:09:67:de:25:
         70:fd:81:80:8f:46:3b:7f:ef:90:e1:c2:b7:67:67:d8:1a:26:
         88:88:8e:88:3b:11:bd:14:9c:b5:95:40:fe:34:55:c2:e3:9a:
         d5:45:8f:49:38:7f:cb:fc:ec:6e:16:68:e4:d0:68:ed:dc:fa:
         ba:8f:8b:9b:1b:79:c8:12:7a:b6:d7:ea:49:5f:46:44:1c:e9:
         29:44:eb:d4:4a:45:ea:6f:e3:fc:42:2e:33:55:aa:5c:0b:98:
         bd:92:3b:a3:33:f4:0a:61:40:21:81:43:d9:7d:4b:95:6e:4f:
         a9:57:b2:76:aa:bd:ad:fb:4e:b8:5e:63:9a:e5:2f:b4:4c:4d:
         4a:3f:41:dc:08:87:6a:51:d9:44:a0:12:88:f9:8a:c1:68:e1:
         46:78:f7:8a:fe:13:ce:4c:42:e1:dd:48:39:37:3e:4e:21:d5:
         27:8d:34:55:25:65:5c:1e:aa:2f:d1:bd:b7:a4:86:a6:35:8a:
         c5:04:aa:87:94:93:4f:6b:01:57:21:0f:6c:be:a9:3e:5a:4a:
         38:90:f0:18:81:bc:8f:fd:96:ac:c1:7b:08:fd:ad:ef:49:30:
         c3:9c:e4:34
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzUXiTOg5x50te4Gu2GWiO4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMTA0MTIwNjI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDA4MWI1N2Q2NzY2NjkwYjU0NjZhZTQ2YjdhZjNmM2JkNWVkMjk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh/SMifBzYglDo9edI0/s7btwvg2Q
IQHgywInRu9fUBhouurAszKP36m/GDwKNM9tmTqCN7iSrc1eDeA4hE/fHPzuF/VM
AUtfZdMGtJfCme/C6uYng7y4R9rlcfBTgD6053NCoiTqiqmGmYo8CCtLbvYy9MC1
IwizclzSyPhwpE6xy7393slx4vacY+mDd/6R/EH3Bx9jTKOChwnUoiztaUxR8B15
HVVy83ZqqMJfHIXAe9MkCQRsFpRuNfcrd7J97DCtP4wwU1wwnUVeO94qxOG2OVAy
12KbZOcDqLs4vidnuTfmk4UcVNlQA/0blSlqU2ZKV12JJFOExbI93E5okwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHQIG1fWdmaQtUZq5Gt68/O9XtKWMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvZEFnYlY5WjJacEMxUm1ya2Ezcno4NzFlMHBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpnxMA0G
CSqGSIb3DQEBCwUAA4IBAQCXba0zVkmXWjZuXWZpgxyLylu5VdAlHpCNk9mitgGX
dgln3iVw/YGAj0Y7f++Q4cK3Z2fYGiaIiI6IOxG9FJy1lUD+NFXC45rVRY9JOH/L
/OxuFmjk0Gjt3Pq6j4ubG3nIEnq21+pJX0ZEHOkpROvUSkXqb+P8Qi4zVapcC5i9
kjujM/QKYUAhgUPZfUuVbk+pV7J2qr2t+064XmOa5S+0TE1KP0HcCIdqUdlEoBKI
+YrBaOFGePeK/hPOTELh3Ug5Nz5OIdUnjTRVJWVcHqov0b23pIamNYrFBKqHlJNP
awFXIQ9svqk+Wko4kPAYgbyP/ZaswXsI/a3vSTDDnOQ0
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:24 2024 by rpki-client on console-ams.rpki-client.org