Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/gxm5XZak_edgfGIQ8_0WoFWVZXk.roa
File:                     gxm5XZak_edgfGIQ8_0WoFWVZXk.roa (raw, json)
Hash identifier:          nF1qnui9pqw8DMX9Dl8AmRJHyDF8j+W3GcLY8UYR3OU=
Subject key identifier:   83:19:B9:5D:96:A4:FD:E7:60:7C:62:10:F3:FD:16:A0:55:95:65:79
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       01866E2C8703519DEE580A5FFDA739948FAA
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/gxm5XZak_edgfGIQ8_0WoFWVZXk.roa
Signing time:             Mon 20 Feb 2023 09:34:17 +0000
ROA not before:           Mon 20 Feb 2023 09:34:17 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     14445
IP address blocks:        82.153.4.0/24 maxlen: 24
                          82.153.10.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 20 Mar 2023 09:25:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:6e:2c:87:03:51:9d:ee:58:0a:5f:fd:a7:39:94:8f:aa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Feb 20 09:34:17 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8319b95d96a4fde7607c6210f3fd16a055956579
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:5b:a7:86:b3:18:0f:f3:5b:f7:03:dc:05:6f:
                    1d:3b:1b:83:ff:18:5a:f9:9d:72:5a:21:04:9c:c1:
                    81:85:20:b0:64:19:d2:1f:80:00:8f:a7:3b:55:79:
                    4a:20:43:f2:7e:ab:85:74:42:02:aa:74:b9:40:28:
                    f8:68:e0:ec:a1:8f:c9:d9:c6:cd:82:58:31:fd:7d:
                    ae:aa:cd:94:e9:61:dd:f2:1d:5f:7f:17:27:24:7f:
                    83:f4:5c:a8:2c:73:e5:94:92:7f:b5:3e:42:5b:ce:
                    e6:74:8c:e8:65:cd:e2:52:6b:12:2e:2b:d4:bd:c9:
                    4b:13:58:0c:14:6a:e4:d8:14:a4:aa:ca:3d:d1:04:
                    27:04:97:03:ea:1c:2b:ec:4f:bd:c7:de:4f:f6:fe:
                    f7:79:54:c4:76:08:1f:0d:c0:9a:2c:3b:e0:89:71:
                    13:47:56:e7:e0:8e:bc:04:35:99:cb:a5:40:38:67:
                    06:78:58:ae:17:50:9d:60:ab:3c:06:86:29:60:8e:
                    5c:17:8d:1a:11:fc:63:33:b1:a8:dd:9c:74:3c:24:
                    25:b3:90:07:32:91:0f:5d:6e:36:15:94:bb:e1:4e:
                    b1:ce:03:d8:d2:c9:bd:6d:bf:1b:70:4e:f5:df:46:
                    79:38:07:b1:28:5e:5b:92:51:a4:74:86:63:b1:68:
                    1a:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:19:B9:5D:96:A4:FD:E7:60:7C:62:10:F3:FD:16:A0:55:95:65:79
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/gxm5XZak_edgfGIQ8_0WoFWVZXk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.4.0/24
                  82.153.10.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0b:5f:ba:0e:71:49:1f:50:a5:61:62:87:88:89:86:f4:04:28:
         28:be:42:9a:f3:b1:c7:af:b6:6d:61:a9:52:46:27:0b:b1:24:
         a5:08:cc:8c:bd:80:a4:aa:ff:e8:29:9d:0c:b7:2e:13:3b:a8:
         06:65:b3:31:38:5f:7f:9a:ff:b2:c3:96:60:53:bb:5a:ad:98:
         60:fd:4a:07:92:9d:a6:48:04:ed:b5:e9:e3:54:1f:f4:21:d5:
         d8:ba:17:a6:d7:7d:1e:e8:fb:87:50:e9:cf:d4:0f:27:99:bf:
         9a:3b:0f:6c:8c:f1:2e:a2:71:c1:37:ed:95:9a:1c:c5:70:ce:
         c0:a7:78:e1:eb:78:9a:14:20:44:e4:c3:99:b9:df:15:de:29:
         28:c6:14:fe:73:ae:9c:c2:c1:f3:1e:1b:e5:73:9a:cb:10:34:
         96:69:fc:55:ad:a7:9c:e3:40:9c:0c:fa:65:a4:ab:e5:23:87:
         1e:f2:53:b3:ba:a7:90:6f:f7:8e:cb:e9:39:1f:94:33:79:96:
         d9:52:71:71:3a:27:86:80:48:f9:b3:ff:76:97:dd:50:66:94:
         c4:fe:7f:5c:5b:6a:df:43:c7:61:6a:00:7a:b2:26:1c:70:e1:
         98:4f:64:2b:aa:c7:bb:fb:8f:f4:42:c5:bd:f9:26:c6:74:e7:
         b2:28:ef:c1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYZuLIcDUZ3uWApf/ac5lI+qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwMjIwMDkzNDE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzE5Yjk1ZDk2YTRmZGU3NjA3YzYyMTBmM2ZkMTZhMDU1OTU2NTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmFunhrMYD/Nb9wPcBW8dOxuD/xha
+Z1yWiEEnMGBhSCwZBnSH4AAj6c7VXlKIEPyfquFdEICqnS5QCj4aODsoY/J2cbN
glgx/X2uqs2U6WHd8h1ffxcnJH+D9FyoLHPllJJ/tT5CW87mdIzoZc3iUmsSLivU
vclLE1gMFGrk2BSkqso90QQnBJcD6hwr7E+9x95P9v73eVTEdggfDcCaLDvgiXET
R1bn4I68BDWZy6VAOGcGeFiuF1CdYKs8BoYpYI5cF40aEfxjM7Go3Zx0PCQls5AH
MpEPXW42FZS74U6xzgPY0sm9bb8bcE7130Z5OAexKF5bklGkdIZjsWgaRQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIMZuV2WpP3nYHxiEPP9FqBVlWV5MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvZ3htNVhaYWtfZWRnZkdJUThfMFdvRldWWlhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUpkEAwQA
UpkKMA0GCSqGSIb3DQEBCwUAA4IBAQALX7oOcUkfUKVhYoeIiYb0BCgovkKa87HH
r7ZtYalSRicLsSSlCMyMvYCkqv/oKZ0Mty4TO6gGZbMxOF9/mv+yw5ZgU7tarZhg
/UoHkp2mSATttenjVB/0IdXYuhem130e6PuHUOnP1A8nmb+aOw9sjPEuonHBN+2V
mhzFcM7Ap3jh63iaFCBE5MOZud8V3ikoxhT+c66cwsHzHhvlc5rLEDSWafxVraec
40CcDPplpKvlI4ce8lOzuqeQb/eOy+k5H5QzeZbZUnFxOieGgEj5s/92l91QZpTE
/n9cW2rfQ8dhagB6siYccOGYT2Qrqse7+4/0QsW9+SbGdOeyKO/B
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:30 2024 by rpki-client on console-ams.rpki-client.org