Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/oZB9vR_kj5pBGlGSWwDv6Ut3_lM.roa
File:                     oZB9vR_kj5pBGlGSWwDv6Ut3_lM.roa (raw, json)
Hash identifier:          K1a2BGpL1geMaXS382X88QtGvxNppcLOPIuxwMbTU6M=
Subject key identifier:   A1:90:7D:BD:1F:E4:8F:9A:41:1A:51:92:5B:00:EF:E9:4B:77:FE:53
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       0189EF84B603A3CD3F5D36D575F6CD8DB69A
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/oZB9vR_kj5pBGlGSWwDv6Ut3_lM.roa
Signing time:             Sun 13 Aug 2023 15:29:59 +0000
ROA not before:           Sun 13 Aug 2023 15:29:59 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     3320
IP address blocks:        82.152.178.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 04 Sep 2023 11:30:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:ef:84:b6:03:a3:cd:3f:5d:36:d5:75:f6:cd:8d:b6:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Aug 13 15:29:59 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a1907dbd1fe48f9a411a51925b00efe94b77fe53
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:fe:79:89:4c:46:43:8f:83:bd:16:15:db:19:
                    3c:b4:50:9e:91:4a:b3:3c:ab:81:92:05:23:85:dd:
                    c0:f5:49:c0:e1:a8:eb:a9:f4:95:fe:c9:75:3a:f0:
                    df:40:93:3d:bb:f8:de:eb:6d:53:11:b1:71:1a:0f:
                    a1:40:b7:84:30:23:2f:04:23:d9:fd:99:fb:19:19:
                    5c:56:21:d3:4f:73:26:73:b1:ef:e7:c9:61:46:36:
                    bf:da:20:94:78:84:9e:78:37:4e:2d:df:40:98:00:
                    b0:16:74:bd:86:09:66:ea:36:4b:a3:14:f2:c2:88:
                    cd:ec:4b:d3:28:d6:30:48:46:9f:4a:83:64:56:b8:
                    b7:54:1d:a2:4e:2e:93:98:16:53:27:cb:5a:6c:73:
                    2d:22:e9:13:00:52:20:02:18:cf:e9:48:7b:43:b8:
                    9e:2c:b3:a9:1c:5f:f9:af:87:35:15:1b:7f:24:7f:
                    2c:81:7b:38:d8:73:61:85:15:fe:c7:08:f0:3a:5c:
                    f3:3d:96:f9:6c:e5:92:b8:78:f3:25:39:45:97:8a:
                    f3:27:90:4f:f0:37:20:97:0b:3a:3a:72:61:99:7d:
                    d8:f1:fd:10:af:96:63:d4:78:99:55:5d:e7:1f:2d:
                    74:56:b3:40:1c:f6:4b:62:97:84:09:98:00:09:a4:
                    c9:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:90:7D:BD:1F:E4:8F:9A:41:1A:51:92:5B:00:EF:E9:4B:77:FE:53
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/oZB9vR_kj5pBGlGSWwDv6Ut3_lM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.152.178.0/24

    Signature Algorithm: sha256WithRSAEncryption
         55:ff:bb:f5:73:e7:66:e4:71:be:61:d4:38:26:51:71:45:d0:
         f7:04:60:0b:a0:06:c6:d6:e5:32:97:a2:21:ca:b4:64:30:8d:
         64:32:22:01:79:57:6f:54:5d:5c:44:78:88:da:93:7d:82:e1:
         9e:23:43:9b:43:05:3a:fc:83:b2:2d:e4:20:a8:63:03:33:6c:
         8f:39:96:64:66:ce:ef:83:fc:ed:43:87:17:c5:b9:e0:91:b3:
         11:c1:fb:07:49:9e:31:75:ec:0b:06:c0:be:9d:18:af:f5:f9:
         e0:ba:ba:8d:54:cb:6c:58:58:ee:07:9e:4e:12:a5:99:c8:d6:
         94:bd:29:08:40:56:26:8d:e6:23:bd:4c:67:1e:cd:ca:44:5b:
         6f:73:58:2c:49:39:bb:db:b5:75:40:39:11:b0:f6:62:37:43:
         f2:2c:e2:47:8c:da:5a:29:9e:5a:ef:aa:c9:c1:a9:4b:d3:22:
         c6:25:2d:2f:72:a8:c2:4e:07:2c:ea:bd:54:71:2d:2a:65:dd:
         b8:a6:96:0f:1f:18:b3:c9:8f:13:7f:bd:82:88:fe:d5:2e:d0:
         19:a7:7d:81:7f:ea:8d:28:a3:63:5d:ba:ca:d3:b0:83:a0:a0:
         5a:41:82:c9:5a:e2:a5:0d:e7:60:9a:ef:ac:4c:43:4e:5c:26:
         7d:10:eb:3f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYnvhLYDo80/XTbVdfbNjbaaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwODEzMTUyOTU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTkwN2RiZDFmZTQ4ZjlhNDExYTUxOTI1YjAwZWZlOTRiNzdmZTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvP55iUxGQ4+DvRYV2xk8tFCekUqz
PKuBkgUjhd3A9UnA4ajrqfSV/sl1OvDfQJM9u/je621TEbFxGg+hQLeEMCMvBCPZ
/Zn7GRlcViHTT3Mmc7Hv58lhRja/2iCUeISeeDdOLd9AmACwFnS9hglm6jZLoxTy
wojN7EvTKNYwSEafSoNkVri3VB2iTi6TmBZTJ8tabHMtIukTAFIgAhjP6Uh7Q7ie
LLOpHF/5r4c1FRt/JH8sgXs42HNhhRX+xwjwOlzzPZb5bOWSuHjzJTlFl4rzJ5BP
8Dcglws6OnJhmX3Y8f0Qr5Zj1HiZVV3nHy10VrNAHPZLYpeECZgACaTJkQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKGQfb0f5I+aQRpRklsA7+lLd/5TMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvb1pCOXZSX2tqNXBCR2xHU1d3RHY2VXQzX2xNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpiyMA0G
CSqGSIb3DQEBCwUAA4IBAQBV/7v1c+dm5HG+YdQ4JlFxRdD3BGALoAbG1uUyl6Ih
yrRkMI1kMiIBeVdvVF1cRHiI2pN9guGeI0ObQwU6/IOyLeQgqGMDM2yPOZZkZs7v
g/ztQ4cXxbngkbMRwfsHSZ4xdewLBsC+nRiv9fngurqNVMtsWFjuB55OEqWZyNaU
vSkIQFYmjeYjvUxnHs3KRFtvc1gsSTm727V1QDkRsPZiN0PyLOJHjNpaKZ5a76rJ
walL0yLGJS0vcqjCTgcs6r1UcS0qZd24ppYPHxizyY8Tf72CiP7VLtAZp32Bf+qN
KKNjXbrK07CDoKBaQYLJWuKlDedgmu+sTENOXCZ9EOs/
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:31 2024 by rpki-client on console-ams.rpki-client.org