Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/iRK_Qb394Mlq9F7mC5iBWD80AEo.roa
File:                     iRK_Qb394Mlq9F7mC5iBWD80AEo.roa (raw, json)
Hash identifier:          vaCamBVDxfVYUSszgjPRIPb5matwxJYFXjqHCOmbi7w=
Subject key identifier:   89:12:BF:41:BD:FD:E0:C9:6A:F4:5E:E6:0B:98:81:58:3F:34:00:4A
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018EA509FF6CA1F1F1C091D05FBBA93084FC
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/iRK_Qb394Mlq9F7mC5iBWD80AEo.roa
Signing time:             Wed 03 Apr 2024 17:37:59 +0000
ROA not before:           Wed 03 Apr 2024 17:37:59 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     212238
IP address blocks:        82.153.255.0/24 maxlen: 24
                          82.163.10.0/23 maxlen: 24
                          109.176.30.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 13 Apr 2024 09:08:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:a5:09:ff:6c:a1:f1:f1:c0:91:d0:5f:bb:a9:30:84:fc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Apr  3 17:37:59 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=8912bf41bdfde0c96af45ee60b9881583f34004a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f4:ec:65:98:c1:0c:2f:b0:04:dc:d9:d0:dd:dd:
                    25:1a:89:59:c7:9a:d4:16:a8:d7:dc:de:1a:25:2e:
                    c0:1f:8a:7c:a1:68:f1:4c:36:60:0c:60:d6:c7:67:
                    bf:d0:14:cd:cb:55:25:07:49:47:a3:13:20:3a:c6:
                    d2:cd:5b:42:24:b2:1f:94:7f:fb:ba:33:11:2f:88:
                    f1:69:99:83:10:9e:7c:96:0a:09:6f:5e:84:b9:ba:
                    9c:c0:a7:88:18:c8:1e:95:20:51:96:2f:9d:d2:28:
                    8b:af:97:90:db:1b:96:84:f3:6e:fc:62:f3:32:b0:
                    2d:cd:84:68:e1:92:c9:90:95:4c:5e:78:53:74:78:
                    06:0f:70:e2:b8:f6:c6:c2:15:e2:ed:9b:e3:ca:52:
                    58:d1:95:76:17:35:64:0e:2d:b0:3a:1d:b3:cb:81:
                    89:bf:95:a5:52:62:b7:9e:33:89:0e:6f:9b:19:49:
                    f9:5e:f4:da:91:d5:31:b8:f2:74:81:bc:fa:85:0a:
                    a1:58:43:b9:71:68:64:d0:cd:8e:1d:31:96:c2:b9:
                    ba:06:16:99:58:3a:bd:c2:8e:09:36:dc:d8:ab:cf:
                    0f:03:ad:51:24:af:fd:9b:cf:ac:f1:a2:c3:8f:3f:
                    de:73:07:df:7c:b2:01:be:a5:1f:32:49:73:26:1c:
                    10:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:12:BF:41:BD:FD:E0:C9:6A:F4:5E:E6:0B:98:81:58:3F:34:00:4A
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/iRK_Qb394Mlq9F7mC5iBWD80AEo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.255.0/24
                  82.163.10.0/23
                  109.176.30.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6e:f6:77:cf:55:57:ef:fb:f3:6a:b0:3a:3b:93:cf:db:30:12:
         46:ab:b2:b4:7a:27:12:41:b0:ed:f9:24:6c:ab:98:cb:ab:1c:
         e6:29:bb:43:79:ef:72:48:bd:a9:44:88:11:d5:7d:6a:03:07:
         48:e8:e0:c5:2c:94:c7:64:d0:4f:53:41:12:fe:5e:99:ed:c7:
         70:0f:62:9a:49:b2:e9:7c:a9:ab:c4:27:31:a7:e1:32:96:de:
         63:a2:04:a8:88:10:68:1b:70:16:e3:e3:b3:27:ac:ae:71:e3:
         de:ef:d2:b8:90:f3:d0:9a:92:dc:5c:84:47:1d:e7:39:28:de:
         be:50:43:2a:aa:a3:8a:bb:eb:6b:c3:e4:53:4d:cd:78:07:6d:
         70:83:9d:b5:44:6b:f2:6f:72:ff:71:4c:6d:ad:71:4d:30:75:
         46:3a:5b:9c:8d:2d:9a:dd:c1:5b:66:41:ef:74:83:62:44:5b:
         74:8a:51:91:bc:2f:6b:a9:bd:fe:21:68:12:27:ff:c0:f6:ec:
         8b:28:70:78:64:a5:e9:b6:d5:9e:a8:b2:9c:90:b0:15:f2:79:
         75:5c:76:bb:bf:b0:92:c8:73:cd:f9:bb:1c:f4:68:8a:69:7d:
         ba:b4:e3:c8:40:90:a3:3d:d5:ff:84:c0:f7:5f:22:28:06:8e:
         01:eb:e4:ef
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY6lCf9sofHxwJHQX7upMIT8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNDAzMTczNzU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTEyYmY0MWJkZmRlMGM5NmFmNDVlZTYwYjk4ODE1ODNmMzQwMDRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9OxlmMEML7AE3NnQ3d0lGolZx5rU
FqjX3N4aJS7AH4p8oWjxTDZgDGDWx2e/0BTNy1UlB0lHoxMgOsbSzVtCJLIflH/7
ujMRL4jxaZmDEJ58lgoJb16EubqcwKeIGMgelSBRli+d0iiLr5eQ2xuWhPNu/GLz
MrAtzYRo4ZLJkJVMXnhTdHgGD3DiuPbGwhXi7ZvjylJY0ZV2FzVkDi2wOh2zy4GJ
v5WlUmK3njOJDm+bGUn5XvTakdUxuPJ0gbz6hQqhWEO5cWhk0M2OHTGWwrm6BhaZ
WDq9wo4JNtzYq88PA61RJK/9m8+s8aLDjz/ecwfffLIBvqUfMklzJhwQMQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIkSv0G9/eDJavRe5guYgVg/NABKMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvaVJLX1FiMzk0TWxxOUY3bUM1aUJXRDgwQUVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUpn/AwQB
UqMKAwQAbbAeMA0GCSqGSIb3DQEBCwUAA4IBAQBu9nfPVVfv+/NqsDo7k8/bMBJG
q7K0eicSQbDt+SRsq5jLqxzmKbtDee9ySL2pRIgR1X1qAwdI6ODFLJTHZNBPU0ES
/l6Z7cdwD2KaSbLpfKmrxCcxp+Eylt5jogSoiBBoG3AW4+OzJ6yucePe79K4kPPQ
mpLcXIRHHec5KN6+UEMqqqOKu+trw+RTTc14B21wg521RGvyb3L/cUxtrXFNMHVG
OlucjS2a3cFbZkHvdINiRFt0ilGRvC9rqb3+IWgSJ//A9uyLKHB4ZKXpttWeqLKc
kLAV8nl1XHa7v7CSyHPN+bsc9GiKaX26tOPIQJCjPdX/hMD3XyIoBo4B6+Tv
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:17 2024 by rpki-client on console-fra.rpki-client.org