Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/fE5ToZyGymkalWZhs2rDOoIB8c0.roa
File:                     fE5ToZyGymkalWZhs2rDOoIB8c0.roa (raw, json)
Hash identifier:          l1Lcnt4ua5I5whOON1oospc/Fjq+0ppRBkOX1xlQPHA=
Subject key identifier:   7C:4E:53:A1:9C:86:CA:69:1A:95:66:61:B3:6A:C3:3A:82:01:F1:CD
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018870EB3E0DBBA742030C033C120F8F74A6
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/fE5ToZyGymkalWZhs2rDOoIB8c0.roa
Signing time:             Wed 31 May 2023 08:27:24 +0000
ROA not before:           Wed 31 May 2023 08:27:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     3320
IP address blocks:        82.153.240.0/24 maxlen: 24
                          82.152.178.0/24 maxlen: 24
                          82.153.250.0/24 maxlen: 24
                          82.153.221.0/24 maxlen: 24
                          82.153.220.0/24 maxlen: 24
                          82.153.223.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 02 Jun 2023 08:04:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:70:eb:3e:0d:bb:a7:42:03:0c:03:3c:12:0f:8f:74:a6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: May 31 08:27:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7c4e53a19c86ca691a956661b36ac33a8201f1cd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:cd:54:b9:f8:5c:c7:1d:a9:db:6e:aa:88:8f:
                    a9:25:43:f8:29:dd:18:a5:e8:89:57:cd:75:20:d8:
                    c5:cd:49:ef:ea:0d:0e:b2:0f:45:cb:bd:3c:63:c8:
                    5b:ab:5a:cf:73:80:76:f2:bc:23:89:db:af:3a:d8:
                    d9:3c:c5:79:e4:90:6d:7d:43:0e:ba:12:49:db:c8:
                    63:3d:b0:e8:52:f7:d9:39:58:3e:98:30:f3:a6:f4:
                    78:1f:88:f6:7e:70:34:15:1d:3d:2b:8d:5e:27:58:
                    5c:86:bc:1f:21:4d:d6:4c:c1:4c:26:59:07:a8:b2:
                    d5:ae:8c:df:18:e1:77:5b:5f:a3:b6:2f:58:1e:32:
                    29:40:e8:d1:77:e2:19:40:2c:1a:b0:cd:ae:67:f5:
                    d2:cd:89:9f:59:e2:be:f1:ba:c1:0e:3c:c9:cb:3f:
                    25:5c:88:23:f5:5b:38:c6:c7:8b:f6:cd:8a:a1:23:
                    e7:46:7f:43:f8:7f:7a:04:8b:3a:7c:9b:1d:3e:1b:
                    f8:74:be:9d:5a:8d:99:f7:11:bc:72:02:40:a5:53:
                    87:de:41:e7:17:e9:d0:67:38:0d:96:71:3c:dc:c2:
                    94:bc:85:d1:be:78:1a:8c:8c:76:fe:76:a9:8c:cd:
                    6f:0a:7a:79:97:b7:86:05:dc:b6:3f:0f:d6:8d:2a:
                    b3:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:4E:53:A1:9C:86:CA:69:1A:95:66:61:B3:6A:C3:3A:82:01:F1:CD
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/fE5ToZyGymkalWZhs2rDOoIB8c0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.152.178.0/24
                  82.153.220.0/23
                  82.153.223.0/24
                  82.153.240.0/24
                  82.153.250.0/24

    Signature Algorithm: sha256WithRSAEncryption
         57:35:7b:4b:50:1b:2e:14:6f:21:11:31:bf:83:45:20:93:9c:
         07:c1:4d:c5:a0:44:9c:b4:53:71:0e:ba:4f:57:dd:6a:c2:1c:
         05:98:b8:70:c1:b4:1f:d2:4f:eb:67:28:6d:09:80:2d:d6:2c:
         0b:ff:05:5d:0e:e9:98:09:57:05:92:11:5b:d0:28:18:4d:21:
         37:bf:6f:02:ac:77:54:72:9b:b4:73:29:59:47:39:6a:55:96:
         cb:07:6c:f2:e9:47:67:a8:e8:c9:19:13:a5:d5:53:d7:83:32:
         27:ef:d7:6b:cc:79:50:7c:44:60:d9:67:00:7f:0f:56:e4:f2:
         3b:bb:2b:69:34:80:3f:4f:f3:43:6f:8a:08:6f:d5:e4:03:4d:
         35:9f:ad:1f:2d:17:2f:f5:ab:51:26:ce:10:7c:8d:8c:80:d9:
         51:dd:5d:42:f8:fd:f1:56:68:bc:71:4a:3c:cd:45:f8:87:05:
         94:29:cf:d2:98:35:db:ab:3e:dc:3f:95:d2:27:0e:e9:de:b3:
         65:c3:af:67:e3:5c:6b:1c:b4:2d:e3:be:db:aa:2b:81:25:85:
         a2:91:19:f1:a0:3f:0e:74:9a:d6:06:68:c9:11:a7:07:ac:6c:
         0b:c7:96:90:72:ba:99:8d:6c:32:22:aa:78:b3:a9:b3:ef:27:
         06:00:50:ee
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYhw6z4Nu6dCAwwDPBIPj3SmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNTMxMDgyNzI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzRlNTNhMTljODZjYTY5MWE5NTY2NjFiMzZhYzMzYTgyMDFmMWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxM1Uufhcxx2p226qiI+pJUP4Kd0Y
peiJV811INjFzUnv6g0Osg9Fy708Y8hbq1rPc4B28rwjiduvOtjZPMV55JBtfUMO
uhJJ28hjPbDoUvfZOVg+mDDzpvR4H4j2fnA0FR09K41eJ1hchrwfIU3WTMFMJlkH
qLLVrozfGOF3W1+jti9YHjIpQOjRd+IZQCwasM2uZ/XSzYmfWeK+8brBDjzJyz8l
XIgj9Vs4xseL9s2KoSPnRn9D+H96BIs6fJsdPhv4dL6dWo2Z9xG8cgJApVOH3kHn
F+nQZzgNlnE83MKUvIXRvngajIx2/napjM1vCnp5l7eGBdy2Pw/WjSqzEwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFHxOU6GchsppGpVmYbNqwzqCAfHNMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvZkU1VG9aeUd5bWthbFdaaHMyckRPb0lCOGMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAUpiyAwQB
UpncAwQAUpnfAwQAUpnwAwQAUpn6MA0GCSqGSIb3DQEBCwUAA4IBAQBXNXtLUBsu
FG8hETG/g0Ugk5wHwU3FoESctFNxDrpPV91qwhwFmLhwwbQf0k/rZyhtCYAt1iwL
/wVdDumYCVcFkhFb0CgYTSE3v28CrHdUcpu0cylZRzlqVZbLB2zy6UdnqOjJGROl
1VPXgzIn79drzHlQfERg2WcAfw9W5PI7uytpNIA/T/NDb4oIb9XkA001n60fLRcv
9atRJs4QfI2MgNlR3V1C+P3xVmi8cUo8zUX4hwWUKc/SmDXbqz7cP5XSJw7p3rNl
w69n41xrHLQt477bqiuBJYWikRnxoD8OdJrWBmjJEacHrGwLx5aQcrqZjWwyIqp4
s6mz7ycGAFDu
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:30 2024 by rpki-client on console-ams.rpki-client.org