Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/2DJpmJM9L3ZNXCTwx_KKQPehTS0.roa
File:                     2DJpmJM9L3ZNXCTwx_KKQPehTS0.roa (raw, json)
Hash identifier:          5a/Dbu6VVIxl3XYetO5ngbSjnWSuhmQzx8bq5wxTTVM=
Subject key identifier:   D8:32:69:98:93:3D:2F:76:4D:5C:24:F0:C7:F2:8A:40:F7:A1:4D:2D
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018A8D857C46B0D5728A1ACA7887E4808D6A
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/2DJpmJM9L3ZNXCTwx_KKQPehTS0.roa
Signing time:             Wed 13 Sep 2023 07:50:50 +0000
ROA not before:           Wed 13 Sep 2023 07:50:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        81.168.41.0/24 maxlen: 24
                          82.153.137.0/24 maxlen: 24
                          82.153.139.0/24 maxlen: 24
                          82.153.136.0/22 maxlen: 22
                          82.153.140.0/24 maxlen: 24
                          82.153.67.0/24 maxlen: 24
                          109.176.216.0/24 maxlen: 24
                          109.176.217.0/24 maxlen: 24
                          109.176.218.0/24 maxlen: 24
                          109.176.219.0/24 maxlen: 24
                          82.153.73.0/24 maxlen: 24
                          109.176.221.0/24 maxlen: 24
                          109.176.222.0/24 maxlen: 24
                          109.176.223.0/24 maxlen: 24
                          109.176.220.0/24 maxlen: 24
                          82.153.78.0/24 maxlen: 24
                          109.176.245.0/24 maxlen: 24
                          109.176.246.0/24 maxlen: 24
                          109.176.249.0/24 maxlen: 24
                          109.176.250.0/24 maxlen: 24
                          109.176.248.0/24 maxlen: 24
                          82.153.227.0/24 maxlen: 24
                          185.49.125.0/24 maxlen: 24
                          82.153.240.0/24 maxlen: 24
                          185.49.126.0/23 maxlen: 24
                          82.153.249.0/24 maxlen: 24
                          82.153.250.0/24 maxlen: 24
                          81.5.156.0/24 maxlen: 24
                          82.153.221.0/24 maxlen: 24
                          82.153.223.0/24 maxlen: 24
                          82.153.225.0/24 maxlen: 24
                          82.152.111.0/24 maxlen: 24
                          89.213.173.0/24 maxlen: 24
                          89.213.174.0/24 maxlen: 24
                          89.213.184.0/24 maxlen: 24
                          89.213.185.0/24 maxlen: 24
                          89.213.188.0/24 maxlen: 24
                          89.213.189.0/24 maxlen: 24
                          109.176.211.0/24 maxlen: 24
                          109.176.208.0/24 maxlen: 24
                          109.176.209.0/24 maxlen: 24
                          89.213.133.0/24 maxlen: 24
                          89.213.137.0/24 maxlen: 24
                          89.213.138.0/24 maxlen: 24
                          89.213.139.0/24 maxlen: 24
                          89.213.134.0/24 maxlen: 24
                          89.213.135.0/24 maxlen: 24
                          89.213.136.0/24 maxlen: 24
                          89.213.145.0/24 maxlen: 24
                          89.213.141.0/24 maxlen: 24
                          89.213.146.0/24 maxlen: 24
                          82.152.253.0/24 maxlen: 24
                          82.152.252.0/24 maxlen: 24
                          82.152.255.0/24 maxlen: 24
                          82.153.1.0/24 maxlen: 24
                          89.213.160.0/24 maxlen: 24
                          89.213.162.0/24 maxlen: 24
                          89.213.163.0/24 maxlen: 24
                          89.213.164.0/24 maxlen: 24
                          89.213.172.0/24 maxlen: 24
                          89.213.170.0/24 maxlen: 24
                          89.213.168.0/24 maxlen: 24
                          81.168.116.0/24 maxlen: 24
                          81.168.123.0/24 maxlen: 24
                          81.168.119.0/24 maxlen: 24
                          213.152.61.0/24 maxlen: 24
                          213.152.62.0/24 maxlen: 24
                          213.152.42.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 14 Sep 2023 07:36:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:8d:85:7c:46:b0:d5:72:8a:1a:ca:78:87:e4:80:8d:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Sep 13 07:50:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d8326998933d2f764d5c24f0c7f28a40f7a14d2d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:45:b0:0a:01:15:f1:ea:d2:4b:dc:4e:92:bb:
                    be:15:1e:71:ee:95:ae:39:7a:2d:78:9a:66:7a:92:
                    bc:6f:28:b8:57:dc:96:69:63:b4:90:7f:9f:2e:49:
                    2d:0b:f0:75:e8:40:4e:b7:84:36:e0:26:e4:65:30:
                    0f:ca:7c:24:31:91:b0:cd:c3:27:a3:2d:55:06:73:
                    4b:73:0a:4d:46:86:bb:56:64:9e:a2:19:aa:97:10:
                    dc:66:7e:d1:db:af:65:3a:f9:9b:a8:e1:89:8f:26:
                    33:f5:36:eb:a0:1f:9b:d3:c9:78:08:df:01:93:92:
                    8f:61:34:6e:7e:b9:8f:68:0f:48:75:5a:59:f0:d5:
                    d5:88:82:ef:d0:fe:df:34:4d:70:81:dc:af:a6:b7:
                    c1:7a:13:d7:c1:20:a5:bb:80:fa:74:21:1d:3e:05:
                    37:a6:88:3d:51:9b:7c:80:78:41:0d:26:c4:ff:45:
                    1a:a8:31:c6:66:4e:1a:3f:b3:75:17:5c:2c:e9:fc:
                    c4:74:d8:57:c4:90:6e:e4:50:72:13:47:9c:ce:b1:
                    8c:d1:ec:f0:71:91:0c:9a:ce:f3:e6:16:c8:f8:d5:
                    0d:6e:ef:80:25:09:84:58:30:3f:95:1b:bb:ce:83:
                    6a:22:2c:3c:79:e3:94:bb:0f:1b:81:b8:0d:25:da:
                    3f:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:32:69:98:93:3D:2F:76:4D:5C:24:F0:C7:F2:8A:40:F7:A1:4D:2D
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/2DJpmJM9L3ZNXCTwx_KKQPehTS0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.5.156.0/24
                  81.168.41.0/24
                  81.168.116.0/24
                  81.168.119.0/24
                  81.168.123.0/24
                  82.152.111.0/24
                  82.152.252.0/23
                  82.152.255.0/24
                  82.153.1.0/24
                  82.153.67.0/24
                  82.153.73.0/24
                  82.153.78.0/24
                  82.153.136.0-82.153.140.255
                  82.153.221.0/24
                  82.153.223.0/24
                  82.153.225.0/24
                  82.153.227.0/24
                  82.153.240.0/24
                  82.153.249.0-82.153.250.255
                  89.213.133.0-89.213.139.255
                  89.213.141.0/24
                  89.213.145.0-89.213.146.255
                  89.213.160.0/24
                  89.213.162.0-89.213.164.255
                  89.213.168.0/24
                  89.213.170.0/24
                  89.213.172.0-89.213.174.255
                  89.213.184.0/23
                  89.213.188.0/23
                  109.176.208.0/23
                  109.176.211.0/24
                  109.176.216.0/21
                  109.176.245.0-109.176.246.255
                  109.176.248.0-109.176.250.255
                  185.49.125.0-185.49.127.255
                  213.152.42.0/24
                  213.152.61.0-213.152.62.255

    Signature Algorithm: sha256WithRSAEncryption
         02:98:2b:e4:15:c8:f3:75:fd:ec:aa:53:a6:4b:19:57:43:55:
         8b:0a:c7:d4:95:32:d3:8c:6d:1a:40:e7:54:ae:d4:a2:df:bc:
         a0:63:75:95:85:ac:59:b1:30:4b:33:31:c6:4c:11:ce:b4:53:
         42:1f:24:a7:02:55:ef:3c:b4:ee:d1:c6:25:64:8d:dc:b3:61:
         86:17:98:41:ee:13:7d:e4:a4:fa:86:42:26:61:be:96:63:b3:
         ec:0d:97:29:8f:f5:6f:2d:62:2a:f1:2b:76:99:9b:56:0b:36:
         d4:6b:68:98:7d:6a:3d:99:52:57:0f:54:a0:cc:80:58:d9:85:
         ff:6a:72:1a:94:1c:b5:fa:30:5c:7d:82:db:07:87:7d:52:fe:
         89:f2:df:7a:57:9c:af:65:d4:dd:9d:6b:fd:3c:bc:91:fc:dc:
         9f:31:59:40:6a:5f:6c:ce:b5:dc:eb:04:a2:92:1a:5c:ee:89:
         ab:c9:39:46:d8:34:79:89:f8:c5:f5:89:b6:71:4c:a0:cd:7c:
         14:56:83:4a:cb:bc:05:8f:6b:68:bd:26:07:40:57:c9:bb:c5:
         a7:b4:0a:11:d3:3b:aa:a2:bf:93:1f:fc:20:ed:4d:25:db:37:
         54:b0:22:19:53:ff:dc:47:81:96:c9:94:82:3b:bb:6c:02:7c:
         a3:ae:86:c4
-----BEGIN CERTIFICATE-----
MIIGLzCCBRegAwIBAgISAYqNhXxGsNVyihrKeIfkgI1qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwOTEzMDc1MDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODMyNjk5ODkzM2QyZjc2NGQ1YzI0ZjBjN2YyOGE0MGY3YTE0ZDJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm0WwCgEV8erSS9xOkru+FR5x7pWu
OXoteJpmepK8byi4V9yWaWO0kH+fLkktC/B16EBOt4Q24CbkZTAPynwkMZGwzcMn
oy1VBnNLcwpNRoa7VmSeohmqlxDcZn7R269lOvmbqOGJjyYz9TbroB+b08l4CN8B
k5KPYTRufrmPaA9IdVpZ8NXViILv0P7fNE1wgdyvprfBehPXwSClu4D6dCEdPgU3
pog9UZt8gHhBDSbE/0UaqDHGZk4aP7N1F1ws6fzEdNhXxJBu5FByE0eczrGM0ezw
cZEMms7z5hbI+NUNbu+AJQmEWDA/lRu7zoNqIiw8eeOUuw8bgbgNJdo/AwIDAQAB
o4IDOzCCAzcwHQYDVR0OBBYEFNgyaZiTPS92TVwk8MfyikD3oU0tMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvMkRKcG1KTTlMM1pOWENUd3hfS0tRUGVoVFMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBTwYIKwYBBQUHAQcBAf8EggE+MIIBOjCCATYEAgABMIIB
LgMEAFEFnAMEAFGoKQMEAFGodAMEAFGodwMEAFGoewMEAFKYbwMEAVKY/AMEAFKY
/wMEAFKZAQMEAFKZQwMEAFKZSQMEAFKZTjAMAwQDUpmIAwQAUpmMAwQAUpndAwQA
UpnfAwQAUpnhAwQAUpnjAwQAUpnwMAwDBABSmfkDBABSmfowDAMEAFnVhQMEAlnV
iAMEAFnVjTAMAwQAWdWRAwQAWdWSAwQAWdWgMAwDBAFZ1aIDBABZ1aQDBABZ1agD
BABZ1aowDAMEAlnVrAMEAFnVrgMEAVnVuAMEAVnVvAMEAW2w0AMEAG2w0wMEA22w
2DAMAwQAbbD1AwQAbbD2MAwDBANtsPgDBABtsPowDAMEALkxfQMEB7kxAAMEANWY
KjAMAwQA1Zg9AwQA1Zg+MA0GCSqGSIb3DQEBCwUAA4IBAQACmCvkFcjzdf3sqlOm
SxlXQ1WLCsfUlTLTjG0aQOdUrtSi37ygY3WVhaxZsTBLMzHGTBHOtFNCHySnAlXv
PLTu0cYlZI3cs2GGF5hB7hN95KT6hkImYb6WY7PsDZcpj/VvLWIq8St2mZtWCzbU
a2iYfWo9mVJXD1SgzIBY2YX/anIalBy1+jBcfYLbB4d9Uv6J8t96V5yvZdTdnWv9
PLyR/NyfMVlAal9szrXc6wSikhpc7omryTlG2DR5ifjF9Ym2cUygzXwUVoNKy7wF
j2tovSYHQFfJu8WntAoR0zuqor+TH/wg7U0l2zdUsCIZU//cR4GWyZSCO7tsAnyj
robE
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:19 2024 by rpki-client on console-ams.rpki-client.org