Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/r02Ey9bLwtRcaGz7Msl23iDVU3A.roa
File:                     r02Ey9bLwtRcaGz7Msl23iDVU3A.roa (raw, json)
Hash identifier:          gaUCaQkIWXhp/XbXM4PqtqRB7jxOEMqW57eMm8h2zFs=
Subject key identifier:   AF:4D:84:CB:D6:CB:C2:D4:5C:68:6C:FB:32:C9:76:DE:20:D5:53:70
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       0188539C7DFACDA56A32A17DFD8BF0448D6B
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/r02Ey9bLwtRcaGz7Msl23iDVU3A.roa
Signing time:             Thu 25 May 2023 15:52:24 +0000
ROA not before:           Thu 25 May 2023 15:52:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     43260
IP address blocks:        82.153.65.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 26 Jun 2023 11:46:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:53:9c:7d:fa:cd:a5:6a:32:a1:7d:fd:8b:f0:44:8d:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: May 25 15:52:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=af4d84cbd6cbc2d45c686cfb32c976de20d55370
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:be:35:b6:53:52:8e:ea:15:06:5f:32:06:6f:
                    6a:46:cd:09:6f:cc:57:93:b2:ba:c5:26:f1:bf:e3:
                    c1:0c:48:61:9f:7a:85:f7:67:f2:f7:e2:77:55:84:
                    e2:4a:f8:77:2f:1e:e2:b0:68:7b:89:aa:1b:e6:6b:
                    75:ed:63:6c:88:ec:3e:a8:85:dc:59:bc:05:63:28:
                    12:d0:6c:3c:88:0b:62:b2:54:db:fe:10:7e:02:6c:
                    c7:c0:68:27:bb:c9:3c:d1:60:10:f7:5a:bd:4e:9b:
                    35:80:13:cf:bb:7e:e8:6e:fe:e6:8b:7b:e7:57:f3:
                    4c:2d:00:b3:45:b5:71:b3:ab:4c:fc:00:dc:82:ff:
                    76:bc:10:a3:df:87:4c:80:bf:5c:cf:3f:ec:f5:3f:
                    eb:13:c1:13:39:a5:ca:8c:32:58:31:b8:2b:ed:12:
                    dd:29:f9:4c:ed:61:99:33:ee:a5:96:61:28:ad:29:
                    91:a0:41:be:ff:7d:04:d5:b8:5d:fc:0a:80:99:50:
                    a3:65:6c:ca:0e:32:c1:16:3c:fc:d5:03:10:e7:11:
                    9b:37:42:63:a3:ad:9b:67:b5:87:d0:37:e8:41:e7:
                    83:10:1a:62:75:b1:09:9f:89:a2:19:7a:bc:4e:13:
                    0e:88:c8:6c:38:7e:c2:c9:15:d5:1e:7b:8a:38:fa:
                    b7:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:4D:84:CB:D6:CB:C2:D4:5C:68:6C:FB:32:C9:76:DE:20:D5:53:70
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/r02Ey9bLwtRcaGz7Msl23iDVU3A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.65.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1c:0a:20:79:83:73:db:a0:e7:d4:65:cb:b5:ee:36:cd:94:5e:
         23:81:32:23:f4:14:65:93:e6:47:e0:77:b1:04:3c:a3:a1:f9:
         d3:f4:ee:ad:39:a2:df:3c:1a:4f:21:96:7b:cb:2d:3a:f5:98:
         d1:8a:8d:cc:45:7c:12:dd:74:1b:92:1c:c0:cc:13:05:37:f8:
         f6:91:81:10:6b:25:f0:67:5c:46:17:1b:23:2c:09:67:4d:82:
         f1:93:cb:b4:7f:20:0e:a1:e5:9e:31:93:36:0d:96:ae:40:df:
         b9:2e:8c:cd:b3:23:1f:98:21:06:4b:a2:cd:89:18:3b:3a:f8:
         48:54:e1:81:82:d8:0f:5a:f6:09:47:70:9f:8a:ad:fd:7a:4b:
         f4:b4:91:fc:ca:2b:70:73:f8:a5:81:86:f7:75:9d:da:6b:04:
         21:15:b5:1d:5b:17:e7:96:61:86:fc:d4:0a:03:7f:3e:51:73:
         42:93:31:2b:31:e3:df:5f:d8:0d:e1:ef:61:3e:60:8b:82:78:
         32:1a:43:c4:5c:49:a1:a6:ff:b1:c1:e4:f4:10:62:d7:42:9c:
         7a:be:32:a4:5f:7a:b6:e0:d1:50:c0:12:5d:c1:9e:1f:1d:c2:
         1e:b1:cc:35:89:a8:01:8f:ea:5c:03:17:c4:7d:06:56:70:4d:
         39:0b:1a:d4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYhTnH36zaVqMqF9/YvwRI1rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNTI1MTU1MjI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjRkODRjYmQ2Y2JjMmQ0NWM2ODZjZmIzMmM5NzZkZTIwZDU1MzcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAor41tlNSjuoVBl8yBm9qRs0Jb8xX
k7K6xSbxv+PBDEhhn3qF92fy9+J3VYTiSvh3Lx7isGh7iaob5mt17WNsiOw+qIXc
WbwFYygS0Gw8iAtislTb/hB+AmzHwGgnu8k80WAQ91q9Tps1gBPPu37obv7mi3vn
V/NMLQCzRbVxs6tM/ADcgv92vBCj34dMgL9czz/s9T/rE8ETOaXKjDJYMbgr7RLd
KflM7WGZM+6llmEorSmRoEG+/30E1bhd/AqAmVCjZWzKDjLBFjz81QMQ5xGbN0Jj
o62bZ7WH0DfoQeeDEBpidbEJn4miGXq8ThMOiMhsOH7CyRXVHnuKOPq3XQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK9NhMvWy8LUXGhs+zLJdt4g1VNwMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvcjAyRXk5Ykx3dFJjYUd6N01zbDIzaURWVTNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUplBMA0G
CSqGSIb3DQEBCwUAA4IBAQAcCiB5g3PboOfUZcu17jbNlF4jgTIj9BRlk+ZH4Hex
BDyjofnT9O6tOaLfPBpPIZZ7yy069ZjRio3MRXwS3XQbkhzAzBMFN/j2kYEQayXw
Z1xGFxsjLAlnTYLxk8u0fyAOoeWeMZM2DZauQN+5LozNsyMfmCEGS6LNiRg7OvhI
VOGBgtgPWvYJR3Cfiq39ekv0tJH8yitwc/ilgYb3dZ3aawQhFbUdWxfnlmGG/NQK
A38+UXNCkzErMePfX9gN4e9hPmCLgngyGkPEXEmhpv+xweT0EGLXQpx6vjKkX3q2
4NFQwBJdwZ4fHcIescw1iagBj+pcAxfEfQZWcE05CxrU
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:18 2024 by rpki-client on console-fra.rpki-client.org