Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/3a1094-9b70-4251-b68f-7267073761d4/1/srDQnbcODbsU73R17ZKsJFMTwmQ.roa
File:                     srDQnbcODbsU73R17ZKsJFMTwmQ.roa (raw, json)
Hash identifier:          mZaoUBD4JhkL37jG/HVL+QCqoRD6HO2uYIhcDC4LxfQ=
Subject key identifier:   B2:B0:D0:9D:B7:0E:0D:BB:14:EF:74:75:ED:92:AC:24:53:13:C2:64
Certificate issuer:       /CN=3b230442feae9fc26b8bd887faa0ed0275827a58
Certificate serial:       01888F48CAB860CF0CF45453804007F7DF47
Authority key identifier: 3B:23:04:42:FE:AE:9F:C2:6B:8B:D8:87:FA:A0:ED:02:75:82:7A:58
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OyMEQv6un8Jri9iH-qDtAnWCelg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/81/3a1094-9b70-4251-b68f-7267073761d4/1/srDQnbcODbsU73R17ZKsJFMTwmQ.roa
Signing time:             Tue 06 Jun 2023 05:58:12 +0000
ROA not before:           Tue 06 Jun 2023 05:58:12 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     48951
IP address blocks:        82.210.192.0/18 maxlen: 18
                          82.210.224.0/19 maxlen: 19
                          78.140.64.0/24 maxlen: 24
                          78.140.64.0/21 maxlen: 21
                          82.210.254.0/24 maxlen: 24
                          78.140.65.0/24 maxlen: 24
                          78.140.64.0/18 maxlen: 18
                          78.140.67.0/24 maxlen: 24
                          82.210.255.0/24 maxlen: 24
                          78.140.66.0/24 maxlen: 24
                          78.140.68.0/24 maxlen: 24
                          78.140.72.0/22 maxlen: 22
                          78.140.72.0/24 maxlen: 24
                          78.140.76.0/24 maxlen: 24
                          78.140.76.0/22 maxlen: 22
                          78.140.81.0/24 maxlen: 24
                          78.140.80.0/23 maxlen: 23
                          78.140.80.0/24 maxlen: 24
                          93.122.80.0/22 maxlen: 22
                          93.122.84.0/22 maxlen: 22
                          81.7.208.0/22 maxlen: 22
                          81.7.208.0/21 maxlen: 21
                          93.122.88.0/22 maxlen: 22
                          93.122.92.0/22 maxlen: 22
                          81.7.216.0/21 maxlen: 21
                          81.7.216.0/22 maxlen: 22
                          81.7.220.0/22 maxlen: 22
                          93.122.44.0/22 maxlen: 22
                          93.122.40.0/22 maxlen: 22
                          93.122.48.0/22 maxlen: 22
                          93.122.52.0/22 maxlen: 22
                          93.122.56.0/22 maxlen: 22
                          93.122.60.0/22 maxlen: 22
                          93.122.64.0/22 maxlen: 22
                          81.7.192.0/19 maxlen: 19
                          93.122.68.0/22 maxlen: 22
                          93.122.72.0/21 maxlen: 21
                          185.149.164.0/22 maxlen: 22
                          194.41.39.0/24 maxlen: 24
                          93.122.0.0/17 maxlen: 17
                          2a01:666:400::/40 maxlen: 40
                          2a01:666::/40 maxlen: 40
                          2a01:666::/32 maxlen: 32
                          2a01:667::/40 maxlen: 40
                          2a01:667:400::/40 maxlen: 40
                          2a01:667::/32 maxlen: 32
                          2a01:664:1600::/40 maxlen: 40
                          2a01:664:1300::/40 maxlen: 40
                          2a01:664:1200::/40 maxlen: 40
                          2a01:664:1700::/40 maxlen: 40
                          2a01:664:1800::/40 maxlen: 40
                          2a01:664:1a00::/40 maxlen: 40
                          2a01:664:1900::/40 maxlen: 40
                          2a01:664::/38 maxlen: 38
                          2a01:664:800::/38 maxlen: 38
                          2a01:664:1200::/39 maxlen: 39
                          2a01:660::/29 maxlen: 29

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 00:29:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:8f:48:ca:b8:60:cf:0c:f4:54:53:80:40:07:f7:df:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b230442feae9fc26b8bd887faa0ed0275827a58
        Validity
            Not Before: Jun  6 05:58:12 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b2b0d09db70e0dbb14ef7475ed92ac245313c264
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:5f:71:e3:3c:ef:10:ac:ce:ec:b1:81:c5:ec:
                    84:d4:d8:35:81:02:4a:af:55:63:3b:09:b5:8a:67:
                    ef:46:d4:77:74:b1:4a:c2:e4:1b:3b:d7:08:34:a4:
                    b1:89:fc:c0:ec:55:c6:08:3d:80:18:e4:78:4e:a5:
                    33:b3:69:bd:02:4f:12:eb:8c:eb:4a:e1:62:f7:2c:
                    d7:60:20:66:52:b1:f7:bb:68:f9:5b:a9:cc:72:53:
                    11:ad:c5:2b:44:9b:23:e6:87:c6:d9:ee:66:50:9c:
                    28:f0:c2:6a:80:c9:1f:c2:71:5a:75:7c:79:5d:31:
                    4e:3a:63:34:13:76:31:77:28:fe:6c:c1:9e:cb:14:
                    29:c9:92:c9:93:86:32:54:90:8e:1e:87:ed:c5:89:
                    a8:17:45:bf:aa:a9:5a:23:a5:8d:2f:e2:07:e0:d4:
                    62:a2:58:c0:25:49:32:9c:7e:08:cb:ff:cf:b7:1e:
                    ff:fd:cc:b3:8c:73:be:33:67:ea:0b:3f:f5:38:97:
                    a5:0c:3d:94:82:b4:2f:1f:f9:74:8d:b4:76:ea:3e:
                    38:b7:51:30:b8:cf:57:21:c6:b9:6f:a0:4e:03:a7:
                    4a:43:dd:26:68:d3:07:1c:d5:48:c8:20:9a:29:13:
                    2d:2e:4b:15:f6:21:b3:fd:9e:44:85:77:17:0b:d4:
                    54:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:B0:D0:9D:B7:0E:0D:BB:14:EF:74:75:ED:92:AC:24:53:13:C2:64
            X509v3 Authority Key Identifier:
                keyid:3B:23:04:42:FE:AE:9F:C2:6B:8B:D8:87:FA:A0:ED:02:75:82:7A:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OyMEQv6un8Jri9iH-qDtAnWCelg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/3a1094-9b70-4251-b68f-7267073761d4/1/srDQnbcODbsU73R17ZKsJFMTwmQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/81/3a1094-9b70-4251-b68f-7267073761d4/1/OyMEQv6un8Jri9iH-qDtAnWCelg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  78.140.64.0/18
                  81.7.192.0/19
                  82.210.192.0/18
                  93.122.0.0/17
                  185.149.164.0/22
                  194.41.39.0/24
                IPv6:
                  2a01:660::/29

    Signature Algorithm: sha256WithRSAEncryption
         bd:eb:e4:1f:f5:30:b4:8b:34:12:1d:2f:95:bf:83:d5:7d:97:
         40:b6:59:5f:7b:99:56:84:20:ef:c0:a3:60:61:bc:b2:51:d6:
         50:0f:90:89:d8:db:e5:24:9a:73:16:a1:28:6e:6c:b9:ae:29:
         da:e2:3a:34:47:63:cf:07:c0:5e:2b:aa:d9:80:cb:f6:23:a5:
         34:26:75:b3:0e:3a:39:1f:21:5f:d3:46:8e:8d:10:0f:02:67:
         b1:94:24:d0:66:e0:5d:60:e8:0a:c3:c1:5d:20:3c:be:6c:8b:
         6a:35:48:c0:d4:72:10:3b:eb:c5:2c:69:95:a9:ad:e1:8e:b3:
         58:0c:a3:6f:32:8d:08:d5:2b:c7:d8:46:dc:43:02:c1:2e:7e:
         d7:b8:fd:1b:4b:e5:a9:e5:9c:aa:4f:f6:10:48:67:3e:7e:b9:
         c2:77:c9:dc:17:a4:80:6b:df:83:a4:98:7e:2f:f8:04:b0:97:
         5e:7f:e6:c2:ba:b4:ff:26:7d:a1:36:95:32:e5:a0:e9:60:2c:
         c0:43:96:ff:dc:f5:fa:44:65:aa:4d:dc:4d:62:df:84:f2:61:
         97:de:68:07:5a:a2:c5:da:f7:bf:01:38:d5:a7:e4:69:b0:9c:
         94:e8:d2:2d:50:14:87:86:f2:5b:4d:06:a9:33:5a:71:e8:05:
         96:0f:0d:14
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYiPSMq4YM8M9FRTgEAH999HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiMjMwNDQyZmVhZTlmYzI2YjhiZDg4N2ZhYTBlZDAyNzU4
MjdhNTgwHhcNMjMwNjA2MDU1ODEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmIwZDA5ZGI3MGUwZGJiMTRlZjc0NzVlZDkyYWMyNDUzMTNjMjY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyF9x4zzvEKzO7LGBxeyE1Ng1gQJK
r1VjOwm1imfvRtR3dLFKwuQbO9cINKSxifzA7FXGCD2AGOR4TqUzs2m9Ak8S64zr
SuFi9yzXYCBmUrH3u2j5W6nMclMRrcUrRJsj5ofG2e5mUJwo8MJqgMkfwnFadXx5
XTFOOmM0E3Yxdyj+bMGeyxQpyZLJk4YyVJCOHoftxYmoF0W/qqlaI6WNL+IH4NRi
oljAJUkynH4Iy//Ptx7//cyzjHO+M2fqCz/1OJelDD2UgrQvH/l0jbR26j44t1Ew
uM9XIca5b6BOA6dKQ90maNMHHNVIyCCaKRMtLksV9iGz/Z5EhXcXC9RUbwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFLKw0J23Dg27FO90de2SrCRTE8JkMB8GA1UdIwQY
MBaAFDsjBEL+rp/Ca4vYh/qg7QJ1gnpYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3lNRVF2NnVuOEpyaTlpSC1xRHRBbldDZWxnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8zYTEwOTQtOWI3MC00MjUxLWI2OGYt
NzI2NzA3Mzc2MWQ0LzEvc3JEUW5iY09EYnNVNzNSMTdaS3NKRk1Ud21RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8zYTEwOTQtOWI3MC00MjUxLWI2OGYtNzI2NzA3Mzc2MWQ0
LzEvT3lNRVF2NnVuOEpyaTlpSC1xRHRBbldDZWxnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQGToxAAwQF
UQfAAwQGUtLAAwQHXXoAAwQCuZWkAwQAwiknMA0EAgACMAcDBQMqAQZgMA0GCSqG
SIb3DQEBCwUAA4IBAQC96+Qf9TC0izQSHS+Vv4PVfZdAtllfe5lWhCDvwKNgYbyy
UdZQD5CJ2NvlJJpzFqEobmy5rina4jo0R2PPB8BeK6rZgMv2I6U0JnWzDjo5HyFf
00aOjRAPAmexlCTQZuBdYOgKw8FdIDy+bItqNUjA1HIQO+vFLGmVqa3hjrNYDKNv
Mo0I1SvH2EbcQwLBLn7XuP0bS+Wp5ZyqT/YQSGc+frnCd8ncF6SAa9+DpJh+L/gE
sJdef+bCurT/Jn2hNpUy5aDpYCzAQ5b/3PX6RGWqTdxNYt+E8mGX3mgHWqLF2ve/
ATjVp+RpsJyU6NItUBSHhvJbTQapM1px6AWWDw0U
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:39 2024 by rpki-client on console-ams.rpki-client.org