Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/lJ8e__PIHk11BA43nQ8Bhn64znI.roa
File:                     lJ8e__PIHk11BA43nQ8Bhn64znI.roa (raw, json)
Hash identifier:          kKZGCQjVT97+3xycn25yS02GcV+8/VFo5nemDrWVJGM=
Subject key identifier:   94:9F:1E:FF:F3:C8:1E:4D:75:04:0E:37:9D:0F:01:86:7E:B8:CE:72
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       0187BC93484BB3B34C6598A41634FC3F0086
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/lJ8e__PIHk11BA43nQ8Bhn64znI.roa
Signing time:             Wed 26 Apr 2023 07:59:41 +0000
ROA not before:           Wed 26 Apr 2023 07:59:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     3320
IP address blocks:        82.153.240.0/24 maxlen: 24
                          81.5.189.0/24 maxlen: 24
                          82.152.178.0/24 maxlen: 24
                          82.153.250.0/24 maxlen: 24
                          82.153.69.0/24 maxlen: 24
                          82.153.221.0/24 maxlen: 24
                          82.153.220.0/24 maxlen: 24
                          82.153.223.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 27 May 2023 06:57:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:bc:93:48:4b:b3:b3:4c:65:98:a4:16:34:fc:3f:00:86
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Apr 26 07:59:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=949f1efff3c81e4d75040e379d0f01867eb8ce72
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:47:93:9f:12:f6:8a:dc:11:41:a4:f3:46:13:
                    92:a8:5b:27:07:c5:2a:c6:b2:3e:bd:8f:3b:19:a0:
                    71:b0:d3:ac:74:55:c7:26:93:f8:0b:bf:f9:78:ea:
                    a5:71:9f:1e:d2:56:c5:4b:18:3f:ca:82:53:6a:02:
                    33:a6:dd:af:67:74:b5:e3:f8:f4:70:4a:a0:6e:ac:
                    cc:ee:f1:92:70:c5:38:56:e8:9e:f0:c7:30:cd:ed:
                    04:9a:95:e6:20:32:4a:47:73:77:8e:6d:4d:b1:7d:
                    30:5b:45:37:a6:5c:7b:1c:07:3e:87:b8:a3:af:c5:
                    ad:5c:66:a4:06:d4:57:6c:aa:9e:c9:40:ba:1d:8d:
                    98:9c:25:a1:26:ce:cb:ae:3c:df:34:24:e2:1e:09:
                    d3:a3:59:d6:16:9c:95:88:51:a1:21:19:3c:c8:0b:
                    d6:25:a6:3c:75:fd:0c:18:7a:df:51:81:4a:b2:0b:
                    b4:19:61:38:87:ba:30:50:aa:df:d6:02:87:12:47:
                    22:f9:6a:21:26:ea:c3:11:d9:03:0a:60:73:f3:d2:
                    7a:7a:91:0c:e2:e4:90:14:ba:1f:ca:e5:47:a8:41:
                    f5:1a:0e:b6:d1:b0:e2:e5:1d:61:b7:37:19:82:f1:
                    ff:88:c8:09:8f:9c:63:7d:4b:cf:4a:72:47:11:3d:
                    9b:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:9F:1E:FF:F3:C8:1E:4D:75:04:0E:37:9D:0F:01:86:7E:B8:CE:72
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/lJ8e__PIHk11BA43nQ8Bhn64znI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.5.189.0/24
                  82.152.178.0/24
                  82.153.69.0/24
                  82.153.220.0/23
                  82.153.223.0/24
                  82.153.240.0/24
                  82.153.250.0/24

    Signature Algorithm: sha256WithRSAEncryption
         07:74:d7:3f:62:44:7b:e8:4d:62:4a:94:e6:85:22:33:30:7d:
         f9:ea:ab:c8:e5:24:65:eb:4a:9e:1d:18:64:fc:f9:15:26:27:
         aa:35:14:3b:12:70:57:91:0a:97:77:2a:80:7c:d3:24:ad:dc:
         80:9f:4b:f2:ef:a1:df:f5:ac:65:d3:21:3a:7c:a2:36:dd:8f:
         e6:b9:c1:56:8e:60:d1:58:c9:b3:88:a2:93:6f:5d:03:f2:9a:
         90:b1:16:ec:cd:75:5e:94:ad:55:9c:59:fe:fa:06:52:7c:95:
         e9:2f:79:bb:e0:1f:99:c3:5a:f8:c8:6e:61:ec:ca:cc:1f:b4:
         1e:7f:57:78:ff:1a:05:fb:06:92:8f:d7:ee:de:54:87:cc:79:
         c4:3e:fe:7d:dd:c5:ab:5b:a5:37:4c:4e:7e:a7:e9:23:8f:ee:
         81:08:f3:7d:a2:ee:5c:ea:f5:a6:7d:dc:88:5b:c6:8e:bc:35:
         2b:b6:79:9a:2c:53:3e:f3:fc:5a:ee:93:f2:86:43:5f:7f:ad:
         00:b5:39:94:32:6b:ec:c7:6a:53:7f:c2:b4:4f:04:bc:12:c1:
         9c:60:b5:93:3e:14:f5:ad:40:c1:35:8e:da:f8:f3:19:fc:cf:
         2b:e2:da:c4:ad:7a:42:7d:ad:4d:54:c1:db:d0:5d:03:d9:ae:
         de:8b:29:30
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYe8k0hLs7NMZZikFjT8PwCGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNDI2MDc1OTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDlmMWVmZmYzYzgxZTRkNzUwNDBlMzc5ZDBmMDE4NjdlYjhjZTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA10eTnxL2itwRQaTzRhOSqFsnB8Uq
xrI+vY87GaBxsNOsdFXHJpP4C7/5eOqlcZ8e0lbFSxg/yoJTagIzpt2vZ3S14/j0
cEqgbqzM7vGScMU4Vuie8Mcwze0EmpXmIDJKR3N3jm1NsX0wW0U3plx7HAc+h7ij
r8WtXGakBtRXbKqeyUC6HY2YnCWhJs7LrjzfNCTiHgnTo1nWFpyViFGhIRk8yAvW
JaY8df0MGHrfUYFKsgu0GWE4h7owUKrf1gKHEkci+WohJurDEdkDCmBz89J6epEM
4uSQFLofyuVHqEH1Gg620bDi5R1htzcZgvH/iMgJj5xjfUvPSnJHET2b0wIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFJSfHv/zyB5NdQQON50PAYZ+uM5yMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvbEo4ZV9fUElIazExQkE0M25ROEJobjY0em5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAUQW9AwQA
UpiyAwQAUplFAwQBUpncAwQAUpnfAwQAUpnwAwQAUpn6MA0GCSqGSIb3DQEBCwUA
A4IBAQAHdNc/YkR76E1iSpTmhSIzMH356qvI5SRl60qeHRhk/PkVJieqNRQ7EnBX
kQqXdyqAfNMkrdyAn0vy76Hf9axl0yE6fKI23Y/mucFWjmDRWMmziKKTb10D8pqQ
sRbszXVelK1VnFn++gZSfJXpL3m74B+Zw1r4yG5h7MrMH7Qef1d4/xoF+waSj9fu
3lSHzHnEPv593cWrW6U3TE5+p+kjj+6BCPN9ou5c6vWmfdyIW8aOvDUrtnmaLFM+
8/xa7pPyhkNff60AtTmUMmvsx2pTf8K0TwS8EsGcYLWTPhT1rUDBNY7a+PMZ/M8r
4trErXpCfa1NVMHb0F0D2a7eiykw
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:17 2024 by rpki-client on console-fra.rpki-client.org