Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/qeMCqbr7Ky-zOEsywy6pDeTaRk0.roa
File:                     qeMCqbr7Ky-zOEsywy6pDeTaRk0.roa (raw, json)
Hash identifier:          Joc6mEfQAA77+sMXI4HDegjLV5b8BmNnIQuoeHwclss=
Subject key identifier:   A9:E3:02:A9:BA:FB:2B:2F:B3:38:4B:32:C3:2E:A9:0D:E4:DA:46:4D
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018571FA23C05E353FDFA0734A802B399302
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/qeMCqbr7Ky-zOEsywy6pDeTaRk0.roa
Signing time:             Mon 02 Jan 2023 10:14:56 +0000
ROA not before:           Mon 02 Jan 2023 10:14:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     21859
IP address blocks:        82.153.241.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 31 May 2023 08:26:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:fa:23:c0:5e:35:3f:df:a0:73:4a:80:2b:39:93:02
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jan  2 10:14:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a9e302a9bafb2b2fb3384b32c32ea90de4da464d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:6c:f6:59:b5:40:63:ab:94:f3:39:e7:fb:a8:
                    ad:be:42:bf:f8:f4:e5:94:38:9c:78:b8:53:ed:1c:
                    8b:05:eb:95:8a:6c:eb:4a:61:2c:fc:56:7f:54:cc:
                    12:cb:f9:35:b2:02:22:91:c4:74:60:ff:79:a0:47:
                    84:b2:96:59:65:e7:10:70:68:98:38:46:f3:8c:88:
                    2e:fc:63:b7:07:c6:7b:96:9d:56:ed:e5:50:df:6a:
                    25:da:1e:82:bc:58:4a:6e:87:21:c3:b3:06:88:46:
                    1b:c3:6a:91:e6:98:33:12:4f:2c:47:6c:23:65:c5:
                    82:4d:56:26:19:20:67:04:9d:c8:d8:40:64:20:09:
                    43:b8:a1:a3:96:47:20:bd:b0:52:17:a5:0a:44:bf:
                    48:17:89:4c:1b:6b:37:b4:77:96:ab:4f:ae:5d:f2:
                    5b:56:6e:e5:b2:6a:6e:a8:48:ed:22:d4:d0:7d:b8:
                    ea:01:2f:b8:b4:19:b6:34:10:51:64:79:fd:0b:78:
                    af:78:cf:1a:f4:49:a8:6c:59:f1:5c:70:d8:c5:50:
                    41:35:68:d9:75:27:dc:ed:fb:bc:65:eb:a6:3b:77:
                    ab:1e:3b:b3:d9:e7:51:0e:df:0a:9e:3d:45:d3:5d:
                    09:fc:29:16:46:f2:ea:5b:f0:33:46:c8:a3:b9:bd:
                    f5:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:E3:02:A9:BA:FB:2B:2F:B3:38:4B:32:C3:2E:A9:0D:E4:DA:46:4D
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/qeMCqbr7Ky-zOEsywy6pDeTaRk0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.241.0/24

    Signature Algorithm: sha256WithRSAEncryption
         38:4f:bb:56:8f:8e:c0:81:96:26:62:07:77:96:cc:61:9a:45:
         f6:df:3d:d9:e3:41:69:45:38:8c:8c:1c:77:db:74:ca:75:c5:
         43:ab:6a:73:0f:df:8d:50:39:84:fc:29:57:63:d5:c6:fc:c1:
         c1:58:13:8d:68:de:d9:27:bc:f8:cd:68:03:89:90:82:d5:b2:
         a5:05:2b:da:7f:e1:a1:8f:a0:b9:59:42:72:64:e4:60:ab:42:
         ec:fb:60:81:c8:b3:9d:24:bd:d4:f6:98:0d:fb:8a:8b:fa:f0:
         a3:6e:26:05:47:f7:2a:46:65:26:30:a3:4b:c1:c3:05:42:12:
         5c:0f:9f:a4:7a:cd:69:7e:6d:d8:e2:82:e8:7f:c1:35:33:ce:
         95:84:94:ce:c9:25:d9:08:2b:1a:67:99:b6:4e:47:31:5f:68:
         ff:ca:9c:97:51:67:b4:93:8b:71:66:73:db:01:f6:88:15:c7:
         14:ee:f3:b2:0d:1a:07:e8:c6:72:73:d8:46:cc:ef:6a:1d:02:
         60:87:8a:54:37:02:2e:5f:d1:bf:5e:0f:76:45:61:d3:b9:5b:
         b2:87:17:92:a1:2d:4f:66:03:e8:0f:f6:36:fd:01:0d:7a:59:
         57:41:3f:87:81:07:ae:0e:6a:2d:a7:0c:af:0b:a7:15:6e:94:
         2e:40:25:d9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVx+iPAXjU/36BzSoArOZMCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwMTAyMTAxNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWUzMDJhOWJhZmIyYjJmYjMzODRiMzJjMzJlYTkwZGU0ZGE0NjRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhWz2WbVAY6uU8znn+6itvkK/+PTl
lDiceLhT7RyLBeuVimzrSmEs/FZ/VMwSy/k1sgIikcR0YP95oEeEspZZZecQcGiY
OEbzjIgu/GO3B8Z7lp1W7eVQ32ol2h6CvFhKbochw7MGiEYbw2qR5pgzEk8sR2wj
ZcWCTVYmGSBnBJ3I2EBkIAlDuKGjlkcgvbBSF6UKRL9IF4lMG2s3tHeWq0+uXfJb
Vm7lsmpuqEjtItTQfbjqAS+4tBm2NBBRZHn9C3iveM8a9EmobFnxXHDYxVBBNWjZ
dSfc7fu8ZeumO3erHjuz2edRDt8Knj1F010J/CkWRvLqW/AzRsijub31TwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKnjAqm6+ysvszhLMsMuqQ3k2kZNMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvcWVNQ3FicjdLeS16T0VzeXd5NnBEZVRhUmswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpnxMA0G
CSqGSIb3DQEBCwUAA4IBAQA4T7tWj47AgZYmYgd3lsxhmkX23z3Z40FpRTiMjBx3
23TKdcVDq2pzD9+NUDmE/ClXY9XG/MHBWBONaN7ZJ7z4zWgDiZCC1bKlBSvaf+Gh
j6C5WUJyZORgq0Ls+2CByLOdJL3U9pgN+4qL+vCjbiYFR/cqRmUmMKNLwcMFQhJc
D5+kes1pfm3Y4oLof8E1M86VhJTOySXZCCsaZ5m2TkcxX2j/ypyXUWe0k4txZnPb
AfaIFccU7vOyDRoH6MZyc9hGzO9qHQJgh4pUNwIuX9G/Xg92RWHTuVuyhxeSoS1P
ZgPoD/Y2/QENellXQT+HgQeuDmotpwyvC6cVbpQuQCXZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:31 2024 by rpki-client on console-ams.rpki-client.org