Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/x7z25JJMWzUsDdHDouGMZ1d8ZnI.roa
File:                     x7z25JJMWzUsDdHDouGMZ1d8ZnI.roa (raw, json)
Hash identifier:          r+gN88gBf5p82VNELmAEtV3YK9ATcKh1aI1BJei7vq8=
Subject key identifier:   C7:BC:F6:E4:92:4C:5B:35:2C:0D:D1:C3:A2:E1:8C:67:57:7C:66:72
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       01866E83825444EE3088890D76E78B722592
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/x7z25JJMWzUsDdHDouGMZ1d8ZnI.roa
Signing time:             Mon 20 Feb 2023 11:09:17 +0000
ROA not before:           Mon 20 Feb 2023 11:09:17 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211237
IP address blocks:        82.153.73.0/24 maxlen: 24
                          81.168.116.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 23 Feb 2023 14:31:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:6e:83:82:54:44:ee:30:88:89:0d:76:e7:8b:72:25:92
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Feb 20 11:09:17 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c7bcf6e4924c5b352c0dd1c3a2e18c67577c6672
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:cf:07:15:24:c5:5e:bd:81:2a:61:be:05:dc:
                    6c:a8:63:ab:41:de:c4:2a:b4:f1:14:a4:96:32:32:
                    4f:84:58:0e:4f:dd:a1:a8:31:91:f7:e3:3d:9f:14:
                    f1:06:18:4f:84:ea:93:89:bc:62:86:4e:96:62:0e:
                    48:a6:68:e5:3e:e0:eb:77:21:bf:86:71:e8:1a:b2:
                    eb:19:39:e3:24:55:38:74:3a:dc:47:0d:99:26:ca:
                    b6:9a:e1:99:de:f2:72:a7:90:ea:db:62:92:b0:25:
                    7f:61:86:b3:3d:96:fd:7f:49:0b:8a:51:3b:38:df:
                    93:c8:f9:54:25:27:df:7d:6a:6e:1f:97:72:2c:2f:
                    a6:d2:b3:1c:57:45:f7:3d:19:d6:9f:d3:a7:3e:c8:
                    af:1b:74:e0:f5:e9:33:02:0c:15:d9:dc:d6:e2:da:
                    f9:67:c6:6d:7d:51:49:e2:ee:23:38:bb:45:59:76:
                    0b:a0:10:56:70:9e:33:4c:58:ab:27:36:3b:c3:56:
                    28:f6:7d:cf:ec:c5:77:ed:50:43:d6:5f:fb:52:66:
                    35:24:6c:b4:e9:6a:9a:d9:ab:b5:c1:a8:b5:b8:03:
                    d5:6d:48:a1:2d:8e:ff:b6:f4:28:93:66:ef:0a:50:
                    fe:aa:c1:3e:d0:8f:71:2f:07:2a:88:e8:18:11:f1:
                    8d:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:BC:F6:E4:92:4C:5B:35:2C:0D:D1:C3:A2:E1:8C:67:57:7C:66:72
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/x7z25JJMWzUsDdHDouGMZ1d8ZnI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.168.116.0/24
                  82.153.73.0/24

    Signature Algorithm: sha256WithRSAEncryption
         88:bb:d9:e0:67:e5:96:94:7a:61:88:b1:9d:ac:bb:c5:25:02:
         ee:8b:65:53:34:da:28:69:12:ce:a0:2e:de:08:52:f3:71:ce:
         8b:4f:d5:c1:95:24:25:03:5b:19:e0:8e:a2:86:bd:5d:d5:22:
         13:07:d2:a4:c7:f1:e4:1b:ae:1c:7c:46:ec:40:9e:8b:b8:fe:
         c4:dd:f8:9f:69:2d:2a:a3:70:a0:ed:04:ee:c1:ae:65:aa:37:
         f9:6f:a9:07:10:82:e1:c4:22:58:1c:ae:2f:a9:92:72:79:f3:
         ca:f9:db:71:47:d3:c7:9e:ae:d3:38:e9:cb:dd:5f:03:4e:92:
         17:dd:c1:67:2d:25:b9:72:95:1d:40:56:1d:dd:23:4b:0b:98:
         3a:87:b8:eb:a6:c3:38:72:0a:82:f6:2b:e1:c2:54:cb:94:a2:
         cf:a2:ea:74:ea:95:4a:d1:43:69:ef:8b:81:92:2e:e3:4f:ed:
         b8:11:2a:5f:f3:a4:8c:7c:4a:47:82:8b:c2:f3:33:e3:b9:fd:
         db:9e:22:1f:62:39:df:fb:09:03:bd:c8:6d:7a:f4:0e:e2:56:
         ab:ac:08:35:df:06:d9:71:5c:a9:b9:e3:e7:30:0d:c1:87:99:
         e7:5c:11:63:15:63:3d:fa:4b:e3:5f:d8:61:4b:20:5e:9d:05:
         a1:f0:a6:31
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYZug4JURO4wiIkNdueLciWSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwMjIwMTEwOTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2JjZjZlNDkyNGM1YjM1MmMwZGQxYzNhMmUxOGM2NzU3N2M2NjcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo88HFSTFXr2BKmG+BdxsqGOrQd7E
KrTxFKSWMjJPhFgOT92hqDGR9+M9nxTxBhhPhOqTibxihk6WYg5IpmjlPuDrdyG/
hnHoGrLrGTnjJFU4dDrcRw2ZJsq2muGZ3vJyp5Dq22KSsCV/YYazPZb9f0kLilE7
ON+TyPlUJSfffWpuH5dyLC+m0rMcV0X3PRnWn9OnPsivG3Tg9ekzAgwV2dzW4tr5
Z8ZtfVFJ4u4jOLtFWXYLoBBWcJ4zTFirJzY7w1Yo9n3P7MV37VBD1l/7UmY1JGy0
6Wqa2au1wai1uAPVbUihLY7/tvQok2bvClD+qsE+0I9xLwcqiOgYEfGNUwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMe89uSSTFs1LA3Rw6LhjGdXfGZyMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEveDd6MjVKSk1XelVzRGRIRG91R01aMWQ4Wm5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUah0AwQA
UplJMA0GCSqGSIb3DQEBCwUAA4IBAQCIu9ngZ+WWlHphiLGdrLvFJQLui2VTNNoo
aRLOoC7eCFLzcc6LT9XBlSQlA1sZ4I6ihr1d1SITB9Kkx/HkG64cfEbsQJ6LuP7E
3fifaS0qo3Cg7QTuwa5lqjf5b6kHEILhxCJYHK4vqZJyefPK+dtxR9PHnq7TOOnL
3V8DTpIX3cFnLSW5cpUdQFYd3SNLC5g6h7jrpsM4cgqC9ivhwlTLlKLPoup06pVK
0UNp74uBki7jT+24ESpf86SMfEpHgovC8zPjuf3bniIfYjnf+wkDvchtevQO4lar
rAg13wbZcVypuePnMA3Bh5nnXBFjFWM9+kvjX9hhSyBenQWh8KYx
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:18 2024 by rpki-client on console-fra.rpki-client.org