Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/in1ybVbxWHhJ-S-a74I7rQ6NxdM.roa
File:                     in1ybVbxWHhJ-S-a74I7rQ6NxdM.roa (raw, json)
Hash identifier:          lvgSDeaQcXLRLETl+OVq3pYGk3pQyt4JrOTnHvrw6SI=
Subject key identifier:   8A:7D:72:6D:56:F1:58:78:49:F9:2F:9A:EF:82:3B:AD:0E:8D:C5:D3
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018DDF75B054693402509D208CB19F0DB078
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/in1ybVbxWHhJ-S-a74I7rQ6NxdM.roa
Signing time:             Sun 25 Feb 2024 08:50:48 +0000
ROA not before:           Sun 25 Feb 2024 08:50:48 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     834
IP address blocks:        82.153.136.0/22 maxlen: 22
                          89.213.148.0/22 maxlen: 24
                          89.213.152.0/22 maxlen: 24
                          89.213.156.0/22 maxlen: 24
                          89.213.165.0/24 maxlen: 24
                          89.213.172.0/22 maxlen: 24
                          89.213.173.0/24 maxlen: 24
                          89.213.180.0/24 maxlen: 24
                          185.49.126.0/23 maxlen: 24
                          213.152.42.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 26 Feb 2024 10:35:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:df:75:b0:54:69:34:02:50:9d:20:8c:b1:9f:0d:b0:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Feb 25 08:50:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=8a7d726d56f1587849f92f9aef823bad0e8dc5d3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:bc:af:09:c4:01:d3:e0:21:72:a0:ba:bf:94:
                    f1:0b:25:3d:6d:36:2a:e4:b3:40:72:85:78:64:cb:
                    b0:3e:c4:b1:e5:3c:8f:5d:df:eb:39:81:49:59:97:
                    f5:dd:b3:da:f0:8f:2e:94:ad:d7:2a:5f:c6:38:47:
                    aa:ca:ea:a4:b2:08:ef:a5:58:16:ce:83:e0:95:5b:
                    bf:b3:47:0e:b2:76:a1:fb:b5:be:d5:03:b8:71:0e:
                    c0:f1:d4:f0:54:b4:78:a8:1e:66:12:0d:30:e0:b6:
                    49:06:0b:c1:68:88:b5:a5:e2:14:67:5d:52:6e:22:
                    6f:25:99:65:4c:4c:c1:cb:51:b3:fa:34:fc:5d:9d:
                    f7:54:77:a2:27:7c:24:e4:4c:32:ee:3b:c5:ed:4d:
                    a9:d2:8b:11:38:26:b4:51:91:fd:46:c7:21:b3:96:
                    6e:a2:d5:2d:67:18:da:3a:d7:55:7f:54:e4:62:a6:
                    7e:ab:10:43:0b:83:12:f6:a8:42:68:09:65:a3:a2:
                    0f:64:b3:52:f5:73:68:e6:55:6d:c3:df:89:1f:5f:
                    b1:89:0e:48:5a:cf:7b:2d:ba:dc:0f:52:d6:83:eb:
                    5b:20:06:ca:49:78:cd:09:aa:bf:4f:59:58:cc:16:
                    fd:e5:37:db:bd:d9:05:1c:8a:b8:ce:e8:18:ab:f0:
                    49:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:7D:72:6D:56:F1:58:78:49:F9:2F:9A:EF:82:3B:AD:0E:8D:C5:D3
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/in1ybVbxWHhJ-S-a74I7rQ6NxdM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.136.0/22
                  89.213.148.0-89.213.159.255
                  89.213.165.0/24
                  89.213.172.0/22
                  89.213.180.0/24
                  185.49.126.0/23
                  213.152.42.0/24

    Signature Algorithm: sha256WithRSAEncryption
         74:d6:46:87:90:ea:cf:da:ec:f5:59:55:fa:ae:1e:f0:40:86:
         eb:bf:71:bd:c4:7c:3d:b3:80:12:3a:50:7b:e0:89:53:8c:be:
         0c:70:7d:7e:3a:6d:49:c9:56:ba:c1:f1:1a:23:78:7e:1d:41:
         2c:ce:17:dd:68:c9:2b:d6:5a:75:58:42:e7:05:d1:ee:36:5e:
         1f:d9:8a:bd:73:99:d6:e4:bf:4f:5f:8a:e7:39:fe:3e:d8:6d:
         16:fa:de:6d:5e:4e:15:07:52:c8:6c:8d:f7:95:53:b9:d6:ea:
         93:cf:c1:7d:13:61:26:14:c5:0b:cd:23:73:08:d9:e3:da:10:
         53:34:53:f8:ed:92:13:df:19:d0:49:be:e6:d6:42:30:3a:c8:
         d8:ae:e2:6c:ed:15:a2:07:31:6a:46:3d:69:bc:8b:86:54:95:
         fd:57:2e:3c:ca:ac:a7:a6:0d:7a:34:eb:2e:0e:98:3e:68:c8:
         50:41:47:d9:d1:f0:58:e1:2d:8a:02:8c:ff:df:01:04:90:eb:
         b2:e0:b1:59:01:e4:17:c9:76:77:b0:29:e8:dc:ae:18:d6:02:
         be:79:23:01:6c:74:84:d0:ab:22:bf:53:c5:4e:c5:dc:76:19:
         2d:19:9f:a1:9d:3a:d8:63:32:7e:7e:9a:fe:81:2a:2e:60:4b:
         90:ab:04:d3
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAY3fdbBUaTQCUJ0gjLGfDbB4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMjI1MDg1MDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTdkNzI2ZDU2ZjE1ODc4NDlmOTJmOWFlZjgyM2JhZDBlOGRjNWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAibyvCcQB0+AhcqC6v5TxCyU9bTYq
5LNAcoV4ZMuwPsSx5TyPXd/rOYFJWZf13bPa8I8ulK3XKl/GOEeqyuqksgjvpVgW
zoPglVu/s0cOsnah+7W+1QO4cQ7A8dTwVLR4qB5mEg0w4LZJBgvBaIi1peIUZ11S
biJvJZllTEzBy1Gz+jT8XZ33VHeiJ3wk5Ewy7jvF7U2p0osROCa0UZH9Rschs5Zu
otUtZxjaOtdVf1TkYqZ+qxBDC4MS9qhCaAllo6IPZLNS9XNo5lVtw9+JH1+xiQ5I
Ws97LbrcD1LWg+tbIAbKSXjNCaq/T1lYzBb95TfbvdkFHIq4zugYq/BJwwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFIp9cm1W8Vh4Sfkvmu+CO60OjcXTMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvaW4xeWJWYnhXSGhKLVMtYTc0STdyUTZOeGRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQCUpmIMAwD
BAJZ1ZQDBAVZ1YADBABZ1aUDBAJZ1awDBABZ1bQDBAG5MX4DBADVmCowDQYJKoZI
hvcNAQELBQADggEBAHTWRoeQ6s/a7PVZVfquHvBAhuu/cb3EfD2zgBI6UHvgiVOM
vgxwfX46bUnJVrrB8RojeH4dQSzOF91oySvWWnVYQucF0e42Xh/Zir1zmdbkv09f
iuc5/j7YbRb63m1eThUHUshsjfeVU7nW6pPPwX0TYSYUxQvNI3MI2ePaEFM0U/jt
khPfGdBJvubWQjA6yNiu4mztFaIHMWpGPWm8i4ZUlf1XLjzKrKemDXo06y4OmD5o
yFBBR9nR8FjhLYoCjP/fAQSQ67LgsVkB5BfJdnewKejcrhjWAr55IwFsdITQqyK/
U8VOxdx2GS0Zn6GdOthjMn5+mv6BKi5gS5CrBNM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:30 2024 by rpki-client on console-ams.rpki-client.org