Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/pa2AeDZCpX_OSEGa2J10zwf7u70.roa
File:                     pa2AeDZCpX_OSEGa2J10zwf7u70.roa (raw, json)
Hash identifier:          4HYZK2GZDIUh/NnaAuRZTjssTIQuWBBOngPhLKZy5ak=
Subject key identifier:   A5:AD:80:78:36:42:A5:7F:CE:48:41:9A:D8:9D:74:CF:07:FB:BB:BD
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018A5FECBC2D82C71C32EDFF797E5C3C830F
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/pa2AeDZCpX_OSEGa2J10zwf7u70.roa
Signing time:             Mon 04 Sep 2023 11:21:04 +0000
ROA not before:           Mon 04 Sep 2023 11:21:04 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     20473
IP address blocks:        89.213.4.0/24 maxlen: 24
                          82.152.108.0/24 maxlen: 24
                          82.152.49.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 04 Oct 2023 16:06:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:5f:ec:bc:2d:82:c7:1c:32:ed:ff:79:7e:5c:3c:83:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Sep  4 11:21:04 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a5ad80783642a57fce48419ad89d74cf07fbbbbd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:1c:52:7b:4c:d7:2d:8e:93:19:de:f9:9b:5a:
                    fc:94:71:86:a0:c5:70:c7:8d:11:5f:ab:8f:0d:87:
                    4d:5e:d5:0c:aa:14:5d:70:73:5f:63:23:cd:33:00:
                    dd:fe:79:a0:81:36:46:27:e1:ad:f2:d9:4a:cd:ae:
                    34:58:f2:48:22:26:8f:44:2b:0a:bd:ac:e7:8b:99:
                    d2:e2:29:20:d3:3a:4e:40:1b:88:df:1f:83:36:60:
                    b7:0b:4e:c6:e3:5b:66:e6:84:3e:74:ef:99:77:54:
                    61:39:c6:ae:cd:c6:9d:a0:f9:70:c4:2c:2f:e5:33:
                    30:87:72:c7:9f:bc:34:ab:ae:fb:2a:69:a3:4d:22:
                    b6:22:ec:2d:ce:dd:c4:0b:b1:80:c5:16:e1:4e:67:
                    4f:15:5e:94:d2:6e:2c:c6:4c:85:60:4e:f3:75:e3:
                    c9:01:28:c1:f8:a9:f4:59:2b:51:ab:5e:1a:af:b0:
                    84:11:2f:c6:b8:0d:91:d2:b9:6f:6c:b5:37:7d:a8:
                    cb:cc:4a:1e:c2:da:1b:76:ec:9c:c2:92:b2:f4:62:
                    8f:8d:8a:cd:09:b3:89:cf:65:9b:3f:ea:f2:dd:c2:
                    d5:5f:d2:07:e9:57:3a:f3:35:4a:a5:22:f1:e8:4f:
                    3d:a7:5d:5d:73:5c:5a:bf:92:45:d1:49:46:93:e7:
                    61:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:AD:80:78:36:42:A5:7F:CE:48:41:9A:D8:9D:74:CF:07:FB:BB:BD
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/pa2AeDZCpX_OSEGa2J10zwf7u70.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.152.49.0/24
                  82.152.108.0/24
                  89.213.4.0/24

    Signature Algorithm: sha256WithRSAEncryption
         14:89:b9:a6:a7:c0:fb:ec:e4:9c:c5:53:22:89:83:21:e6:c9:
         18:a2:e8:26:96:c8:cc:2b:78:fc:2c:1e:11:20:4b:36:24:b2:
         44:84:7f:84:b2:d1:4b:bb:a5:84:54:72:80:56:60:91:6c:ca:
         fd:56:9a:fb:9d:97:37:e0:b2:e2:9c:b5:3d:47:38:3b:11:fe:
         bc:ba:df:31:55:1b:15:30:12:5f:ba:e1:37:29:a8:ce:8a:22:
         34:4e:ab:b9:68:93:76:0b:d9:ea:ba:5d:65:a3:de:58:74:6a:
         0d:48:ab:8f:ee:57:d7:7c:f5:cf:df:e8:03:55:df:0a:29:8d:
         09:91:5b:ce:f5:1d:56:ab:e1:3c:19:59:22:ef:11:0e:e6:ca:
         be:ba:02:e8:b9:e9:01:65:9b:49:9d:39:78:74:be:65:c7:2a:
         82:26:97:c0:f8:e0:bc:e8:38:9b:09:92:d8:cd:76:91:8e:29:
         11:c0:6b:cb:fc:9c:c6:1c:28:2e:29:7b:51:fd:f5:cc:05:96:
         2d:9a:da:b2:b7:1d:14:85:f7:49:e7:8a:4f:de:ed:1e:da:4d:
         8e:cd:b9:34:5b:35:4b:52:13:6b:0c:7d:aa:0d:dd:d2:51:83:
         d6:20:40:0d:a3:7b:73:fc:a3:7c:97:7a:9a:05:d3:c3:f3:30:
         de:6b:dd:f8
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYpf7LwtgsccMu3/eX5cPIMPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwOTA0MTEyMTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWFkODA3ODM2NDJhNTdmY2U0ODQxOWFkODlkNzRjZjA3ZmJiYmJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjBxSe0zXLY6TGd75m1r8lHGGoMVw
x40RX6uPDYdNXtUMqhRdcHNfYyPNMwDd/nmggTZGJ+Gt8tlKza40WPJIIiaPRCsK
vazni5nS4ikg0zpOQBuI3x+DNmC3C07G41tm5oQ+dO+Zd1RhOcauzcadoPlwxCwv
5TMwh3LHn7w0q677KmmjTSK2Iuwtzt3EC7GAxRbhTmdPFV6U0m4sxkyFYE7zdePJ
ASjB+Kn0WStRq14ar7CEES/GuA2R0rlvbLU3fajLzEoewtobduycwpKy9GKPjYrN
CbOJz2WbP+ry3cLVX9IH6Vc68zVKpSLx6E89p11dc1xav5JF0UlGk+dhwwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKWtgHg2QqV/zkhBmtiddM8H+7u9MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvcGEyQWVEWkNwWF9PU0VHYTJKMTB6d2Y3dTcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUpgxAwQA
UphsAwQAWdUEMA0GCSqGSIb3DQEBCwUAA4IBAQAUibmmp8D77OScxVMiiYMh5skY
ougmlsjMK3j8LB4RIEs2JLJEhH+EstFLu6WEVHKAVmCRbMr9Vpr7nZc34LLinLU9
Rzg7Ef68ut8xVRsVMBJfuuE3KajOiiI0Tqu5aJN2C9nqul1lo95YdGoNSKuP7lfX
fPXP3+gDVd8KKY0JkVvO9R1Wq+E8GVki7xEO5sq+ugLouekBZZtJnTl4dL5lxyqC
JpfA+OC86DibCZLYzXaRjikRwGvL/JzGHCguKXtR/fXMBZYtmtqytx0UhfdJ54pP
3u0e2k2Ozbk0WzVLUhNrDH2qDd3SUYPWIEANo3tz/KN8l3qaBdPD8zDea934
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:18 2024 by rpki-client on console-fra.rpki-client.org