Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/dHHxn_ZrkWOM2_K4q0ezPO-DjCU.roa
File:                     dHHxn_ZrkWOM2_K4q0ezPO-DjCU.roa (raw, json)
Hash identifier:          GKJwHNANDZQ3pZIDlkEOuzh0FXyACQGYg1MN3T0QyCk=
Subject key identifier:   74:71:F1:9F:F6:6B:91:63:8C:DB:F2:B8:AB:47:B3:3C:EF:83:8C:25
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       0188239863136C7E4574FA2D95871C7AD044
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/dHHxn_ZrkWOM2_K4q0ezPO-DjCU.roa
Signing time:             Tue 16 May 2023 08:06:09 +0000
ROA not before:           Tue 16 May 2023 08:06:09 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     49468
IP address blocks:        82.153.32.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 06 Sep 2023 07:34:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:23:98:63:13:6c:7e:45:74:fa:2d:95:87:1c:7a:d0:44
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: May 16 08:06:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7471f19ff66b91638cdbf2b8ab47b33cef838c25
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:55:f6:52:b5:a5:25:5f:28:8b:d8:05:01:18:
                    97:0a:93:59:b3:06:c8:cd:9f:2b:2a:ab:0a:d3:82:
                    b4:e8:27:ee:54:81:83:7b:6c:cc:ea:94:a1:07:3d:
                    e4:b4:be:85:ef:32:4e:58:18:fa:17:22:a8:06:48:
                    94:23:49:10:b5:2c:65:f1:8b:7e:6a:11:42:a3:19:
                    71:12:92:bf:da:f5:0e:17:fe:a8:10:f7:c8:a5:eb:
                    54:73:63:d9:b5:f9:f5:46:45:7b:93:87:b3:b2:90:
                    33:ae:45:23:aa:3e:a5:84:98:ad:6a:b5:0e:a9:5f:
                    a7:02:9d:da:ef:aa:6a:b1:00:be:77:7b:2c:8e:6b:
                    34:91:fd:54:71:1e:a4:e5:d5:7d:9d:51:ac:d4:66:
                    5f:5b:c4:3b:7e:41:be:43:c4:c9:18:19:d6:f6:74:
                    0d:a4:96:2f:76:82:ec:62:a3:bd:33:d1:70:20:82:
                    e5:e5:e0:9b:0d:ca:83:ce:25:40:32:d2:71:9d:1f:
                    e6:a7:f5:1a:01:00:61:15:07:fc:d5:a5:09:4f:51:
                    6a:b5:e4:f2:de:e7:91:7b:65:29:05:49:31:de:c0:
                    5f:3a:8a:0a:3b:71:15:4d:9a:ca:66:ca:60:02:08:
                    bd:d9:86:c0:0e:ed:b3:9d:0f:8c:65:fe:8a:55:3a:
                    ab:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:71:F1:9F:F6:6B:91:63:8C:DB:F2:B8:AB:47:B3:3C:EF:83:8C:25
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/dHHxn_ZrkWOM2_K4q0ezPO-DjCU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.32.0/24

    Signature Algorithm: sha256WithRSAEncryption
         72:18:f0:24:ed:ef:b6:3e:b4:6e:77:ba:7c:e1:ed:08:22:cd:
         a2:1d:58:7f:ef:8b:8a:ad:88:dc:db:05:7f:28:10:28:9e:38:
         9e:60:21:61:13:b6:54:a3:03:d3:dc:a1:7d:c0:94:46:d3:61:
         d3:73:73:00:2c:b3:82:c2:83:dd:be:44:8f:c2:84:35:29:12:
         ae:00:24:34:14:e0:ce:b5:20:c0:69:95:2d:1f:ce:59:ac:27:
         50:70:c5:50:e3:04:d9:16:f0:6b:88:ab:e0:f8:56:1c:d7:3d:
         7d:7e:04:0f:cc:2e:7e:25:55:a5:e4:c0:e0:03:22:d6:9f:cf:
         30:0b:cf:28:e9:1f:8f:c2:54:8d:1d:0a:10:d0:92:15:cc:36:
         f6:42:af:d9:1d:fb:0f:2a:14:2e:c0:f8:1d:53:82:aa:ad:17:
         aa:8a:0f:23:f1:47:7f:df:4b:7a:2a:32:fd:14:2f:ab:1e:bb:
         d3:73:57:8b:61:28:f9:d2:48:9d:07:86:ea:b0:cd:ce:20:60:
         24:15:7d:c2:fe:68:c2:af:1c:93:37:1c:fb:7e:50:c8:93:c9:
         1a:44:fb:9a:99:22:6a:62:8a:5c:c5:8b:46:59:e0:0b:83:66:
         6b:38:1c:35:95:e0:61:c5:06:b0:e2:a9:96:77:5e:a7:1d:99:
         d5:c7:ae:20
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYgjmGMTbH5FdPotlYccetBEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNTE2MDgwNjA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDcxZjE5ZmY2NmI5MTYzOGNkYmYyYjhhYjQ3YjMzY2VmODM4YzI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjVX2UrWlJV8oi9gFARiXCpNZswbI
zZ8rKqsK04K06CfuVIGDe2zM6pShBz3ktL6F7zJOWBj6FyKoBkiUI0kQtSxl8Yt+
ahFCoxlxEpK/2vUOF/6oEPfIpetUc2PZtfn1RkV7k4ezspAzrkUjqj6lhJitarUO
qV+nAp3a76pqsQC+d3ssjms0kf1UcR6k5dV9nVGs1GZfW8Q7fkG+Q8TJGBnW9nQN
pJYvdoLsYqO9M9FwIILl5eCbDcqDziVAMtJxnR/mp/UaAQBhFQf81aUJT1FqteTy
3ueRe2UpBUkx3sBfOooKO3EVTZrKZspgAgi92YbADu2znQ+MZf6KVTqrlwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHRx8Z/2a5FjjNvyuKtHszzvg4wlMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvZEhIeG5fWnJrV09NMl9LNHEwZXpQTy1EakNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpkgMA0G
CSqGSIb3DQEBCwUAA4IBAQByGPAk7e+2PrRud7p84e0IIs2iHVh/74uKrYjc2wV/
KBAonjieYCFhE7ZUowPT3KF9wJRG02HTc3MALLOCwoPdvkSPwoQ1KRKuACQ0FODO
tSDAaZUtH85ZrCdQcMVQ4wTZFvBriKvg+FYc1z19fgQPzC5+JVWl5MDgAyLWn88w
C88o6R+PwlSNHQoQ0JIVzDb2Qq/ZHfsPKhQuwPgdU4KqrReqig8j8Ud/30t6KjL9
FC+rHrvTc1eLYSj50kidB4bqsM3OIGAkFX3C/mjCrxyTNxz7flDIk8kaRPuamSJq
YopcxYtGWeALg2ZrOBw1leBhxQaw4qmWd16nHZnVx64g
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:17 2024 by rpki-client on console-fra.rpki-client.org