Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/p76miMVcIsvDIM_xNHACzXtnsTA.roa
File:                     p76miMVcIsvDIM_xNHACzXtnsTA.roa (raw, json)
Hash identifier:          LVQyb8kgC01On8OQn/GI9HOPGBeTBx4tkZKyf9dHzTE=
Subject key identifier:   A7:BE:A6:88:C5:5C:22:CB:C3:20:CF:F1:34:70:02:CD:7B:67:B1:30
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018770656FE8C60A1ADC9467F56C4916E562
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/p76miMVcIsvDIM_xNHACzXtnsTA.roa
Signing time:             Tue 11 Apr 2023 12:58:28 +0000
ROA not before:           Tue 11 Apr 2023 12:58:28 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     63023
IP address blocks:        82.153.245.0/24 maxlen: 24
                          81.168.123.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 22 May 2023 08:10:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:70:65:6f:e8:c6:0a:1a:dc:94:67:f5:6c:49:16:e5:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Apr 11 12:58:28 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a7bea688c55c22cbc320cff1347002cd7b67b130
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:d9:d6:95:27:12:ac:72:2d:12:1e:25:7e:5b:
                    c5:bd:82:bb:33:43:1f:31:4e:4f:15:f7:a4:36:79:
                    71:ab:e2:ac:b8:30:7d:d7:ad:d6:1d:20:78:ba:76:
                    6f:0f:6a:fa:d9:24:14:63:8c:ee:8b:6d:99:19:ac:
                    b8:ab:83:73:6d:ac:24:f1:ab:a6:f7:fb:8f:43:82:
                    a7:08:df:7b:f3:a3:e7:bb:ad:7d:de:bb:32:e7:ba:
                    3e:b2:75:4b:cb:36:ad:1b:08:80:c9:28:54:b2:12:
                    7f:d6:23:ff:34:c1:4a:17:53:03:13:17:2e:b5:19:
                    42:2d:0d:19:61:c3:2a:79:a0:6d:c4:25:2b:31:83:
                    42:9f:72:49:f0:9a:65:12:61:a3:2e:42:02:21:5a:
                    df:13:80:3f:bf:ba:c9:91:49:54:28:38:1b:20:14:
                    0e:58:1f:9e:c2:13:ce:7c:67:8e:e3:c8:77:a0:34:
                    a2:ee:fe:65:d8:66:3a:52:c8:9c:55:c7:a2:78:93:
                    8a:ac:38:2e:ec:78:d1:9a:cd:68:ae:3e:d2:6d:d0:
                    86:9b:1f:1b:fb:96:85:51:2e:7b:90:16:b1:01:63:
                    c3:d2:b9:d6:79:29:2d:fd:84:29:c0:73:39:0e:88:
                    8a:ad:a5:9b:20:2c:03:f2:4d:b4:96:98:94:2c:7f:
                    91:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:BE:A6:88:C5:5C:22:CB:C3:20:CF:F1:34:70:02:CD:7B:67:B1:30
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/p76miMVcIsvDIM_xNHACzXtnsTA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.168.123.0/24
                  82.153.245.0/24

    Signature Algorithm: sha256WithRSAEncryption
         08:96:7c:12:74:f6:48:70:94:ba:74:78:4f:fd:9c:9f:2c:bd:
         38:c0:86:e3:cd:92:c3:5a:b9:4e:ad:dc:6c:14:39:81:5c:81:
         22:47:48:a8:93:d2:0d:66:8a:94:06:34:dd:95:76:83:59:f3:
         3c:c1:21:e1:99:ce:6e:b7:5c:2e:ee:46:18:e0:f7:80:33:bf:
         76:1b:36:a6:f3:d9:a6:71:0b:b1:50:b2:66:04:8f:e5:0f:8d:
         93:1d:3f:da:fa:3e:dd:2b:41:99:a6:55:57:1d:eb:5a:be:b2:
         0c:1c:b8:d5:80:7f:a0:f5:d2:7f:17:09:62:50:08:4e:82:19:
         9a:6e:08:17:78:47:dd:c5:91:0b:cf:3c:fa:68:e8:d3:36:e7:
         9e:e9:70:86:43:35:17:fb:a7:d0:d7:7e:28:f2:2c:dc:37:85:
         77:e2:7c:ae:cc:00:9e:00:d0:13:38:79:42:e5:3a:e4:25:d3:
         7b:98:1d:86:46:07:b5:f9:50:4f:87:30:f0:1f:2d:11:17:f6:
         21:12:e5:1c:02:24:c9:68:92:a2:25:c1:7a:70:49:bd:ce:77:
         31:ec:6c:d1:1b:8a:11:6b:f0:d8:5c:dd:94:9d:28:52:5e:25:
         65:3e:b8:45:f1:07:d0:f8:82:dc:9f:e2:5a:90:82:cb:69:55:
         a4:4b:f3:f9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYdwZW/oxgoa3JRn9WxJFuViMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNDExMTI1ODI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhN2JlYTY4OGM1NWMyMmNiYzMyMGNmZjEzNDcwMDJjZDdiNjdiMTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAttnWlScSrHItEh4lflvFvYK7M0Mf
MU5PFfekNnlxq+KsuDB9163WHSB4unZvD2r62SQUY4zui22ZGay4q4Nzbawk8aum
9/uPQ4KnCN9786Pnu6193rsy57o+snVLyzatGwiAyShUshJ/1iP/NMFKF1MDExcu
tRlCLQ0ZYcMqeaBtxCUrMYNCn3JJ8JplEmGjLkICIVrfE4A/v7rJkUlUKDgbIBQO
WB+ewhPOfGeO48h3oDSi7v5l2GY6UsicVceieJOKrDgu7HjRms1orj7SbdCGmx8b
+5aFUS57kBaxAWPD0rnWeSkt/YQpwHM5DoiKraWbICwD8k20lpiULH+RewIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKe+pojFXCLLwyDP8TRwAs17Z7EwMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvcDc2bWlNVmNJc3ZESU1feE5IQUN6WHRuc1RBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUah7AwQA
Upn1MA0GCSqGSIb3DQEBCwUAA4IBAQAIlnwSdPZIcJS6dHhP/ZyfLL04wIbjzZLD
WrlOrdxsFDmBXIEiR0iok9INZoqUBjTdlXaDWfM8wSHhmc5ut1wu7kYY4PeAM792
Gzam89mmcQuxULJmBI/lD42THT/a+j7dK0GZplVXHetavrIMHLjVgH+g9dJ/Fwli
UAhOghmabggXeEfdxZELzzz6aOjTNuee6XCGQzUX+6fQ134o8izcN4V34nyuzACe
ANATOHlC5TrkJdN7mB2GRge1+VBPhzDwHy0RF/YhEuUcAiTJaJKiJcF6cEm9zncx
7GzRG4oRa/DYXN2UnShSXiVlPrhF8QfQ+ILcn+JakILLaVWkS/P5
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:31 2024 by rpki-client on console-ams.rpki-client.org