Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ievJQ0n6_XGW1MQbbYgQrxQeIF4.roa
File:                     ievJQ0n6_XGW1MQbbYgQrxQeIF4.roa (raw, json)
Hash identifier:          EBgRv8A2zcE3Ab+n3G9fgM/6hdNDLgjuh5LndCV72ZI=
Subject key identifier:   89:EB:C9:43:49:FA:FD:71:96:D4:C4:1B:6D:88:10:AF:14:1E:20:5E
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       01862C8BCED242C5C06EF61FC36EE642A62E
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ievJQ0n6_XGW1MQbbYgQrxQeIF4.roa
Signing time:             Tue 07 Feb 2023 15:43:25 +0000
ROA not before:           Tue 07 Feb 2023 15:43:25 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     60721
IP address blocks:        82.152.176.0/24 maxlen: 24
                          82.152.177.0/24 maxlen: 24
                          82.153.243.0/24 maxlen: 24
                          82.153.68.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 15 Feb 2023 10:04:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:2c:8b:ce:d2:42:c5:c0:6e:f6:1f:c3:6e:e6:42:a6:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Feb  7 15:43:25 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=89ebc94349fafd7196d4c41b6d8810af141e205e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:76:69:ab:d0:84:a8:8a:b2:12:f0:e4:6d:fc:
                    9b:9d:bf:62:c7:73:b5:f7:15:6c:b9:c5:5b:a6:9c:
                    d8:ed:27:6b:01:99:39:4d:86:e8:83:2d:59:cc:f4:
                    49:b7:69:d4:bc:29:26:a5:fe:02:74:07:35:c4:58:
                    2e:21:b5:c5:ed:7f:e8:be:ec:49:62:4c:63:da:6b:
                    36:fc:61:4c:cf:2e:ec:73:71:0b:df:d8:ae:28:d9:
                    d8:03:dd:0b:8b:62:3c:37:28:9e:f6:da:81:9b:45:
                    a6:29:b2:84:5b:b7:98:bb:bc:c4:3e:4c:8b:93:de:
                    55:d3:c8:b6:48:fd:f7:6e:f4:26:2b:f0:6a:86:ba:
                    d9:da:88:27:60:65:18:8b:82:ed:bb:5e:04:93:1c:
                    bb:7a:df:9d:67:02:74:4a:f2:70:b2:16:93:13:4d:
                    82:5a:63:48:65:11:39:c5:19:83:e6:7e:91:d8:6d:
                    c6:b9:de:a4:b4:e7:a1:94:c0:aa:bf:2f:0d:d5:76:
                    54:88:56:c2:f2:2d:87:d4:18:55:29:94:4f:32:2c:
                    71:56:8c:4c:18:28:c7:c2:35:50:10:cc:1e:a3:54:
                    75:f4:4f:59:e2:e2:38:48:d0:09:de:9e:2c:b3:0e:
                    d0:f4:65:11:34:c3:42:ca:0e:4e:e9:1a:68:0e:50:
                    7d:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:EB:C9:43:49:FA:FD:71:96:D4:C4:1B:6D:88:10:AF:14:1E:20:5E
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ievJQ0n6_XGW1MQbbYgQrxQeIF4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.152.176.0/23
                  82.153.68.0/24
                  82.153.243.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a5:da:c1:0c:7d:d3:d2:7d:ee:06:67:a7:cd:aa:e6:fc:45:29:
         a1:aa:ef:12:5c:d9:0d:6d:9d:9b:6f:6d:2e:a8:80:0f:bc:7f:
         20:fd:55:d1:2e:3f:b7:a8:3a:07:20:d6:38:ba:12:71:6d:eb:
         21:73:d3:a1:6c:96:94:75:90:f1:2b:b6:4c:74:dd:83:23:b6:
         0e:05:e6:8b:d0:5b:d8:0a:8e:e2:ee:e4:1e:c5:57:2e:63:d2:
         53:e5:35:f1:0c:f1:ec:48:4b:a3:21:54:ce:d1:14:2d:0e:4f:
         35:07:77:c7:1f:78:aa:5f:6d:45:4c:f5:84:c8:04:c8:2b:6e:
         9b:06:a6:b0:f3:46:91:3c:a0:30:e6:fb:35:4d:2d:15:9c:db:
         01:b7:00:2a:1a:b2:be:28:cb:a5:31:99:b1:db:2f:6b:00:98:
         10:f7:9a:5e:61:2a:60:a4:14:dd:66:5a:25:c3:7c:7c:60:72:
         6b:8f:af:92:02:fe:5e:bb:51:c4:37:20:81:39:82:76:68:d5:
         cc:da:e5:f2:ef:9e:bb:e3:aa:16:e7:09:3f:49:17:5b:c1:16:
         17:2c:0c:cb:2a:5a:1c:e4:23:95:31:32:45:be:fc:79:4c:a4:
         c7:61:f9:3a:5a:ae:c4:5c:20:80:a9:16:97:d7:02:d4:dd:74:
         a4:6f:86:67
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYYsi87SQsXAbvYfw27mQqYuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwMjA3MTU0MzI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWViYzk0MzQ5ZmFmZDcxOTZkNGM0MWI2ZDg4MTBhZjE0MWUyMDVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAznZpq9CEqIqyEvDkbfybnb9ix3O1
9xVsucVbppzY7SdrAZk5TYbogy1ZzPRJt2nUvCkmpf4CdAc1xFguIbXF7X/ovuxJ
Ykxj2ms2/GFMzy7sc3EL39iuKNnYA90Li2I8Nyie9tqBm0WmKbKEW7eYu7zEPkyL
k95V08i2SP33bvQmK/BqhrrZ2ognYGUYi4Ltu14Ekxy7et+dZwJ0SvJwshaTE02C
WmNIZRE5xRmD5n6R2G3Gud6ktOehlMCqvy8N1XZUiFbC8i2H1BhVKZRPMixxVoxM
GCjHwjVQEMweo1R19E9Z4uI4SNAJ3p4ssw7Q9GURNMNCyg5O6RpoDlB95wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFInryUNJ+v1xltTEG22IEK8UHiBeMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvaWV2SlEwbjZfWEdXMU1RYmJZZ1FyeFFlSUY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBUpiwAwQA
UplEAwQAUpnzMA0GCSqGSIb3DQEBCwUAA4IBAQCl2sEMfdPSfe4GZ6fNqub8RSmh
qu8SXNkNbZ2bb20uqIAPvH8g/VXRLj+3qDoHINY4uhJxbeshc9OhbJaUdZDxK7ZM
dN2DI7YOBeaL0FvYCo7i7uQexVcuY9JT5TXxDPHsSEujIVTO0RQtDk81B3fHH3iq
X21FTPWEyATIK26bBqaw80aRPKAw5vs1TS0VnNsBtwAqGrK+KMulMZmx2y9rAJgQ
95peYSpgpBTdZlolw3x8YHJrj6+SAv5eu1HENyCBOYJ2aNXM2uXy756746oW5wk/
SRdbwRYXLAzLKloc5COVMTJFvvx5TKTHYfk6Wq7EXCCAqRaX1wLU3XSkb4Zn
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:17 2024 by rpki-client on console-fra.rpki-client.org