Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ekEJVvntDenmxDsGjBrVPI79sZw.roa
File:                     ekEJVvntDenmxDsGjBrVPI79sZw.roa (raw, json)
Hash identifier:          jJPBesb5ABtDhVMvCYsMtcrwqef5ThosVlCxfEoa2dA=
Subject key identifier:   7A:41:09:56:F9:ED:0D:E9:E6:C4:3B:06:8C:1A:D5:3C:8E:FD:B1:9C
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018F80C2CDCDF5BDE0440120B428E5E337F3
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ekEJVvntDenmxDsGjBrVPI79sZw.roa
Signing time:             Thu 16 May 2024 09:36:41 +0000
ROA not before:           Thu 16 May 2024 09:36:41 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     200017
IP address blocks:        82.152.14.0/24 maxlen: 24
                          82.153.1.0/24 maxlen: 24
                          82.153.245.0/24 maxlen: 24
                          212.38.68.0/24 maxlen: 24
                          212.38.74.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 05 Jun 2024 16:19:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:80:c2:cd:cd:f5:bd:e0:44:01:20:b4:28:e5:e3:37:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: May 16 09:36:41 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=7a410956f9ed0de9e6c43b068c1ad53c8efdb19c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:d8:9d:ba:8f:79:45:41:f5:43:fa:01:46:48:
                    a1:ac:84:d4:b7:a4:e7:dd:bb:16:b3:a8:16:7a:32:
                    c1:40:ce:31:37:76:3f:af:3f:a2:d1:bb:c1:4f:9e:
                    a2:fe:16:41:e4:07:48:e0:bf:a4:e4:5d:f0:7f:07:
                    e3:2c:a4:90:cd:af:09:ca:b4:72:2b:d6:f1:f4:ec:
                    f1:e2:7b:58:ae:42:96:18:7f:4f:6e:ec:09:06:e6:
                    fa:b6:dd:a1:64:1d:59:8a:9b:81:dc:12:4f:28:45:
                    65:97:2b:b5:7e:ff:08:23:5b:7a:63:0c:b2:65:44:
                    0a:ac:1d:78:13:f9:04:0d:6d:2b:a1:18:21:54:39:
                    19:40:6e:79:77:b5:f0:13:a3:33:19:81:c5:ff:8c:
                    8c:2d:28:27:f4:8a:92:3d:64:65:cf:84:a1:f0:3d:
                    4f:33:a9:cd:4e:b8:4f:6e:32:10:3d:da:ef:7d:3c:
                    15:1d:3a:15:56:71:43:ef:f8:4d:8d:61:28:0f:60:
                    68:37:91:46:21:be:99:ce:a7:53:d7:a1:06:e8:00:
                    3c:0d:10:43:79:2a:a9:93:52:f9:2a:16:b8:1c:c3:
                    78:fb:b4:d7:1b:2d:7f:1a:85:b7:4c:e6:79:a5:b5:
                    86:f0:d6:ee:e8:15:2c:bb:89:29:b4:e9:ee:6c:65:
                    0e:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:41:09:56:F9:ED:0D:E9:E6:C4:3B:06:8C:1A:D5:3C:8E:FD:B1:9C
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ekEJVvntDenmxDsGjBrVPI79sZw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.152.14.0/24
                  82.153.1.0/24
                  82.153.245.0/24
                  212.38.68.0/24
                  212.38.74.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5f:cc:08:7a:a1:a5:7c:91:8a:e4:03:3f:8e:be:82:ab:8a:45:
         f5:d1:9a:9a:27:1f:1b:1d:80:56:e5:0f:9b:c9:12:8f:74:ba:
         df:13:90:9b:14:67:b1:84:e4:4c:84:a0:71:fd:45:b2:78:8c:
         ff:90:f9:9e:ba:fe:85:ac:c2:4d:6c:a8:5b:87:4e:c3:9f:bb:
         ec:a7:9f:ac:00:c2:40:e7:70:b4:6c:06:86:d9:bf:c6:c7:21:
         40:2e:fd:c7:dc:39:fb:b4:6b:ed:b9:b8:e3:0a:8a:f1:0a:7b:
         29:2f:22:f3:5c:a3:53:a7:f8:98:1f:0c:f8:40:b2:55:2a:02:
         fe:2d:ba:0b:6e:0b:53:ef:84:c7:4b:1f:11:80:d8:d8:2d:6a:
         e6:ec:5b:5e:66:b4:0b:ae:e9:a3:53:4a:d5:4c:a1:96:18:48:
         37:cf:7f:da:de:36:6c:55:bb:90:9f:01:f5:c2:63:37:83:94:
         f9:53:0a:49:2d:8f:dd:6d:71:36:71:bf:30:9f:8d:d4:7b:61:
         92:67:2d:d0:f0:07:92:84:9b:1f:7e:7f:9b:22:0e:4e:d2:db:
         b8:8c:2c:a9:d0:d0:df:66:51:2a:33:cf:4a:3b:c5:73:c1:28:
         bf:ed:00:6e:bf:1d:17:80:c0:5e:e8:5d:8d:78:b6:7b:e2:55:
         9e:b9:29:4f
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY+Aws3N9b3gRAEgtCjl4zfzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNTE2MDkzNjQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTQxMDk1NmY5ZWQwZGU5ZTZjNDNiMDY4YzFhZDUzYzhlZmRiMTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr9iduo95RUH1Q/oBRkihrITUt6Tn
3bsWs6gWejLBQM4xN3Y/rz+i0bvBT56i/hZB5AdI4L+k5F3wfwfjLKSQza8JyrRy
K9bx9Ozx4ntYrkKWGH9PbuwJBub6tt2hZB1ZipuB3BJPKEVllyu1fv8II1t6Ywyy
ZUQKrB14E/kEDW0roRghVDkZQG55d7XwE6MzGYHF/4yMLSgn9IqSPWRlz4Sh8D1P
M6nNTrhPbjIQPdrvfTwVHToVVnFD7/hNjWEoD2BoN5FGIb6ZzqdT16EG6AA8DRBD
eSqpk1L5Kha4HMN4+7TXGy1/GoW3TOZ5pbWG8Nbu6BUsu4kptOnubGUOewIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFHpBCVb57Q3p5sQ7Bowa1TyO/bGcMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvZWtFSlZ2bnREZW5teERzR2pCclZQSTc5c1p3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAUpgOAwQA
UpkBAwQAUpn1AwQA1CZEAwQA1CZKMA0GCSqGSIb3DQEBCwUAA4IBAQBfzAh6oaV8
kYrkAz+OvoKrikX10ZqaJx8bHYBW5Q+byRKPdLrfE5CbFGexhORMhKBx/UWyeIz/
kPmeuv6FrMJNbKhbh07Dn7vsp5+sAMJA53C0bAaG2b/GxyFALv3H3Dn7tGvtubjj
CorxCnspLyLzXKNTp/iYHwz4QLJVKgL+LboLbgtT74THSx8RgNjYLWrm7FteZrQL
rumjU0rVTKGWGEg3z3/a3jZsVbuQnwH1wmM3g5T5UwpJLY/dbXE2cb8wn43Ue2GS
Zy3Q8AeShJsffn+bIg5O0tu4jCyp0NDfZlEqM89KO8VzwSi/7QBuvx0XgMBe6F2N
eLZ74lWeuSlP
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:17 2024 by rpki-client on console-fra.rpki-client.org