Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ecey8XqPa5rcKuOx5vgiuc14IqA.roa
File:                     ecey8XqPa5rcKuOx5vgiuc14IqA.roa (raw, json)
Hash identifier:          TRxi7Hr4udgKqR0UotODHQiO3mbkHLp9rLO68x1wDDg=
Subject key identifier:   79:C7:B2:F1:7A:8F:6B:9A:DC:2A:E3:B1:E6:F8:22:B9:CD:78:22:A0
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       0187272B379DEAF1C7489B15E312810456FD
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ecey8XqPa5rcKuOx5vgiuc14IqA.roa
Signing time:             Tue 28 Mar 2023 07:42:36 +0000
ROA not before:           Tue 28 Mar 2023 07:42:36 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     60721
IP address blocks:        82.153.243.0/24 maxlen: 24
                          82.153.68.0/24 maxlen: 24
                          82.153.208.0/24 maxlen: 24
                          82.153.209.0/24 maxlen: 24
                          82.153.211.0/24 maxlen: 24
                          82.152.249.0/24 maxlen: 24
                          82.152.252.0/24 maxlen: 24
                          82.152.254.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 11 Apr 2023 12:54:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:27:2b:37:9d:ea:f1:c7:48:9b:15:e3:12:81:04:56:fd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Mar 28 07:42:36 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=79c7b2f17a8f6b9adc2ae3b1e6f822b9cd7822a0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:67:84:fa:67:11:6f:dd:d7:3e:73:64:52:72:
                    77:82:fc:3c:03:a3:51:5d:39:b2:6a:5a:a9:72:ce:
                    f8:92:24:98:91:87:73:4f:fc:34:0c:92:bb:30:d5:
                    0d:4f:3a:90:00:a4:7f:71:ca:6a:18:ee:98:be:8b:
                    2d:3e:ea:e1:59:c3:fe:6b:6a:0c:b8:a3:16:5f:cc:
                    0a:a6:10:fa:08:ff:8d:a9:32:42:03:10:c1:74:9f:
                    6e:00:a4:85:22:58:79:e7:4e:d0:04:4c:da:08:b8:
                    9b:58:57:33:d1:63:20:ef:10:f2:8f:3d:f6:2c:5c:
                    3b:9c:81:4d:c3:ac:1d:5a:22:0d:23:56:52:63:19:
                    bf:55:ab:f4:88:d6:2e:23:77:eb:22:22:ae:11:6b:
                    38:3a:d9:0d:9e:77:23:5c:ed:35:82:10:af:60:b4:
                    b5:0d:8b:88:b5:9c:f1:39:03:3d:91:5c:0c:c6:9d:
                    e9:be:b3:19:18:a2:81:34:ab:a5:6b:cc:f5:d1:8c:
                    a8:f6:b2:d5:e3:78:b3:47:6f:9e:50:de:0d:f0:fa:
                    d0:8b:ab:04:de:48:7c:4e:fd:8b:99:26:38:94:1c:
                    1b:8f:70:d8:a7:9a:15:c2:ac:ff:98:62:25:b1:1c:
                    1f:d0:87:1b:05:8e:21:b4:5c:74:49:80:5e:89:5d:
                    6f:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:C7:B2:F1:7A:8F:6B:9A:DC:2A:E3:B1:E6:F8:22:B9:CD:78:22:A0
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ecey8XqPa5rcKuOx5vgiuc14IqA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.152.249.0/24
                  82.152.252.0/24
                  82.152.254.0/24
                  82.153.68.0/24
                  82.153.208.0/23
                  82.153.211.0/24
                  82.153.243.0/24

    Signature Algorithm: sha256WithRSAEncryption
         51:52:91:77:06:9d:74:2d:da:d1:20:86:05:4c:12:bc:fa:33:
         20:1a:cb:0f:34:6d:13:f5:59:1c:f4:2a:49:bf:c1:06:db:2a:
         72:0f:89:e1:67:60:cd:91:53:bd:03:1b:ab:7d:cd:6b:30:ff:
         67:1b:3b:18:4f:f0:de:6a:04:ee:a9:77:e1:b0:92:77:c2:92:
         c3:40:6b:7b:63:6f:52:d9:a1:d8:41:fa:24:2d:52:75:24:df:
         24:2a:18:6a:cc:b0:f7:ec:d0:f4:66:58:ee:da:36:fa:71:d7:
         1f:a0:70:ee:45:30:82:db:49:c4:cc:be:23:0c:52:d1:b4:52:
         e0:51:be:ed:0b:a2:89:4b:53:f0:04:7d:a5:c8:1a:fc:ca:47:
         99:7f:02:e2:dc:51:a3:cf:d7:dc:75:b9:3b:7a:f2:e7:ae:10:
         8a:87:33:48:de:e5:0e:fa:44:5a:c8:44:b6:81:f5:ba:c7:8a:
         3a:7e:3f:e0:ef:b2:b0:9c:b9:4e:45:10:f2:68:17:2a:dd:9b:
         de:fa:4d:89:a5:16:ba:f0:66:fb:b7:7d:1a:78:81:84:1f:34:
         cb:87:da:81:f5:47:5a:18:b5:22:5f:db:bb:7a:ad:12:3a:c9:
         ed:92:1c:30:f6:58:33:69:ae:be:a7:57:ad:7a:1d:1b:7b:2c:
         d5:9d:91:98
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYcnKzed6vHHSJsV4xKBBFb9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwMzI4MDc0MjM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OWM3YjJmMTdhOGY2YjlhZGMyYWUzYjFlNmY4MjJiOWNkNzgyMmEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhWeE+mcRb93XPnNkUnJ3gvw8A6NR
XTmyalqpcs74kiSYkYdzT/w0DJK7MNUNTzqQAKR/ccpqGO6YvostPurhWcP+a2oM
uKMWX8wKphD6CP+NqTJCAxDBdJ9uAKSFIlh5507QBEzaCLibWFcz0WMg7xDyjz32
LFw7nIFNw6wdWiINI1ZSYxm/Vav0iNYuI3frIiKuEWs4OtkNnncjXO01ghCvYLS1
DYuItZzxOQM9kVwMxp3pvrMZGKKBNKula8z10Yyo9rLV43izR2+eUN4N8PrQi6sE
3kh8Tv2LmSY4lBwbj3DYp5oVwqz/mGIlsRwf0IcbBY4htFx0SYBeiV1vpwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFHnHsvF6j2ua3Crjseb4IrnNeCKgMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvZWNleThYcVBhNXJjS3VPeDV2Z2l1YzE0SXFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAUpj5AwQA
Upj8AwQAUpj+AwQAUplEAwQBUpnQAwQAUpnTAwQAUpnzMA0GCSqGSIb3DQEBCwUA
A4IBAQBRUpF3Bp10LdrRIIYFTBK8+jMgGssPNG0T9Vkc9CpJv8EG2ypyD4nhZ2DN
kVO9Axurfc1rMP9nGzsYT/DeagTuqXfhsJJ3wpLDQGt7Y29S2aHYQfokLVJ1JN8k
KhhqzLD37ND0Zlju2jb6cdcfoHDuRTCC20nEzL4jDFLRtFLgUb7tC6KJS1PwBH2l
yBr8ykeZfwLi3FGjz9fcdbk7evLnrhCKhzNI3uUO+kRayES2gfW6x4o6fj/g77Kw
nLlORRDyaBcq3Zve+k2JpRa68Gb7t30aeIGEHzTLh9qB9UdaGLUiX9u7eq0SOsnt
khww9lgzaa6+p1eteh0beyzVnZGY
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:17 2024 by rpki-client on console-fra.rpki-client.org