Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/uXsHGCgCIrzK8djJO8mZ9Se1ITw.roa
File:                     uXsHGCgCIrzK8djJO8mZ9Se1ITw.roa (raw, json)
Hash identifier:          As1Gnu+fBYsAAJeiNognfLi2K5+kUuZbR+P1BSbejQI=
Subject key identifier:   B9:7B:07:18:28:02:22:BC:CA:F1:D8:C9:3B:C9:99:F5:27:B5:21:3C
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018F9A24A8C4F6EC1128CB11B0577BE08955
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/uXsHGCgCIrzK8djJO8mZ9Se1ITw.roa
Signing time:             Tue 21 May 2024 07:54:04 +0000
ROA not before:           Tue 21 May 2024 07:54:04 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     14618
IP address blocks:        80.240.88.0/21 maxlen: 24
                          82.152.174.0/23 maxlen: 23
                          82.153.208.0/22 maxlen: 22
                          82.163.24.0/21 maxlen: 24
                          89.213.198.0/23 maxlen: 24
                          89.213.200.0/23 maxlen: 24
                          89.213.202.0/23 maxlen: 24
                          89.213.204.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Fri 31 May 2024 07:59:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:9a:24:a8:c4:f6:ec:11:28:cb:11:b0:57:7b:e0:89:55
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: May 21 07:54:04 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=b97b0718280222bccaf1d8c93bc999f527b5213c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:4e:6c:f1:64:4f:b1:e9:07:68:43:79:16:05:
                    28:de:bf:e0:d8:7c:07:4f:e4:2a:90:15:d9:86:b8:
                    26:34:18:eb:e3:99:1a:c4:c1:d4:1b:9e:df:81:50:
                    76:57:e4:c9:04:57:2a:6d:49:61:b7:dc:2a:47:3f:
                    61:d4:e5:86:17:97:43:11:6a:95:48:df:2c:16:3c:
                    03:c4:53:f4:0e:28:b5:8a:51:69:e6:ae:41:d2:2e:
                    ff:08:58:d0:a1:9d:c4:14:26:d9:3b:cd:d2:2e:42:
                    60:cd:48:d6:21:17:7d:52:21:cc:28:4e:af:69:48:
                    75:52:4b:a6:0c:e5:9f:ad:db:bf:3e:19:47:69:86:
                    cf:80:cd:5b:ab:1f:c9:2c:5e:f2:65:e8:b4:a2:ba:
                    fc:af:9f:90:76:c9:5c:71:a2:33:ee:9f:06:52:12:
                    9d:6d:90:59:35:ee:9c:e7:0e:7a:8b:cb:ee:e9:45:
                    ca:06:37:b2:7e:4e:d9:9e:3f:d5:85:bc:f0:6d:8b:
                    dd:a7:ea:e0:23:e1:b0:4f:e2:10:c4:5d:60:5c:90:
                    86:80:0a:96:cd:16:60:d3:d1:e9:43:fc:7d:3e:66:
                    7f:9f:28:be:7e:a8:6c:1b:0d:b5:bd:b2:3d:6c:23:
                    ec:ad:31:08:6f:71:5a:f6:b9:e7:08:c0:79:c4:d2:
                    17:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:7B:07:18:28:02:22:BC:CA:F1:D8:C9:3B:C9:99:F5:27:B5:21:3C
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/uXsHGCgCIrzK8djJO8mZ9Se1ITw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.240.88.0/21
                  82.152.174.0/23
                  82.153.208.0/22
                  82.163.24.0/21
                  89.213.198.0-89.213.205.255

    Signature Algorithm: sha256WithRSAEncryption
         12:29:e1:ef:00:31:f6:59:87:1c:16:c0:6b:d9:38:7e:24:30:
         64:2a:92:c0:4a:f7:28:29:20:a8:a3:75:c4:b2:bc:27:8c:f4:
         3f:75:3c:4e:b2:84:42:75:29:4f:6d:fb:43:0a:88:1d:9e:a3:
         22:79:d7:62:e9:a2:43:fb:76:43:a4:1e:6e:ff:a8:bf:4e:f9:
         bb:0b:cd:95:65:e9:06:6e:af:20:e0:09:19:a4:12:2e:b1:7b:
         c1:40:a9:34:b9:12:48:77:b0:07:f0:de:8d:0e:dd:f6:21:13:
         51:d4:59:fd:ea:14:35:d2:68:fc:90:59:90:29:90:fd:78:54:
         a5:6b:fd:da:d6:c2:ad:7d:4d:16:f3:7a:4d:85:f1:b3:dd:1e:
         ce:3c:be:f1:f2:91:8b:08:83:61:e9:b4:3b:89:28:09:fd:ca:
         2d:b5:25:16:9e:59:c4:e4:d6:cf:3f:a2:19:ac:0d:a4:7f:7e:
         75:3e:b2:ba:4b:00:da:1e:40:b4:28:11:73:bc:b3:d1:51:fd:
         f1:99:69:f5:5c:21:27:15:fc:9a:a7:8d:13:8b:ca:1f:8b:c3:
         b9:94:1e:db:08:22:ce:8d:91:f4:3d:7e:de:38:5d:b0:70:32:
         eb:ff:ee:d9:2a:59:d2:bb:4f:54:1f:35:69:b6:b1:61:f8:49:
         2c:72:bf:10
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAY+aJKjE9uwRKMsRsFd74IlVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNTIxMDc1NDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTdiMDcxODI4MDIyMmJjY2FmMWQ4YzkzYmM5OTlmNTI3YjUyMTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtU5s8WRPsekHaEN5FgUo3r/g2HwH
T+QqkBXZhrgmNBjr45kaxMHUG57fgVB2V+TJBFcqbUlht9wqRz9h1OWGF5dDEWqV
SN8sFjwDxFP0Dii1ilFp5q5B0i7/CFjQoZ3EFCbZO83SLkJgzUjWIRd9UiHMKE6v
aUh1UkumDOWfrdu/PhlHaYbPgM1bqx/JLF7yZei0orr8r5+QdslccaIz7p8GUhKd
bZBZNe6c5w56i8vu6UXKBjeyfk7Znj/VhbzwbYvdp+rgI+GwT+IQxF1gXJCGgAqW
zRZg09HpQ/x9PmZ/nyi+fqhsGw21vbI9bCPsrTEIb3Fa9rnnCMB5xNIXlQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFLl7BxgoAiK8yvHYyTvJmfUntSE8MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvdVhzSEdDZ0NJcnpLOGRqSk84bVo5U2UxSVR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQDUPBYAwQB
UpiuAwQCUpnQAwQDUqMYMAwDBAFZ1cYDBAFZ1cwwDQYJKoZIhvcNAQELBQADggEB
ABIp4e8AMfZZhxwWwGvZOH4kMGQqksBK9ygpIKijdcSyvCeM9D91PE6yhEJ1KU9t
+0MKiB2eoyJ512LpokP7dkOkHm7/qL9O+bsLzZVl6QZuryDgCRmkEi6xe8FAqTS5
Ekh3sAfw3o0O3fYhE1HUWf3qFDXSaPyQWZApkP14VKVr/drWwq19TRbzek2F8bPd
Hs48vvHykYsIg2HptDuJKAn9yi21JRaeWcTk1s8/ohmsDaR/fnU+srpLANoeQLQo
EXO8s9FR/fGZafVcIScV/JqnjROLyh+Lw7mUHtsIIs6NkfQ9ft44XbBwMuv/7tkq
WdK7T1QfNWm2sWH4SSxyvxA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:18 2024 by rpki-client on console-fra.rpki-client.org