Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/v-HdG4w4LS6_oKJO22SssKEStA4.roa
File:                     v-HdG4w4LS6_oKJO22SssKEStA4.roa (raw, json)
Hash identifier:          fZJdAM0hhDzcHJPc6VwDgCdyVOEZS2oYNg21NuTDNU8=
Subject key identifier:   BF:E1:DD:1B:8C:38:2D:2E:BF:A0:A2:4E:DB:64:AC:B0:A1:12:B4:0E
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018CD8F42703414F7AC392DC2564925AF783
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/v-HdG4w4LS6_oKJO22SssKEStA4.roa
Signing time:             Fri 05 Jan 2024 09:28:48 +0000
ROA not before:           Fri 05 Jan 2024 09:28:48 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     216023
IP address blocks:        82.153.246.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 05 Feb 2024 10:11:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:d8:f4:27:03:41:4f:7a:c3:92:dc:25:64:92:5a:f7:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jan  5 09:28:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=bfe1dd1b8c382d2ebfa0a24edb64acb0a112b40e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:4f:46:f0:d1:f4:a0:89:f6:d0:ac:13:b8:55:
                    e5:82:bd:36:1c:90:bd:69:87:0d:fd:5d:2c:52:9c:
                    90:0c:13:5e:12:20:b0:56:4d:55:ef:85:51:ed:f6:
                    fc:18:21:38:8b:61:da:da:81:f8:57:74:40:39:fd:
                    04:29:b7:cf:9e:18:c9:a6:77:82:a6:82:b3:b6:99:
                    02:95:b3:19:13:ea:e7:1f:80:e2:52:9b:f5:97:c3:
                    97:5c:f3:56:09:10:06:67:69:73:1d:63:8e:9e:fc:
                    0e:a6:7c:e7:a2:3b:88:00:c9:82:37:51:6f:fc:21:
                    30:9f:38:be:2f:36:ad:79:13:6d:99:a3:10:71:c8:
                    86:1b:57:0d:8a:b2:bc:2a:18:7c:e1:e3:2d:c3:81:
                    09:7f:b3:81:3f:c8:02:fa:e4:e3:ae:a8:e1:fe:72:
                    8f:5c:82:e5:17:44:aa:e0:05:01:ed:db:99:b9:54:
                    0b:25:09:6e:45:0d:0d:61:57:a5:b4:d0:0e:48:fe:
                    78:8a:94:72:56:31:74:25:85:6a:25:7e:74:1f:02:
                    7d:07:b4:9b:c4:ce:39:d3:5b:72:fb:8f:93:9f:7f:
                    fe:22:cf:c3:e8:b9:68:19:1b:a7:23:a8:82:28:67:
                    e1:c7:2b:45:4a:0c:0a:b7:f4:ad:a5:16:9f:ca:29:
                    fa:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:E1:DD:1B:8C:38:2D:2E:BF:A0:A2:4E:DB:64:AC:B0:A1:12:B4:0E
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/v-HdG4w4LS6_oKJO22SssKEStA4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.246.0/24

    Signature Algorithm: sha256WithRSAEncryption
         79:1a:b1:3b:f8:29:3d:17:09:29:74:34:04:78:71:f5:fe:a9:
         b7:17:9c:81:4e:9e:b2:e3:3e:e1:9c:7b:8e:4a:ba:13:67:95:
         a5:43:b1:af:72:f0:86:63:85:e4:4d:fc:fd:68:67:c4:1d:d8:
         f2:fc:1c:1c:81:18:c8:37:18:b0:5c:28:fb:df:3f:f9:70:e1:
         fb:5f:e0:7c:4a:f7:14:27:b4:c3:0b:c5:5e:88:6c:b6:21:0d:
         de:93:dd:4d:45:c2:26:88:55:f5:cc:fe:87:7d:99:cb:8a:b2:
         b0:26:7e:6a:d4:77:0d:1f:1e:fb:5f:06:df:be:e5:2c:90:0c:
         8c:05:6d:79:55:36:22:d6:f4:9e:9d:3d:5d:aa:cc:28:24:be:
         3f:f8:8c:d9:8b:07:0f:d2:31:f6:66:94:ec:87:18:4c:a2:5d:
         5e:68:a6:cb:79:2d:ab:a2:0b:2a:1a:44:34:79:89:cc:b7:4b:
         bf:c3:74:d5:95:04:60:62:5d:5b:fb:7f:9f:93:a7:e3:01:ee:
         03:fb:cc:a6:4c:60:3b:a1:de:07:dc:5b:06:21:0b:b2:67:3d:
         32:3d:80:b1:2b:79:7a:83:c0:38:6d:8b:c7:8d:64:1c:76:c5:
         21:0e:81:90:b7:d4:de:f7:c3:db:37:e9:c1:d8:24:b4:2a:9e:
         e3:19:b9:3c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzY9CcDQU96w5LcJWSSWveDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMTA1MDkyODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZmUxZGQxYjhjMzgyZDJlYmZhMGEyNGVkYjY0YWNiMGExMTJiNDBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm09G8NH0oIn20KwTuFXlgr02HJC9
aYcN/V0sUpyQDBNeEiCwVk1V74VR7fb8GCE4i2Ha2oH4V3RAOf0EKbfPnhjJpneC
poKztpkClbMZE+rnH4DiUpv1l8OXXPNWCRAGZ2lzHWOOnvwOpnznojuIAMmCN1Fv
/CEwnzi+LzateRNtmaMQcciGG1cNirK8Khh84eMtw4EJf7OBP8gC+uTjrqjh/nKP
XILlF0Sq4AUB7duZuVQLJQluRQ0NYVeltNAOSP54ipRyVjF0JYVqJX50HwJ9B7Sb
xM4501ty+4+Tn3/+Is/D6LloGRunI6iCKGfhxytFSgwKt/StpRafyin6cwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL/h3RuMOC0uv6CiTttkrLChErQOMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvdi1IZEc0dzRMUzZfb0tKTzIyU3NzS0VTdEE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpn2MA0G
CSqGSIb3DQEBCwUAA4IBAQB5GrE7+Ck9FwkpdDQEeHH1/qm3F5yBTp6y4z7hnHuO
SroTZ5WlQ7GvcvCGY4XkTfz9aGfEHdjy/BwcgRjINxiwXCj73z/5cOH7X+B8SvcU
J7TDC8VeiGy2IQ3ek91NRcImiFX1zP6HfZnLirKwJn5q1HcNHx77XwbfvuUskAyM
BW15VTYi1vSenT1dqswoJL4/+IzZiwcP0jH2ZpTshxhMol1eaKbLeS2rogsqGkQ0
eYnMt0u/w3TVlQRgYl1b+3+fk6fjAe4D+8ymTGA7od4H3FsGIQuyZz0yPYCxK3l6
g8A4bYvHjWQcdsUhDoGQt9Te98PbN+nB2CS0Kp7jGbk8
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:32 2024 by rpki-client on console-ams.rpki-client.org