Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/o7HpkRe0_LI1a9hzjOB36sgafbA.roa
File:                     o7HpkRe0_LI1a9hzjOB36sgafbA.roa (raw, json)
Hash identifier:          QTUSop48RiTsqE2gyRvX7jYY0vc7a2LFRq/oKAeN7Z0=
Subject key identifier:   A3:B1:E9:91:17:B4:FC:B2:35:6B:D8:73:8C:E0:77:EA:C8:1A:7D:B0
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       0189B70188BBED3C2503A50FE4AFF961DF08
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/o7HpkRe0_LI1a9hzjOB36sgafbA.roa
Signing time:             Wed 02 Aug 2023 16:07:58 +0000
ROA not before:           Wed 02 Aug 2023 16:07:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     49981
IP address blocks:        82.153.65.0/24 maxlen: 24
                          82.153.220.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 18 Sep 2023 07:34:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:b7:01:88:bb:ed:3c:25:03:a5:0f:e4:af:f9:61:df:08
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Aug  2 16:07:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a3b1e99117b4fcb2356bd8738ce077eac81a7db0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:24:35:e1:ff:41:0c:aa:f3:0b:23:a3:e2:2e:
                    13:04:53:bc:a6:fd:95:d5:98:77:34:55:48:f5:10:
                    4b:0e:c9:b8:0a:b9:dc:2a:84:a5:11:78:82:83:5a:
                    c5:0c:22:ea:43:93:71:c6:e0:1f:15:c4:c3:97:31:
                    2c:ab:92:4b:f8:5b:b9:c8:3b:ea:ad:90:5e:80:23:
                    61:f3:ef:23:1f:3c:72:95:9f:e6:59:87:11:41:61:
                    4a:a6:7f:ac:e7:d9:db:28:4c:5a:fb:54:cd:0d:3e:
                    e8:55:df:29:4c:98:18:ae:ce:c9:b0:dd:36:a3:4f:
                    c0:51:76:f2:ca:d5:be:64:9c:6f:c0:97:7b:0c:61:
                    e0:b2:f0:df:ba:b3:22:fb:4b:f8:4f:cb:b0:aa:93:
                    6f:bd:cf:86:0b:c3:b6:d6:dc:8f:e2:f8:d4:11:d2:
                    0e:df:db:0f:c8:30:ed:1f:13:2c:00:16:08:38:57:
                    80:3e:03:a9:18:6b:97:72:41:9a:75:63:81:16:9b:
                    ae:03:41:27:62:fd:f5:1f:43:7d:d8:d9:86:59:e9:
                    99:d3:60:67:bd:34:ea:68:a3:cf:b4:b0:ae:5d:d0:
                    90:59:bd:bf:f5:30:13:1d:af:33:b4:d9:05:6e:30:
                    c1:0c:ef:18:63:56:6b:a1:ae:07:dd:21:8d:09:75:
                    57:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:B1:E9:91:17:B4:FC:B2:35:6B:D8:73:8C:E0:77:EA:C8:1A:7D:B0
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/o7HpkRe0_LI1a9hzjOB36sgafbA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.65.0/24
                  82.153.220.0/24

    Signature Algorithm: sha256WithRSAEncryption
         16:42:11:79:5f:54:81:25:2f:e7:05:34:d4:ff:87:91:33:b2:
         b8:d2:05:de:31:a2:65:db:c9:d3:5e:ad:88:80:dc:da:c3:fc:
         a6:35:47:02:0a:90:d2:98:55:2a:28:1f:b7:82:a1:a9:2e:34:
         89:f6:aa:91:25:16:a2:48:e7:dd:d8:3e:47:5d:de:cd:c0:b7:
         61:45:c2:34:83:8d:c7:fc:be:9f:f3:9e:fb:2b:43:35:80:16:
         ba:35:07:ed:87:c7:3c:ba:3f:c8:d7:91:f1:df:f8:be:ed:87:
         bd:5f:89:f8:dd:c7:b6:88:04:cf:fb:21:a5:97:a2:f3:70:0a:
         9f:5f:f0:de:63:0b:cc:b1:a2:85:00:d7:73:a2:e2:46:c6:01:
         11:95:1e:ed:b3:fd:41:95:10:67:55:10:b3:1f:e3:f5:a1:9b:
         a8:53:a5:88:9b:b8:6d:f2:a5:d3:93:18:17:92:96:fd:e0:b3:
         36:8a:6d:38:4f:e3:fb:97:bb:62:06:c0:f9:4d:ca:6d:61:63:
         89:4d:a0:84:65:ec:2b:81:34:ba:7f:e7:f5:63:c5:85:37:75:
         a8:c2:93:f3:58:cc:f2:4a:f3:48:23:0b:e0:d9:17:43:c6:36:
         aa:26:23:c9:98:4a:a8:86:23:a8:1a:88:bb:cf:6e:fd:fc:fd:
         fb:d5:b4:e3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYm3AYi77TwlA6UP5K/5Yd8IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwODAyMTYwNzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2IxZTk5MTE3YjRmY2IyMzU2YmQ4NzM4Y2UwNzdlYWM4MWE3ZGIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArSQ14f9BDKrzCyOj4i4TBFO8pv2V
1Zh3NFVI9RBLDsm4CrncKoSlEXiCg1rFDCLqQ5NxxuAfFcTDlzEsq5JL+Fu5yDvq
rZBegCNh8+8jHzxylZ/mWYcRQWFKpn+s59nbKExa+1TNDT7oVd8pTJgYrs7JsN02
o0/AUXbyytW+ZJxvwJd7DGHgsvDfurMi+0v4T8uwqpNvvc+GC8O21tyP4vjUEdIO
39sPyDDtHxMsABYIOFeAPgOpGGuXckGadWOBFpuuA0EnYv31H0N92NmGWemZ02Bn
vTTqaKPPtLCuXdCQWb2/9TATHa8ztNkFbjDBDO8YY1Zroa4H3SGNCXVXtwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKOx6ZEXtPyyNWvYc4zgd+rIGn2wMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvbzdIcGtSZTBfTEkxYTloempPQjM2c2dhZmJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUplBAwQA
UpncMA0GCSqGSIb3DQEBCwUAA4IBAQAWQhF5X1SBJS/nBTTU/4eRM7K40gXeMaJl
28nTXq2IgNzaw/ymNUcCCpDSmFUqKB+3gqGpLjSJ9qqRJRaiSOfd2D5HXd7NwLdh
RcI0g43H/L6f8577K0M1gBa6NQfth8c8uj/I15Hx3/i+7Ye9X4n43ce2iATP+yGl
l6LzcAqfX/DeYwvMsaKFANdzouJGxgERlR7ts/1BlRBnVRCzH+P1oZuoU6WIm7ht
8qXTkxgXkpb94LM2im04T+P7l7tiBsD5TcptYWOJTaCEZewrgTS6f+f1Y8WFN3Wo
wpPzWMzySvNIIwvg2RdDxjaqJiPJmEqohiOoGoi7z279/P371bTj
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:17 2024 by rpki-client on console-fra.rpki-client.org