Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/7cb179-ad2c-4824-a1e5-ae07f32e4102/1/TlK8l39fO3XDxulL1rYKqnUs7k4.roa
File:                     TlK8l39fO3XDxulL1rYKqnUs7k4.roa (raw, json)
Hash identifier:          sqD0OuiUhU5uqGfEhrFzvlYzbdC1+XoAxaNm3dXMQpk=
Subject key identifier:   4E:52:BC:97:7F:5F:3B:75:C3:C6:E9:4B:D6:B6:0A:AA:75:2C:EE:4E
Certificate issuer:       /CN=fc44297e9271c6edf064915f6180ae12690dda8b
Certificate serial:       0188434F853533158DCA4BBB5DCE28E5A33D
Authority key identifier: FC:44:29:7E:92:71:C6:ED:F0:64:91:5F:61:80:AE:12:69:0D:DA:8B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_EQpfpJxxu3wZJFfYYCuEmkN2os.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/82/7cb179-ad2c-4824-a1e5-ae07f32e4102/1/TlK8l39fO3XDxulL1rYKqnUs7k4.roa
Signing time:             Mon 22 May 2023 11:54:24 +0000
ROA not before:           Mon 22 May 2023 11:54:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     5504
IP address blocks:        194.30.136.0/22 maxlen: 22
                          194.30.135.0/24 maxlen: 24
                          194.30.134.0/24 maxlen: 24
                          213.169.128.0/21 maxlen: 24
                          194.30.140.0/23 maxlen: 23
                          194.30.144.0/23 maxlen: 23
                          194.30.143.0/24 maxlen: 24
                          194.30.146.0/23 maxlen: 23
                          194.30.148.0/22 maxlen: 22
                          194.30.152.0/23 maxlen: 23
                          213.169.136.0/22 maxlen: 24
                          213.169.140.0/22 maxlen: 22
                          213.169.144.0/22 maxlen: 22
                          194.30.154.0/23 maxlen: 23
                          194.30.156.0/23 maxlen: 23
                          213.169.152.0/23 maxlen: 23
                          213.169.158.0/23 maxlen: 23
                          194.30.132.0/23 maxlen: 23
                          194.30.131.0/24 maxlen: 24
                          194.30.130.0/24 maxlen: 24
                          194.30.128.0/23 maxlen: 23
                          82.114.32.0/19 maxlen: 22
                          82.114.51.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 01 Dec 2023 13:34:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:43:4f:85:35:33:15:8d:ca:4b:bb:5d:ce:28:e5:a3:3d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fc44297e9271c6edf064915f6180ae12690dda8b
        Validity
            Not Before: May 22 11:54:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4e52bc977f5f3b75c3c6e94bd6b60aaa752cee4e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:3e:fb:5a:43:dc:bb:1c:0d:2b:63:d3:1b:8a:
                    e4:fb:ae:ba:6a:7c:e0:65:be:08:1c:90:29:20:25:
                    a9:1d:be:60:5e:5c:22:b3:91:76:90:27:78:bc:64:
                    0d:26:58:69:36:96:2b:03:cb:d9:79:bc:00:ba:f9:
                    78:f7:3f:e9:ba:25:13:5c:e7:63:34:60:4b:1e:72:
                    02:dd:48:94:03:bb:64:64:29:35:a2:b3:47:d7:2a:
                    39:95:30:c8:3b:ed:42:74:db:50:aa:20:28:5a:80:
                    cf:fd:9a:a0:af:23:3b:65:f1:c8:2b:9b:78:b9:4c:
                    ce:11:59:6a:33:ed:e5:df:fa:7b:e0:46:8d:9a:c5:
                    af:5e:e4:f7:a0:66:ca:c4:bd:58:7c:f4:c7:76:a5:
                    8c:41:35:19:69:87:c5:44:52:37:dd:2b:5c:34:0f:
                    3d:fa:e2:3a:95:a3:8e:50:f1:fb:15:8f:f5:55:35:
                    50:96:47:9d:3b:ab:22:b7:b9:e9:ba:58:2e:87:b1:
                    6f:ab:f7:48:f4:84:3b:8b:8c:b1:7c:b9:40:db:59:
                    89:05:49:e4:86:fb:07:59:e7:10:a6:31:8a:f4:28:
                    f7:b3:70:a1:a2:41:e4:29:85:1b:f3:b0:8f:28:83:
                    25:53:23:82:f0:87:92:db:d6:66:c7:6f:41:0b:1d:
                    43:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:52:BC:97:7F:5F:3B:75:C3:C6:E9:4B:D6:B6:0A:AA:75:2C:EE:4E
            X509v3 Authority Key Identifier:
                keyid:FC:44:29:7E:92:71:C6:ED:F0:64:91:5F:61:80:AE:12:69:0D:DA:8B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_EQpfpJxxu3wZJFfYYCuEmkN2os.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/7cb179-ad2c-4824-a1e5-ae07f32e4102/1/TlK8l39fO3XDxulL1rYKqnUs7k4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/82/7cb179-ad2c-4824-a1e5-ae07f32e4102/1/_EQpfpJxxu3wZJFfYYCuEmkN2os.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.114.32.0/19
                  194.30.128.0-194.30.141.255
                  194.30.143.0-194.30.157.255
                  213.169.128.0-213.169.147.255
                  213.169.152.0/23
                  213.169.158.0/23

    Signature Algorithm: sha256WithRSAEncryption
         29:33:d4:62:0a:c0:71:87:7d:0b:c1:87:e2:df:61:0a:2a:3c:
         ce:e0:8d:d4:56:43:62:3b:c1:85:92:96:13:2b:c2:b2:00:b7:
         94:67:8a:6c:d5:ce:8b:47:69:77:4e:98:a1:ca:1f:ac:90:7a:
         a2:a7:93:48:9f:05:9e:d6:13:ab:af:8c:19:dc:7b:dd:bb:f8:
         f1:91:fc:af:32:79:d7:76:48:eb:c3:ac:48:7c:78:e1:06:e7:
         70:c3:21:82:6b:16:c6:3d:76:d6:31:2d:9a:2d:71:53:45:f7:
         95:5f:bb:c9:75:1c:89:d4:06:b2:97:b5:4a:73:71:3b:01:03:
         92:3e:f0:e8:0c:ab:bd:96:28:25:73:d7:22:27:f8:e8:60:84:
         9b:c0:04:a8:c0:5a:b6:be:d9:8d:94:b3:e5:e1:af:28:31:67:
         9f:6a:b5:6f:50:2c:90:34:cc:50:64:a9:45:ea:a1:22:02:06:
         d6:5a:98:b5:db:27:3c:17:7d:f4:c0:40:d0:37:65:09:56:6f:
         22:bf:0e:26:d6:47:56:63:4a:b4:0d:59:fc:35:2d:ab:9e:1a:
         49:e5:8c:02:04:85:e7:26:36:12:6c:7c:f4:ff:01:b5:8e:37:
         d4:be:b5:b2:4c:21:41:6d:f2:54:58:71:74:72:e0:87:0c:1d:
         3d:6d:0f:cc
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYhDT4U1MxWNyku7Xc4o5aM9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjNDQyOTdlOTI3MWM2ZWRmMDY0OTE1ZjYxODBhZTEyNjkw
ZGRhOGIwHhcNMjMwNTIyMTE1NDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTUyYmM5NzdmNWYzYjc1YzNjNmU5NGJkNmI2MGFhYTc1MmNlZTRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoD77WkPcuxwNK2PTG4rk+666anzg
Zb4IHJApICWpHb5gXlwis5F2kCd4vGQNJlhpNpYrA8vZebwAuvl49z/puiUTXOdj
NGBLHnIC3UiUA7tkZCk1orNH1yo5lTDIO+1CdNtQqiAoWoDP/ZqgryM7ZfHIK5t4
uUzOEVlqM+3l3/p74EaNmsWvXuT3oGbKxL1YfPTHdqWMQTUZaYfFRFI33StcNA89
+uI6laOOUPH7FY/1VTVQlkedO6sit7npulguh7Fvq/dI9IQ7i4yxfLlA21mJBUnk
hvsHWecQpjGK9Cj3s3ChokHkKYUb87CPKIMlUyOC8IeS29Zmx29BCx1DZwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFE5SvJd/Xzt1w8bpS9a2Cqp1LO5OMB8GA1UdIwQY
MBaAFPxEKX6Sccbt8GSRX2GArhJpDdqLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0VRcGZwSnh4dTN3WkpGZllZQ3VFbWtOMm9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi83Y2IxNzktYWQyYy00ODI0LWExZTUt
YWUwN2YzMmU0MTAyLzEvVGxLOGwzOWZPM1hEeHVsTDFyWUtxblVzN2s0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi83Y2IxNzktYWQyYy00ODI0LWExZTUtYWUwN2YzMmU0MTAy
LzEvX0VRcGZwSnh4dTN3WkpGZllZQ3VFbWtOMm9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQFUnIgMAwD
BAfCHoADBAHCHowwDAMEAMIejwMEAcIenDAMAwQH1amAAwQC1amQAwQB1amYAwQB
1ameMA0GCSqGSIb3DQEBCwUAA4IBAQApM9RiCsBxh30LwYfi32EKKjzO4I3UVkNi
O8GFkpYTK8KyALeUZ4ps1c6LR2l3Tpihyh+skHqip5NInwWe1hOrr4wZ3Hvdu/jx
kfyvMnnXdkjrw6xIfHjhBudwwyGCaxbGPXbWMS2aLXFTRfeVX7vJdRyJ1Aayl7VK
c3E7AQOSPvDoDKu9liglc9ciJ/joYISbwASowFq2vtmNlLPl4a8oMWefarVvUCyQ
NMxQZKlF6qEiAgbWWpi12yc8F330wEDQN2UJVm8ivw4m1kdWY0q0DVn8NS2rnhpJ
5YwCBIXnJjYSbHz0/wG1jjfUvrWyTCFBbfJUWHF0cuCHDB09bQ/M
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:54 2024 by rpki-client on console-ams.rpki-client.org