Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vcoNQibMCWbTHT6Gxp3wnYoLiKE.roa
File:                     vcoNQibMCWbTHT6Gxp3wnYoLiKE.roa (raw, json)
Hash identifier:          QissNVjGVqWvU9CNA/sJVttuJ1WqvXX63hlrRRkmQ20=
Subject key identifier:   BD:CA:0D:42:26:CC:09:66:D3:1D:3E:86:C6:9D:F0:9D:8A:0B:88:A1
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018870EB3EB2809570DE08425B9BB0DAAC38
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vcoNQibMCWbTHT6Gxp3wnYoLiKE.roa
Signing time:             Wed 31 May 2023 08:27:25 +0000
ROA not before:           Wed 31 May 2023 08:27:25 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     393427
IP address blocks:        82.153.240.0/24 maxlen: 24
                          82.152.178.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 27 Jul 2023 07:19:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:70:eb:3e:b2:80:95:70:de:08:42:5b:9b:b0:da:ac:38
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: May 31 08:27:25 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=bdca0d4226cc0966d31d3e86c69df09d8a0b88a1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:fd:cc:ed:f4:6b:8d:1b:af:fa:f3:1e:4a:af:
                    c5:63:fe:55:44:ce:44:77:d4:e6:f5:b8:2c:d7:3e:
                    e0:58:1c:3e:43:57:6e:dd:b5:88:ad:65:b3:fc:5a:
                    85:03:8f:0b:30:fc:e0:f2:bb:8e:24:4c:4b:d0:17:
                    7b:94:63:2f:d1:7a:fb:73:60:db:9c:6b:0d:d2:41:
                    cf:d2:4b:18:ed:a1:ef:b6:6e:26:de:c6:59:24:30:
                    fe:fa:af:24:7f:60:d5:47:b4:ab:46:29:4f:d4:4c:
                    9c:86:f5:91:28:90:b3:68:3c:7c:9a:af:0d:6b:a2:
                    d0:c9:ef:6c:a4:bd:d1:48:fe:f0:f7:90:44:b2:15:
                    b5:de:25:4a:55:60:d3:82:3e:cf:e3:d3:3f:63:c2:
                    34:45:d4:ca:31:8c:38:8c:69:48:3e:e8:bc:9e:a5:
                    50:0f:20:08:f5:f5:3e:4c:3f:3c:ca:4d:54:39:51:
                    28:1f:ec:18:14:60:42:53:35:f2:1c:5c:5a:54:37:
                    f6:93:1e:3f:10:7b:f3:ac:81:74:d4:ec:b4:f4:22:
                    1b:24:ba:37:d2:39:d2:8a:26:f6:65:20:b4:8d:5f:
                    a5:00:2a:73:aa:20:84:be:5a:19:2f:c7:cc:1e:96:
                    f8:57:60:0e:7d:b6:75:84:a9:1d:2b:e6:c3:dd:f5:
                    50:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:CA:0D:42:26:CC:09:66:D3:1D:3E:86:C6:9D:F0:9D:8A:0B:88:A1
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vcoNQibMCWbTHT6Gxp3wnYoLiKE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.152.178.0/24
                  82.153.240.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3e:48:a4:20:42:8c:54:dc:25:0c:5d:c2:bd:8b:27:94:db:db:
         7f:96:37:41:be:a6:44:5b:56:ac:f6:bf:e1:75:cf:3e:b0:71:
         8a:78:ef:41:ef:f0:54:9b:1e:3a:fd:5d:8d:8d:c9:60:87:f3:
         4b:63:f6:92:01:a6:4f:a9:09:8e:3a:34:54:5e:22:6b:e7:be:
         28:a7:e1:86:0a:ec:e0:16:c0:0c:1d:ba:a8:bc:d3:cc:20:9b:
         0d:a1:ff:04:6a:6d:a9:1e:d6:61:26:2c:16:67:47:60:f0:c6:
         6c:1b:99:1e:d6:ac:77:fb:28:04:89:e3:90:1f:49:0c:ad:78:
         4f:f2:40:4d:d8:39:22:a2:ef:84:59:8e:2f:a8:c9:d1:7e:5a:
         7e:33:c9:64:2a:ad:f0:fd:3b:5d:58:2c:c5:a8:d3:ab:f0:c6:
         eb:5b:d0:8f:ab:b0:56:6a:fc:71:63:cd:5a:55:0d:d9:2c:65:
         da:e6:b4:e1:95:07:68:98:46:91:a0:fa:f7:0a:b5:ce:e0:0b:
         e6:ce:a1:c2:b2:1c:47:e3:5c:57:34:7b:14:11:a6:53:c8:cd:
         35:8d:24:bc:9b:01:d7:e3:c4:b6:90:95:8c:72:ec:63:5a:18:
         17:74:7d:52:50:08:60:ea:ca:6c:2a:b4:8d:a6:28:8d:c8:47:
         6a:a7:5b:77
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYhw6z6ygJVw3ghCW5uw2qw4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNTMxMDgyNzI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGNhMGQ0MjI2Y2MwOTY2ZDMxZDNlODZjNjlkZjA5ZDhhMGI4OGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtP3M7fRrjRuv+vMeSq/FY/5VRM5E
d9Tm9bgs1z7gWBw+Q1du3bWIrWWz/FqFA48LMPzg8ruOJExL0Bd7lGMv0Xr7c2Db
nGsN0kHP0ksY7aHvtm4m3sZZJDD++q8kf2DVR7SrRilP1EychvWRKJCzaDx8mq8N
a6LQye9spL3RSP7w95BEshW13iVKVWDTgj7P49M/Y8I0RdTKMYw4jGlIPui8nqVQ
DyAI9fU+TD88yk1UOVEoH+wYFGBCUzXyHFxaVDf2kx4/EHvzrIF01Oy09CIbJLo3
0jnSiib2ZSC0jV+lACpzqiCEvloZL8fMHpb4V2AOfbZ1hKkdK+bD3fVQ4wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFL3KDUImzAlm0x0+hsad8J2KC4ihMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvdmNvTlFpYk1DV2JUSFQ2R3hwM3duWW9MaUtFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUpiyAwQA
UpnwMA0GCSqGSIb3DQEBCwUAA4IBAQA+SKQgQoxU3CUMXcK9iyeU29t/ljdBvqZE
W1as9r/hdc8+sHGKeO9B7/BUmx46/V2Njclgh/NLY/aSAaZPqQmOOjRUXiJr574o
p+GGCuzgFsAMHbqovNPMIJsNof8Eam2pHtZhJiwWZ0dg8MZsG5ke1qx3+ygEieOQ
H0kMrXhP8kBN2Dkiou+EWY4vqMnRflp+M8lkKq3w/TtdWCzFqNOr8MbrW9CPq7BW
avxxY81aVQ3ZLGXa5rThlQdomEaRoPr3CrXO4AvmzqHCshxH41xXNHsUEaZTyM01
jSS8mwHX48S2kJWMcuxjWhgXdH1SUAhg6spsKrSNpiiNyEdqp1t3
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:18 2024 by rpki-client on console-fra.rpki-client.org