Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/wUX75Xt4QsGfAdYKx0QTIoZf02c.roa
File:                     wUX75Xt4QsGfAdYKx0QTIoZf02c.roa (raw, json)
Hash identifier:          RKHA1FtSssBA1dmKA1/0bAKoFXzRiOWJsRIlzQyWJyE=
Subject key identifier:   C1:45:FB:E5:7B:78:42:C1:9F:01:D6:0A:C7:44:13:22:86:5F:D3:67
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018D56022D6754F43EC7C18C9A7C7EE0A91F
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/wUX75Xt4QsGfAdYKx0QTIoZf02c.roa
Signing time:             Mon 29 Jan 2024 16:16:39 +0000
ROA not before:           Mon 29 Jan 2024 16:16:39 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     25369
IP address blocks:        82.153.225.0/24 maxlen: 24
                          89.213.43.0/24 maxlen: 24
                          89.213.131.0/24 maxlen: 24
                          89.213.145.0/24 maxlen: 24
                          89.213.146.0/24 maxlen: 24
                          109.176.208.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 19 Mar 2024 07:37:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:56:02:2d:67:54:f4:3e:c7:c1:8c:9a:7c:7e:e0:a9:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jan 29 16:16:39 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=c145fbe57b7842c19f01d60ac7441322865fd367
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:28:e1:34:b2:6d:a8:e9:6e:43:25:0e:ff:cf:
                    f3:8b:7e:f2:11:07:bd:63:55:b1:64:bf:69:77:1a:
                    0f:21:5e:78:2a:24:26:5d:0b:4b:7d:48:53:05:5b:
                    73:56:8c:7e:29:0a:50:a8:fa:ec:40:bc:cf:1b:b8:
                    53:1a:89:e8:26:b1:bb:29:5d:70:f7:20:e6:5e:33:
                    00:ce:21:cb:26:bc:5c:e3:f5:11:fb:23:c1:f3:27:
                    12:5f:86:df:8e:df:a7:1f:e6:83:a1:18:69:f0:66:
                    6b:e2:32:92:72:90:b4:0a:96:35:2b:8e:9c:d6:15:
                    b8:1f:44:47:00:a9:82:67:4e:eb:ba:55:eb:f2:8f:
                    c7:39:93:c9:10:12:79:d3:e0:fa:ec:45:70:5f:17:
                    bd:74:25:fe:94:f3:7a:73:40:93:c8:75:b4:00:14:
                    91:5e:62:94:22:2c:d2:27:85:da:7a:1c:2d:b0:5f:
                    67:7a:33:cd:c5:2b:ba:f9:6e:2e:15:f6:5b:38:ca:
                    0a:bb:29:6a:f8:2f:0d:9d:7d:a7:71:db:cb:ed:db:
                    11:ab:7d:9a:54:a4:33:40:d8:33:af:30:b1:59:74:
                    e7:b8:a9:d4:1a:84:38:e5:c8:a6:f2:d6:05:02:fd:
                    62:05:74:14:dc:61:a5:7d:7e:74:90:07:78:9c:0e:
                    80:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:45:FB:E5:7B:78:42:C1:9F:01:D6:0A:C7:44:13:22:86:5F:D3:67
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/wUX75Xt4QsGfAdYKx0QTIoZf02c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.225.0/24
                  89.213.43.0/24
                  89.213.131.0/24
                  89.213.145.0-89.213.146.255
                  109.176.208.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a4:40:6f:f6:56:58:98:e6:e7:3a:ff:08:7f:4f:17:79:6c:84:
         0e:e2:eb:53:93:d0:ef:41:94:74:68:7b:e2:53:c5:32:1e:74:
         86:3b:5d:67:1e:95:54:f6:41:56:dd:18:10:47:6a:d2:6e:ba:
         91:cb:7b:38:31:d0:ce:47:90:00:20:03:6f:d9:f2:66:d8:a4:
         1f:b4:94:61:d3:f5:29:d9:7a:59:bc:85:f0:33:7f:f8:aa:cd:
         2d:4f:f7:44:c3:d7:21:44:4e:af:b3:c7:29:6b:3a:ea:96:c1:
         eb:3f:df:c9:f5:51:48:dd:47:8c:92:0c:47:f0:01:85:8c:93:
         6b:59:e8:32:ca:86:cb:df:9c:2e:bf:2b:b2:fb:02:d2:41:99:
         dd:87:fd:27:ed:81:46:c3:33:cb:03:fe:dc:a2:0c:b3:b3:66:
         73:15:c1:9e:bc:30:ce:17:03:b6:68:74:ec:35:f0:b1:ea:11:
         fc:63:ca:54:ab:e1:c0:a0:8b:b2:3a:64:68:a2:05:6a:f0:82:
         d8:d2:82:f5:8f:82:d7:0e:f8:18:fb:6c:b3:8b:94:65:eb:fa:
         2b:bb:85:de:ae:87:08:ef:a4:ec:0f:9f:80:b1:5d:84:17:3a:
         c1:90:cd:cc:2c:72:48:a8:11:b2:0d:f6:6a:d0:6f:b8:f7:df:
         84:76:9d:c5
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAY1WAi1nVPQ+x8GMmnx+4KkfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMTI5MTYxNjM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTQ1ZmJlNTdiNzg0MmMxOWYwMWQ2MGFjNzQ0MTMyMjg2NWZkMzY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnCjhNLJtqOluQyUO/8/zi37yEQe9
Y1WxZL9pdxoPIV54KiQmXQtLfUhTBVtzVox+KQpQqPrsQLzPG7hTGonoJrG7KV1w
9yDmXjMAziHLJrxc4/UR+yPB8ycSX4bfjt+nH+aDoRhp8GZr4jKScpC0CpY1K46c
1hW4H0RHAKmCZ07rulXr8o/HOZPJEBJ50+D67EVwXxe9dCX+lPN6c0CTyHW0ABSR
XmKUIizSJ4XaehwtsF9nejPNxSu6+W4uFfZbOMoKuylq+C8NnX2ncdvL7dsRq32a
VKQzQNgzrzCxWXTnuKnUGoQ45cim8tYFAv1iBXQU3GGlfX50kAd4nA6AaQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFMFF++V7eELBnwHWCsdEEyKGX9NnMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvd1VYNzVYdDRRc0dmQWRZS3gwUVRJb1pmMDJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAUpnhAwQA
WdUrAwQAWdWDMAwDBABZ1ZEDBABZ1ZIDBABtsNAwDQYJKoZIhvcNAQELBQADggEB
AKRAb/ZWWJjm5zr/CH9PF3lshA7i61OT0O9BlHRoe+JTxTIedIY7XWcelVT2QVbd
GBBHatJuupHLezgx0M5HkAAgA2/Z8mbYpB+0lGHT9SnZelm8hfAzf/iqzS1P90TD
1yFETq+zxylrOuqWwes/38n1UUjdR4ySDEfwAYWMk2tZ6DLKhsvfnC6/K7L7AtJB
md2H/SftgUbDM8sD/tyiDLOzZnMVwZ68MM4XA7ZodOw18LHqEfxjylSr4cCgi7I6
ZGiiBWrwgtjSgvWPgtcO+Bj7bLOLlGXr+iu7hd6uhwjvpOwPn4CxXYQXOsGQzcws
ckioEbIN9mrQb7j334R2ncU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:18 2024 by rpki-client on console-fra.rpki-client.org