Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/sPdpzw8TFpjGbl3lSVsX4rHmQf4.roa
File:                     sPdpzw8TFpjGbl3lSVsX4rHmQf4.roa (raw, json)
Hash identifier:          lfnmZDDQZ0FZoKTiiN60L+d6K5jVtQ1cNCwqVZ2DaX0=
Subject key identifier:   B0:F7:69:CF:0F:13:16:98:C6:6E:5D:E5:49:5B:17:E2:B1:E6:41:FE
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       01893A91A6C043B401052FED941CB1FF8AAC
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/sPdpzw8TFpjGbl3lSVsX4rHmQf4.roa
Signing time:             Sun 09 Jul 2023 12:12:51 +0000
ROA not before:           Sun 09 Jul 2023 12:12:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     200385
IP address blocks:        213.152.62.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 16 Jul 2023 09:01:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:3a:91:a6:c0:43:b4:01:05:2f:ed:94:1c:b1:ff:8a:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jul  9 12:12:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b0f769cf0f131698c66e5de5495b17e2b1e641fe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:56:52:c6:9d:24:d0:8b:f5:16:54:25:8d:bd:
                    6f:d5:31:1f:e3:36:52:f2:7c:47:73:8b:31:41:60:
                    b8:ff:7b:4e:07:6e:77:01:7b:91:a4:2c:f9:8a:3b:
                    b8:42:78:0f:ee:7d:60:0e:96:13:ea:30:be:29:3f:
                    24:fa:9d:ba:94:fa:cc:33:ec:76:74:d8:5f:a4:3f:
                    45:dd:7f:a5:08:62:27:26:8e:61:e5:ea:58:99:8c:
                    5a:6a:ee:9e:20:f6:48:35:88:c1:06:5a:94:65:77:
                    e0:96:23:b0:f5:f1:27:df:5f:88:e9:b8:86:0c:cf:
                    f9:a3:a6:09:fb:f7:ef:01:c0:ba:18:0c:75:ed:82:
                    32:ed:fa:4e:72:c3:d6:b4:bb:da:d4:54:07:70:89:
                    9a:8d:98:e1:72:00:7b:57:32:06:83:1f:66:74:ce:
                    71:8c:47:cb:e7:9b:40:8d:e0:b6:fa:7d:69:49:5f:
                    b8:df:1f:d3:66:f9:9f:0b:66:62:9b:2c:88:6f:f2:
                    33:ea:bd:26:b7:4f:27:55:e7:5b:75:4c:6a:e6:b2:
                    64:1c:62:da:ad:ac:9e:45:a2:52:e3:ab:a7:8a:b6:
                    ea:95:41:20:77:c3:c0:fc:01:49:79:32:91:cf:63:
                    07:dd:28:b3:9d:cf:f9:bb:d4:d5:1b:20:04:0b:2e:
                    29:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:F7:69:CF:0F:13:16:98:C6:6E:5D:E5:49:5B:17:E2:B1:E6:41:FE
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/sPdpzw8TFpjGbl3lSVsX4rHmQf4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.152.62.0/24

    Signature Algorithm: sha256WithRSAEncryption
         92:3f:4d:c9:f0:c8:6e:1c:18:e3:ac:89:6f:22:56:94:c9:a4:
         a9:b0:2f:21:3d:d1:11:08:c3:8a:39:54:e4:42:e7:88:15:f6:
         5e:be:ed:16:b9:82:9c:79:91:62:06:91:62:bb:a5:bd:1f:ad:
         a4:fb:17:b7:f1:e0:5b:ef:4d:9e:b8:b7:8e:1f:05:84:82:06:
         9b:72:8c:c5:a4:cd:82:13:2b:84:94:75:6e:5b:d0:91:91:94:
         96:a5:7f:19:07:64:c8:19:7f:ed:7f:ae:7e:3f:99:bc:5f:b7:
         96:c2:d9:24:eb:35:8e:73:12:2e:96:22:59:c5:c6:47:1e:61:
         19:d5:ef:4d:17:b8:3c:4c:1a:55:64:9a:bf:15:d3:a4:f1:ab:
         90:3d:62:b8:0e:e7:7c:99:2d:55:dd:24:e1:f8:07:ff:85:db:
         22:a5:df:db:42:cb:1f:09:f9:5e:b6:de:0b:8f:12:d8:55:99:
         4a:11:e9:88:62:4a:83:ad:f4:bf:45:98:d2:98:4b:f0:f0:a7:
         09:5c:54:92:ec:b0:ea:44:54:7a:c6:95:8e:fa:73:63:09:10:
         15:f3:dd:8f:a8:57:50:f6:b2:56:d9:78:e6:4f:dd:66:bd:0c:
         5f:ee:0d:19:f3:b9:6d:5e:54:d2:f1:4a:93:1c:fb:ab:5e:0f:
         97:4f:ae:56
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYk6kabAQ7QBBS/tlByx/4qsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNzA5MTIxMjUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGY3NjljZjBmMTMxNjk4YzY2ZTVkZTU0OTViMTdlMmIxZTY0MWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv1ZSxp0k0Iv1FlQljb1v1TEf4zZS
8nxHc4sxQWC4/3tOB253AXuRpCz5iju4QngP7n1gDpYT6jC+KT8k+p26lPrMM+x2
dNhfpD9F3X+lCGInJo5h5epYmYxaau6eIPZINYjBBlqUZXfgliOw9fEn31+I6biG
DM/5o6YJ+/fvAcC6GAx17YIy7fpOcsPWtLva1FQHcImajZjhcgB7VzIGgx9mdM5x
jEfL55tAjeC2+n1pSV+43x/TZvmfC2ZimyyIb/Iz6r0mt08nVedbdUxq5rJkHGLa
rayeRaJS46unirbqlUEgd8PA/AFJeTKRz2MH3Siznc/5u9TVGyAECy4piQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLD3ac8PExaYxm5d5UlbF+Kx5kH+MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvc1BkcHp3OFRGcGpHYmwzbFNWc1g0ckhtUWY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1Zg+MA0G
CSqGSIb3DQEBCwUAA4IBAQCSP03J8MhuHBjjrIlvIlaUyaSpsC8hPdERCMOKOVTk
QueIFfZevu0WuYKceZFiBpFiu6W9H62k+xe38eBb702euLeOHwWEggabcozFpM2C
EyuElHVuW9CRkZSWpX8ZB2TIGX/tf65+P5m8X7eWwtkk6zWOcxIuliJZxcZHHmEZ
1e9NF7g8TBpVZJq/FdOk8auQPWK4Dud8mS1V3STh+Af/hdsipd/bQssfCflett4L
jxLYVZlKEemIYkqDrfS/RZjSmEvw8KcJXFSS7LDqRFR6xpWO+nNjCRAV892PqFdQ
9rJW2XjmT91mvQxf7g0Z87ltXlTS8UqTHPurXg+XT65W
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:31 2024 by rpki-client on console-ams.rpki-client.org