Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/drSWKkSS0DkbxbGvA5Sh44jP5jo.roa
File:                     drSWKkSS0DkbxbGvA5Sh44jP5jo.roa (raw, json)
Hash identifier:          m2aq3nrsR8f/lKvcElrD08IrdLr13pbiGvTCgA4HPjo=
Subject key identifier:   76:B4:96:2A:44:92:D0:39:1B:C5:B1:AF:03:94:A1:E3:88:CF:E6:3A
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018D6512068EF1831A0E0F8C6ED77B028F76
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/drSWKkSS0DkbxbGvA5Sh44jP5jo.roa
Signing time:             Thu 01 Feb 2024 14:28:16 +0000
ROA not before:           Thu 01 Feb 2024 14:28:16 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     152179
IP address blocks:        82.152.176.0/23 maxlen: 24
                          82.153.228.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Fri 15 Mar 2024 08:58:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:65:12:06:8e:f1:83:1a:0e:0f:8c:6e:d7:7b:02:8f:76
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Feb  1 14:28:16 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=76b4962a4492d0391bc5b1af0394a1e388cfe63a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:c6:78:e7:4e:b1:cb:18:e4:12:07:f5:e3:4b:
                    9b:b4:b3:e8:26:8a:8e:a1:60:b2:1a:ae:cd:c4:1e:
                    05:6a:0a:aa:29:16:6f:78:a1:ab:21:24:31:3c:5f:
                    68:c7:6c:20:d0:20:f0:90:24:26:37:32:ac:2a:a5:
                    ea:a0:b4:11:98:80:16:0f:4b:1c:b9:24:33:71:f1:
                    7a:76:ab:47:da:ec:1a:78:9b:15:d7:da:14:0b:02:
                    e4:51:49:c9:32:03:5a:9e:25:17:79:ee:7e:01:d9:
                    1f:72:46:95:54:66:38:fb:ba:db:dd:28:2b:fb:d0:
                    79:7d:61:49:51:38:55:36:51:79:dc:32:62:9c:e0:
                    c7:d0:5b:f8:ac:15:f7:f4:dc:70:d3:6f:96:fa:fe:
                    ec:5c:bf:1b:2f:b3:0e:d5:f4:3d:0d:99:89:68:2b:
                    af:c9:aa:c0:97:a8:30:44:b8:2d:fd:ef:cd:6c:68:
                    6c:53:b6:fa:c9:47:77:45:80:7a:50:da:e3:2b:e8:
                    56:77:8b:39:ce:d8:c2:05:aa:16:31:7d:96:06:9d:
                    20:8e:47:70:9f:e3:34:01:29:3a:42:6a:46:d5:63:
                    d8:68:6e:47:18:ff:b8:cb:ea:23:9a:22:76:a7:13:
                    9a:62:4a:11:82:34:8e:be:ca:70:f0:b9:00:4e:f4:
                    36:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:B4:96:2A:44:92:D0:39:1B:C5:B1:AF:03:94:A1:E3:88:CF:E6:3A
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/drSWKkSS0DkbxbGvA5Sh44jP5jo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.152.176.0/23
                  82.153.228.0/23

    Signature Algorithm: sha256WithRSAEncryption
         2a:cb:fb:bf:d8:3d:40:72:a3:9e:f8:21:58:85:fe:96:e4:66:
         f4:19:01:45:d4:f0:66:96:b2:ab:a7:a4:ac:a3:af:59:5d:f4:
         bc:5a:c5:31:91:b5:1f:04:b1:b3:9e:84:81:05:0a:d5:eb:39:
         13:de:08:ac:11:6c:ee:4d:29:d8:fb:2b:e7:ea:a3:73:3f:fe:
         09:54:e3:07:5a:21:9e:c1:b3:ed:78:0d:56:d2:bb:85:aa:f1:
         b1:d1:76:6d:65:38:e7:3c:69:01:b8:cc:89:80:a0:ad:38:c7:
         da:bd:9b:83:3f:f1:6a:c7:97:dd:7f:e7:1a:7b:da:3f:f3:86:
         eb:45:03:76:8c:b3:3c:08:ba:65:64:f3:7a:53:d6:05:97:00:
         0a:f8:37:8c:b1:b2:fd:d4:4d:fe:ec:ff:fa:83:1b:bb:0e:90:
         53:24:5f:7e:74:47:41:c9:ee:c8:87:10:b7:ca:ad:5b:3c:77:
         e8:41:21:68:78:cc:95:39:37:7c:f5:5e:2e:d8:06:ea:a7:1d:
         56:e1:c0:46:25:47:4a:a4:d0:3d:4e:16:ca:ab:c3:58:23:8d:
         c1:f8:58:5f:23:d6:c0:2b:80:3a:11:a9:bc:a2:f8:67:6b:0a:
         aa:b2:0e:42:43:18:74:3b:08:47:97:63:a2:83:39:0b:99:3b:
         9f:ab:c9:85
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY1lEgaO8YMaDg+Mbtd7Ao92MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMjAxMTQyODE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmI0OTYyYTQ0OTJkMDM5MWJjNWIxYWYwMzk0YTFlMzg4Y2ZlNjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA28Z4506xyxjkEgf140ubtLPoJoqO
oWCyGq7NxB4FagqqKRZveKGrISQxPF9ox2wg0CDwkCQmNzKsKqXqoLQRmIAWD0sc
uSQzcfF6dqtH2uwaeJsV19oUCwLkUUnJMgNaniUXee5+AdkfckaVVGY4+7rb3Sgr
+9B5fWFJUThVNlF53DJinODH0Fv4rBX39Nxw02+W+v7sXL8bL7MO1fQ9DZmJaCuv
yarAl6gwRLgt/e/NbGhsU7b6yUd3RYB6UNrjK+hWd4s5ztjCBaoWMX2WBp0gjkdw
n+M0ASk6QmpG1WPYaG5HGP+4y+ojmiJ2pxOaYkoRgjSOvspw8LkATvQ2KQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHa0lipEktA5G8WxrwOUoeOIz+Y6MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvZHJTV0trU1MwRGtieGJHdkE1U2g0NGpQNWpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBUpiwAwQB
UpnkMA0GCSqGSIb3DQEBCwUAA4IBAQAqy/u/2D1AcqOe+CFYhf6W5Gb0GQFF1PBm
lrKrp6Sso69ZXfS8WsUxkbUfBLGznoSBBQrV6zkT3gisEWzuTSnY+yvn6qNzP/4J
VOMHWiGewbPteA1W0ruFqvGx0XZtZTjnPGkBuMyJgKCtOMfavZuDP/Fqx5fdf+ca
e9o/84brRQN2jLM8CLplZPN6U9YFlwAK+DeMsbL91E3+7P/6gxu7DpBTJF9+dEdB
ye7IhxC3yq1bPHfoQSFoeMyVOTd89V4u2Abqpx1W4cBGJUdKpNA9ThbKq8NYI43B
+FhfI9bAK4A6Eam8ovhnawqqsg5CQxh0OwhHl2OigzkLmTufq8mF
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:24 2024 by rpki-client on console-ams.rpki-client.org