Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/oj58K-s0CcBqDYjoV6u_YOt2Izs.roa
File:                     oj58K-s0CcBqDYjoV6u_YOt2Izs.roa (raw, json)
Hash identifier:          q5aUNxSkeJb6ntTM1s371DvzSbzqkBAAzo0vMBgh3uI=
Subject key identifier:   A2:3E:7C:2B:EB:34:09:C0:6A:0D:88:E8:57:AB:BF:60:EB:76:23:3B
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       01884282724C60B18BDC5AAA7D5ABAA87074
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/oj58K-s0CcBqDYjoV6u_YOt2Izs.roa
Signing time:             Mon 22 May 2023 08:10:25 +0000
ROA not before:           Mon 22 May 2023 08:10:25 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     142111
IP address blocks:        82.153.10.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 03 Jul 2023 16:02:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:42:82:72:4c:60:b1:8b:dc:5a:aa:7d:5a:ba:a8:70:74
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: May 22 08:10:25 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a23e7c2beb3409c06a0d88e857abbf60eb76233b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:b8:a4:a9:3e:69:43:e2:35:fe:33:5a:f1:a1:
                    14:74:4b:bd:37:fe:d7:bf:6e:06:a1:93:1a:77:2b:
                    94:63:2b:ca:81:38:65:8a:61:4f:ab:4a:6c:2c:8f:
                    02:9e:6f:9b:6f:aa:0a:cc:ce:bf:df:fc:28:10:5c:
                    24:44:6d:e2:f0:f4:4b:c8:38:54:1c:a3:a9:87:5e:
                    21:a2:05:41:d0:c5:f8:fe:15:dd:e2:1b:2b:83:0a:
                    9b:d6:37:c2:05:48:15:e5:e7:38:e0:90:29:e7:b9:
                    ac:fa:85:01:91:ac:3e:9e:ac:b0:a0:a8:3c:cc:37:
                    3c:1e:b6:8c:16:b8:ae:c0:db:47:4c:0e:cf:c2:dd:
                    4e:77:5d:a7:56:b3:6e:f6:6d:60:4b:47:60:b7:3a:
                    6f:3d:23:82:d4:44:37:7f:5a:81:b4:68:90:95:57:
                    eb:35:de:c8:1e:ba:9a:45:f7:57:2d:cd:6d:fe:a3:
                    99:85:f9:0e:ae:99:18:f4:50:c4:49:c1:1b:8c:2d:
                    1e:ae:5c:0a:fe:0f:59:2c:9e:f8:7b:0d:4e:46:06:
                    19:dd:56:a4:6c:9e:9d:d2:15:0b:8d:c7:e2:5d:a1:
                    18:78:be:d8:7e:b9:c8:5e:d5:30:69:eb:c8:6c:07:
                    17:1e:8f:66:f4:46:a5:5e:cc:34:c4:64:ab:76:f5:
                    c4:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:3E:7C:2B:EB:34:09:C0:6A:0D:88:E8:57:AB:BF:60:EB:76:23:3B
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/oj58K-s0CcBqDYjoV6u_YOt2Izs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.10.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6a:dc:fd:d6:aa:66:86:5e:dd:45:27:78:86:4b:1f:96:0c:5e:
         52:58:2f:f4:42:5e:79:79:51:07:a6:95:8a:33:ff:5b:5a:fc:
         20:fa:43:c1:2d:01:e6:92:e1:5c:f8:f0:bd:fa:cc:2c:17:5f:
         84:46:d7:03:96:91:f2:65:14:eb:70:dd:ec:37:c4:26:d2:b7:
         89:90:72:35:3a:42:ed:13:5c:9b:27:3d:0f:33:e0:ec:73:a1:
         5a:38:c2:d5:40:ef:7d:a8:7d:f6:69:29:02:82:ef:93:d6:07:
         6e:6e:bb:b2:d7:e2:38:1e:11:ca:93:55:7d:f8:ac:e7:61:24:
         c4:43:31:39:ad:67:72:4e:6a:93:8c:92:b8:ee:88:65:d8:3d:
         87:9c:e2:17:6c:83:4d:21:54:4f:3d:bc:b1:96:32:56:42:45:
         45:e7:16:e1:aa:4c:3b:33:76:fd:04:b2:06:01:9d:d5:e1:05:
         5e:86:57:7e:0f:90:3c:7e:dd:ca:77:85:b5:20:4f:5e:24:45:
         7d:cd:27:d5:07:12:97:07:05:2d:a7:bd:11:15:68:23:21:7d:
         80:ad:a3:1d:f8:80:df:da:98:c1:6f:42:9f:22:34:27:f5:ce:
         e2:70:00:bb:15:b2:3b:cc:c7:e1:4b:6f:a0:e1:24:72:25:cc:
         3c:c4:30:e7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYhCgnJMYLGL3FqqfVq6qHB0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNTIyMDgxMDI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjNlN2MyYmViMzQwOWMwNmEwZDg4ZTg1N2FiYmY2MGViNzYyMzNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxrikqT5pQ+I1/jNa8aEUdEu9N/7X
v24GoZMadyuUYyvKgThlimFPq0psLI8Cnm+bb6oKzM6/3/woEFwkRG3i8PRLyDhU
HKOph14hogVB0MX4/hXd4hsrgwqb1jfCBUgV5ec44JAp57ms+oUBkaw+nqywoKg8
zDc8HraMFriuwNtHTA7Pwt1Od12nVrNu9m1gS0dgtzpvPSOC1EQ3f1qBtGiQlVfr
Nd7IHrqaRfdXLc1t/qOZhfkOrpkY9FDEScEbjC0erlwK/g9ZLJ74ew1ORgYZ3Vak
bJ6d0hULjcfiXaEYeL7YfrnIXtUwaevIbAcXHo9m9EalXsw0xGSrdvXEWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKI+fCvrNAnAag2I6Ferv2DrdiM7MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvb2o1OEstczBDY0JxRFlqb1Y2dV9ZT3QySXpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpkKMA0G
CSqGSIb3DQEBCwUAA4IBAQBq3P3WqmaGXt1FJ3iGSx+WDF5SWC/0Ql55eVEHppWK
M/9bWvwg+kPBLQHmkuFc+PC9+swsF1+ERtcDlpHyZRTrcN3sN8Qm0reJkHI1OkLt
E1ybJz0PM+Dsc6FaOMLVQO99qH32aSkCgu+T1gdubruy1+I4HhHKk1V9+KznYSTE
QzE5rWdyTmqTjJK47ohl2D2HnOIXbINNIVRPPbyxljJWQkVF5xbhqkw7M3b9BLIG
AZ3V4QVehld+D5A8ft3Kd4W1IE9eJEV9zSfVBxKXBwUtp70RFWgjIX2AraMd+IDf
2pjBb0KfIjQn9c7icAC7FbI7zMfhS2+g4SRyJcw8xDDn
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:31 2024 by rpki-client on console-ams.rpki-client.org