Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/jqtzoZdAxG44ocLS565ojc_v1sg.roa
File:                     jqtzoZdAxG44ocLS565ojc_v1sg.roa (raw, json)
Hash identifier:          6z2tGIVb6UQoKqjfIg929VrLlYgEgoi7cAfBeH6zxH4=
Subject key identifier:   8E:AB:73:A1:97:40:C4:6E:38:A1:C2:D2:E7:AE:68:8D:CF:EF:D6:C8
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018571FA25B403A81A2E257340A9F62270B1
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/jqtzoZdAxG44ocLS565ojc_v1sg.roa
Signing time:             Mon 02 Jan 2023 10:14:57 +0000
ROA not before:           Mon 02 Jan 2023 10:14:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     49581
IP address blocks:        82.153.140.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 01 Aug 2023 08:47:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:fa:25:b4:03:a8:1a:2e:25:73:40:a9:f6:22:70:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jan  2 10:14:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8eab73a19740c46e38a1c2d2e7ae688dcfefd6c8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:41:96:ad:eb:64:ed:f4:77:81:fa:4e:13:be:
                    df:27:a2:dd:8f:7a:90:5e:65:56:bb:8f:b5:03:01:
                    fa:f9:4c:b4:72:6c:b3:62:f9:fe:fd:72:fc:3d:c0:
                    2b:da:ec:56:5f:54:75:2e:13:02:13:fd:90:2e:71:
                    d2:76:6d:e6:6b:d0:0c:8a:cd:94:92:85:eb:62:83:
                    14:76:3b:6f:f7:76:96:bb:6c:46:82:fe:a8:44:8a:
                    8a:6c:30:84:d7:1f:f0:0f:1c:f7:2f:56:98:c3:44:
                    87:89:3c:80:b8:c1:9f:e3:e5:07:a2:47:74:12:4a:
                    da:6a:93:06:8a:80:11:67:24:bd:bc:e3:97:1e:a9:
                    28:27:32:18:25:72:5c:99:7b:21:49:c2:7e:2d:d0:
                    7c:f0:68:65:da:7a:6e:5f:6e:52:fc:81:25:16:be:
                    d6:a1:3e:3f:07:39:fe:ed:dd:9a:50:e2:bf:59:b3:
                    67:30:1c:28:35:08:bc:e9:3d:d2:77:fe:2e:fb:c4:
                    c5:85:5a:00:e0:70:9d:3f:f2:f9:f2:4a:40:49:d5:
                    50:2c:31:38:03:09:a3:40:1a:fe:7c:bc:1c:18:d7:
                    f3:1c:c3:e6:ee:db:4d:92:41:78:2d:59:3e:f1:53:
                    2a:d6:0c:df:70:da:41:d7:d5:65:07:55:36:47:d2:
                    8f:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:AB:73:A1:97:40:C4:6E:38:A1:C2:D2:E7:AE:68:8D:CF:EF:D6:C8
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/jqtzoZdAxG44ocLS565ojc_v1sg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.140.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8a:5a:73:6d:b8:44:2c:66:93:97:a1:a0:2b:67:8c:f0:14:4f:
         52:e5:3c:0f:ed:3e:c6:b8:36:8b:f2:a4:62:a7:09:be:12:0b:
         8e:a5:b9:d0:ae:c8:9f:08:54:0d:9c:e3:29:cd:56:32:eb:7b:
         49:79:45:ac:51:9a:ac:00:25:0d:ee:c3:3d:c1:d1:5e:6a:e6:
         c6:4e:c7:03:d2:57:7c:cc:db:13:78:8f:5e:df:cd:f7:e9:e2:
         7f:8f:5d:94:d1:e3:27:64:80:13:84:f8:c0:6f:14:42:ef:e4:
         28:20:9b:40:69:d0:db:89:46:45:68:28:bd:76:48:8a:24:10:
         16:3b:44:21:4d:bd:b1:dd:19:9c:98:3c:9f:d4:ed:4b:f1:e9:
         3b:5b:2b:cf:a5:14:0f:59:ec:4f:a8:2d:ba:c1:80:2b:eb:a1:
         59:4b:1e:79:06:5d:52:00:c4:ad:21:4f:58:18:f1:ba:4a:cf:
         8b:a6:8b:5f:32:b2:df:35:ab:a5:0b:94:3e:74:2f:0d:4e:57:
         88:67:42:c7:86:ca:28:89:93:0b:40:6d:86:e5:9c:4c:8a:f9:
         31:2c:f7:9e:13:af:8b:cd:13:34:66:77:8a:7c:a1:18:1c:b9:
         fc:c8:86:87:c7:5c:7e:31:41:d0:f4:5a:1f:1d:23:6b:d3:d2:
         ab:be:e3:a1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVx+iW0A6gaLiVzQKn2InCxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwMTAyMTAxNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZWFiNzNhMTk3NDBjNDZlMzhhMWMyZDJlN2FlNjg4ZGNmZWZkNmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxUGWretk7fR3gfpOE77fJ6Ldj3qQ
XmVWu4+1AwH6+Uy0cmyzYvn+/XL8PcAr2uxWX1R1LhMCE/2QLnHSdm3ma9AMis2U
koXrYoMUdjtv93aWu2xGgv6oRIqKbDCE1x/wDxz3L1aYw0SHiTyAuMGf4+UHokd0
EkraapMGioARZyS9vOOXHqkoJzIYJXJcmXshScJ+LdB88Ghl2npuX25S/IElFr7W
oT4/Bzn+7d2aUOK/WbNnMBwoNQi86T3Sd/4u+8TFhVoA4HCdP/L58kpASdVQLDE4
AwmjQBr+fLwcGNfzHMPm7ttNkkF4LVk+8VMq1gzfcNpB19VlB1U2R9KP1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI6rc6GXQMRuOKHC0ueuaI3P79bIMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvanF0em9aZEF4RzQ0b2NMUzU2NW9qY192MXNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpmMMA0G
CSqGSIb3DQEBCwUAA4IBAQCKWnNtuEQsZpOXoaArZ4zwFE9S5TwP7T7GuDaL8qRi
pwm+EguOpbnQrsifCFQNnOMpzVYy63tJeUWsUZqsACUN7sM9wdFeaubGTscD0ld8
zNsTeI9e38336eJ/j12U0eMnZIAThPjAbxRC7+QoIJtAadDbiUZFaCi9dkiKJBAW
O0QhTb2x3RmcmDyf1O1L8ek7WyvPpRQPWexPqC26wYAr66FZSx55Bl1SAMStIU9Y
GPG6Ss+LpotfMrLfNaulC5Q+dC8NTleIZ0LHhsooiZMLQG2G5ZxMivkxLPeeE6+L
zRM0ZneKfKEYHLn8yIaHx1x+MUHQ9FofHSNr09KrvuOh
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:17 2024 by rpki-client on console-fra.rpki-client.org