Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/lJ_VA8DoRZUIR0VsT_96mhiDoEQ.roa
File:                     lJ_VA8DoRZUIR0VsT_96mhiDoEQ.roa (raw, json)
Hash identifier:          zXsEW/BUfVscUNMJ4cOblo51IEQipG/nhZNM4yj+Bpw=
Subject key identifier:   94:9F:D5:03:C0:E8:45:95:08:47:45:6C:4F:FF:7A:9A:18:83:A0:44
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018BADF331300FAD0D01FAAF32C1C2A1E10D
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/lJ_VA8DoRZUIR0VsT_96mhiDoEQ.roa
Signing time:             Wed 08 Nov 2023 08:01:18 +0000
ROA not before:           Wed 08 Nov 2023 08:01:18 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     397423
IP address blocks:        82.153.245.0/24 maxlen: 24
                          89.213.132.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:30:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:ad:f3:31:30:0f:ad:0d:01:fa:af:32:c1:c2:a1:e1:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Nov  8 08:01:18 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=949fd503c0e845950847456c4fff7a9a1883a044
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:85:85:31:f1:73:80:62:ef:41:31:05:09:14:
                    e4:b0:ec:81:cc:09:d9:a4:c2:1f:8f:ee:cb:24:56:
                    07:5a:44:9e:3d:79:05:48:d0:ce:3f:7a:85:38:04:
                    26:1a:51:d2:9e:ef:80:13:f0:56:1d:82:f2:bd:f3:
                    90:2f:60:46:9d:05:74:16:65:6d:72:e3:04:8d:b6:
                    68:b5:68:e0:59:0c:b1:7a:97:bf:7b:41:4b:34:6a:
                    14:e8:07:e8:15:f2:d4:41:0c:27:ca:8d:9b:f3:a2:
                    6f:03:4e:2a:df:5c:f5:0b:1a:37:31:0a:83:1c:13:
                    49:5c:1c:66:1a:eb:e0:d6:3b:e2:20:e8:7c:99:2d:
                    83:8d:9a:a3:ca:3e:19:7a:81:00:da:9a:c2:3c:d2:
                    6a:ab:e7:14:ab:2a:bf:67:a9:ba:98:af:3d:86:c2:
                    0d:93:3f:bf:ce:12:b7:99:8e:b7:3d:de:78:14:65:
                    2c:2d:18:66:81:a2:38:5b:1b:f3:b8:2d:95:57:43:
                    a7:8a:da:26:6d:75:ad:e9:5c:75:14:59:fc:6b:20:
                    5d:1e:6f:d4:60:05:ed:4d:c4:3b:aa:e1:0d:33:4a:
                    cd:ed:23:a3:25:7e:8f:bc:0d:72:69:50:f0:b4:e9:
                    74:63:8c:9d:9a:95:d1:92:a3:0c:51:56:f4:9e:c5:
                    74:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:9F:D5:03:C0:E8:45:95:08:47:45:6C:4F:FF:7A:9A:18:83:A0:44
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/lJ_VA8DoRZUIR0VsT_96mhiDoEQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.245.0/24
                  89.213.132.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6e:24:3e:50:14:a3:94:83:e7:d1:9f:72:da:c5:a4:3f:93:d6:
         f8:67:6a:18:e3:77:e7:44:51:a0:3a:5d:cb:1d:48:c9:f9:c0:
         3f:41:c1:1f:b5:fd:ba:45:02:73:58:3f:e0:57:fe:cf:bb:cf:
         21:7b:dd:df:46:72:af:81:73:b7:6f:0d:8b:d6:5d:19:f5:84:
         c5:c2:b9:71:15:be:3f:67:63:8e:00:e8:f1:9e:72:72:f2:a5:
         72:5f:f9:e5:39:2b:cb:1a:7e:a0:92:df:3e:f7:7a:4a:78:76:
         9c:f7:17:56:a8:34:a5:9e:dd:d6:bc:2b:28:e6:7e:f5:6c:52:
         7b:c0:99:e8:0e:18:e7:65:1f:8b:96:1f:18:5f:57:ac:ea:41:
         38:9e:3e:48:bc:7c:d9:7e:0f:99:66:02:cd:ee:f2:b6:2a:90:
         37:da:ae:5e:ba:90:95:c7:82:32:32:2d:dd:06:cc:43:6d:39:
         0b:c5:04:2e:c3:4d:5b:e8:d0:28:9a:03:dc:79:59:33:2a:9c:
         98:8a:c2:a2:6a:3d:9e:55:28:4a:aa:38:81:ef:82:b1:35:ad:
         59:7f:35:8d:af:69:f7:d7:75:e1:60:66:94:13:24:d8:29:a8:
         0e:83:87:98:e0:c5:ea:34:b0:80:0e:c0:2c:55:e6:9d:d0:9d:
         85:f8:2a:39
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYut8zEwD60NAfqvMsHCoeENMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMxMTA4MDgwMTE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDlmZDUwM2MwZTg0NTk1MDg0NzQ1NmM0ZmZmN2E5YTE4ODNhMDQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj4WFMfFzgGLvQTEFCRTksOyBzAnZ
pMIfj+7LJFYHWkSePXkFSNDOP3qFOAQmGlHSnu+AE/BWHYLyvfOQL2BGnQV0FmVt
cuMEjbZotWjgWQyxepe/e0FLNGoU6AfoFfLUQQwnyo2b86JvA04q31z1Cxo3MQqD
HBNJXBxmGuvg1jviIOh8mS2DjZqjyj4ZeoEA2prCPNJqq+cUqyq/Z6m6mK89hsIN
kz+/zhK3mY63Pd54FGUsLRhmgaI4WxvzuC2VV0OnitombXWt6Vx1FFn8ayBdHm/U
YAXtTcQ7quENM0rN7SOjJX6PvA1yaVDwtOl0Y4ydmpXRkqMMUVb0nsV0ZwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJSf1QPA6EWVCEdFbE//epoYg6BEMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvbEpfVkE4RG9SWlVJUjBWc1RfOTZtaGlEb0VRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUpn1AwQA
WdWEMA0GCSqGSIb3DQEBCwUAA4IBAQBuJD5QFKOUg+fRn3LaxaQ/k9b4Z2oY43fn
RFGgOl3LHUjJ+cA/QcEftf26RQJzWD/gV/7Pu88he93fRnKvgXO3bw2L1l0Z9YTF
wrlxFb4/Z2OOAOjxnnJy8qVyX/nlOSvLGn6gkt8+93pKeHac9xdWqDSlnt3WvCso
5n71bFJ7wJnoDhjnZR+Llh8YX1es6kE4nj5IvHzZfg+ZZgLN7vK2KpA32q5eupCV
x4IyMi3dBsxDbTkLxQQuw01b6NAomgPceVkzKpyYisKiaj2eVShKqjiB74KxNa1Z
fzWNr2n313XhYGaUEyTYKagOg4eY4MXqNLCADsAsVead0J2F+Co5
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:30 2024 by rpki-client on console-ams.rpki-client.org