Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/jHOJDtvGah_zQtXA4VNJzQos4rQ.roa
File:                     jHOJDtvGah_zQtXA4VNJzQos4rQ.roa (raw, json)
Hash identifier:          C9w/W88/Skj0qXYEjRhWQCSMexHASGUlo2PnDVQUEKo=
Subject key identifier:   8C:73:89:0E:DB:C6:6A:1F:F3:42:D5:C0:E1:53:49:CD:0A:2C:E2:B4
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       0188428186D3389F1F9956A1B8EA3026BAE2
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/jHOJDtvGah_zQtXA4VNJzQos4rQ.roa
Signing time:             Mon 22 May 2023 08:09:24 +0000
ROA not before:           Mon 22 May 2023 08:09:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61317
IP address blocks:        82.153.132.0/24 maxlen: 24
                          82.153.78.0/24 maxlen: 24
                          82.153.72.0/24 maxlen: 24
                          81.168.123.0/24 maxlen: 24
                          81.168.120.0/24 maxlen: 24
                          81.168.119.0/24 maxlen: 24
                          81.168.126.0/24 maxlen: 24
                          82.153.1.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 25 May 2023 14:02:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:42:81:86:d3:38:9f:1f:99:56:a1:b8:ea:30:26:ba:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: May 22 08:09:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8c73890edbc66a1ff342d5c0e15349cd0a2ce2b4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:fb:e2:a6:a2:33:d2:9c:f7:1c:b0:10:76:b2:
                    91:3b:5e:86:08:1b:b7:90:53:27:c5:93:14:8a:78:
                    3f:f6:a5:8a:9c:d7:a6:ec:fa:01:e6:c2:03:84:c1:
                    4f:fc:95:16:3f:d7:4b:a7:ee:ab:66:1f:50:f8:d2:
                    2d:28:54:55:79:1a:25:53:aa:2a:74:21:c5:63:18:
                    ae:ad:b5:ae:a4:7c:26:be:4c:fd:2f:7c:57:28:5e:
                    52:ed:df:9d:87:1b:bd:c5:f3:7d:47:d1:a6:78:1c:
                    90:d7:f2:dd:ce:9c:e3:64:9e:85:ae:5d:a9:63:da:
                    f2:70:dd:f1:c9:f4:48:b9:68:63:c7:39:da:74:4d:
                    5f:66:78:79:69:fa:ac:b3:2a:2e:76:f9:94:27:53:
                    83:fd:3f:b4:41:5a:98:5c:57:50:63:e1:70:b7:cc:
                    a0:c1:a9:59:9c:74:af:ee:98:b2:c2:9c:85:b6:e6:
                    fa:6c:6b:e7:d8:06:4c:9a:01:bc:c9:1a:cb:e4:bf:
                    23:cc:fe:4d:c0:39:0f:90:ac:68:9c:ca:39:f6:65:
                    b2:ba:0b:9d:88:1d:28:bb:8a:de:96:30:eb:0e:51:
                    2e:41:84:4f:7c:6d:b2:e5:84:fd:4e:d7:06:06:0d:
                    f1:a5:42:4d:5f:68:1c:08:33:15:90:66:a1:69:7f:
                    3d:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:73:89:0E:DB:C6:6A:1F:F3:42:D5:C0:E1:53:49:CD:0A:2C:E2:B4
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/jHOJDtvGah_zQtXA4VNJzQos4rQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.168.119.0-81.168.120.255
                  81.168.123.0/24
                  81.168.126.0/24
                  82.153.1.0/24
                  82.153.72.0/24
                  82.153.78.0/24
                  82.153.132.0/24

    Signature Algorithm: sha256WithRSAEncryption
         32:93:52:45:08:c7:84:61:3d:1b:6e:de:2c:51:18:38:db:8e:
         4b:b2:d6:f5:fe:a4:df:db:72:90:47:e1:87:b7:ae:a1:80:94:
         50:ef:95:13:1a:f9:ea:30:00:69:72:54:23:dd:48:68:f4:44:
         02:fd:42:ad:36:01:38:d1:75:1d:d5:70:56:7a:17:e2:b8:73:
         8e:2e:7b:01:2c:74:2f:7a:08:b5:7b:1f:d0:02:6b:01:46:e5:
         31:56:7f:59:0d:7e:bd:0c:66:6b:12:59:b2:40:a2:ef:e2:b4:
         ae:28:75:8a:5f:34:8e:47:63:64:15:51:20:98:6a:03:18:bd:
         58:e5:7e:09:78:d5:72:e1:7c:ae:2c:c2:8a:59:ec:67:eb:60:
         16:5b:2e:a3:ba:0b:17:d3:c5:80:13:2b:d5:2f:ab:c0:a6:15:
         80:aa:ec:d2:b6:3b:df:f7:88:f7:5e:d5:0c:7f:d6:3b:26:6b:
         3a:8a:b6:17:62:d0:6d:6b:b6:df:7b:8a:e1:3e:c6:b9:1c:be:
         61:74:92:61:67:92:46:fb:b2:12:1c:8c:13:97:41:7c:2c:da:
         b4:ae:8c:91:ee:1f:3b:97:35:60:7f:e9:d1:05:a2:42:8f:84:
         2b:13:a1:25:92:7f:55:ba:40:a5:c2:a7:5f:fc:54:be:98:79:
         1c:d1:ac:bf
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYhCgYbTOJ8fmVahuOowJrriMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNTIyMDgwOTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzczODkwZWRiYzY2YTFmZjM0MmQ1YzBlMTUzNDljZDBhMmNlMmI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk/vipqIz0pz3HLAQdrKRO16GCBu3
kFMnxZMUing/9qWKnNem7PoB5sIDhMFP/JUWP9dLp+6rZh9Q+NItKFRVeRolU6oq
dCHFYxiurbWupHwmvkz9L3xXKF5S7d+dhxu9xfN9R9GmeByQ1/LdzpzjZJ6Frl2p
Y9rycN3xyfRIuWhjxznadE1fZnh5afqssyoudvmUJ1OD/T+0QVqYXFdQY+Fwt8yg
walZnHSv7piywpyFtub6bGvn2AZMmgG8yRrL5L8jzP5NwDkPkKxonMo59mWyugud
iB0ou4reljDrDlEuQYRPfG2y5YT9TtcGBg3xpUJNX2gcCDMVkGahaX89ywIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFIxziQ7bxmof80LVwOFTSc0KLOK0MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvakhPSkR0dkdhaF96UXRYQTRWTkp6UW9zNHJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyMAwDBABRqHcD
BABRqHgDBABRqHsDBABRqH4DBABSmQEDBABSmUgDBABSmU4DBABSmYQwDQYJKoZI
hvcNAQELBQADggEBADKTUkUIx4RhPRtu3ixRGDjbjkuy1vX+pN/bcpBH4Ye3rqGA
lFDvlRMa+eowAGlyVCPdSGj0RAL9Qq02ATjRdR3VcFZ6F+K4c44uewEsdC96CLV7
H9ACawFG5TFWf1kNfr0MZmsSWbJAou/itK4odYpfNI5HY2QVUSCYagMYvVjlfgl4
1XLhfK4swopZ7GfrYBZbLqO6CxfTxYATK9Uvq8CmFYCq7NK2O9/3iPde1Qx/1jsm
azqKthdi0G1rtt97iuE+xrkcvmF0kmFnkkb7shIcjBOXQXws2rSujJHuHzuXNWB/
6dEFokKPhCsToSWSf1W6QKXCp1/8VL6YeRzRrL8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:30 2024 by rpki-client on console-ams.rpki-client.org