Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/tgFpn2CbfOYfu1Ft2tZmwnz82VQ.roa
File:                     tgFpn2CbfOYfu1Ft2tZmwnz82VQ.roa (raw, json)
Hash identifier:          aJ1HkHy4KbpSnnfAXtBN0/GuzrWpSNbKEiWLvN6N5TA=
Subject key identifier:   B6:01:69:9F:60:9B:7C:E6:1F:BB:51:6D:DA:D6:66:C2:7C:FC:D9:54
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018571FA28205F61D948257E3BAAC0FD2CF3
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/tgFpn2CbfOYfu1Ft2tZmwnz82VQ.roa
Signing time:             Mon 02 Jan 2023 10:14:57 +0000
ROA not before:           Mon 02 Jan 2023 10:14:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     63023
IP address blocks:        82.153.245.0/24 maxlen: 24
                          81.168.123.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 06 Apr 2023 07:57:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:fa:28:20:5f:61:d9:48:25:7e:3b:aa:c0:fd:2c:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jan  2 10:14:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b601699f609b7ce61fbb516ddad666c27cfcd954
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:9c:36:27:58:c2:63:22:c8:df:b2:c3:b5:60:
                    43:d7:9b:00:d9:9b:71:72:3e:14:e8:11:a8:e1:6c:
                    7a:aa:f4:63:e2:0a:dd:52:c1:26:71:c4:5f:bd:68:
                    1a:28:cb:77:cb:8c:bf:4a:a1:f8:b6:2f:86:51:36:
                    b8:e7:cc:2a:c4:31:c2:25:d6:d0:96:f1:c9:42:d0:
                    ee:6c:fe:ed:59:0b:ee:c9:e6:04:1a:4e:dc:37:97:
                    fa:31:1c:17:38:32:a1:23:ab:8d:2a:e0:78:21:53:
                    3a:7c:52:b9:18:09:ae:07:e9:1d:82:d6:ca:6a:3e:
                    86:df:3c:d6:a9:a0:84:0e:d8:79:8a:9d:85:db:3a:
                    f1:a4:fa:58:65:20:0d:5b:2a:fd:11:f4:a6:81:b3:
                    d1:83:c0:bc:d2:77:3e:34:0c:59:6a:d4:c5:17:96:
                    02:c7:fb:cd:e3:9f:8d:f5:8e:81:1b:eb:0b:da:b9:
                    c7:0f:47:8a:f3:fe:68:1e:63:4d:6d:58:87:a2:f8:
                    42:23:52:3e:7f:a8:d3:a6:05:65:b9:bd:7d:04:aa:
                    05:23:d0:88:b3:51:2d:13:f7:6f:96:8c:9c:9b:a9:
                    f7:1f:38:41:12:1a:1c:4e:45:96:ce:38:b2:22:38:
                    41:95:d9:fc:df:2a:0c:a5:99:32:a1:1a:15:6e:cf:
                    f3:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:01:69:9F:60:9B:7C:E6:1F:BB:51:6D:DA:D6:66:C2:7C:FC:D9:54
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/tgFpn2CbfOYfu1Ft2tZmwnz82VQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.168.123.0/24
                  82.153.245.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3e:70:06:80:e1:68:73:fb:5b:26:b3:26:62:c4:bb:29:29:0f:
         a4:5a:88:fe:83:27:12:78:ff:f9:d4:3b:9c:cd:20:6b:42:66:
         3b:d3:cd:b9:ed:80:2f:db:b1:1d:79:7b:bc:b7:24:c3:01:96:
         de:22:4e:6e:99:a7:a9:c8:a6:44:27:80:a3:15:ef:04:dd:ec:
         7d:03:5f:07:93:2a:d4:4d:18:52:9b:28:f8:84:1e:a9:e8:1a:
         a2:c8:83:5c:95:7e:08:6f:37:bf:94:fe:32:0a:5a:6d:9d:2e:
         4e:63:e0:9b:ef:b8:02:f1:f1:e2:2f:74:29:c9:56:a9:2d:da:
         14:17:de:72:5c:4b:16:c5:a1:53:e9:51:9f:1b:3d:ef:76:dd:
         90:18:e9:d0:3b:99:a7:49:3d:fb:f9:af:a6:dd:59:f3:a0:9b:
         4d:e9:00:54:10:d3:87:53:b8:38:2b:db:e3:ac:7b:8a:44:86:
         91:12:81:22:30:fa:90:b5:e3:03:7b:4d:69:2d:db:00:d8:40:
         38:01:60:d4:c8:02:8f:58:ff:89:34:2a:3e:22:f3:5e:05:05:
         b7:9e:14:15:0f:18:a7:42:ca:59:8f:cb:46:08:6a:0c:4f:cf:
         30:8c:a9:38:08:85:35:f1:22:38:16:18:56:60:fe:31:4e:80:
         94:b1:2f:66
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVx+iggX2HZSCV+O6rA/SzzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwMTAyMTAxNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjAxNjk5ZjYwOWI3Y2U2MWZiYjUxNmRkYWQ2NjZjMjdjZmNkOTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj5w2J1jCYyLI37LDtWBD15sA2Ztx
cj4U6BGo4Wx6qvRj4grdUsEmccRfvWgaKMt3y4y/SqH4ti+GUTa458wqxDHCJdbQ
lvHJQtDubP7tWQvuyeYEGk7cN5f6MRwXODKhI6uNKuB4IVM6fFK5GAmuB+kdgtbK
aj6G3zzWqaCEDth5ip2F2zrxpPpYZSANWyr9EfSmgbPRg8C80nc+NAxZatTFF5YC
x/vN45+N9Y6BG+sL2rnHD0eK8/5oHmNNbViHovhCI1I+f6jTpgVlub19BKoFI9CI
s1EtE/dvloycm6n3HzhBEhocTkWWzjiyIjhBldn83yoMpZkyoRoVbs/z/wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLYBaZ9gm3zmH7tRbdrWZsJ8/NlUMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvdGdGcG4yQ2JmT1lmdTFGdDJ0Wm13bno4MlZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUah7AwQA
Upn1MA0GCSqGSIb3DQEBCwUAA4IBAQA+cAaA4Whz+1smsyZixLspKQ+kWoj+gycS
eP/51DuczSBrQmY708257YAv27EdeXu8tyTDAZbeIk5umaepyKZEJ4CjFe8E3ex9
A18HkyrUTRhSmyj4hB6p6BqiyINclX4Ibze/lP4yClptnS5OY+Cb77gC8fHiL3Qp
yVapLdoUF95yXEsWxaFT6VGfGz3vdt2QGOnQO5mnST37+a+m3VnzoJtN6QBUENOH
U7g4K9vjrHuKRIaREoEiMPqQteMDe01pLdsA2EA4AWDUyAKPWP+JNCo+IvNeBQW3
nhQVDxinQspZj8tGCGoMT88wjKk4CIU18SI4FhhWYP4xToCUsS9m
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:18 2024 by rpki-client on console-fra.rpki-client.org