Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/yPaDS8OKiazjyIgBTgCg_tRSswQ.roa
File:                     yPaDS8OKiazjyIgBTgCg_tRSswQ.roa (raw, json)
Hash identifier:          /avnQgJ0Gd21Z5g5p3tOJwMRjVM0IgtaqYqOLDQ+U5I=
Subject key identifier:   C8:F6:83:4B:C3:8A:89:AC:E3:C8:88:01:4E:00:A0:FE:D4:52:B3:04
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018B3E64F961875B01E68614935EF90E7EB0
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/yPaDS8OKiazjyIgBTgCg_tRSswQ.roa
Signing time:             Tue 17 Oct 2023 16:08:06 +0000
ROA not before:           Tue 17 Oct 2023 16:08:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     209242
IP address blocks:        82.153.227.0/24 maxlen: 24
                          89.213.139.0/24 maxlen: 24
                          89.213.155.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 19 Nov 2023 14:33:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:3e:64:f9:61:87:5b:01:e6:86:14:93:5e:f9:0e:7e:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Oct 17 16:08:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c8f6834bc38a89ace3c888014e00a0fed452b304
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:5d:b5:d7:e0:c3:c3:09:d6:48:6f:dd:30:fe:
                    5d:2d:a4:25:4b:cd:d6:0c:3d:1a:72:f0:04:2d:f6:
                    14:d0:f8:c2:81:63:d9:58:e0:10:01:86:dc:3b:85:
                    86:81:76:c0:1a:43:57:3d:24:03:bd:9a:3d:6c:f4:
                    96:df:98:68:75:07:7a:98:9c:41:fa:ff:fe:79:ec:
                    b6:f3:7a:10:c8:30:50:2d:24:7a:da:e2:cb:60:b3:
                    6e:d4:7e:3d:30:4f:c7:ed:d1:da:c2:c4:9c:55:3d:
                    94:e4:83:40:7e:c4:6e:52:e4:32:26:0b:e2:e3:06:
                    61:3b:71:d5:dc:92:9d:7b:df:c0:94:2b:e4:aa:4e:
                    6c:10:52:a3:c0:71:e9:0b:02:e6:a7:dc:a9:cf:c1:
                    12:89:fd:68:97:36:e7:cf:d5:90:57:70:3b:e0:7e:
                    00:8e:2d:46:37:c5:fa:0a:ce:d2:72:15:0a:e1:02:
                    9f:48:fa:60:3c:42:c7:6d:4c:2a:ac:f4:f2:7d:bc:
                    b9:ed:7f:82:79:51:cc:2e:6a:fb:db:2e:9b:cc:c1:
                    16:31:93:b9:ae:6a:28:43:d3:5f:07:62:75:02:b8:
                    d3:a2:cc:a8:4c:10:b6:dd:27:c9:5f:72:b7:00:44:
                    ae:d3:75:bc:17:82:92:77:4f:e8:d4:70:87:5f:3c:
                    0f:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:F6:83:4B:C3:8A:89:AC:E3:C8:88:01:4E:00:A0:FE:D4:52:B3:04
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/yPaDS8OKiazjyIgBTgCg_tRSswQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.227.0/24
                  89.213.139.0/24
                  89.213.155.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5f:2e:20:05:e8:89:63:c7:51:75:9f:aa:30:d1:ef:78:7f:7f:
         02:ad:50:67:56:1f:40:58:24:31:17:49:28:ca:9b:69:3b:56:
         71:d3:d7:bd:1e:53:49:50:51:8c:00:0f:c1:46:96:c0:b7:14:
         57:22:d6:7b:c5:3d:16:95:95:84:a0:a3:e1:61:2e:a8:10:b3:
         bb:6d:d4:5a:28:97:fd:c3:73:7e:19:2c:8b:25:4a:81:d3:6a:
         f0:81:36:95:81:4c:14:65:b8:02:06:81:0a:55:93:e1:8a:45:
         ab:ff:a6:3e:56:b6:aa:9d:95:fe:d3:e5:03:78:8b:ed:cf:51:
         b0:1d:50:e7:b9:3b:ec:b1:b9:6e:f9:a5:65:03:83:da:2b:98:
         cf:02:72:6b:f7:99:fd:57:fb:be:db:11:07:1f:45:ef:38:ef:
         f1:11:bb:46:ca:68:e2:ab:73:ef:97:cf:0d:e1:e2:f7:2d:87:
         ba:66:a9:e1:e7:c2:4a:5c:ef:29:b5:91:5e:8b:fc:b9:2f:43:
         87:6e:e1:0f:56:fd:61:00:e7:5a:88:96:bc:b7:e2:c5:bf:ce:
         c5:8b:be:bd:1a:12:e3:24:e8:c3:a8:d7:83:9f:f7:ae:ca:e2:
         7e:06:6c:13:8a:3f:69:7a:b5:35:aa:29:19:ba:c7:ea:56:6d:
         6f:4a:19:b7
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYs+ZPlhh1sB5oYUk175Dn6wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMxMDE3MTYwODA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGY2ODM0YmMzOGE4OWFjZTNjODg4MDE0ZTAwYTBmZWQ0NTJiMzA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt1211+DDwwnWSG/dMP5dLaQlS83W
DD0acvAELfYU0PjCgWPZWOAQAYbcO4WGgXbAGkNXPSQDvZo9bPSW35hodQd6mJxB
+v/+eey283oQyDBQLSR62uLLYLNu1H49ME/H7dHawsScVT2U5INAfsRuUuQyJgvi
4wZhO3HV3JKde9/AlCvkqk5sEFKjwHHpCwLmp9ypz8ESif1olzbnz9WQV3A74H4A
ji1GN8X6Cs7SchUK4QKfSPpgPELHbUwqrPTyfby57X+CeVHMLmr72y6bzMEWMZO5
rmooQ9NfB2J1ArjTosyoTBC23SfJX3K3AESu03W8F4KSd0/o1HCHXzwPTwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMj2g0vDioms48iIAU4AoP7UUrMEMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEveVBhRFM4T0tpYXpqeUlnQlRnQ2dfdFJTc3dRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUpnjAwQA
WdWLAwQAWdWbMA0GCSqGSIb3DQEBCwUAA4IBAQBfLiAF6Iljx1F1n6ow0e94f38C
rVBnVh9AWCQxF0koyptpO1Zx09e9HlNJUFGMAA/BRpbAtxRXItZ7xT0WlZWEoKPh
YS6oELO7bdRaKJf9w3N+GSyLJUqB02rwgTaVgUwUZbgCBoEKVZPhikWr/6Y+Vraq
nZX+0+UDeIvtz1GwHVDnuTvssblu+aVlA4PaK5jPAnJr95n9V/u+2xEHH0XvOO/x
EbtGymjiq3Pvl88N4eL3LYe6Zqnh58JKXO8ptZFei/y5L0OHbuEPVv1hAOdaiJa8
t+LFv87Fi769GhLjJOjDqNeDn/euyuJ+BmwTij9perU1qikZusfqVm1vShm3
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:18 2024 by rpki-client on console-fra.rpki-client.org