Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/44f9iboVLV1icVQ0p_aEw_waeEE.roa
File:                     44f9iboVLV1icVQ0p_aEw_waeEE.roa (raw, json)
Hash identifier:          cxhavoNffiy0Rpu5JZ67bTPak4NxE+C03d/hDzvf3Ag=
Subject key identifier:   E3:87:FD:89:BA:15:2D:5D:62:71:54:34:A7:F6:84:C3:FC:1A:78:41
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018A97BB67836EC9B6343F40B72F52E1C236
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/44f9iboVLV1icVQ0p_aEw_waeEE.roa
Signing time:             Fri 15 Sep 2023 07:25:55 +0000
ROA not before:           Fri 15 Sep 2023 07:25:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        81.168.41.0/24 maxlen: 24
                          82.153.137.0/24 maxlen: 24
                          82.153.139.0/24 maxlen: 24
                          82.153.136.0/22 maxlen: 22
                          82.153.140.0/24 maxlen: 24
                          82.153.67.0/24 maxlen: 24
                          109.176.216.0/24 maxlen: 24
                          109.176.217.0/24 maxlen: 24
                          109.176.218.0/24 maxlen: 24
                          109.176.219.0/24 maxlen: 24
                          82.153.73.0/24 maxlen: 24
                          109.176.221.0/24 maxlen: 24
                          109.176.222.0/24 maxlen: 24
                          109.176.223.0/24 maxlen: 24
                          109.176.220.0/24 maxlen: 24
                          82.153.78.0/24 maxlen: 24
                          109.176.245.0/24 maxlen: 24
                          109.176.249.0/24 maxlen: 24
                          109.176.250.0/24 maxlen: 24
                          109.176.248.0/24 maxlen: 24
                          82.153.227.0/24 maxlen: 24
                          185.49.125.0/24 maxlen: 24
                          82.153.240.0/24 maxlen: 24
                          185.49.126.0/23 maxlen: 24
                          82.153.250.0/24 maxlen: 24
                          81.5.156.0/24 maxlen: 24
                          82.153.221.0/24 maxlen: 24
                          82.153.223.0/24 maxlen: 24
                          82.153.225.0/24 maxlen: 24
                          82.152.111.0/24 maxlen: 24
                          89.213.173.0/24 maxlen: 24
                          89.213.174.0/24 maxlen: 24
                          89.213.184.0/24 maxlen: 24
                          89.213.185.0/24 maxlen: 24
                          89.213.188.0/24 maxlen: 24
                          89.213.189.0/24 maxlen: 24
                          109.176.211.0/24 maxlen: 24
                          109.176.208.0/24 maxlen: 24
                          109.176.209.0/24 maxlen: 24
                          89.213.133.0/24 maxlen: 24
                          89.213.137.0/24 maxlen: 24
                          89.213.138.0/24 maxlen: 24
                          89.213.134.0/24 maxlen: 24
                          89.213.135.0/24 maxlen: 24
                          89.213.136.0/24 maxlen: 24
                          89.213.145.0/24 maxlen: 24
                          89.213.141.0/24 maxlen: 24
                          89.213.146.0/24 maxlen: 24
                          82.152.253.0/24 maxlen: 24
                          82.152.250.0/24 maxlen: 24
                          82.152.252.0/24 maxlen: 24
                          82.152.255.0/24 maxlen: 24
                          82.153.1.0/24 maxlen: 24
                          89.213.160.0/24 maxlen: 24
                          89.213.163.0/24 maxlen: 24
                          89.213.164.0/24 maxlen: 24
                          89.213.172.0/24 maxlen: 24
                          89.213.170.0/24 maxlen: 24
                          89.213.168.0/24 maxlen: 24
                          81.168.116.0/24 maxlen: 24
                          81.168.123.0/24 maxlen: 24
                          81.168.119.0/24 maxlen: 24
                          213.152.61.0/24 maxlen: 24
                          213.152.62.0/24 maxlen: 24
                          213.152.42.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 18 Sep 2023 07:34:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:97:bb:67:83:6e:c9:b6:34:3f:40:b7:2f:52:e1:c2:36
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Sep 15 07:25:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e387fd89ba152d5d62715434a7f684c3fc1a7841
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:b7:c4:6e:a1:54:46:8e:87:f4:4e:6e:52:5d:
                    e6:86:a6:b7:28:9e:b9:4c:25:91:2e:83:0b:14:ad:
                    fd:f5:70:d1:a5:f6:b3:98:54:90:49:4e:f9:0f:d8:
                    4c:52:05:e4:b3:ed:c8:c6:23:da:68:01:cc:49:9d:
                    a6:26:f5:bf:87:c4:ab:1f:02:ba:c5:c5:75:cf:9e:
                    d8:65:30:b6:78:96:0e:ba:73:86:da:56:83:98:06:
                    cf:d4:61:b5:19:e1:a3:fe:9b:42:7f:12:ea:48:6a:
                    6a:ba:3b:18:49:b5:3e:d9:b8:7e:95:d0:12:b6:76:
                    6d:fe:84:62:d9:45:c4:38:38:ea:4f:3d:94:3a:ee:
                    07:65:f9:48:99:64:e4:37:b2:f6:a5:48:ae:e8:9a:
                    23:cd:ec:4c:79:0f:c6:55:e4:59:3d:f6:c0:78:24:
                    13:0f:1a:f3:04:ab:1c:d9:cf:9b:cd:54:eb:0f:c7:
                    05:af:f8:2c:a8:25:98:96:b6:b5:5e:22:4b:e4:d6:
                    92:e5:5c:8d:f3:ed:04:41:01:c1:8c:c2:e8:82:43:
                    15:bc:45:38:13:6c:a7:3e:43:21:53:21:b7:7a:8f:
                    88:65:59:77:d6:3d:05:21:02:fc:3b:c1:25:ef:e6:
                    ff:9d:52:69:df:c4:57:e7:4c:6f:52:bc:ce:25:47:
                    f3:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:87:FD:89:BA:15:2D:5D:62:71:54:34:A7:F6:84:C3:FC:1A:78:41
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/44f9iboVLV1icVQ0p_aEw_waeEE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.5.156.0/24
                  81.168.41.0/24
                  81.168.116.0/24
                  81.168.119.0/24
                  81.168.123.0/24
                  82.152.111.0/24
                  82.152.250.0/24
                  82.152.252.0/23
                  82.152.255.0/24
                  82.153.1.0/24
                  82.153.67.0/24
                  82.153.73.0/24
                  82.153.78.0/24
                  82.153.136.0-82.153.140.255
                  82.153.221.0/24
                  82.153.223.0/24
                  82.153.225.0/24
                  82.153.227.0/24
                  82.153.240.0/24
                  82.153.250.0/24
                  89.213.133.0-89.213.138.255
                  89.213.141.0/24
                  89.213.145.0-89.213.146.255
                  89.213.160.0/24
                  89.213.163.0-89.213.164.255
                  89.213.168.0/24
                  89.213.170.0/24
                  89.213.172.0-89.213.174.255
                  89.213.184.0/23
                  89.213.188.0/23
                  109.176.208.0/23
                  109.176.211.0/24
                  109.176.216.0/21
                  109.176.245.0/24
                  109.176.248.0-109.176.250.255
                  185.49.125.0-185.49.127.255
                  213.152.42.0/24
                  213.152.61.0-213.152.62.255

    Signature Algorithm: sha256WithRSAEncryption
         25:60:8f:3f:ca:df:45:a3:c3:2d:75:7c:c0:89:47:90:0f:81:
         ec:c8:c4:9d:4f:38:b1:63:12:7b:dc:a7:14:ed:1f:e5:c6:6b:
         1d:93:d6:ab:2a:8e:7c:d5:86:6a:11:01:98:09:a8:a5:ff:0b:
         c9:a1:49:7e:2d:af:c4:43:fa:73:29:38:98:59:01:e3:a4:e9:
         c4:19:5f:2c:db:ba:9d:17:d3:ce:a9:ad:02:1d:6d:9d:22:30:
         36:69:28:60:de:5f:bc:e9:28:c0:3e:a4:09:4b:25:e4:96:a0:
         47:ec:c6:04:eb:95:4a:9e:e8:ab:da:fd:25:ed:af:c2:22:3d:
         b3:f4:ce:c5:dc:14:a1:d4:a1:89:33:a0:6c:d5:61:7b:9f:d5:
         67:50:f1:17:01:bc:96:b7:72:b6:11:55:5c:40:1f:43:d0:b5:
         06:5c:f9:d8:32:00:67:bf:88:74:0b:6f:b9:25:d2:80:b9:e8:
         06:87:7a:ef:b8:0a:71:4f:b0:f2:96:89:3b:e5:a2:39:0a:a0:
         1e:95:31:47:2e:da:a3:8e:0c:09:29:a5:c3:29:8c:27:44:a8:
         4c:fb:65:13:06:41:bd:87:b5:ca:31:89:f7:ca:01:f4:a1:d5:
         9d:3d:20:52:9c:29:12:8a:fd:16:86:87:c5:49:09:01:91:0a:
         e8:49:48:23
-----BEGIN CERTIFICATE-----
MIIGJTCCBQ2gAwIBAgISAYqXu2eDbsm2ND9Aty9S4cI2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwOTE1MDcyNTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzg3ZmQ4OWJhMTUyZDVkNjI3MTU0MzRhN2Y2ODRjM2ZjMWE3ODQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAurfEbqFURo6H9E5uUl3mhqa3KJ65
TCWRLoMLFK399XDRpfazmFSQSU75D9hMUgXks+3IxiPaaAHMSZ2mJvW/h8SrHwK6
xcV1z57YZTC2eJYOunOG2laDmAbP1GG1GeGj/ptCfxLqSGpqujsYSbU+2bh+ldAS
tnZt/oRi2UXEODjqTz2UOu4HZflImWTkN7L2pUiu6JojzexMeQ/GVeRZPfbAeCQT
DxrzBKsc2c+bzVTrD8cFr/gsqCWYlra1XiJL5NaS5VyN8+0EQQHBjMLogkMVvEU4
E2ynPkMhUyG3eo+IZVl31j0FIQL8O8El7+b/nVJp38RX50xvUrzOJUfzzwIDAQAB
o4IDMTCCAy0wHQYDVR0OBBYEFOOH/Ym6FS1dYnFUNKf2hMP8GnhBMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvNDRmOWlib1ZMVjFpY1ZRMHBfYUV3X3dhZUVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBRQYIKwYBBQUHAQcBAf8EggE0MIIBMDCCASwEAgABMIIB
JAMEAFEFnAMEAFGoKQMEAFGodAMEAFGodwMEAFGoewMEAFKYbwMEAFKY+gMEAVKY
/AMEAFKY/wMEAFKZAQMEAFKZQwMEAFKZSQMEAFKZTjAMAwQDUpmIAwQAUpmMAwQA
UpndAwQAUpnfAwQAUpnhAwQAUpnjAwQAUpnwAwQAUpn6MAwDBABZ1YUDBABZ1YoD
BABZ1Y0wDAMEAFnVkQMEAFnVkgMEAFnVoDAMAwQAWdWjAwQAWdWkAwQAWdWoAwQA
WdWqMAwDBAJZ1awDBABZ1a4DBAFZ1bgDBAFZ1bwDBAFtsNADBABtsNMDBANtsNgD
BABtsPUwDAMEA22w+AMEAG2w+jAMAwQAuTF9AwQHuTEAAwQA1ZgqMAwDBADVmD0D
BADVmD4wDQYJKoZIhvcNAQELBQADggEBACVgjz/K30Wjwy11fMCJR5APgezIxJ1P
OLFjEnvcpxTtH+XGax2T1qsqjnzVhmoRAZgJqKX/C8mhSX4tr8RD+nMpOJhZAeOk
6cQZXyzbup0X086prQIdbZ0iMDZpKGDeX7zpKMA+pAlLJeSWoEfsxgTrlUqe6Kva
/SXtr8IiPbP0zsXcFKHUoYkzoGzVYXuf1WdQ8RcBvJa3crYRVVxAH0PQtQZc+dgy
AGe/iHQLb7kl0oC56AaHeu+4CnFPsPKWiTvlojkKoB6VMUcu2qOODAkppcMpjCdE
qEz7ZRMGQb2HtcoxiffKAfSh1Z09IFKcKRKK/RaGh8VJCQGRCuhJSCM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:13 2024 by rpki-client on console-fra.rpki-client.org