Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/dgu0L0Cr1DyRglNONVcZOt517H0.roa
File:                     dgu0L0Cr1DyRglNONVcZOt517H0.roa (raw, json)
Hash identifier:          b0QT/4tH9bApW3BpY23ar+7v8FVZDxULfWoOTn96u9o=
Subject key identifier:   76:0B:B4:2F:40:AB:D4:3C:91:82:53:4E:35:57:19:3A:DE:75:EC:7D
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018842809C44D8DA8980965106410EBCBF1D
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/dgu0L0Cr1DyRglNONVcZOt517H0.roa
Signing time:             Mon 22 May 2023 08:08:24 +0000
ROA not before:           Mon 22 May 2023 08:08:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     140155
IP address blocks:        82.153.227.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 28 Jun 2023 10:51:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:42:80:9c:44:d8:da:89:80:96:51:06:41:0e:bc:bf:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: May 22 08:08:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=760bb42f40abd43c9182534e3557193ade75ec7d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:e3:4d:58:c1:85:45:79:4b:c9:d8:6f:ff:a7:
                    59:39:50:5d:0e:18:9b:e7:ba:79:00:3e:21:45:36:
                    cb:39:de:3c:a7:66:28:32:cf:d3:36:a9:ac:d1:c3:
                    50:a5:10:69:b2:f4:a9:36:c1:da:a9:ff:e4:e5:3d:
                    7f:31:3e:d5:8a:56:dc:4a:5c:a8:34:cc:33:de:2c:
                    54:f5:2a:97:0f:f9:4b:94:74:24:ae:c2:3a:7c:05:
                    c6:2b:84:b7:72:ee:70:ef:8d:f8:69:8b:ab:0c:fb:
                    5d:24:94:73:b3:05:12:70:58:1f:47:bc:31:05:07:
                    64:25:52:d1:b7:cd:13:38:07:1c:d7:4f:82:f2:d7:
                    bb:c9:64:38:d8:fd:29:71:d3:ea:79:7b:bd:bd:57:
                    cd:eb:43:46:bf:8f:1b:ec:32:06:7b:98:88:4e:f9:
                    12:c7:29:fc:15:5e:3b:82:f6:3a:99:b8:74:3a:00:
                    94:5f:be:bc:82:5c:6a:40:70:fe:54:ad:ae:dd:d6:
                    3a:0d:84:e8:27:6c:9f:59:1b:a4:44:62:1f:be:68:
                    c7:3a:8d:4b:36:93:e2:f0:6e:e6:cf:41:01:6b:a0:
                    78:e3:ea:7e:f6:ba:0c:4e:7d:f2:e7:6d:cb:83:55:
                    8d:b0:2b:3f:40:72:34:a6:8a:4e:38:1f:e3:4b:90:
                    84:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:0B:B4:2F:40:AB:D4:3C:91:82:53:4E:35:57:19:3A:DE:75:EC:7D
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/dgu0L0Cr1DyRglNONVcZOt517H0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.227.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7c:0b:88:d2:50:52:ab:09:a9:2a:77:28:a2:f3:6e:58:58:69:
         04:c9:75:26:10:f2:77:c5:33:af:e6:a1:52:e6:80:89:77:17:
         bb:13:a1:e9:77:b7:94:41:b4:e2:aa:e5:3d:ff:d3:aa:84:49:
         7d:c8:a3:8d:68:f5:1b:40:f5:c0:e4:b8:02:78:ff:67:5f:3c:
         98:dc:50:2e:d9:4d:8c:00:3f:d6:49:60:d3:0b:3b:af:89:7c:
         bf:d3:3a:60:8d:7d:7d:9f:3c:14:f4:71:18:8e:41:75:4f:b1:
         bb:be:f3:42:7d:96:30:0e:29:9e:37:42:7d:ba:cd:a9:63:f4:
         5b:d0:25:ec:c6:80:d5:71:c6:a5:59:90:c9:38:a2:98:a2:ca:
         65:49:3c:d2:03:5a:95:bd:f5:1e:58:5c:c5:37:80:38:a9:e5:
         e7:08:8d:6e:d4:22:f1:38:dd:f0:9b:6e:85:7b:fa:cc:eb:e3:
         6e:19:7e:b1:03:a1:77:f4:aa:2c:27:0c:35:cd:63:0a:c1:af:
         45:72:7c:f7:5f:d8:ab:55:9d:ae:73:ab:af:e3:f0:fb:6b:4d:
         a5:23:6a:11:02:9e:6c:9c:35:d3:dc:ec:1d:c4:19:b9:5a:ea:
         12:bf:04:8b:15:f6:85:5f:a8:6d:a9:0f:a2:63:d6:48:81:05:
         64:8e:d0:ef
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYhCgJxE2NqJgJZRBkEOvL8dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNTIyMDgwODI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjBiYjQyZjQwYWJkNDNjOTE4MjUzNGUzNTU3MTkzYWRlNzVlYzdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAluNNWMGFRXlLydhv/6dZOVBdDhib
57p5AD4hRTbLOd48p2YoMs/TNqms0cNQpRBpsvSpNsHaqf/k5T1/MT7VilbcSlyo
NMwz3ixU9SqXD/lLlHQkrsI6fAXGK4S3cu5w7434aYurDPtdJJRzswUScFgfR7wx
BQdkJVLRt80TOAcc10+C8te7yWQ42P0pcdPqeXu9vVfN60NGv48b7DIGe5iITvkS
xyn8FV47gvY6mbh0OgCUX768glxqQHD+VK2u3dY6DYToJ2yfWRukRGIfvmjHOo1L
NpPi8G7mz0EBa6B44+p+9roMTn3y523Lg1WNsCs/QHI0popOOB/jS5CEmwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHYLtC9Aq9Q8kYJTTjVXGTredex9MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvZGd1MEwwQ3IxRHlSZ2xOT05WY1pPdDUxN0gwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpnjMA0G
CSqGSIb3DQEBCwUAA4IBAQB8C4jSUFKrCakqdyii825YWGkEyXUmEPJ3xTOv5qFS
5oCJdxe7E6Hpd7eUQbTiquU9/9OqhEl9yKONaPUbQPXA5LgCeP9nXzyY3FAu2U2M
AD/WSWDTCzuviXy/0zpgjX19nzwU9HEYjkF1T7G7vvNCfZYwDimeN0J9us2pY/Rb
0CXsxoDVccalWZDJOKKYosplSTzSA1qVvfUeWFzFN4A4qeXnCI1u1CLxON3wm26F
e/rM6+NuGX6xA6F39KosJww1zWMKwa9Fcnz3X9irVZ2uc6uv4/D7a02lI2oRAp5s
nDXT3OwdxBm5WuoSvwSLFfaFX6htqQ+iY9ZIgQVkjtDv
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:24 2024 by rpki-client on console-ams.rpki-client.org