Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ztyjtmqv6c_bznJDvE4h4dYCGqY.roa
File:                     ztyjtmqv6c_bznJDvE4h4dYCGqY.roa (raw, json)
Hash identifier:          RQhmGVZaRqt9JN6oXNIWj5dmTZqZQ2v4u4vuIr2Apcg=
Subject key identifier:   CE:DC:A3:B6:6A:AF:E9:CF:DB:CE:72:43:BC:4E:21:E1:D6:02:1A:A6
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       0187222B4F9D3DE34B0DA7C748949981FBF4
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ztyjtmqv6c_bznJDvE4h4dYCGqY.roa
Signing time:             Mon 27 Mar 2023 08:24:36 +0000
ROA not before:           Mon 27 Mar 2023 08:24:36 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        82.153.248.0/24 maxlen: 24
                          82.153.249.0/24 maxlen: 24
                          81.168.123.0/24 maxlen: 24
                          81.168.119.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 03 Apr 2023 07:54:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:22:2b:4f:9d:3d:e3:4b:0d:a7:c7:48:94:99:81:fb:f4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Mar 27 08:24:36 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=cedca3b66aafe9cfdbce7243bc4e21e1d6021aa6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:3a:d4:a9:89:eb:66:05:38:20:e3:b0:5a:49:
                    b3:68:c9:2c:11:23:80:76:72:3a:54:c2:0d:78:6a:
                    e1:cd:50:3e:50:6c:51:05:47:c2:b6:bf:34:65:9f:
                    79:29:4f:f1:f1:ab:63:59:4b:b5:35:e3:51:48:5e:
                    a9:22:e9:2f:83:90:42:75:32:3d:eb:89:34:a6:cf:
                    4d:9d:a8:ad:7d:14:1e:82:c7:6c:ba:a4:0a:90:b3:
                    04:6d:60:86:44:e7:7d:7b:99:0c:d6:07:9a:fa:38:
                    22:8b:a2:8e:7b:b3:0e:fd:29:d0:6d:6f:e4:d2:a8:
                    ad:a2:ac:5a:87:bc:48:fc:8b:64:43:2f:2f:8e:fa:
                    c2:4f:50:db:02:0f:08:02:aa:29:b7:bd:c3:b1:67:
                    60:00:57:bb:28:d0:82:28:1f:2f:c5:bb:a8:93:47:
                    b6:36:4c:0e:36:89:f2:0e:9b:18:87:7f:33:64:7d:
                    f7:09:aa:69:60:66:c2:bf:32:9b:47:e5:4f:02:04:
                    d0:67:50:cb:54:49:9d:26:3b:a1:f0:7e:de:2f:e2:
                    8f:1c:e5:c8:49:52:c0:56:e5:fb:2f:bf:a8:58:39:
                    e4:d7:bb:ff:73:dd:ed:54:fa:63:5e:f8:8a:55:4a:
                    10:2d:91:a5:c8:52:71:05:97:dc:3b:b3:cf:4b:75:
                    0c:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:DC:A3:B6:6A:AF:E9:CF:DB:CE:72:43:BC:4E:21:E1:D6:02:1A:A6
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ztyjtmqv6c_bznJDvE4h4dYCGqY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.168.119.0/24
                  81.168.123.0/24
                  82.153.248.0/23

    Signature Algorithm: sha256WithRSAEncryption
         4a:fb:e3:aa:f8:ef:7d:7c:6f:66:bf:e7:12:c4:0a:7c:06:0f:
         99:b9:61:06:a1:37:54:7c:55:99:e2:73:0f:9a:e8:9a:b2:0d:
         d2:43:be:71:ca:2c:00:07:d4:70:86:74:f3:22:89:e8:14:a7:
         83:7f:60:d5:db:a7:30:c3:07:72:9c:16:69:f2:61:9f:00:2a:
         af:17:a2:fb:9d:3c:67:70:a6:59:d5:d6:91:32:94:f9:71:75:
         95:65:38:0c:67:96:a5:65:ff:e1:e7:ac:81:3e:06:8a:c8:97:
         3d:1f:22:94:be:d0:ae:20:97:86:98:5c:61:25:9d:93:1b:fa:
         ce:7f:d1:3f:a7:06:97:09:7a:72:e7:76:73:04:ad:61:1c:1f:
         bc:0a:af:c0:d8:95:ac:c8:8c:5d:cc:e3:58:da:64:37:40:44:
         ef:f3:2c:9a:d0:59:90:1b:f4:2f:e5:55:ed:97:36:b9:7d:92:
         c4:3e:80:bc:33:12:1f:36:d0:c6:9d:ac:a2:3f:a6:51:ce:b1:
         fb:c5:41:0a:f8:3a:00:20:22:a8:b0:44:9c:c0:c9:ed:14:ae:
         e2:e4:ef:57:19:83:98:46:c2:94:a2:f2:4f:04:62:45:ca:d2:
         39:1f:c4:5a:d2:cf:f6:0b:cc:52:70:5d:78:b5:73:b3:c3:86:
         8d:0a:68:c6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYciK0+dPeNLDafHSJSZgfv0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwMzI3MDgyNDM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWRjYTNiNjZhYWZlOWNmZGJjZTcyNDNiYzRlMjFlMWQ2MDIxYWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqzrUqYnrZgU4IOOwWkmzaMksESOA
dnI6VMINeGrhzVA+UGxRBUfCtr80ZZ95KU/x8atjWUu1NeNRSF6pIukvg5BCdTI9
64k0ps9NnaitfRQegsdsuqQKkLMEbWCGROd9e5kM1gea+jgii6KOe7MO/SnQbW/k
0qitoqxah7xI/ItkQy8vjvrCT1DbAg8IAqopt73DsWdgAFe7KNCCKB8vxbuok0e2
NkwONonyDpsYh38zZH33CappYGbCvzKbR+VPAgTQZ1DLVEmdJjuh8H7eL+KPHOXI
SVLAVuX7L7+oWDnk17v/c93tVPpjXviKVUoQLZGlyFJxBZfcO7PPS3UMHQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFM7co7Zqr+nP285yQ7xOIeHWAhqmMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvenR5anRtcXY2Y19iem5KRHZFNGg0ZFlDR3FZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUah3AwQA
Uah7AwQBUpn4MA0GCSqGSIb3DQEBCwUAA4IBAQBK++Oq+O99fG9mv+cSxAp8Bg+Z
uWEGoTdUfFWZ4nMPmuiasg3SQ75xyiwAB9RwhnTzIonoFKeDf2DV26cwwwdynBZp
8mGfACqvF6L7nTxncKZZ1daRMpT5cXWVZTgMZ5alZf/h56yBPgaKyJc9HyKUvtCu
IJeGmFxhJZ2TG/rOf9E/pwaXCXpy53ZzBK1hHB+8Cq/A2JWsyIxdzONY2mQ3QETv
8yya0FmQG/Qv5VXtlza5fZLEPoC8MxIfNtDGnayiP6ZRzrH7xUEK+DoAICKosESc
wMntFK7i5O9XGYOYRsKUovJPBGJFytI5H8Ra0s/2C8xScF14tXOzw4aNCmjG
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:18 2024 by rpki-client on console-fra.rpki-client.org