Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vF3M0sfDvmMWFqnuKiQn5ARGMR8.roa
File:                     vF3M0sfDvmMWFqnuKiQn5ARGMR8.roa (raw, json)
Hash identifier:          DI9dHnuJM8ev1CTfPfFXUb7eSJTrvoAri7UqMjEkGvI=
Subject key identifier:   BC:5D:CC:D2:C7:C3:BE:63:16:16:A9:EE:2A:24:27:E4:04:46:31:1F
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018A5FF4F93D7431623207FF09D5261ED8A6
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vF3M0sfDvmMWFqnuKiQn5ARGMR8.roa
Signing time:             Mon 04 Sep 2023 11:30:04 +0000
ROA not before:           Mon 04 Sep 2023 11:30:04 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     3320
IP address blocks:        89.213.186.0/23 maxlen: 24
                          82.152.178.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:30:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:5f:f4:f9:3d:74:31:62:32:07:ff:09:d5:26:1e:d8:a6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Sep  4 11:30:04 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=bc5dccd2c7c3be631616a9ee2a2427e40446311f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:9f:69:d3:48:99:a9:26:2d:76:74:44:d0:97:
                    e2:37:6b:de:a1:d1:10:f3:e9:7c:c9:b5:80:f1:d8:
                    d4:1a:f0:f4:b4:1c:f4:1a:9f:c8:0f:4f:f9:17:4f:
                    08:ae:3d:bc:5b:5d:21:12:3b:1a:51:ab:3b:39:59:
                    94:c2:08:b1:ac:48:e6:42:ca:06:22:fe:51:f9:83:
                    10:22:6a:52:76:45:dd:dc:a4:bb:46:37:de:b2:35:
                    69:9b:17:08:e6:52:4d:ed:cc:2b:c7:33:7f:bd:62:
                    89:9e:b9:23:34:d1:68:63:ff:86:a8:5c:04:1e:37:
                    48:53:69:41:17:a2:c3:2e:2a:55:35:17:8c:df:dd:
                    f0:77:7d:b7:87:54:8b:b1:69:d4:d9:29:c2:d4:d9:
                    f3:af:45:e3:e6:8c:29:50:8d:c0:db:90:81:8c:90:
                    f7:5f:8a:cb:d5:0f:0b:3c:72:b2:fb:89:a8:95:8f:
                    ad:33:4d:29:ee:60:ca:ec:88:08:62:43:a9:07:d5:
                    20:76:d8:4e:23:04:da:f2:09:31:c1:36:1b:a9:66:
                    7d:46:c5:fe:f6:1e:f4:31:c4:3c:5b:22:7a:09:53:
                    4c:11:d0:c7:2f:e3:e4:7e:29:69:fa:29:e6:67:41:
                    19:6b:97:6a:53:95:18:c0:80:94:50:e9:d1:ca:12:
                    5a:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:5D:CC:D2:C7:C3:BE:63:16:16:A9:EE:2A:24:27:E4:04:46:31:1F
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vF3M0sfDvmMWFqnuKiQn5ARGMR8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.152.178.0/24
                  89.213.186.0/23

    Signature Algorithm: sha256WithRSAEncryption
         1d:a8:5a:e8:65:a3:36:d8:16:86:81:b1:c8:6c:41:b6:c3:91:
         52:ea:3e:dc:8e:26:73:0b:70:3f:57:0b:41:11:95:ae:90:b7:
         1c:37:27:2c:13:95:91:d5:04:2f:ea:d3:5f:af:50:61:eb:48:
         03:2c:93:5a:79:d1:5d:59:d0:2d:39:28:37:24:e8:40:b3:58:
         a2:0b:42:13:bc:42:5e:ac:63:54:23:1b:6c:20:f2:8e:d1:d8:
         2c:40:c7:de:8f:c5:e9:bf:04:19:67:5b:05:4d:54:e9:9a:95:
         9a:a7:b9:0a:fd:4c:65:12:dc:12:2e:76:46:ff:1c:4f:56:58:
         d8:bd:e9:aa:57:fd:72:cf:24:6f:a8:68:94:9d:02:72:4c:46:
         bd:88:fa:7b:a1:cf:8e:2e:f6:a3:00:0f:cd:e7:3b:f5:59:76:
         cd:62:fa:5e:11:5f:7d:83:99:44:79:83:31:a5:2a:47:d6:f3:
         e8:9e:97:86:c9:cc:ed:5b:97:b3:aa:5f:97:99:68:5b:86:a3:
         09:f0:6f:c9:91:6f:c4:12:94:41:40:d9:ee:f0:52:76:09:36:
         89:b1:9c:6e:5f:e7:cd:91:08:5d:84:00:d9:72:d1:a7:56:de:
         6c:71:a3:98:ed:46:6a:80:d5:0c:43:e0:27:45:a0:45:74:26:
         95:88:42:99
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYpf9Pk9dDFiMgf/CdUmHtimMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwOTA0MTEzMDA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzVkY2NkMmM3YzNiZTYzMTYxNmE5ZWUyYTI0MjdlNDA0NDYzMTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqZ9p00iZqSYtdnRE0JfiN2veodEQ
8+l8ybWA8djUGvD0tBz0Gp/ID0/5F08Irj28W10hEjsaUas7OVmUwgixrEjmQsoG
Iv5R+YMQImpSdkXd3KS7RjfesjVpmxcI5lJN7cwrxzN/vWKJnrkjNNFoY/+GqFwE
HjdIU2lBF6LDLipVNReM393wd323h1SLsWnU2SnC1Nnzr0Xj5owpUI3A25CBjJD3
X4rL1Q8LPHKy+4molY+tM00p7mDK7IgIYkOpB9UgdthOIwTa8gkxwTYbqWZ9RsX+
9h70McQ8WyJ6CVNMEdDHL+Pkfilp+inmZ0EZa5dqU5UYwICUUOnRyhJaWwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLxdzNLHw75jFhap7iokJ+QERjEfMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvdkYzTTBzZkR2bU1XRnFudUtpUW41QVJHTVI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUpiyAwQB
WdW6MA0GCSqGSIb3DQEBCwUAA4IBAQAdqFroZaM22BaGgbHIbEG2w5FS6j7cjiZz
C3A/VwtBEZWukLccNycsE5WR1QQv6tNfr1Bh60gDLJNaedFdWdAtOSg3JOhAs1ii
C0ITvEJerGNUIxtsIPKO0dgsQMfej8XpvwQZZ1sFTVTpmpWap7kK/UxlEtwSLnZG
/xxPVljYvemqV/1yzyRvqGiUnQJyTEa9iPp7oc+OLvajAA/N5zv1WXbNYvpeEV99
g5lEeYMxpSpH1vPonpeGycztW5ezql+XmWhbhqMJ8G/JkW/EEpRBQNnu8FJ2CTaJ
sZxuX+fNkQhdhADZctGnVt5scaOY7UZqgNUMQ+AnRaBFdCaViEKZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:32 2024 by rpki-client on console-ams.rpki-client.org