Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/iCtTEM-EtBonntaKWOEi0sOMkiw.roa
File:                     iCtTEM-EtBonntaKWOEi0sOMkiw.roa (raw, json)
Hash identifier:          N35qnK0GZtDrkEDgsSRvlwL9GpGQZFOfM5bIJ/3N5Zs=
Subject key identifier:   88:2B:53:10:CF:84:B4:1A:27:9E:D6:8A:58:E1:22:D2:C3:8C:92:2C
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       0185DE06AAA904C686CB9A07DA08AA16AB6C
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/iCtTEM-EtBonntaKWOEi0sOMkiw.roa
Signing time:             Mon 23 Jan 2023 09:47:36 +0000
ROA not before:           Mon 23 Jan 2023 09:47:36 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     138687
IP address blocks:        82.153.224.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 23 Mar 2023 09:09:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:de:06:aa:a9:04:c6:86:cb:9a:07:da:08:aa:16:ab:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jan 23 09:47:36 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=882b5310cf84b41a279ed68a58e122d2c38c922c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f1:94:a9:46:7a:dc:46:2e:a6:14:cf:a0:01:ed:
                    46:b5:27:42:45:8e:bf:a3:ce:e2:de:72:cc:28:b6:
                    a4:71:67:b5:81:d9:c5:3d:e2:cc:db:37:9a:a5:4f:
                    71:2f:57:6e:87:3e:70:62:52:fc:27:f2:d4:49:48:
                    b6:c2:21:52:d8:00:b1:f3:1c:88:5e:4d:e1:20:d7:
                    58:59:33:7e:33:7d:96:43:eb:ca:35:10:d9:48:03:
                    68:b3:07:ea:41:2d:fa:44:08:68:00:89:fa:9a:d8:
                    b8:f2:f8:e0:df:79:c3:6a:cd:27:0e:89:8a:a4:c2:
                    0f:a1:ce:04:a7:eb:ce:ad:34:e9:aa:7f:4f:58:3a:
                    0b:41:b2:8b:ba:ea:63:7c:41:36:54:52:c7:e6:f1:
                    1c:64:6c:29:b0:76:c7:42:c6:43:8b:b3:ec:91:93:
                    a1:86:85:32:98:d5:10:f6:02:17:c2:29:a2:8b:70:
                    1a:46:33:d0:72:69:4e:14:10:14:a7:16:89:1e:c2:
                    ad:e9:13:9e:0d:f3:33:8a:ac:66:96:d0:3a:7d:c7:
                    e8:f0:41:5b:c6:3d:84:c0:f1:67:91:98:9c:89:03:
                    95:4a:9e:2a:82:a3:81:dd:c8:2a:83:dd:ad:81:16:
                    73:3c:68:85:f7:a4:65:7c:09:b2:45:f0:45:3b:f6:
                    ae:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:2B:53:10:CF:84:B4:1A:27:9E:D6:8A:58:E1:22:D2:C3:8C:92:2C
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/iCtTEM-EtBonntaKWOEi0sOMkiw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.224.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9d:4f:b9:8e:cc:8d:6d:7d:08:df:ab:8d:25:fd:89:f2:f6:d8:
         d9:16:18:08:07:6d:43:27:bd:64:de:34:09:f0:4f:3c:59:dc:
         5d:88:f9:3a:65:07:0e:4d:09:fe:bb:66:eb:87:96:68:f9:d7:
         c8:56:aa:f7:e1:59:fe:74:ca:4e:e8:75:5a:bd:d5:66:f2:3f:
         16:5e:25:f2:b8:22:a2:0a:f8:4a:ef:d8:60:0a:2e:e6:1c:db:
         13:9e:36:f9:01:ff:08:8a:c3:9f:0b:42:ff:48:1c:4f:82:88:
         3a:f2:79:81:4d:22:95:df:99:0d:b8:55:69:79:0b:13:3c:33:
         89:bd:68:60:8e:47:2e:55:40:60:60:69:a3:62:8a:be:7b:37:
         2a:f9:bf:7b:c6:88:55:86:e8:0e:12:e7:0b:36:09:16:e8:d0:
         2d:a3:c7:0e:aa:99:ca:af:71:17:46:34:2a:76:00:74:3c:41:
         79:5b:dd:68:06:3b:9d:7b:e7:80:df:50:e4:a5:b7:ce:1d:aa:
         87:97:b3:52:a3:c4:da:46:e4:f2:28:84:a2:44:19:47:d0:0b:
         9c:08:95:82:bd:6d:23:43:d3:47:6e:24:63:df:c9:ca:9e:2e:
         ec:74:b0:3c:d1:fa:e0:9e:4f:05:06:0f:e6:70:b6:d4:39:95:
         c6:cd:64:20
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYXeBqqpBMaGy5oH2giqFqtsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwMTIzMDk0NzM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODJiNTMxMGNmODRiNDFhMjc5ZWQ2OGE1OGUxMjJkMmMzOGM5MjJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8ZSpRnrcRi6mFM+gAe1GtSdCRY6/
o87i3nLMKLakcWe1gdnFPeLM2zeapU9xL1duhz5wYlL8J/LUSUi2wiFS2ACx8xyI
Xk3hINdYWTN+M32WQ+vKNRDZSANoswfqQS36RAhoAIn6mti48vjg33nDas0nDomK
pMIPoc4Ep+vOrTTpqn9PWDoLQbKLuupjfEE2VFLH5vEcZGwpsHbHQsZDi7PskZOh
hoUymNUQ9gIXwimii3AaRjPQcmlOFBAUpxaJHsKt6ROeDfMziqxmltA6fcfo8EFb
xj2EwPFnkZiciQOVSp4qgqOB3cgqg92tgRZzPGiF96RlfAmyRfBFO/augwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIgrUxDPhLQaJ57WiljhItLDjJIsMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvaUN0VEVNLUV0Qm9ubnRhS1dPRWkwc09Na2l3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpngMA0G
CSqGSIb3DQEBCwUAA4IBAQCdT7mOzI1tfQjfq40l/Yny9tjZFhgIB21DJ71k3jQJ
8E88WdxdiPk6ZQcOTQn+u2brh5Zo+dfIVqr34Vn+dMpO6HVavdVm8j8WXiXyuCKi
CvhK79hgCi7mHNsTnjb5Af8IisOfC0L/SBxPgog68nmBTSKV35kNuFVpeQsTPDOJ
vWhgjkcuVUBgYGmjYoq+ezcq+b97xohVhugOEucLNgkW6NAto8cOqpnKr3EXRjQq
dgB0PEF5W91oBjude+eA31DkpbfOHaqHl7NSo8TaRuTyKISiRBlH0AucCJWCvW0j
Q9NHbiRj38nKni7sdLA80frgnk8FBg/mcLbUOZXGzWQg
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:17 2024 by rpki-client on console-fra.rpki-client.org