Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/lCbjd3KkCRizOBKvrfSva9EctWo.roa
File:                     lCbjd3KkCRizOBKvrfSva9EctWo.roa (raw, json)
Hash identifier:          m2CrU+IrcbU/vVZl/X97lYpkdM10iKlAosT4KvASxa4=
Subject key identifier:   94:26:E3:77:72:A4:09:18:B3:38:12:AF:AD:F4:AF:6B:D1:1C:B5:6A
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018E7A91E56EAAC196419B706DD4298C9117
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/lCbjd3KkCRizOBKvrfSva9EctWo.roa
Signing time:             Tue 26 Mar 2024 11:42:45 +0000
ROA not before:           Tue 26 Mar 2024 11:42:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     211415
IP address blocks:        213.218.242.0/24 maxlen: 24
                          217.145.65.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Apr 2024 11:28:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:7a:91:e5:6e:aa:c1:96:41:9b:70:6d:d4:29:8c:91:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Mar 26 11:42:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=9426e37772a40918b33812afadf4af6bd11cb56a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:6e:17:98:b3:e1:8d:18:88:7a:c5:3d:75:3d:
                    09:ab:b5:52:ea:8f:d9:4d:78:5c:ab:61:1b:eb:1d:
                    d9:b2:90:14:81:aa:75:d6:1d:fd:12:ec:e0:73:f4:
                    bb:cd:98:b7:0c:44:13:a6:0a:58:c5:22:70:ba:02:
                    c4:6f:d3:9a:16:6b:3e:96:f4:93:38:a0:e6:db:fb:
                    d5:0f:5c:09:c2:d4:c5:1a:93:95:05:e4:20:4b:97:
                    82:e7:09:94:1a:92:9f:6c:f2:8e:64:55:59:e6:cb:
                    9d:46:e5:b3:c0:39:40:ce:9c:dc:e5:0b:c2:54:7e:
                    67:2b:b7:70:d1:88:71:6b:22:46:a9:fc:cf:90:30:
                    56:ff:6b:eb:23:19:03:e2:d0:2c:7c:a8:0d:ec:ac:
                    8e:7f:f1:c5:28:32:bc:6c:89:59:4b:54:56:6e:9c:
                    be:b1:5a:7f:6d:b2:7c:de:c4:be:b1:da:a5:df:82:
                    21:7b:56:a2:88:93:bb:0d:64:e5:5f:fb:b9:b4:e7:
                    0b:50:7a:86:5f:a3:13:6c:59:4d:7d:68:ad:f1:a7:
                    bb:1c:53:ea:99:af:3f:b8:8d:4e:41:e3:84:63:0f:
                    87:73:8b:e5:58:52:f5:f8:b4:30:42:39:28:cb:79:
                    0f:f1:61:74:5a:bb:31:ef:a3:8d:70:0c:be:2b:a2:
                    cf:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:26:E3:77:72:A4:09:18:B3:38:12:AF:AD:F4:AF:6B:D1:1C:B5:6A
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/lCbjd3KkCRizOBKvrfSva9EctWo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.218.242.0/24
                  217.145.65.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0e:6e:a5:c9:6e:3e:7c:2b:df:36:c1:ac:75:ba:da:d3:2e:d1:
         ab:03:75:98:36:e7:fc:b6:c3:04:2b:dc:59:13:4a:94:77:7c:
         70:e0:77:a7:8f:f2:3e:73:b5:84:2e:f8:46:46:9f:ba:d5:df:
         40:87:a2:d5:63:0c:5a:69:13:45:e4:07:08:b9:d3:6c:ab:65:
         38:bb:03:74:0b:6e:9b:a0:26:b7:46:80:c6:63:07:d0:97:56:
         fc:3a:58:96:d6:6a:2f:a9:51:45:99:17:42:99:4b:e1:70:7f:
         27:21:c4:07:36:68:d6:2d:03:82:52:76:5e:93:d2:55:2b:55:
         9e:24:10:b4:b2:6b:95:00:d9:4e:cc:49:73:a9:d3:75:27:e3:
         e8:e2:f7:21:fc:fa:cb:c2:70:5d:7b:0b:a8:44:85:d8:49:0d:
         a0:80:6c:46:b9:d1:f0:e4:67:29:d5:f6:10:22:21:47:25:17:
         9e:d0:7d:8c:fb:7f:db:63:9f:6a:97:5f:5c:7b:74:f6:09:77:
         e8:ee:17:ea:9f:52:43:5e:82:52:4d:20:ea:8e:a0:04:f1:f9:
         12:ea:35:77:e0:e1:a0:4d:2d:78:eb:60:29:ce:39:2f:40:97:
         bb:64:bd:d9:3e:45:ea:e8:85:b5:ee:de:12:a5:9e:7c:f5:14:
         d8:23:13:c3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY56keVuqsGWQZtwbdQpjJEXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMzI2MTE0MjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDI2ZTM3NzcyYTQwOTE4YjMzODEyYWZhZGY0YWY2YmQxMWNiNTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo24XmLPhjRiIesU9dT0Jq7VS6o/Z
TXhcq2Eb6x3ZspAUgap11h39Euzgc/S7zZi3DEQTpgpYxSJwugLEb9OaFms+lvST
OKDm2/vVD1wJwtTFGpOVBeQgS5eC5wmUGpKfbPKOZFVZ5sudRuWzwDlAzpzc5QvC
VH5nK7dw0YhxayJGqfzPkDBW/2vrIxkD4tAsfKgN7KyOf/HFKDK8bIlZS1RWbpy+
sVp/bbJ83sS+sdql34Ihe1aiiJO7DWTlX/u5tOcLUHqGX6MTbFlNfWit8ae7HFPq
ma8/uI1OQeOEYw+Hc4vlWFL1+LQwQjkoy3kP8WF0Wrsx76ONcAy+K6LPUQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJQm43dypAkYszgSr630r2vRHLVqMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvbENiamQzS2tDUml6T0JLdnJmU3ZhOUVjdFdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQA1dryAwQA
2ZFBMA0GCSqGSIb3DQEBCwUAA4IBAQAObqXJbj58K982wax1utrTLtGrA3WYNuf8
tsMEK9xZE0qUd3xw4Henj/I+c7WELvhGRp+61d9Ah6LVYwxaaRNF5AcIudNsq2U4
uwN0C26boCa3RoDGYwfQl1b8OliW1movqVFFmRdCmUvhcH8nIcQHNmjWLQOCUnZe
k9JVK1WeJBC0smuVANlOzElzqdN1J+Po4vch/PrLwnBdewuoRIXYSQ2ggGxGudHw
5Gcp1fYQIiFHJRee0H2M+3/bY59ql19ce3T2CXfo7hfqn1JDXoJSTSDqjqAE8fkS
6jV34OGgTS1462ApzjkvQJe7ZL3ZPkXq6IW17t4SpZ589RTYIxPD
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:30 2024 by rpki-client on console-ams.rpki-client.org