Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/rZyY7kwgDoaJ49PHBpQbhR6dWvY.roa
File:                     rZyY7kwgDoaJ49PHBpQbhR6dWvY.roa (raw, json)
Hash identifier:          7eko0/b79NEJxGgAWsP5jefe1iFaI0M+yC45kHuCtco=
Subject key identifier:   AD:9C:98:EE:4C:20:0E:86:89:E3:D3:C7:06:94:1B:85:1E:9D:5A:F6
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       0187461BB81D6634DA6180C4BFC07CA594D3
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/rZyY7kwgDoaJ49PHBpQbhR6dWvY.roa
Signing time:             Mon 03 Apr 2023 07:53:54 +0000
ROA not before:           Mon 03 Apr 2023 07:53:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204843
IP address blocks:        82.153.242.0/24 maxlen: 24
                          82.153.65.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 11 Apr 2023 13:02:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:46:1b:b8:1d:66:34:da:61:80:c4:bf:c0:7c:a5:94:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Apr  3 07:53:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ad9c98ee4c200e8689e3d3c706941b851e9d5af6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:e7:4f:34:d5:17:02:40:58:ac:df:fb:d0:87:
                    c0:4e:75:cd:96:e7:da:57:98:3a:8d:ce:c6:47:b6:
                    c9:6a:ba:93:a4:0e:d9:8f:6c:f2:f4:1a:98:d4:3d:
                    92:7a:71:c8:e4:8d:ab:e9:b8:db:26:97:98:81:3a:
                    8c:6b:de:ef:7c:24:20:70:d3:32:dc:3c:dd:f8:1d:
                    9d:2e:38:8e:7e:8c:ba:b5:e1:88:7b:eb:df:e7:65:
                    ff:f2:bd:5c:b9:45:1c:0f:a0:b4:6a:f2:fe:84:98:
                    c1:d1:20:71:f1:5b:57:32:a7:39:ca:73:d1:06:46:
                    d8:6e:b3:f3:e5:10:5b:5c:7a:f3:e2:66:70:15:f7:
                    22:f1:69:44:23:07:70:9b:ca:00:8d:60:a9:21:6b:
                    e9:0f:c3:71:75:f6:2e:12:63:79:e0:6c:ce:a4:25:
                    84:f2:10:60:3e:f6:aa:78:97:63:c4:88:44:fc:c3:
                    46:c4:be:4d:38:fc:dd:e6:67:2e:a3:f1:36:1d:26:
                    f8:b1:c8:86:e6:e7:80:3d:55:26:f8:1c:17:f5:09:
                    28:00:c1:70:c7:da:c8:1f:52:0e:7d:20:ec:bf:76:
                    52:ee:38:3f:95:8d:1c:e0:62:46:4e:3b:c8:e9:0a:
                    32:d9:a5:65:d2:db:8d:8f:f0:3c:e6:c7:3d:70:e2:
                    af:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:9C:98:EE:4C:20:0E:86:89:E3:D3:C7:06:94:1B:85:1E:9D:5A:F6
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/rZyY7kwgDoaJ49PHBpQbhR6dWvY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.65.0/24
                  82.153.242.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8c:89:19:7c:69:8e:22:cd:3b:22:6b:4b:f7:4e:19:17:8e:9a:
         53:81:53:5f:3b:69:36:25:d1:65:e1:bb:de:b6:86:a5:dc:78:
         3e:f1:9b:0d:23:8c:e1:84:13:f5:59:90:79:a5:6f:5f:ad:ad:
         6c:8d:e0:4f:f6:99:c4:a3:97:c0:f9:62:d7:8d:a4:68:cf:b3:
         cc:a1:d2:8c:ff:41:43:fb:94:ae:26:bb:1a:cd:11:79:a1:ed:
         68:67:80:48:ee:c3:53:b5:5e:ae:eb:45:0c:07:4e:1b:f5:61:
         b6:92:ae:df:9b:cd:71:bd:ab:e8:1e:62:b7:73:7f:e5:ba:18:
         7c:92:3a:86:eb:c8:2e:10:39:d9:b4:14:f5:e5:75:7e:95:25:
         82:25:f9:b1:f9:24:d2:d3:20:ac:9f:3a:8e:25:e7:b9:a7:1f:
         ef:09:4c:1b:7d:b2:6e:b0:24:5f:b8:c6:be:ea:56:21:6b:c1:
         72:ef:fa:72:28:b6:3f:06:01:b9:57:0e:40:e3:4e:9f:d6:d5:
         8b:58:b2:7c:9d:f6:6c:96:e5:d4:28:7c:c3:77:54:3d:b1:8e:
         2d:09:17:91:1b:c5:0f:a6:65:2f:f4:b0:bd:b7:e2:89:a1:d3:
         1a:2f:17:b2:f5:ea:1b:6c:9f:4f:1c:83:87:cc:55:a6:bc:58:
         ac:f9:2d:97
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYdGG7gdZjTaYYDEv8B8pZTTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNDAzMDc1MzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDljOThlZTRjMjAwZTg2ODllM2QzYzcwNjk0MWI4NTFlOWQ1YWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiudPNNUXAkBYrN/70IfATnXNlufa
V5g6jc7GR7bJarqTpA7Zj2zy9BqY1D2SenHI5I2r6bjbJpeYgTqMa97vfCQgcNMy
3Dzd+B2dLjiOfoy6teGIe+vf52X/8r1cuUUcD6C0avL+hJjB0SBx8VtXMqc5ynPR
BkbYbrPz5RBbXHrz4mZwFfci8WlEIwdwm8oAjWCpIWvpD8NxdfYuEmN54GzOpCWE
8hBgPvaqeJdjxIhE/MNGxL5NOPzd5mcuo/E2HSb4sciG5ueAPVUm+BwX9QkoAMFw
x9rIH1IOfSDsv3ZS7jg/lY0c4GJGTjvI6Qoy2aVl0tuNj/A85sc9cOKvkQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFK2cmO5MIA6GiePTxwaUG4UenVr2MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvclp5WTdrd2dEb2FKNDlQSEJwUWJoUjZkV3ZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUplBAwQA
UpnyMA0GCSqGSIb3DQEBCwUAA4IBAQCMiRl8aY4izTsia0v3ThkXjppTgVNfO2k2
JdFl4bvetoal3Hg+8ZsNI4zhhBP1WZB5pW9fra1sjeBP9pnEo5fA+WLXjaRoz7PM
odKM/0FD+5SuJrsazRF5oe1oZ4BI7sNTtV6u60UMB04b9WG2kq7fm81xvavoHmK3
c3/luhh8kjqG68guEDnZtBT15XV+lSWCJfmx+STS0yCsnzqOJee5px/vCUwbfbJu
sCRfuMa+6lYha8Fy7/pyKLY/BgG5Vw5A406f1tWLWLJ8nfZsluXUKHzDd1Q9sY4t
CReRG8UPpmUv9LC9t+KJodMaLxey9eobbJ9PHIOHzFWmvFis+S2X
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:18 2024 by rpki-client on console-fra.rpki-client.org