Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/fMvwBuRm8d88IC2iRziTFS277G4.roa
File:                     fMvwBuRm8d88IC2iRziTFS277G4.roa (raw, json)
Hash identifier:          nhTopXyCYG0CZrZD5DZvcl4qSIMMrRQ61WDwqpVuWX0=
Subject key identifier:   7C:CB:F0:06:E4:66:F1:DF:3C:20:2D:A2:47:38:93:15:2D:BB:EC:6E
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018EA9D7E1A42073343DB9E349BBE70B531C
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/fMvwBuRm8d88IC2iRziTFS277G4.roa
Signing time:             Thu 04 Apr 2024 16:01:21 +0000
ROA not before:           Thu 04 Apr 2024 16:01:21 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     201670
IP address blocks:        82.163.16.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 11 Apr 2024 14:45:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:a9:d7:e1:a4:20:73:34:3d:b9:e3:49:bb:e7:0b:53:1c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Apr  4 16:01:21 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=7ccbf006e466f1df3c202da2473893152dbbec6e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:e1:ff:45:bf:a5:9f:78:76:c0:b6:bd:15:2e:
                    5c:09:cf:b1:06:b4:1c:1a:26:86:a9:6a:4f:c0:be:
                    f4:78:44:68:a7:86:a0:7d:3b:a9:b1:9e:a7:1d:36:
                    85:9e:79:66:f3:ea:cd:0b:e9:31:d7:d1:08:69:1f:
                    78:d5:2c:56:dd:40:97:a0:6c:f0:43:a0:42:bf:68:
                    2c:72:93:a5:96:de:fa:b8:f7:9f:46:ae:d5:09:98:
                    bd:5e:00:93:b7:59:1b:37:fc:f1:2c:9f:8d:23:98:
                    99:12:3c:ae:77:44:6b:91:9e:15:1f:f7:6c:3b:67:
                    10:7c:18:f6:2e:3d:c4:3a:04:51:d0:32:59:e2:b1:
                    11:c0:c0:92:f1:d7:d1:ec:45:80:e2:cb:84:44:23:
                    fd:62:2d:4f:0d:0d:0d:24:95:8d:e0:e7:80:7d:54:
                    b0:25:60:5a:ab:35:53:f8:3b:1a:e9:28:34:0d:81:
                    f8:98:4d:de:2c:ad:9a:1e:f2:90:79:a7:38:66:80:
                    14:01:89:21:c7:f5:24:db:fb:88:bf:a9:7d:5c:4a:
                    ff:b2:8b:44:26:91:8c:2c:dc:b0:7c:85:16:6b:ed:
                    b1:36:56:fa:1c:fe:17:fb:46:fc:3b:69:0a:29:55:
                    4a:2f:8a:9b:4f:6f:1e:2b:cc:3c:b4:90:8b:47:ff:
                    c3:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:CB:F0:06:E4:66:F1:DF:3C:20:2D:A2:47:38:93:15:2D:BB:EC:6E
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/fMvwBuRm8d88IC2iRziTFS277G4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.163.16.0/24

    Signature Algorithm: sha256WithRSAEncryption
         14:92:63:bc:bb:24:3d:17:ff:15:61:c6:27:06:12:a3:69:78:
         6a:04:d7:57:65:10:9a:36:bd:cf:b2:e9:b0:5e:aa:ca:7b:21:
         34:60:0e:a2:11:7a:55:f7:ef:d2:7c:4a:76:f7:2d:1e:6f:2a:
         67:cd:4d:20:5d:09:46:66:64:76:40:63:63:aa:ff:43:4a:7c:
         93:c4:33:24:97:86:c8:c9:0f:01:bd:02:df:de:2e:01:6e:ec:
         bd:d5:88:0d:49:90:be:c7:cc:86:e2:02:c5:93:f4:14:d0:fe:
         16:d4:7a:86:1d:a9:86:74:48:f3:b4:af:7e:19:be:af:f9:18:
         00:e9:ae:1e:e4:fe:f3:18:2f:b5:98:5e:93:45:c0:ed:13:01:
         c3:0a:e9:ce:d0:13:1c:c0:3f:02:8b:4f:80:8e:19:22:d9:23:
         60:85:56:c6:bb:4d:df:86:21:2f:8d:cc:ef:13:6f:7f:db:fd:
         1c:ea:88:69:f8:c2:2a:4d:78:af:ed:f7:c5:b8:f6:60:f0:e0:
         f9:53:50:56:14:f0:e4:12:e2:33:8a:e4:03:c6:3d:10:5a:2f:
         fc:80:ff:0a:03:d0:c1:b2:91:5c:2f:d0:e8:e8:1d:48:f0:9f:
         bb:7f:4f:15:c0:52:cf:db:d1:87:7e:40:f5:31:f9:d6:b1:cf:
         a7:fc:ae:e0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY6p1+GkIHM0PbnjSbvnC1McMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNDA0MTYwMTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2NiZjAwNmU0NjZmMWRmM2MyMDJkYTI0NzM4OTMxNTJkYmJlYzZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv+H/Rb+ln3h2wLa9FS5cCc+xBrQc
GiaGqWpPwL70eERop4agfTupsZ6nHTaFnnlm8+rNC+kx19EIaR941SxW3UCXoGzw
Q6BCv2gscpOllt76uPefRq7VCZi9XgCTt1kbN/zxLJ+NI5iZEjyud0RrkZ4VH/ds
O2cQfBj2Lj3EOgRR0DJZ4rERwMCS8dfR7EWA4suERCP9Yi1PDQ0NJJWN4OeAfVSw
JWBaqzVT+Dsa6Sg0DYH4mE3eLK2aHvKQeac4ZoAUAYkhx/Uk2/uIv6l9XEr/sotE
JpGMLNywfIUWa+2xNlb6HP4X+0b8O2kKKVVKL4qbT28eK8w8tJCLR//D6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHzL8AbkZvHfPCAtokc4kxUtu+xuMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvZk12d0J1Um04ZDg4SUMyaVJ6aVRGUzI3N0c0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUqMQMA0G
CSqGSIb3DQEBCwUAA4IBAQAUkmO8uyQ9F/8VYcYnBhKjaXhqBNdXZRCaNr3Psumw
XqrKeyE0YA6iEXpV9+/SfEp29y0ebypnzU0gXQlGZmR2QGNjqv9DSnyTxDMkl4bI
yQ8BvQLf3i4Bbuy91YgNSZC+x8yG4gLFk/QU0P4W1HqGHamGdEjztK9+Gb6v+RgA
6a4e5P7zGC+1mF6TRcDtEwHDCunO0BMcwD8Ci0+Ajhki2SNghVbGu03fhiEvjczv
E29/2/0c6ohp+MIqTXiv7ffFuPZg8OD5U1BWFPDkEuIziuQDxj0QWi/8gP8KA9DB
spFcL9Do6B1I8J+7f08VwFLP29GHfkD1MfnWsc+n/K7g
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:17 2024 by rpki-client on console-fra.rpki-client.org