Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/oZoaTfY-Iy6jwfwdybmKcGi_Ci4.roa
File:                     oZoaTfY-Iy6jwfwdybmKcGi_Ci4.roa (raw, json)
Hash identifier:          Z/OVawc9ZXYH/Lc0/wc/Gh6d3XCDmOu7g58ugZ/Qe9U=
Subject key identifier:   A1:9A:1A:4D:F6:3E:23:2E:A3:C1:FC:1D:C9:B9:8A:70:68:BF:0A:2E
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       01888A921F258822D7DD6FA86FE96423F26A
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/oZoaTfY-Iy6jwfwdybmKcGi_Ci4.roa
Signing time:             Mon 05 Jun 2023 08:00:12 +0000
ROA not before:           Mon 05 Jun 2023 08:00:12 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     14618
IP address blocks:        82.152.174.0/23 maxlen: 23
                          82.153.208.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Fri 17 Nov 2023 14:01:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:8a:92:1f:25:88:22:d7:dd:6f:a8:6f:e9:64:23:f2:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jun  5 08:00:12 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a19a1a4df63e232ea3c1fc1dc9b98a7068bf0a2e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:24:36:0e:a1:67:e1:fb:9e:27:b6:38:9a:41:
                    cf:33:76:07:08:00:6a:e0:61:b8:97:f0:c7:7a:83:
                    ce:de:ef:38:e3:e1:1b:7c:c8:ba:35:12:0c:0b:cd:
                    c8:20:53:60:b1:78:36:2b:dd:8b:a6:dc:71:bb:2f:
                    43:53:2f:84:89:d6:05:f5:ca:74:16:bb:9b:a5:fe:
                    b6:ec:0d:9e:77:9f:bb:5e:af:3b:6c:0f:00:30:a0:
                    09:b1:cb:f0:d7:62:fb:41:7e:08:e7:13:00:66:24:
                    41:f5:6b:e4:cc:7a:03:5c:28:9b:f4:2a:02:f5:35:
                    5f:c7:a6:6d:68:57:68:70:c4:4e:f4:69:cc:49:6f:
                    6b:00:33:d7:8a:76:6a:22:fb:33:d2:22:ad:70:ab:
                    d0:e4:f9:57:60:f8:3f:64:c3:e3:5c:46:83:61:b3:
                    e0:7b:95:c8:b6:b8:e8:b1:80:e8:2c:26:f8:a4:62:
                    53:b1:37:63:9a:de:0f:ee:9a:11:33:86:32:23:93:
                    48:40:aa:85:9b:af:92:66:6a:e5:1a:13:bb:6a:49:
                    d0:ab:69:ef:6c:9f:24:37:f9:39:96:ad:36:16:b6:
                    21:a0:d8:1d:32:31:d2:0a:ab:cf:6c:bc:87:9e:f4:
                    a1:db:f1:b5:b6:2e:b6:aa:fd:74:c8:84:ec:4a:2a:
                    80:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:9A:1A:4D:F6:3E:23:2E:A3:C1:FC:1D:C9:B9:8A:70:68:BF:0A:2E
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/oZoaTfY-Iy6jwfwdybmKcGi_Ci4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.152.174.0/23
                  82.153.208.0/22

    Signature Algorithm: sha256WithRSAEncryption
         78:6b:52:68:93:dd:fb:4f:2c:cf:d5:0b:c1:2b:9a:12:cf:d1:
         37:3d:ef:91:db:e7:62:f1:8c:99:e3:ef:3c:58:7d:39:ed:a6:
         3d:c4:31:c7:bd:fe:93:0f:e6:84:70:f2:09:2f:6a:74:ee:e6:
         4c:94:7c:e2:47:02:9c:43:37:98:22:fe:8c:ec:fc:ba:b6:38:
         05:07:8f:8f:3d:c2:dc:42:75:ba:1c:89:8b:cb:aa:2f:18:a8:
         f8:16:59:e1:da:57:fc:c8:1d:51:b0:c9:7a:0f:87:93:c7:da:
         19:82:ea:05:4e:53:5a:10:f0:0a:32:63:ef:54:6f:c4:e8:c7:
         68:81:85:58:eb:b0:7f:51:ef:78:34:04:db:b4:59:9b:5b:b0:
         a8:42:57:ef:6a:da:30:f4:77:85:9b:44:d0:ff:8b:da:49:f6:
         21:75:90:a1:f0:21:b9:05:d4:c3:60:b9:e8:e5:86:64:b7:b5:
         0c:1b:9e:fa:1f:90:4e:da:71:d3:3c:5b:1c:70:1f:10:e7:cb:
         c4:f4:2d:58:2e:c3:c3:bb:2e:c9:51:d5:87:b7:59:3e:ad:52:
         1e:53:49:cc:87:61:05:e7:5e:00:a7:1f:ef:aa:0d:00:27:b3:
         47:f7:e3:1f:a7:a2:10:43:df:cd:89:d8:87:02:e9:be:64:1f:
         17:63:77:20
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYiKkh8liCLX3W+ob+lkI/JqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNjA1MDgwMDEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTlhMWE0ZGY2M2UyMzJlYTNjMWZjMWRjOWI5OGE3MDY4YmYwYTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAliQ2DqFn4fueJ7Y4mkHPM3YHCABq
4GG4l/DHeoPO3u844+EbfMi6NRIMC83IIFNgsXg2K92Lptxxuy9DUy+EidYF9cp0
Frubpf627A2ed5+7Xq87bA8AMKAJscvw12L7QX4I5xMAZiRB9WvkzHoDXCib9CoC
9TVfx6ZtaFdocMRO9GnMSW9rADPXinZqIvsz0iKtcKvQ5PlXYPg/ZMPjXEaDYbPg
e5XItrjosYDoLCb4pGJTsTdjmt4P7poRM4YyI5NIQKqFm6+SZmrlGhO7aknQq2nv
bJ8kN/k5lq02FrYhoNgdMjHSCqvPbLyHnvSh2/G1ti62qv10yITsSiqA0wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKGaGk32PiMuo8H8Hcm5inBovwouMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvb1pvYVRmWS1JeTZqd2Z3ZHlibUtjR2lfQ2k0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBUpiuAwQC
UpnQMA0GCSqGSIb3DQEBCwUAA4IBAQB4a1Jok937TyzP1QvBK5oSz9E3Pe+R2+di
8YyZ4+88WH057aY9xDHHvf6TD+aEcPIJL2p07uZMlHziRwKcQzeYIv6M7Py6tjgF
B4+PPcLcQnW6HImLy6ovGKj4Flnh2lf8yB1RsMl6D4eTx9oZguoFTlNaEPAKMmPv
VG/E6MdogYVY67B/Ue94NATbtFmbW7CoQlfvatow9HeFm0TQ/4vaSfYhdZCh8CG5
BdTDYLno5YZkt7UMG576H5BO2nHTPFsccB8Q58vE9C1YLsPDuy7JUdWHt1k+rVIe
U0nMh2EF514Apx/vqg0AJ7NH9+Mfp6IQQ9/NidiHAum+ZB8XY3cg
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:17 2024 by rpki-client on console-fra.rpki-client.org