Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/pG8AF-0RVWSqoOTO5ncY6M5Qq5Q.roa
File:                     pG8AF-0RVWSqoOTO5ncY6M5Qq5Q.roa (raw, json)
Hash identifier:          M01ggqtQLoNUULDGg+SneAKAm7usfHOyq8KeiFMamIA=
Subject key identifier:   A4:6F:00:17:ED:11:55:64:AA:A0:E4:CE:E6:77:18:E8:CE:50:AB:94
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       0188C46D6855DBD6A13910C11137DF86417B
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/pG8AF-0RVWSqoOTO5ncY6M5Qq5Q.roa
Signing time:             Fri 16 Jun 2023 13:38:04 +0000
ROA not before:           Fri 16 Jun 2023 13:38:04 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        82.153.136.0/22 maxlen: 22
                          82.153.249.0/24 maxlen: 24
                          82.152.108.0/24 maxlen: 24
                          82.153.73.0/24 maxlen: 24
                          81.168.123.0/24 maxlen: 24
                          81.168.119.0/24 maxlen: 24
                          82.153.221.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 19 Jun 2023 09:59:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:c4:6d:68:55:db:d6:a1:39:10:c1:11:37:df:86:41:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jun 16 13:38:04 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a46f0017ed115564aaa0e4cee67718e8ce50ab94
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:d7:7f:15:3f:2d:5e:b4:b5:83:ee:fd:21:b9:
                    f3:56:8d:66:e6:1d:b3:8e:d0:cb:57:57:df:55:99:
                    b9:ce:f2:e0:1c:f2:30:d0:40:33:9d:dc:fc:15:97:
                    7a:0d:ba:1e:e8:44:d0:98:78:1d:8a:5c:b3:55:1d:
                    85:bd:89:37:77:85:4c:8f:01:c1:df:a8:d0:6c:5d:
                    3b:35:ed:60:ab:90:41:d7:6d:03:ac:4e:af:a6:75:
                    69:8a:9f:85:fe:09:ba:8c:99:44:3c:85:89:3e:c1:
                    b5:80:a4:31:2b:19:60:41:83:a9:3d:80:08:b6:7c:
                    3a:79:33:9d:0d:42:8a:8b:2f:08:4c:43:73:bd:88:
                    03:10:8b:83:c6:9b:0f:ac:a7:d7:fa:16:5d:5f:e5:
                    b6:83:9e:77:cd:31:e5:5a:fa:ba:a7:4b:bc:5c:5e:
                    99:8a:d2:cb:b7:63:11:ba:c5:1b:8f:ba:3c:7c:e6:
                    a5:53:4c:fe:73:e1:33:a9:8d:d1:46:13:04:35:10:
                    d9:01:22:8d:cf:63:64:7a:56:2d:51:6f:0b:64:57:
                    da:83:37:9b:f0:90:95:25:86:39:1d:42:d2:90:04:
                    79:10:c7:f5:d9:c2:38:29:08:5b:e6:93:2a:b0:38:
                    ef:73:e6:b1:43:a6:bb:1b:0c:3f:24:71:68:da:e5:
                    77:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:6F:00:17:ED:11:55:64:AA:A0:E4:CE:E6:77:18:E8:CE:50:AB:94
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/pG8AF-0RVWSqoOTO5ncY6M5Qq5Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.168.119.0/24
                  81.168.123.0/24
                  82.152.108.0/24
                  82.153.73.0/24
                  82.153.136.0/22
                  82.153.221.0/24
                  82.153.249.0/24

    Signature Algorithm: sha256WithRSAEncryption
         50:7b:3d:b9:66:7a:c0:10:68:92:33:fd:4d:ee:87:db:e2:35:
         20:60:71:79:12:99:1c:4b:e1:1a:d7:b9:4b:62:05:63:6c:f5:
         0e:0e:07:de:f6:c7:c2:83:dd:35:ad:21:ca:a3:1b:0a:9f:78:
         c7:d7:bd:02:f2:5f:94:97:2a:5f:d7:c8:e6:fe:99:85:04:1b:
         00:9d:73:04:53:11:90:83:ec:59:09:4b:34:7f:a8:a1:13:c9:
         1d:47:a5:a5:a2:01:d7:c0:81:a4:23:c6:60:ac:80:b0:86:59:
         1c:f4:9e:b4:98:91:83:41:17:74:b2:a6:c1:18:ba:98:4f:2f:
         7e:9e:3e:0b:eb:be:b6:3f:a6:c0:32:86:01:61:41:d4:6b:5f:
         2d:ae:c6:b7:7a:d0:a3:35:e0:e9:d5:a0:4a:8a:ce:af:74:2e:
         32:19:bf:c4:9b:5a:9e:bd:1f:46:f7:e2:dc:6d:cb:41:65:c1:
         13:48:38:4c:a3:d4:a3:55:56:83:17:c9:a5:f7:ba:27:08:5c:
         15:e5:c6:db:b9:4a:dc:8d:d4:f6:7a:36:6d:8c:14:c7:8a:42:
         ec:ac:33:f1:ef:77:84:ca:35:96:d1:8f:b3:26:05:b3:1b:70:
         e9:bd:64:01:61:1b:39:24:65:41:b1:7e:97:5a:ad:56:7d:67:
         9c:6f:b5:bc
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYjEbWhV29ahORDBETffhkF7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNjE2MTMzODA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDZmMDAxN2VkMTE1NTY0YWFhMGU0Y2VlNjc3MThlOGNlNTBhYjk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkNd/FT8tXrS1g+79IbnzVo1m5h2z
jtDLV1ffVZm5zvLgHPIw0EAzndz8FZd6Dboe6ETQmHgdilyzVR2FvYk3d4VMjwHB
36jQbF07Ne1gq5BB120DrE6vpnVpip+F/gm6jJlEPIWJPsG1gKQxKxlgQYOpPYAI
tnw6eTOdDUKKiy8ITENzvYgDEIuDxpsPrKfX+hZdX+W2g553zTHlWvq6p0u8XF6Z
itLLt2MRusUbj7o8fOalU0z+c+EzqY3RRhMENRDZASKNz2NkelYtUW8LZFfagzeb
8JCVJYY5HULSkAR5EMf12cI4KQhb5pMqsDjvc+axQ6a7Gww/JHFo2uV39QIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFKRvABftEVVkqqDkzuZ3GOjOUKuUMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvcEc4QUYtMFJWV1Nxb09UTzVuY1k2TTVRcTVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAUah3AwQA
Uah7AwQAUphsAwQAUplJAwQCUpmIAwQAUpndAwQAUpn5MA0GCSqGSIb3DQEBCwUA
A4IBAQBQez25ZnrAEGiSM/1N7ofb4jUgYHF5EpkcS+Ea17lLYgVjbPUODgfe9sfC
g901rSHKoxsKn3jH170C8l+Ulypf18jm/pmFBBsAnXMEUxGQg+xZCUs0f6ihE8kd
R6WlogHXwIGkI8ZgrICwhlkc9J60mJGDQRd0sqbBGLqYTy9+nj4L6762P6bAMoYB
YUHUa18trsa3etCjNeDp1aBKis6vdC4yGb/Em1qevR9G9+LcbctBZcETSDhMo9Sj
VVaDF8ml97onCFwV5cbbuUrcjdT2ejZtjBTHikLsrDPx73eEyjWW0Y+zJgWzG3Dp
vWQBYRs5JGVBsX6XWq1WfWecb7W8
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:17 2024 by rpki-client on console-fra.rpki-client.org