Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/1-HyhxU_y5o6gGZQHrid3WJLjnSw.roa
File:                     1-HyhxU_y5o6gGZQHrid3WJLjnSw.roa (raw, json)
Hash identifier:          /pBDjZ2YwjQwa9+gFeIJGEK+gecNwGLoXBkS2dbSWsM=
Subject key identifier:   F8:7C:A1:C5:4F:F2:E6:8E:A0:19:94:07:AE:27:77:58:92:E3:9D:2C
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018C342DBBDC30A6EE966D908DE8B509B965
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/1-HyhxU_y5o6gGZQHrid3WJLjnSw.roa
Signing time:             Mon 04 Dec 2023 09:34:21 +0000
ROA not before:           Mon 04 Dec 2023 09:34:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        89.213.180.0/22 maxlen: 24
                          89.213.182.0/23 maxlen: 24
                          185.49.126.0/23 maxlen: 24
                          89.213.180.0/24 maxlen: 24
                          82.153.136.0/22 maxlen: 22
                          81.168.119.0/24 maxlen: 24
                          89.213.152.0/22 maxlen: 24
                          89.213.148.0/22 maxlen: 24
                          89.213.156.0/22 maxlen: 24
                          213.152.42.0/24 maxlen: 24
                          89.213.172.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Tue 12 Dec 2023 09:13:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:34:2d:bb:dc:30:a6:ee:96:6d:90:8d:e8:b5:09:b9:65
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Dec  4 09:34:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f87ca1c54ff2e68ea0199407ae27775892e39d2c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:88:ac:a1:e1:dd:bd:81:67:33:b2:bd:98:4e:
                    83:f0:ca:d1:56:93:2e:60:89:13:77:a8:95:d9:90:
                    73:ae:f8:5c:02:91:42:f0:4b:67:1d:d2:0a:67:22:
                    02:47:a5:5a:c2:ff:05:2c:6b:db:d2:fb:a2:f0:57:
                    76:9f:43:75:93:4e:a1:27:d4:74:ab:37:c9:53:5d:
                    de:b9:f6:20:53:c0:7a:5e:a0:2c:e6:1c:3d:cd:e6:
                    f8:c1:89:0e:9c:37:18:dd:65:dd:12:bb:82:20:d9:
                    e2:03:fb:40:4f:59:b9:28:83:e1:30:1f:dd:12:87:
                    ee:ff:3e:d1:7a:e5:a6:62:24:1d:1f:ca:40:32:ca:
                    aa:5a:9c:d3:38:fa:a7:bd:18:b6:a6:69:58:7c:39:
                    43:3f:07:45:82:6b:e1:58:a4:45:ed:ec:3d:55:f6:
                    b0:51:a2:e4:d6:9d:18:dc:84:19:ac:e5:a2:f9:1e:
                    07:4f:bb:31:4b:9e:aa:6c:2a:0a:d6:8f:8e:0e:3b:
                    b7:8b:6e:7d:64:a3:42:67:77:18:c6:95:9a:f3:97:
                    1a:15:ac:9d:32:f3:31:88:ae:9c:42:cd:1e:f6:df:
                    df:d0:6a:af:cd:bf:0f:a0:45:1e:bc:5c:20:a8:01:
                    b5:57:e6:d1:24:e9:e1:60:32:57:53:a5:ab:0f:cc:
                    cb:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:7C:A1:C5:4F:F2:E6:8E:A0:19:94:07:AE:27:77:58:92:E3:9D:2C
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/1-HyhxU_y5o6gGZQHrid3WJLjnSw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.168.119.0/24
                  82.153.136.0/22
                  89.213.148.0-89.213.159.255
                  89.213.172.0/22
                  89.213.180.0/22
                  185.49.126.0/23
                  213.152.42.0/24

    Signature Algorithm: sha256WithRSAEncryption
         58:4d:07:2c:9a:50:b7:23:94:9f:88:da:de:3d:cf:53:80:14:
         28:70:ba:a2:6d:39:70:e0:62:c9:8e:4c:60:61:9d:e1:42:bf:
         21:ed:ad:47:6d:6d:0f:c4:b9:fa:37:f4:d2:b3:de:da:f1:c1:
         8d:52:46:25:0d:cf:d5:b7:41:38:93:7f:97:15:7b:cc:a1:bb:
         84:e0:a8:64:a9:94:fa:bc:8f:61:88:00:dc:67:47:9e:14:3e:
         f1:c0:f0:23:71:66:dd:1c:3b:ae:18:99:79:cb:41:5d:47:1c:
         34:f0:ae:68:31:9f:6e:d9:fa:30:f6:36:5f:51:e9:39:0b:3b:
         f1:75:bd:62:06:d3:b3:ee:54:2d:a7:2f:0d:76:e1:b0:54:ca:
         97:2a:8d:15:b1:ef:d1:a4:d1:9f:e8:fb:96:3a:33:e3:dd:4b:
         4e:bb:3e:cd:ae:37:0c:bf:5f:d6:15:09:ac:7f:01:fe:c0:0e:
         d8:a3:cc:a4:b5:c5:af:0a:b4:e8:c1:b8:d9:c5:eb:29:b3:dd:
         81:e7:5f:3e:54:76:c3:f7:55:fc:66:15:d7:87:fb:da:dc:42:
         bb:ee:0a:c7:f0:14:41:87:36:60:af:0c:8a:2c:43:33:41:01:
         41:9d:ca:94:a0:6c:35:99:be:94:8a:ec:b3:90:80:fe:70:c9:
         8b:26:d3:fc
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYw0LbvcMKbulm2Qjei1CbllMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMxMjA0MDkzNDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODdjYTFjNTRmZjJlNjhlYTAxOTk0MDdhZTI3Nzc1ODkyZTM5ZDJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6IisoeHdvYFnM7K9mE6D8MrRVpMu
YIkTd6iV2ZBzrvhcApFC8EtnHdIKZyICR6Vawv8FLGvb0vui8Fd2n0N1k06hJ9R0
qzfJU13eufYgU8B6XqAs5hw9zeb4wYkOnDcY3WXdEruCINniA/tAT1m5KIPhMB/d
Eofu/z7ReuWmYiQdH8pAMsqqWpzTOPqnvRi2pmlYfDlDPwdFgmvhWKRF7ew9Vfaw
UaLk1p0Y3IQZrOWi+R4HT7sxS56qbCoK1o+ODju3i259ZKNCZ3cYxpWa85caFayd
MvMxiK6cQs0e9t/f0Gqvzb8PoEUevFwgqAG1V+bRJOnhYDJXU6WrD8zLkQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFPh8ocVP8uaOoBmUB64nd1iS450sMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvMS1IeWh4VV95NW82Z0daUUhyaWQzV0pMam5Tdy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOGEvNDlkYzAwLTk3ZTItNDYyOC1hZTM5LTQxMjI4ZTM5ZmY3
Yy8xL1A5TU5pbjRTX0h2Mkxnd1NIbnpDSnQ2bE81cy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBLBggrBgEFBQcBBwEB/wQ8MDowOAQCAAEwMgMEAFGodwME
AlKZiDAMAwQCWdWUAwQFWdWAAwQCWdWsAwQCWdW0AwQBuTF+AwQA1ZgqMA0GCSqG
SIb3DQEBCwUAA4IBAQBYTQcsmlC3I5SfiNrePc9TgBQocLqibTlw4GLJjkxgYZ3h
Qr8h7a1HbW0PxLn6N/TSs97a8cGNUkYlDc/Vt0E4k3+XFXvMobuE4KhkqZT6vI9h
iADcZ0eeFD7xwPAjcWbdHDuuGJl5y0FdRxw08K5oMZ9u2fow9jZfUek5Czvxdb1i
BtOz7lQtpy8NduGwVMqXKo0Vse/RpNGf6PuWOjPj3UtOuz7NrjcMv1/WFQmsfwH+
wA7Yo8yktcWvCrTowbjZxesps92B518+VHbD91X8ZhXXh/va3EK77grH8BRBhzZg
rwyKLEMzQQFBncqUoGw1mb6UiuyzkID+cMmLJtP8
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:13 2024 by rpki-client on console-fra.rpki-client.org