Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/1-35a1WLbtqv_jP2LYommxpEd17Q.roa
File:                     1-35a1WLbtqv_jP2LYommxpEd17Q.roa (raw, json)
Hash identifier:          +Rbij++5cUC9b0wu5fizKKJXz6dZFUf/CusgxaLX664=
Subject key identifier:   FB:7E:5A:D5:62:DB:B6:AB:FF:8C:FD:8B:62:89:A6:C6:91:1D:D7:B4
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018945A50BD84A9749DFA37A76E022611DD6
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/1-35a1WLbtqv_jP2LYommxpEd17Q.roa
Signing time:             Tue 11 Jul 2023 15:49:51 +0000
ROA not before:           Tue 11 Jul 2023 15:49:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     200482
IP address blocks:        82.153.137.0/24 maxlen: 24
                          82.153.140.0/24 maxlen: 24
                          89.213.176.0/24 maxlen: 24
                          89.213.173.0/24 maxlen: 24
                          89.213.184.0/24 maxlen: 24
                          89.213.185.0/24 maxlen: 24
                          89.213.180.0/24 maxlen: 24
                          89.213.182.0/24 maxlen: 24
                          89.213.186.0/24 maxlen: 24
                          89.213.190.0/24 maxlen: 24
                          89.213.191.0/24 maxlen: 24
                          89.213.187.0/24 maxlen: 24
                          89.213.6.0/24 maxlen: 24
                          89.213.7.0/24 maxlen: 24
                          89.213.152.0/24 maxlen: 24
                          89.213.150.0/24 maxlen: 24
                          89.213.163.0/24 maxlen: 24
                          82.153.4.0/24 maxlen: 24
                          89.213.168.0/24 maxlen: 24
                          89.213.172.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 16 Jul 2023 09:02:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:45:a5:0b:d8:4a:97:49:df:a3:7a:76:e0:22:61:1d:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jul 11 15:49:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=fb7e5ad562dbb6abff8cfd8b6289a6c6911dd7b4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:81:df:79:17:33:3e:e6:37:d4:93:9e:14:6b:
                    f9:10:00:59:64:6b:03:8b:0e:d6:9d:b7:30:29:f3:
                    96:b3:e8:87:3d:65:cc:70:c0:6f:8a:c8:e7:7e:ee:
                    1e:87:6c:c0:7e:2e:60:42:2e:63:ea:40:28:de:e1:
                    d7:8a:df:7b:e7:5b:76:15:2b:fb:7a:87:e2:4f:92:
                    7b:03:5d:db:8c:c7:6e:d2:ac:4f:e4:bc:f6:12:91:
                    55:2b:67:0b:37:02:a5:6e:6e:ee:74:ca:df:4c:1b:
                    f3:49:08:8b:78:d7:de:de:9d:bd:26:6e:ab:25:12:
                    0e:01:ef:7a:54:69:3c:18:33:99:20:7b:bd:db:a4:
                    0d:cc:3b:2d:a1:28:7a:ec:96:d9:f3:a9:58:f0:83:
                    b7:00:38:86:5b:1e:39:e3:25:7f:93:72:9a:1b:d8:
                    e4:a6:68:d3:a8:39:b7:fa:6a:b7:ed:24:1b:e7:8d:
                    e0:a2:10:b2:fd:be:c5:a4:a2:26:c1:9f:6c:83:e0:
                    d7:07:70:8d:c7:e9:cf:25:e0:28:4b:20:ed:93:5e:
                    f2:b0:c0:0b:69:a4:ae:63:90:6c:67:ba:70:da:81:
                    4a:47:43:b9:4a:5d:b6:91:c0:00:ba:cf:c9:27:ea:
                    88:59:1e:a4:b9:ad:e8:18:2e:9a:6e:2f:73:84:c4:
                    10:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:7E:5A:D5:62:DB:B6:AB:FF:8C:FD:8B:62:89:A6:C6:91:1D:D7:B4
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/1-35a1WLbtqv_jP2LYommxpEd17Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.4.0/24
                  82.153.137.0/24
                  82.153.140.0/24
                  89.213.6.0/23
                  89.213.150.0/24
                  89.213.152.0/24
                  89.213.163.0/24
                  89.213.168.0/24
                  89.213.172.0/23
                  89.213.176.0/24
                  89.213.180.0/24
                  89.213.182.0/24
                  89.213.184.0/22
                  89.213.190.0/23

    Signature Algorithm: sha256WithRSAEncryption
         a5:f3:15:c0:1f:10:8e:de:23:7b:35:31:1b:fd:62:e7:96:2a:
         81:4f:1c:b9:8a:83:45:78:37:0e:b6:74:73:01:be:4e:c8:bc:
         e8:fc:e3:68:2e:ce:cf:fc:2b:e7:f3:f3:fa:44:4a:85:6e:82:
         45:6a:fd:e5:66:d7:af:13:a2:f4:36:2c:1a:4c:3c:3f:91:a4:
         50:98:53:9b:a2:d4:62:ba:cd:45:d4:33:af:54:3a:ea:4b:4e:
         4d:2b:7e:bd:39:a5:3c:4c:4e:7e:21:b1:e5:c0:72:9e:22:8c:
         ea:2c:eb:bc:63:a8:83:31:08:3c:07:cc:c3:56:71:de:6b:45:
         d7:44:71:57:2e:6f:84:80:9c:09:af:ff:06:28:2e:8f:77:cd:
         7d:08:36:05:42:18:c7:ee:8b:50:2d:22:fb:13:17:8e:2a:b4:
         d5:34:c1:a7:35:bd:91:fc:92:7c:3e:f5:2c:1d:d9:50:c9:57:
         50:84:80:76:8f:64:92:e1:ac:2c:19:3e:17:5d:f0:02:29:40:
         77:63:64:65:14:5a:b7:92:6e:47:fd:1b:ee:89:cf:79:82:da:
         bb:eb:e4:7f:25:8e:fe:11:0c:22:15:76:c1:ce:29:06:7a:f5:
         78:3d:e5:f6:8d:48:a5:54:a2:13:58:5d:64:4b:fb:e1:7c:a6:
         1a:8d:0e:8c
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgISAYlFpQvYSpdJ36N6duAiYR3WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNzExMTU0OTUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjdlNWFkNTYyZGJiNmFiZmY4Y2ZkOGI2Mjg5YTZjNjkxMWRkN2I0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqIHfeRczPuY31JOeFGv5EABZZGsD
iw7WnbcwKfOWs+iHPWXMcMBvisjnfu4eh2zAfi5gQi5j6kAo3uHXit9751t2FSv7
eofiT5J7A13bjMdu0qxP5Lz2EpFVK2cLNwKlbm7udMrfTBvzSQiLeNfe3p29Jm6r
JRIOAe96VGk8GDOZIHu926QNzDstoSh67JbZ86lY8IO3ADiGWx454yV/k3KaG9jk
pmjTqDm3+mq37SQb543gohCy/b7FpKImwZ9sg+DXB3CNx+nPJeAoSyDtk17ysMAL
aaSuY5BsZ7pw2oFKR0O5Sl22kcAAus/JJ+qIWR6kua3oGC6abi9zhMQQLQIDAQAB
o4ICWDCCAlQwHQYDVR0OBBYEFPt+WtVi27ar/4z9i2KJpsaRHde0MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvMS0zNWExV0xidHF2X2pQMkxZb21teHBFZDE3US5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOGEvNDlkYzAwLTk3ZTItNDYyOC1hZTM5LTQxMjI4ZTM5ZmY3
Yy8xL1A5TU5pbjRTX0h2Mkxnd1NIbnpDSnQ2bE81cy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBtBggrBgEFBQcBBwEB/wReMFwwWgQCAAEwVAMEAFKZBAME
AFKZiQMEAFKZjAMEAVnVBgMEAFnVlgMEAFnVmAMEAFnVowMEAFnVqAMEAVnVrAME
AFnVsAMEAFnVtAMEAFnVtgMEAlnVuAMEAVnVvjANBgkqhkiG9w0BAQsFAAOCAQEA
pfMVwB8Qjt4jezUxG/1i55YqgU8cuYqDRXg3DrZ0cwG+Tsi86PzjaC7Oz/wr5/Pz
+kRKhW6CRWr95WbXrxOi9DYsGkw8P5GkUJhTm6LUYrrNRdQzr1Q66ktOTSt+vTml
PExOfiGx5cByniKM6izrvGOogzEIPAfMw1Zx3mtF10RxVy5vhICcCa//Biguj3fN
fQg2BUIYx+6LUC0i+xMXjiq01TTBpzW9kfySfD71LB3ZUMlXUISAdo9kkuGsLBk+
F13wAilAd2NkZRRat5JuR/0b7onPeYLau+vkfyWO/hEMIhV2wc4pBnr1eD3l9o1I
pVSiE1hdZEv74XymGo0OjA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:13 2024 by rpki-client on console-fra.rpki-client.org