Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/dpmge23Gu20vhkppr6CedK-W2C8.roa
File:                     dpmge23Gu20vhkppr6CedK-W2C8.roa (raw, json)
Hash identifier:          hny7BUqjh+9smfKWA7GXxsGTuqwZwJ9ieU3yQ5xy+Dk=
Subject key identifier:   76:99:A0:7B:6D:C6:BB:6D:2F:86:4A:69:AF:A0:9E:74:AF:96:D8:2F
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       0187461F619D0E7EDED602F8D078E0DEFB0F
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/dpmge23Gu20vhkppr6CedK-W2C8.roa
Signing time:             Mon 03 Apr 2023 07:57:54 +0000
ROA not before:           Mon 03 Apr 2023 07:57:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        82.153.248.0/24 maxlen: 24
                          82.153.249.0/24 maxlen: 24
                          82.153.70.0/24 maxlen: 24
                          82.153.71.0/24 maxlen: 24
                          81.168.123.0/24 maxlen: 24
                          81.168.119.0/24 maxlen: 24
                          82.152.251.0/24 maxlen: 24
                          82.152.255.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 06 Apr 2023 07:55:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:46:1f:61:9d:0e:7e:de:d6:02:f8:d0:78:e0:de:fb:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Apr  3 07:57:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7699a07b6dc6bb6d2f864a69afa09e74af96d82f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:d1:1b:44:7d:7a:56:8a:47:f2:7d:51:21:1f:
                    ab:e5:7d:e4:57:ca:48:5a:9b:ad:60:af:3e:9c:fa:
                    7e:60:d3:e3:64:c5:8a:54:28:95:88:99:b0:91:88:
                    bc:39:67:8b:01:db:a2:e5:5e:22:cf:4c:82:7e:21:
                    92:9e:7c:cc:5c:9d:73:b1:4f:4d:97:b6:cc:89:6e:
                    77:d3:7c:8b:20:ac:72:58:36:e4:59:0a:96:d0:e2:
                    40:e5:b3:30:e8:1b:84:e3:bd:84:31:d1:d7:b9:3e:
                    82:7a:37:8f:e4:83:17:7e:9d:3f:85:04:7b:6d:7c:
                    54:4e:55:94:1b:4c:6d:4a:ca:da:d0:d6:20:30:97:
                    33:92:d9:79:2d:4c:d9:48:77:2d:37:6d:39:69:a0:
                    59:0e:d8:ce:07:e6:0e:32:36:c8:f0:c0:7b:7b:69:
                    a4:e3:8f:35:68:a1:54:b7:18:01:e8:5d:be:ca:77:
                    88:55:58:7e:93:79:27:c1:4d:4b:0e:90:9d:46:f6:
                    71:ab:71:27:09:30:ca:b9:13:63:5b:f0:a5:12:98:
                    7f:58:e8:b5:69:a4:c4:c4:08:9b:58:92:de:9b:86:
                    c5:4b:51:29:23:47:e0:98:b9:a2:69:a9:ad:17:21:
                    ad:e2:03:b1:87:17:0a:f6:75:ec:21:2d:33:68:a7:
                    16:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:99:A0:7B:6D:C6:BB:6D:2F:86:4A:69:AF:A0:9E:74:AF:96:D8:2F
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/dpmge23Gu20vhkppr6CedK-W2C8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.168.119.0/24
                  81.168.123.0/24
                  82.152.251.0/24
                  82.152.255.0/24
                  82.153.70.0/23
                  82.153.248.0/23

    Signature Algorithm: sha256WithRSAEncryption
         62:e4:d1:f1:ea:b2:6d:e5:27:bb:8f:88:a4:72:1b:69:40:e2:
         0d:f6:53:aa:40:39:34:55:c6:44:26:49:45:84:6c:d4:9d:b1:
         f9:0e:41:36:35:de:11:2e:8a:5e:eb:01:5b:d8:1f:08:91:84:
         8f:60:6a:e7:54:82:2b:e7:8b:24:05:77:55:40:5a:3a:1f:ff:
         ba:aa:72:7c:8d:90:82:bb:6d:79:cf:47:dc:06:a1:36:f4:cd:
         bc:4b:e9:7b:55:0f:6c:bd:c3:87:69:75:a4:1d:db:9b:24:6b:
         07:40:cb:eb:1c:15:79:36:9b:7f:16:fb:cc:bb:d1:2d:8a:14:
         86:d9:4a:3d:d9:eb:fb:79:5d:50:01:38:50:93:8c:4e:bc:5f:
         ab:94:f1:2a:1b:58:2e:39:3e:97:b5:72:6f:1d:2b:a3:05:ec:
         a4:83:5f:b5:a4:e0:ea:10:2d:60:92:78:e7:1d:00:80:32:ac:
         66:23:ea:86:41:96:af:f9:ad:f6:ae:6f:cc:50:d7:73:08:95:
         17:10:d3:81:24:ca:ab:b3:df:6b:77:b1:c1:49:82:85:3d:03:
         01:88:f6:7e:97:38:46:02:22:76:0d:ee:a6:8d:6b:97:90:48:
         5e:fb:fb:28:b7:51:17:78:bb:2d:4b:13:a7:0f:36:36:4f:e8:
         b8:96:d9:06
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYdGH2GdDn7e1gL40Hjg3vsPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNDAzMDc1NzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Njk5YTA3YjZkYzZiYjZkMmY4NjRhNjlhZmEwOWU3NGFmOTZkODJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmNEbRH16VopH8n1RIR+r5X3kV8pI
WputYK8+nPp+YNPjZMWKVCiViJmwkYi8OWeLAdui5V4iz0yCfiGSnnzMXJ1zsU9N
l7bMiW5303yLIKxyWDbkWQqW0OJA5bMw6BuE472EMdHXuT6CejeP5IMXfp0/hQR7
bXxUTlWUG0xtSsra0NYgMJczktl5LUzZSHctN205aaBZDtjOB+YOMjbI8MB7e2mk
4481aKFUtxgB6F2+yneIVVh+k3knwU1LDpCdRvZxq3EnCTDKuRNjW/ClEph/WOi1
aaTExAibWJLem4bFS1EpI0fgmLmiaamtFyGt4gOxhxcK9nXsIS0zaKcWUQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFHaZoHttxrttL4ZKaa+gnnSvltgvMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvZHBtZ2UyM0d1MjB2aGtwcHI2Q2VkSy1XMkM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAUah3AwQA
Uah7AwQAUpj7AwQAUpj/AwQBUplGAwQBUpn4MA0GCSqGSIb3DQEBCwUAA4IBAQBi
5NHx6rJt5Se7j4ikchtpQOIN9lOqQDk0VcZEJklFhGzUnbH5DkE2Nd4RLope6wFb
2B8IkYSPYGrnVIIr54skBXdVQFo6H/+6qnJ8jZCCu215z0fcBqE29M28S+l7VQ9s
vcOHaXWkHdubJGsHQMvrHBV5Npt/FvvMu9EtihSG2Uo92ev7eV1QAThQk4xOvF+r
lPEqG1guOT6XtXJvHSujBeykg1+1pODqEC1gknjnHQCAMqxmI+qGQZav+a32rm/M
UNdzCJUXENOBJMqrs99rd7HBSYKFPQMBiPZ+lzhGAiJ2De6mjWuXkEhe+/sot1EX
eLstSxOnDzY2T+i4ltkG
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:24 2024 by rpki-client on console-ams.rpki-client.org