Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ndJLM4aCw4dueD2e2W4PXqAudPs.roa
File:                     ndJLM4aCw4dueD2e2W4PXqAudPs.roa (raw, json)
Hash identifier:          09N0SpzNr2j1XEcdfEILmFvmSLOfeuoe6CNPE5sPr+w=
Subject key identifier:   9D:D2:4B:33:86:82:C3:87:6E:78:3D:9E:D9:6E:0F:5E:A0:2E:74:FB
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018945AB74F02D61DD5F0918D9782FD6405D
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ndJLM4aCw4dueD2e2W4PXqAudPs.roa
Signing time:             Tue 11 Jul 2023 15:56:51 +0000
ROA not before:           Tue 11 Jul 2023 15:56:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     9050
IP address blocks:        82.153.138.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 28 Jul 2023 16:44:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:45:ab:74:f0:2d:61:dd:5f:09:18:d9:78:2f:d6:40:5d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jul 11 15:56:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9dd24b338682c3876e783d9ed96e0f5ea02e74fb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:68:94:ab:e6:ae:d9:4b:1c:cc:fe:e0:5b:c6:
                    93:c5:00:1a:f8:ab:96:15:64:64:6b:c6:62:d5:b9:
                    28:e5:d1:78:08:75:35:9b:6d:9d:da:bb:b3:33:59:
                    bd:5d:af:94:1e:00:25:30:82:d6:a7:59:28:c4:8b:
                    71:88:49:70:31:86:c3:75:0e:c8:c9:a8:a1:cd:6e:
                    32:8b:a6:a1:1d:7c:6e:37:fa:94:34:3f:31:cc:97:
                    8b:db:66:ff:2c:90:14:69:7b:f3:ee:6f:4b:0a:5e:
                    7c:69:54:a5:85:7a:62:d8:ee:12:f4:50:e9:53:b0:
                    ae:73:ca:72:8b:b4:12:54:24:1d:cb:75:af:fd:b2:
                    f4:71:ff:28:aa:b2:dc:1a:d9:c0:61:d6:20:d9:12:
                    d4:38:72:15:47:fc:6b:5e:fc:19:4a:b4:fe:2d:d3:
                    c0:43:57:9f:36:bd:4e:51:1e:64:7c:39:be:14:ff:
                    74:37:76:3e:91:fa:cd:3d:a7:f2:59:ce:05:2e:21:
                    9f:98:d9:53:da:b2:f5:81:e2:c5:f4:16:05:1f:5b:
                    20:c7:43:92:8b:97:e7:3c:6f:68:3f:3a:b7:fd:b8:
                    24:52:8c:f0:a0:19:99:3a:b2:01:11:b2:19:01:bc:
                    ab:98:67:05:01:1f:ae:f9:ed:ff:e9:5e:8c:d3:d4:
                    28:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:D2:4B:33:86:82:C3:87:6E:78:3D:9E:D9:6E:0F:5E:A0:2E:74:FB
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ndJLM4aCw4dueD2e2W4PXqAudPs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.138.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a3:6d:c7:d1:8c:73:6c:ec:58:ba:12:16:e0:02:e7:28:bf:b8:
         89:a2:26:69:fc:b2:e0:a6:db:72:1a:e8:24:90:b8:58:ec:73:
         b5:71:a8:b9:67:47:40:56:30:49:aa:36:37:47:ce:8d:a0:ad:
         0a:87:81:fe:2f:30:bc:ad:5b:cc:93:50:7d:00:ee:32:52:d4:
         93:6b:52:2b:41:52:ac:bb:db:22:37:6d:59:df:23:a9:c8:37:
         16:eb:c9:90:d6:ca:68:ca:a7:8c:d9:32:2d:b3:50:b2:f3:15:
         54:30:a8:88:c1:2e:57:7e:ca:10:2a:ab:62:b7:fd:f6:7c:e4:
         80:46:68:4e:0c:76:f0:48:c9:38:ef:22:88:36:22:a1:22:ed:
         f0:45:7a:0d:91:49:5a:11:95:08:1d:49:61:1a:ab:0c:07:af:
         25:83:83:d7:89:58:2c:64:d4:19:e2:2b:56:42:d7:9e:86:bc:
         af:3c:bf:71:00:76:6f:09:32:57:31:4e:0e:9a:39:28:da:03:
         5e:db:2d:7d:ba:6e:11:95:fa:69:41:99:1a:f8:e6:d7:47:e4:
         7f:33:10:fe:56:8f:35:0a:90:a7:0b:18:da:14:95:a0:43:53:
         46:aa:0b:95:cc:57:42:2c:c0:37:6c:df:ad:a6:a5:45:55:91:
         c9:b3:a7:6d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYlFq3TwLWHdXwkY2Xgv1kBdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNzExMTU1NjUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGQyNGIzMzg2ODJjMzg3NmU3ODNkOWVkOTZlMGY1ZWEwMmU3NGZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo2iUq+au2UsczP7gW8aTxQAa+KuW
FWRka8Zi1bko5dF4CHU1m22d2ruzM1m9Xa+UHgAlMILWp1koxItxiElwMYbDdQ7I
yaihzW4yi6ahHXxuN/qUND8xzJeL22b/LJAUaXvz7m9LCl58aVSlhXpi2O4S9FDp
U7Cuc8pyi7QSVCQdy3Wv/bL0cf8oqrLcGtnAYdYg2RLUOHIVR/xrXvwZSrT+LdPA
Q1efNr1OUR5kfDm+FP90N3Y+kfrNPafyWc4FLiGfmNlT2rL1geLF9BYFH1sgx0OS
i5fnPG9oPzq3/bgkUozwoBmZOrIBEbIZAbyrmGcFAR+u+e3/6V6M09QonQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ3SSzOGgsOHbng9ntluD16gLnT7MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvbmRKTE00YUN3NGR1ZUQyZTJXNFBYcUF1ZFBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpmKMA0G
CSqGSIb3DQEBCwUAA4IBAQCjbcfRjHNs7Fi6EhbgAucov7iJoiZp/LLgpttyGugk
kLhY7HO1cai5Z0dAVjBJqjY3R86NoK0Kh4H+LzC8rVvMk1B9AO4yUtSTa1IrQVKs
u9siN21Z3yOpyDcW68mQ1spoyqeM2TIts1Cy8xVUMKiIwS5XfsoQKqtit/32fOSA
RmhODHbwSMk47yKINiKhIu3wRXoNkUlaEZUIHUlhGqsMB68lg4PXiVgsZNQZ4itW
QteehryvPL9xAHZvCTJXMU4Omjko2gNe2y19um4RlfppQZka+ObXR+R/MxD+Vo81
CpCnCxjaFJWgQ1NGqguVzFdCLMA3bN+tpqVFVZHJs6dt
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:17 2024 by rpki-client on console-fra.rpki-client.org