Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/m0hCK6mEvXET03JB8EMbqzhTLbU.roa
File:                     m0hCK6mEvXET03JB8EMbqzhTLbU.roa (raw, json)
Hash identifier:          V5krLGmSJf9admKR8S0eBPyq4VlByVRVPf+RuEy72xY=
Subject key identifier:   9B:48:42:2B:A9:84:BD:71:13:D3:72:41:F0:43:1B:AB:38:53:2D:B5
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018E3E6F4C8B773C11A237E44462379D01C1
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/m0hCK6mEvXET03JB8EMbqzhTLbU.roa
Signing time:             Thu 14 Mar 2024 19:27:45 +0000
ROA not before:           Thu 14 Mar 2024 19:27:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     29802
IP address blocks:        82.153.225.0/24 maxlen: 24
                          89.213.43.0/24 maxlen: 24
                          89.213.145.0/24 maxlen: 24
                          89.213.146.0/24 maxlen: 24
                          89.213.161.0/24 maxlen: 24
                          109.176.208.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 19 Mar 2024 07:37:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:3e:6f:4c:8b:77:3c:11:a2:37:e4:44:62:37:9d:01:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Mar 14 19:27:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=9b48422ba984bd7113d37241f0431bab38532db5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f0:c9:e0:b5:b1:dd:6c:c9:50:ab:77:3b:bf:3c:
                    fd:40:e5:e6:36:61:fd:97:52:f6:d4:e5:ae:ff:98:
                    d8:21:a0:21:4f:01:e5:53:b8:d1:a9:51:f2:8f:f6:
                    51:f5:35:76:39:0a:ab:24:60:ca:8d:09:4c:92:6c:
                    3f:17:b1:82:ef:f7:55:66:c6:ac:ad:67:8d:ab:51:
                    fe:f2:65:57:04:d1:ce:63:96:55:58:1e:19:11:88:
                    2b:58:64:a1:ef:3d:42:a6:21:c9:82:3d:04:05:0d:
                    37:73:0b:c7:5f:86:56:ac:ab:68:5f:44:30:df:45:
                    45:f6:fb:40:d7:97:a2:56:49:9e:ca:8a:b8:a5:4c:
                    ac:df:2e:f7:56:43:39:c4:63:52:1b:88:f5:e8:d9:
                    57:13:ba:fa:fb:79:57:3e:09:c1:d8:4f:ad:e9:97:
                    2c:9c:cf:cc:08:9a:27:d8:e2:0a:b1:db:86:8b:23:
                    fc:d7:73:94:78:1d:32:32:d3:38:01:d5:3c:3e:2b:
                    0c:be:2e:3d:03:41:87:48:ed:8a:68:76:02:fe:b8:
                    76:6d:2b:d9:d3:2d:18:61:13:70:7b:96:a6:d8:19:
                    9c:b0:b1:33:16:67:55:8a:ae:8e:eb:ef:28:2f:67:
                    02:fa:18:33:67:57:58:1a:88:97:33:eb:82:33:e2:
                    f9:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:48:42:2B:A9:84:BD:71:13:D3:72:41:F0:43:1B:AB:38:53:2D:B5
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/m0hCK6mEvXET03JB8EMbqzhTLbU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.225.0/24
                  89.213.43.0/24
                  89.213.145.0-89.213.146.255
                  89.213.161.0/24
                  109.176.208.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3e:71:04:c6:ff:40:a3:d8:9e:48:f2:ce:c8:f5:e9:30:a3:73:
         7b:c3:87:89:24:d0:07:21:3f:b7:3a:8e:73:75:4a:1f:c2:1c:
         7f:7e:4a:d4:36:a7:6f:d9:d4:9e:69:e2:b6:22:99:43:35:73:
         21:ca:9f:ab:61:bb:52:79:b2:04:fe:fb:1f:30:d3:2c:f6:cc:
         91:88:e1:0a:d6:04:19:43:71:87:f0:ec:bb:ac:e2:5f:83:93:
         18:51:2d:60:2f:d0:15:4e:7f:36:6d:46:a5:84:61:35:b6:28:
         02:74:17:98:8f:5f:d5:77:9c:e5:b2:c2:ff:10:3a:ce:bd:fd:
         54:7b:26:b9:e0:4a:5a:e5:1f:f9:f0:8e:61:99:d8:e5:23:bf:
         40:1d:de:f0:0f:ff:83:36:38:63:77:74:45:36:8d:aa:8c:50:
         30:50:71:d8:c1:2c:94:94:0c:a8:70:22:d5:c8:02:5b:c6:ec:
         11:fe:7b:8d:6c:9e:e0:8b:ed:35:ec:9a:a7:b6:c7:d6:c8:05:
         f0:47:c7:e9:49:5e:d9:25:b2:ca:d8:93:4a:28:a9:fe:40:25:
         59:7d:a5:80:e4:8c:bd:bf:bd:1c:97:f7:65:44:3e:d4:42:3e:
         41:42:cc:3d:a4:fc:e4:80:e6:c7:90:2d:48:83:42:4a:a3:dc:
         99:0a:3e:3d
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAY4+b0yLdzwRojfkRGI3nQHBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMzE0MTkyNzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjQ4NDIyYmE5ODRiZDcxMTNkMzcyNDFmMDQzMWJhYjM4NTMyZGI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8MngtbHdbMlQq3c7vzz9QOXmNmH9
l1L21OWu/5jYIaAhTwHlU7jRqVHyj/ZR9TV2OQqrJGDKjQlMkmw/F7GC7/dVZsas
rWeNq1H+8mVXBNHOY5ZVWB4ZEYgrWGSh7z1CpiHJgj0EBQ03cwvHX4ZWrKtoX0Qw
30VF9vtA15eiVkmeyoq4pUys3y73VkM5xGNSG4j16NlXE7r6+3lXPgnB2E+t6Zcs
nM/MCJon2OIKsduGiyP813OUeB0yMtM4AdU8PisMvi49A0GHSO2KaHYC/rh2bSvZ
0y0YYRNwe5am2BmcsLEzFmdViq6O6+8oL2cC+hgzZ1dYGoiXM+uCM+L5kwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFJtIQiuphL1xE9NyQfBDG6s4Uy21MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvbTBoQ0s2bUV2WEVUMDNKQjhFTWJxemhUTGJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAUpnhAwQA
WdUrMAwDBABZ1ZEDBABZ1ZIDBABZ1aEDBABtsNAwDQYJKoZIhvcNAQELBQADggEB
AD5xBMb/QKPYnkjyzsj16TCjc3vDh4kk0AchP7c6jnN1Sh/CHH9+StQ2p2/Z1J5p
4rYimUM1cyHKn6thu1J5sgT++x8w0yz2zJGI4QrWBBlDcYfw7Lus4l+DkxhRLWAv
0BVOfzZtRqWEYTW2KAJ0F5iPX9V3nOWywv8QOs69/VR7JrngSlrlH/nwjmGZ2OUj
v0Ad3vAP/4M2OGN3dEU2jaqMUDBQcdjBLJSUDKhwItXIAlvG7BH+e41snuCL7TXs
mqe2x9bIBfBHx+lJXtklssrYk0ooqf5AJVl9pYDkjL2/vRyX92VEPtRCPkFCzD2k
/OSA5seQLUiDQkqj3JkKPj0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:17 2024 by rpki-client on console-fra.rpki-client.org