Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/zUMohQ8ZCvEf_g-rHyxSJeLNmsY.roa
File:                     zUMohQ8ZCvEf_g-rHyxSJeLNmsY.roa (raw, json)
Hash identifier:          Iuar6gcpQxidANnGKrakyzHVS4sgp7kr3ZxWE1Leqnw=
Subject key identifier:   CD:43:28:85:0F:19:0A:F1:1F:FE:0F:AB:1F:2C:52:25:E2:CD:9A:C6
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       01864A822F1643C6F0898DD27D15692577B4
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/zUMohQ8ZCvEf_g-rHyxSJeLNmsY.roa
Signing time:             Mon 13 Feb 2023 11:21:31 +0000
ROA not before:           Mon 13 Feb 2023 11:21:31 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211936
IP address blocks:        82.153.250.0/24 maxlen: 24
                          82.153.220.0/24 maxlen: 24
                          82.153.223.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 16 Feb 2023 09:05:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:4a:82:2f:16:43:c6:f0:89:8d:d2:7d:15:69:25:77:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Feb 13 11:21:31 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=cd4328850f190af11ffe0fab1f2c5225e2cd9ac6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:0b:43:22:7b:8d:80:b9:c5:29:81:2b:78:45:
                    88:77:6a:d7:71:ca:f3:5a:f4:0b:e0:b3:8f:80:1f:
                    9d:66:b3:5f:75:c2:27:3c:85:9f:66:90:56:46:b7:
                    b6:12:07:54:0e:59:06:a3:67:59:ed:14:06:2b:e2:
                    fc:95:07:c9:00:d9:d4:1b:58:58:80:e4:18:7e:0d:
                    ac:4d:69:c6:9d:f3:e3:a8:ee:62:ec:54:a7:27:4b:
                    7c:ec:80:3f:78:55:65:5b:fa:cf:d9:3e:21:68:a7:
                    4f:11:38:3f:25:a8:f6:d7:77:0e:0e:7d:9f:b0:e8:
                    84:d4:76:88:c0:dc:01:4a:93:58:4c:d8:13:c1:9e:
                    0f:4b:eb:86:b4:a1:e3:f3:db:54:09:f2:cc:e8:87:
                    61:45:bb:c8:c3:d7:ab:29:3b:a6:0f:c8:0e:a2:2d:
                    38:8f:aa:45:8c:3b:0d:32:82:27:5a:2a:5e:4e:81:
                    fd:c0:78:26:79:2b:97:28:43:8d:e3:33:61:69:ef:
                    a4:16:98:b2:d9:6d:fb:d0:dd:b7:f5:a8:b2:b9:94:
                    b8:5a:12:d6:99:83:06:6f:ae:ba:7c:db:16:95:24:
                    1d:3e:af:ad:01:85:75:3b:5f:6d:e4:81:54:35:16:
                    03:0c:26:e8:53:c2:c1:f2:f5:66:8e:19:f2:3e:8c:
                    07:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:43:28:85:0F:19:0A:F1:1F:FE:0F:AB:1F:2C:52:25:E2:CD:9A:C6
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/zUMohQ8ZCvEf_g-rHyxSJeLNmsY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.220.0/24
                  82.153.223.0/24
                  82.153.250.0/24

    Signature Algorithm: sha256WithRSAEncryption
         49:88:65:80:28:da:83:8e:fd:14:47:45:18:66:7a:40:c5:5f:
         f0:d8:20:c2:a0:12:ec:c5:74:5a:69:a0:7f:b6:a1:13:22:59:
         a5:42:5e:c7:01:aa:b2:6b:0c:e0:c7:c2:3a:71:2e:bc:88:1e:
         32:23:fd:4c:8c:2f:67:22:25:88:1a:e4:56:51:c4:8b:77:48:
         c1:85:98:8e:6b:3a:50:9f:cf:a4:c4:5d:42:33:2a:29:b6:19:
         0e:8d:e9:30:a3:ac:94:66:e5:37:8a:74:7f:ba:52:7c:0e:06:
         1b:0b:89:fc:3e:0b:81:ae:4d:bd:3e:e2:9b:26:09:c7:3b:2a:
         90:ed:63:05:5c:7a:97:76:9d:bf:17:cd:78:d8:02:fd:10:54:
         54:e8:fc:ed:1f:65:db:1b:66:ca:4c:ed:3d:7b:85:aa:b9:4b:
         54:ba:5c:36:94:df:cb:81:ab:a5:3e:be:5c:eb:aa:fc:79:e8:
         c0:cd:89:4e:e6:5c:03:40:7f:37:9b:ce:ca:cc:da:06:f8:54:
         ce:c7:c2:ca:1b:f2:b4:79:d5:b3:50:96:0a:bb:85:e9:5e:ac:
         e8:a1:75:72:0b:2d:04:a6:ad:1a:9a:1d:4b:67:1b:c7:4d:e9:
         f9:a4:eb:79:78:d3:64:0b:71:67:98:27:36:05:68:7a:d4:0c:
         fa:d7:1b:4d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYZKgi8WQ8bwiY3SfRVpJXe0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwMjEzMTEyMTMxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDQzMjg4NTBmMTkwYWYxMWZmZTBmYWIxZjJjNTIyNWUyY2Q5YWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArQtDInuNgLnFKYEreEWId2rXccrz
WvQL4LOPgB+dZrNfdcInPIWfZpBWRre2EgdUDlkGo2dZ7RQGK+L8lQfJANnUG1hY
gOQYfg2sTWnGnfPjqO5i7FSnJ0t87IA/eFVlW/rP2T4haKdPETg/Jaj213cODn2f
sOiE1HaIwNwBSpNYTNgTwZ4PS+uGtKHj89tUCfLM6IdhRbvIw9erKTumD8gOoi04
j6pFjDsNMoInWipeToH9wHgmeSuXKEON4zNhae+kFpiy2W370N239aiyuZS4WhLW
mYMGb666fNsWlSQdPq+tAYV1O19t5IFUNRYDDCboU8LB8vVmjhnyPowHDwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFM1DKIUPGQrxH/4Pqx8sUiXizZrGMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvelVNb2hROFpDdkVmX2ctckh5eFNKZUxObXNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUpncAwQA
UpnfAwQAUpn6MA0GCSqGSIb3DQEBCwUAA4IBAQBJiGWAKNqDjv0UR0UYZnpAxV/w
2CDCoBLsxXRaaaB/tqETIlmlQl7HAaqyawzgx8I6cS68iB4yI/1MjC9nIiWIGuRW
UcSLd0jBhZiOazpQn8+kxF1CMyopthkOjekwo6yUZuU3inR/ulJ8DgYbC4n8PguB
rk29PuKbJgnHOyqQ7WMFXHqXdp2/F8142AL9EFRU6PztH2XbG2bKTO09e4WquUtU
ulw2lN/LgaulPr5c66r8eejAzYlO5lwDQH83m87KzNoG+FTOx8LKG/K0edWzUJYK
u4XpXqzooXVyCy0Epq0amh1LZxvHTen5pOt5eNNkC3FnmCc2BWh61Az61xtN
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:18 2024 by rpki-client on console-fra.rpki-client.org