Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/opQZO1ktSnPoJ5is6kbXOBl5Jlg.roa
File:                     opQZO1ktSnPoJ5is6kbXOBl5Jlg.roa (raw, json)
Hash identifier:          hRPwsDxbuYhaILiFxnIcKxqYu10w53TfWd6e7MVqF8E=
Subject key identifier:   A2:94:19:3B:59:2D:4A:73:E8:27:98:AC:EA:46:D7:38:19:79:26:58
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       0187706659E7BB2C5A5B725B6605CD5DC557
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/opQZO1ktSnPoJ5is6kbXOBl5Jlg.roa
Signing time:             Tue 11 Apr 2023 12:59:28 +0000
ROA not before:           Tue 11 Apr 2023 12:59:28 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     60721
IP address blocks:        82.153.243.0/24 maxlen: 24
                          82.153.208.0/24 maxlen: 24
                          82.153.211.0/24 maxlen: 24
                          82.152.249.0/24 maxlen: 24
                          82.152.252.0/24 maxlen: 24
                          82.152.254.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 14 Apr 2023 08:34:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:70:66:59:e7:bb:2c:5a:5b:72:5b:66:05:cd:5d:c5:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Apr 11 12:59:28 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a294193b592d4a73e82798acea46d73819792658
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:74:b9:ab:af:c6:77:35:51:5a:cc:85:6a:71:
                    f7:7c:aa:74:07:92:f0:6d:dd:73:17:a0:7c:b5:6c:
                    a2:29:b7:20:96:4f:e8:1d:eb:d5:ab:5a:e9:d9:62:
                    18:e7:0f:67:8d:5c:34:46:58:94:dc:27:9d:25:a6:
                    03:c1:d9:5a:a3:6d:a9:fd:9c:76:11:70:ea:d0:62:
                    79:6b:bf:b5:1b:3e:57:b8:c0:74:51:35:5a:7e:7e:
                    e6:c9:93:3c:78:04:03:26:7c:a6:e7:d4:99:a3:9d:
                    6e:50:44:b5:9b:8c:2a:e1:2b:6c:4e:12:45:fa:48:
                    b7:8f:dc:73:db:73:33:11:8a:9c:cc:bc:59:12:72:
                    09:1c:1c:28:0a:bc:0e:85:a2:d8:18:62:eb:19:11:
                    04:a4:8a:7a:69:36:74:55:98:05:81:9f:08:b1:ca:
                    3e:fc:c0:60:ab:6d:34:a6:b7:bf:3b:4e:20:44:e4:
                    f7:78:fb:29:be:63:5c:3f:3d:bb:c7:fa:11:ee:fd:
                    84:ff:a7:95:83:93:0a:16:3a:17:c8:d7:e2:8c:6c:
                    61:e2:08:18:6f:df:98:9a:ad:7e:58:d5:a1:63:e4:
                    1c:a8:3d:44:2b:11:5c:a8:08:be:44:06:38:24:51:
                    b8:02:a9:2d:fe:f2:ce:91:cf:31:5d:5e:55:82:c1:
                    b4:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:94:19:3B:59:2D:4A:73:E8:27:98:AC:EA:46:D7:38:19:79:26:58
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/opQZO1ktSnPoJ5is6kbXOBl5Jlg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.152.249.0/24
                  82.152.252.0/24
                  82.152.254.0/24
                  82.153.208.0/24
                  82.153.211.0/24
                  82.153.243.0/24

    Signature Algorithm: sha256WithRSAEncryption
         02:1d:c7:d8:9c:91:e9:08:3d:9e:b5:12:76:51:4a:96:92:a2:
         ff:1f:ba:b9:eb:a5:2a:73:ce:09:d3:75:3e:19:3a:d9:82:f5:
         55:e5:02:e8:5d:fa:15:a0:7f:45:f5:6e:ab:3a:b8:d0:d6:75:
         4a:a1:e1:fe:19:f9:94:c4:43:67:aa:72:ea:c7:5e:37:93:c4:
         2e:f2:df:65:c3:5e:83:07:fa:eb:b7:9d:8d:4a:7f:ee:ec:f9:
         6b:f2:b0:0a:69:3f:20:d0:5b:25:a7:46:0a:71:8f:3d:58:05:
         c9:2d:76:42:be:c4:84:1a:a3:64:1d:52:7f:7f:89:94:bc:7c:
         9a:4a:f0:eb:4a:29:41:33:82:5e:0d:01:fd:76:a1:f7:17:3e:
         89:82:13:aa:44:45:67:5d:02:ea:f0:14:ab:c8:54:b3:58:74:
         21:ec:09:f3:7e:12:40:7a:a0:82:cf:37:fe:74:6a:de:b8:41:
         ff:47:f5:73:0b:66:42:d6:65:32:fe:5d:c3:e7:e8:3a:c5:a4:
         66:cc:04:83:76:4d:5d:5b:f8:11:a2:c1:88:43:02:41:ab:4c:
         90:56:8d:bd:ce:86:62:4f:c1:d9:c6:c5:29:02:8c:c2:c3:a5:
         ac:ed:09:0a:b9:98:c2:0d:97:0b:ac:4c:49:2a:84:e6:1b:4a:
         51:91:ba:30
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYdwZlnnuyxaW3JbZgXNXcVXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNDExMTI1OTI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjk0MTkzYjU5MmQ0YTczZTgyNzk4YWNlYTQ2ZDczODE5NzkyNjU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlnS5q6/GdzVRWsyFanH3fKp0B5Lw
bd1zF6B8tWyiKbcglk/oHevVq1rp2WIY5w9njVw0RliU3CedJaYDwdlao22p/Zx2
EXDq0GJ5a7+1Gz5XuMB0UTVafn7myZM8eAQDJnym59SZo51uUES1m4wq4StsThJF
+ki3j9xz23MzEYqczLxZEnIJHBwoCrwOhaLYGGLrGREEpIp6aTZ0VZgFgZ8Isco+
/MBgq200pre/O04gROT3ePspvmNcPz27x/oR7v2E/6eVg5MKFjoXyNfijGxh4ggY
b9+Ymq1+WNWhY+QcqD1EKxFcqAi+RAY4JFG4Aqkt/vLOkc8xXV5VgsG04QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFKKUGTtZLUpz6CeYrOpG1zgZeSZYMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvb3BRWk8xa3RTblBvSjVpczZrYlhPQmw1SmxnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAUpj5AwQA
Upj8AwQAUpj+AwQAUpnQAwQAUpnTAwQAUpnzMA0GCSqGSIb3DQEBCwUAA4IBAQAC
HcfYnJHpCD2etRJ2UUqWkqL/H7q566Uqc84J03U+GTrZgvVV5QLoXfoVoH9F9W6r
OrjQ1nVKoeH+GfmUxENnqnLqx143k8Qu8t9lw16DB/rrt52NSn/u7Plr8rAKaT8g
0Fslp0YKcY89WAXJLXZCvsSEGqNkHVJ/f4mUvHyaSvDrSilBM4JeDQH9dqH3Fz6J
ghOqREVnXQLq8BSryFSzWHQh7AnzfhJAeqCCzzf+dGreuEH/R/VzC2ZC1mUy/l3D
5+g6xaRmzASDdk1dW/gRosGIQwJBq0yQVo29zoZiT8HZxsUpAozCw6Ws7QkKuZjC
DZcLrExJKoTmG0pRkbow
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:31 2024 by rpki-client on console-ams.rpki-client.org