Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/673Oypajo2wAazUXYKY73_XLSWU.roa
File:                     673Oypajo2wAazUXYKY73_XLSWU.roa (raw, json)
Hash identifier:          e+7YCN8Oj8Fo//h/zAoC1mLo4CTfdTNRsnS7YAs/1+U=
Subject key identifier:   EB:BD:CE:CA:96:A3:A3:6C:00:6B:35:17:60:A6:3B:DF:F5:CB:49:65
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       0189CF56C64487642025A2F5380D4D450528
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/673Oypajo2wAazUXYKY73_XLSWU.roa
Signing time:             Mon 07 Aug 2023 09:31:57 +0000
ROA not before:           Mon 07 Aug 2023 09:31:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        81.168.41.0/24 maxlen: 24
                          82.153.137.0/24 maxlen: 24
                          82.153.136.0/22 maxlen: 22
                          82.153.140.0/24 maxlen: 24
                          109.176.214.0/24 maxlen: 24
                          109.176.215.0/24 maxlen: 24
                          109.176.216.0/24 maxlen: 24
                          109.176.218.0/24 maxlen: 24
                          82.153.73.0/24 maxlen: 24
                          109.176.220.0/24 maxlen: 24
                          82.153.78.0/24 maxlen: 24
                          109.176.240.0/24 maxlen: 24
                          109.176.242.0/24 maxlen: 24
                          109.176.243.0/24 maxlen: 24
                          109.176.250.0/24 maxlen: 24
                          109.176.247.0/24 maxlen: 24
                          109.176.248.0/24 maxlen: 24
                          82.153.227.0/24 maxlen: 24
                          185.49.125.0/24 maxlen: 24
                          82.153.240.0/24 maxlen: 24
                          185.49.126.0/23 maxlen: 24
                          82.153.249.0/24 maxlen: 24
                          81.5.156.0/24 maxlen: 24
                          82.153.221.0/24 maxlen: 24
                          82.153.223.0/24 maxlen: 24
                          82.152.111.0/24 maxlen: 24
                          89.213.41.0/24 maxlen: 24
                          89.213.42.0/24 maxlen: 24
                          89.213.44.0/24 maxlen: 24
                          89.213.173.0/24 maxlen: 24
                          89.213.175.0/24 maxlen: 24
                          89.213.179.0/24 maxlen: 24
                          89.213.176.0/24 maxlen: 24
                          89.213.177.0/24 maxlen: 24
                          89.213.180.0/24 maxlen: 24
                          89.213.181.0/24 maxlen: 24
                          89.213.182.0/24 maxlen: 24
                          89.213.186.0/24 maxlen: 24
                          89.213.184.0/24 maxlen: 24
                          89.213.185.0/24 maxlen: 24
                          89.213.187.0/24 maxlen: 24
                          109.176.211.0/24 maxlen: 24
                          109.176.213.0/24 maxlen: 24
                          89.213.139.0/24 maxlen: 24
                          89.213.136.0/24 maxlen: 24
                          89.213.140.0/24 maxlen: 24
                          89.213.152.0/24 maxlen: 24
                          89.213.148.0/24 maxlen: 24
                          89.213.149.0/24 maxlen: 24
                          89.213.150.0/24 maxlen: 24
                          82.152.253.0/24 maxlen: 24
                          82.152.252.0/24 maxlen: 24
                          89.213.158.0/24 maxlen: 24
                          89.213.155.0/24 maxlen: 24
                          89.213.156.0/24 maxlen: 24
                          89.213.157.0/24 maxlen: 24
                          82.152.255.0/24 maxlen: 24
                          82.153.1.0/24 maxlen: 24
                          89.213.160.0/24 maxlen: 24
                          89.213.162.0/24 maxlen: 24
                          89.213.163.0/24 maxlen: 24
                          89.213.169.0/24 maxlen: 24
                          89.213.168.0/24 maxlen: 24
                          81.168.116.0/24 maxlen: 24
                          81.168.123.0/24 maxlen: 24
                          81.168.119.0/24 maxlen: 24
                          89.213.7.0/24 maxlen: 24
                          213.152.42.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 07 Aug 2023 10:29:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:cf:56:c6:44:87:64:20:25:a2:f5:38:0d:4d:45:05:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Aug  7 09:31:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ebbdceca96a3a36c006b351760a63bdff5cb4965
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:4a:36:5d:30:f1:4f:a7:fd:01:f1:bb:e8:91:
                    91:8f:e1:b8:f1:a2:b4:09:3b:06:7f:d7:b4:b1:59:
                    f5:3d:91:04:7b:9a:65:3f:96:a4:2e:1d:ed:ad:26:
                    c5:38:74:5c:77:63:0c:05:3d:00:43:69:4e:04:52:
                    c0:02:a5:3a:f4:18:ad:3d:d4:8d:b3:3c:2e:e1:ff:
                    7a:40:41:ff:cc:13:43:7d:17:6b:55:db:46:e0:01:
                    a6:da:5e:48:a5:33:2e:41:d3:77:50:36:99:ae:c3:
                    55:4a:31:08:4b:ee:96:59:3a:d1:eb:37:45:03:60:
                    1c:1f:80:69:0d:f6:17:91:43:c7:21:2f:b5:bf:32:
                    82:f4:63:9a:77:14:72:d9:8a:90:47:f5:eb:a1:03:
                    23:86:cd:e1:7e:13:7f:69:4c:0b:e1:7f:1f:87:8d:
                    5e:5c:18:5a:f0:1d:5f:1d:b9:c3:5a:c2:57:a6:58:
                    47:a0:94:a6:dd:ee:45:2a:48:76:c9:69:1a:e9:5a:
                    b4:2e:7c:c4:3f:b3:81:db:03:d5:19:45:0f:b4:b1:
                    78:c6:ee:31:25:c8:a7:db:df:6e:8e:0e:94:af:a4:
                    ea:a2:03:08:fb:79:68:32:2c:c2:e9:f8:14:d8:25:
                    a3:64:1d:d7:83:a1:ca:c8:36:db:bd:8e:b6:09:38:
                    52:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:BD:CE:CA:96:A3:A3:6C:00:6B:35:17:60:A6:3B:DF:F5:CB:49:65
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/673Oypajo2wAazUXYKY73_XLSWU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.5.156.0/24
                  81.168.41.0/24
                  81.168.116.0/24
                  81.168.119.0/24
                  81.168.123.0/24
                  82.152.111.0/24
                  82.152.252.0/23
                  82.152.255.0/24
                  82.153.1.0/24
                  82.153.73.0/24
                  82.153.78.0/24
                  82.153.136.0-82.153.140.255
                  82.153.221.0/24
                  82.153.223.0/24
                  82.153.227.0/24
                  82.153.240.0/24
                  82.153.249.0/24
                  89.213.7.0/24
                  89.213.41.0-89.213.42.255
                  89.213.44.0/24
                  89.213.136.0/24
                  89.213.139.0-89.213.140.255
                  89.213.148.0-89.213.150.255
                  89.213.152.0/24
                  89.213.155.0-89.213.158.255
                  89.213.160.0/24
                  89.213.162.0/23
                  89.213.168.0/23
                  89.213.173.0/24
                  89.213.175.0-89.213.177.255
                  89.213.179.0-89.213.182.255
                  89.213.184.0/22
                  109.176.211.0/24
                  109.176.213.0-109.176.216.255
                  109.176.218.0/24
                  109.176.220.0/24
                  109.176.240.0/24
                  109.176.242.0/23
                  109.176.247.0-109.176.248.255
                  109.176.250.0/24
                  185.49.125.0-185.49.127.255
                  213.152.42.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ac:4e:bd:0f:60:ea:16:ec:72:7f:51:7b:ce:37:82:0e:14:51:
         d9:10:99:d5:54:93:48:e7:79:9e:c0:43:19:4f:50:6d:11:19:
         7b:65:2f:36:02:ac:80:8c:14:95:94:55:e1:53:2b:10:77:58:
         35:3e:18:79:a2:ce:90:02:be:58:dc:0e:2d:7e:3d:76:4e:3e:
         a4:fb:09:a7:24:3b:40:d4:06:b1:fa:37:13:fa:61:35:6d:ab:
         14:4c:18:a8:b7:1d:48:1f:8c:7d:ff:ac:e8:40:a8:c8:b9:94:
         96:52:60:bd:c3:23:85:8d:d1:74:6d:d3:03:af:5b:f0:e3:0f:
         8a:90:38:ea:8d:5a:7a:29:36:16:ea:c1:60:44:eb:a3:e2:64:
         a4:c5:14:80:ed:7d:71:29:2d:2b:24:a1:c7:87:67:3e:02:3c:
         14:a7:a3:ee:7a:39:c0:37:6d:f7:43:ea:bb:79:a9:c8:8e:bf:
         b6:18:57:4e:95:71:77:0e:92:76:e8:b9:18:25:6d:13:d6:aa:
         85:7b:ee:5a:a8:9c:4c:d5:fb:ff:36:6f:2d:8a:24:94:ce:ff:
         3e:b5:5c:75:ad:38:a1:65:e9:e0:1c:f1:d9:ed:f0:cb:4a:49:
         2b:00:1a:ff:c6:0e:2c:f7:ab:e2:b2:6d:83:3a:19:ce:5f:6b:
         d4:e3:7f:7b
-----BEGIN CERTIFICATE-----
MIIGTTCCBTWgAwIBAgISAYnPVsZEh2QgJaL1OA1NRQUoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwODA3MDkzMTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYmJkY2VjYTk2YTNhMzZjMDA2YjM1MTc2MGE2M2JkZmY1Y2I0OTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApEo2XTDxT6f9AfG76JGRj+G48aK0
CTsGf9e0sVn1PZEEe5plP5akLh3trSbFOHRcd2MMBT0AQ2lOBFLAAqU69BitPdSN
szwu4f96QEH/zBNDfRdrVdtG4AGm2l5IpTMuQdN3UDaZrsNVSjEIS+6WWTrR6zdF
A2AcH4BpDfYXkUPHIS+1vzKC9GOadxRy2YqQR/XroQMjhs3hfhN/aUwL4X8fh41e
XBha8B1fHbnDWsJXplhHoJSm3e5FKkh2yWka6Vq0LnzEP7OB2wPVGUUPtLF4xu4x
Jcin299ujg6Ur6TqogMI+3loMizC6fgU2CWjZB3Xg6HKyDbbvY62CThStQIDAQAB
o4IDWTCCA1UwHQYDVR0OBBYEFOu9zsqWo6NsAGs1F2CmO9/1y0llMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvNjczT3lwYWpvMndBYXpVWFlLWTczX1hMU1dVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBbQYIKwYBBQUHAQcBAf8EggFcMIIBWDCCAVQEAgABMIIB
TAMEAFEFnAMEAFGoKQMEAFGodAMEAFGodwMEAFGoewMEAFKYbwMEAVKY/AMEAFKY
/wMEAFKZAQMEAFKZSQMEAFKZTjAMAwQDUpmIAwQAUpmMAwQAUpndAwQAUpnfAwQA
UpnjAwQAUpnwAwQAUpn5AwQAWdUHMAwDBABZ1SkDBABZ1SoDBABZ1SwDBABZ1Ygw
DAMEAFnViwMEAFnVjDAMAwQCWdWUAwQAWdWWAwQAWdWYMAwDBABZ1ZsDBABZ1Z4D
BABZ1aADBAFZ1aIDBAFZ1agDBABZ1a0wDAMEAFnVrwMEAVnVsDAMAwQAWdWzAwQA
WdW2AwQCWdW4AwQAbbDTMAwDBABtsNUDBABtsNgDBABtsNoDBABtsNwDBABtsPAD
BAFtsPIwDAMEAG2w9wMEAG2w+AMEAG2w+jAMAwQAuTF9AwQHuTEAAwQA1ZgqMA0G
CSqGSIb3DQEBCwUAA4IBAQCsTr0PYOoW7HJ/UXvON4IOFFHZEJnVVJNI53mewEMZ
T1BtERl7ZS82AqyAjBSVlFXhUysQd1g1Phh5os6QAr5Y3A4tfj12Tj6k+wmnJDtA
1Aax+jcT+mE1basUTBiotx1IH4x9/6zoQKjIuZSWUmC9wyOFjdF0bdMDr1vw4w+K
kDjqjVp6KTYW6sFgROuj4mSkxRSA7X1xKS0rJKHHh2c+AjwUp6PuejnAN233Q+q7
eanIjr+2GFdOlXF3DpJ26LkYJW0T1qqFe+5aqJxM1fv/Nm8tiiSUzv8+tVx1rTih
ZengHPHZ7fDLSkkrABr/xg4s96vism2DOhnOX2vU4397
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:20 2024 by rpki-client on console-ams.rpki-client.org