Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/uLKNPvumlJdK9bs5R59tFwutgbQ.roa
File:                     uLKNPvumlJdK9bs5R59tFwutgbQ.roa (raw, json)
Hash identifier:          oRQnVeGKUBzYq8iF2iPoNfVDDIFg2JHiLvhfBP6Qw4Q=
Subject key identifier:   B8:B2:8D:3E:FB:A6:94:97:4A:F5:BB:39:47:9F:6D:17:0B:AD:81:B4
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018823902674D22604BF59A38EBDA99CB772
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/uLKNPvumlJdK9bs5R59tFwutgbQ.roa
Signing time:             Tue 16 May 2023 07:57:09 +0000
ROA not before:           Tue 16 May 2023 07:57:09 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     49999
IP address blocks:        82.153.136.0/22 maxlen: 22
                          82.153.248.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 01 Jun 2023 07:59:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:23:90:26:74:d2:26:04:bf:59:a3:8e:bd:a9:9c:b7:72
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: May 16 07:57:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b8b28d3efba694974af5bb39479f6d170bad81b4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:d2:d6:09:c1:e1:e9:8b:c0:8c:33:cc:1f:d5:
                    b6:cd:14:dd:00:c8:5a:cd:35:25:1a:76:16:8d:a5:
                    6c:6e:f9:71:76:fc:82:3e:66:e2:68:d8:4a:0f:4d:
                    bf:36:40:d2:b3:1e:c3:91:48:ab:80:f7:2a:c5:ea:
                    a0:a7:99:2e:42:b0:8f:ab:4c:09:92:8e:fc:26:b6:
                    4d:4a:f4:36:89:af:53:2b:5f:78:73:bc:d8:ee:5e:
                    da:ed:29:e8:2d:3d:85:9e:36:03:db:ea:4a:26:76:
                    74:33:8b:ce:e6:f3:11:97:30:24:9b:5d:fa:7d:8c:
                    c0:cc:50:7d:8f:87:bd:fd:21:4c:26:f1:dd:fa:44:
                    5d:f7:40:25:74:5b:09:fd:28:52:e8:34:b0:e7:4a:
                    97:40:62:ed:8d:05:ee:86:be:ff:0f:9e:7b:32:5f:
                    0c:7c:5a:0e:9e:89:98:fe:f0:f1:a0:9b:c2:0b:70:
                    65:83:8e:59:15:f0:e3:fd:6b:15:fa:71:76:e4:2f:
                    bb:af:90:92:76:13:3d:8d:68:11:84:7f:8d:ec:3f:
                    d5:2c:4e:6a:59:f2:5f:80:9f:c0:c8:7b:c5:d6:b0:
                    81:a3:bc:b3:5e:78:5f:49:38:49:0d:11:a2:93:76:
                    ff:51:f8:1a:dd:71:16:9f:23:56:42:04:b7:91:1d:
                    61:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:B2:8D:3E:FB:A6:94:97:4A:F5:BB:39:47:9F:6D:17:0B:AD:81:B4
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/uLKNPvumlJdK9bs5R59tFwutgbQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.136.0/22
                  82.153.248.0/24

    Signature Algorithm: sha256WithRSAEncryption
         50:c2:9e:04:d8:96:11:2c:f8:b7:4f:b1:64:66:2f:5d:ae:65:
         0d:06:42:c5:ce:95:77:7a:32:02:5c:4f:db:c2:8a:bb:ab:1f:
         7f:65:8b:d0:a0:c1:7c:01:f4:ab:0a:19:2a:31:b6:17:98:8e:
         92:b3:5c:18:c3:f3:14:1a:91:d3:a3:c6:19:92:39:06:3b:43:
         ce:8a:40:aa:41:54:4b:08:fd:f8:32:fb:bd:47:f0:9e:c5:5f:
         a0:34:20:ba:fa:51:b2:cb:23:e7:a6:57:6c:87:3a:c9:a1:a9:
         1c:2d:57:10:7b:94:bd:81:5a:5a:0e:df:0b:e5:5b:ee:cd:df:
         98:94:cd:b6:f6:6e:9e:38:a6:8d:f1:d1:7b:be:3e:8e:85:c2:
         81:ef:eb:3b:c0:c3:7a:96:24:7e:c5:b3:d2:7e:ad:8c:15:02:
         00:a7:0b:a6:74:8f:56:69:63:c7:1b:f9:ba:e5:8f:71:c6:e4:
         83:03:24:95:fa:4e:2e:9f:f6:cb:2c:b2:3b:9b:dc:40:05:a1:
         40:c6:be:ad:8e:f1:78:e0:5e:1c:c9:1d:9f:16:cd:ed:cc:06:
         95:2b:46:ef:39:bd:0f:df:5d:68:14:1a:3a:1e:e3:a1:51:71:
         b0:1c:f3:78:1f:4a:05:0d:ce:d4:4e:a0:13:cd:d6:f4:96:b2:
         da:38:72:67
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYgjkCZ00iYEv1mjjr2pnLdyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNTE2MDc1NzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGIyOGQzZWZiYTY5NDk3NGFmNWJiMzk0NzlmNmQxNzBiYWQ4MWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkdLWCcHh6YvAjDPMH9W2zRTdAMha
zTUlGnYWjaVsbvlxdvyCPmbiaNhKD02/NkDSsx7DkUirgPcqxeqgp5kuQrCPq0wJ
ko78JrZNSvQ2ia9TK194c7zY7l7a7SnoLT2FnjYD2+pKJnZ0M4vO5vMRlzAkm136
fYzAzFB9j4e9/SFMJvHd+kRd90AldFsJ/ShS6DSw50qXQGLtjQXuhr7/D557Ml8M
fFoOnomY/vDxoJvCC3Blg45ZFfDj/WsV+nF25C+7r5CSdhM9jWgRhH+N7D/VLE5q
WfJfgJ/AyHvF1rCBo7yzXnhfSThJDRGik3b/Ufga3XEWnyNWQgS3kR1hYQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLiyjT77ppSXSvW7OUefbRcLrYG0MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvdUxLTlB2dW1sSmRLOWJzNVI1OXRGd3V0Z2JRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCUpmIAwQA
Upn4MA0GCSqGSIb3DQEBCwUAA4IBAQBQwp4E2JYRLPi3T7FkZi9drmUNBkLFzpV3
ejICXE/bwoq7qx9/ZYvQoMF8AfSrChkqMbYXmI6Ss1wYw/MUGpHTo8YZkjkGO0PO
ikCqQVRLCP34Mvu9R/CexV+gNCC6+lGyyyPnpldshzrJoakcLVcQe5S9gVpaDt8L
5Vvuzd+YlM229m6eOKaN8dF7vj6OhcKB7+s7wMN6liR+xbPSfq2MFQIApwumdI9W
aWPHG/m65Y9xxuSDAySV+k4un/bLLLI7m9xABaFAxr6tjvF44F4cyR2fFs3tzAaV
K0bvOb0P311oFBo6HuOhUXGwHPN4H0oFDc7UTqATzdb0lrLaOHJn
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:32 2024 by rpki-client on console-ams.rpki-client.org