Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/6WUxgBXaLWnU7mBJ0Y8oLv9Qp4Q.roa
File:                     6WUxgBXaLWnU7mBJ0Y8oLv9Qp4Q.roa (raw, json)
Hash identifier:          4El7ZbcNuckVwWGXDV/KbLNHoPSy0oLe26iUJGn19b4=
Subject key identifier:   E9:65:31:80:15:DA:2D:69:D4:EE:60:49:D1:8F:28:2E:FF:50:A7:84
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018AF46851B81BA8D331CE00A962281DCF0F
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/6WUxgBXaLWnU7mBJ0Y8oLv9Qp4Q.roa
Signing time:             Tue 03 Oct 2023 07:19:51 +0000
ROA not before:           Tue 03 Oct 2023 07:19:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61317
IP address blocks:        89.213.43.0/24 maxlen: 24
                          89.213.190.0/24 maxlen: 24
                          109.176.208.0/24 maxlen: 24
                          89.213.130.0/24 maxlen: 24
                          89.213.145.0/24 maxlen: 24
                          89.213.146.0/24 maxlen: 24
                          82.152.251.0/24 maxlen: 24
                          82.152.248.0/24 maxlen: 24
                          82.153.1.0/24 maxlen: 24
                          82.152.254.0/24 maxlen: 24
                          89.213.161.0/24 maxlen: 24
                          82.153.132.0/24 maxlen: 24
                          82.153.69.0/24 maxlen: 24
                          82.153.72.0/24 maxlen: 24
                          81.168.116.0/24 maxlen: 24
                          82.153.79.0/24 maxlen: 24
                          81.168.123.0/24 maxlen: 24
                          81.168.120.0/24 maxlen: 24
                          81.168.119.0/24 maxlen: 24
                          81.168.126.0/24 maxlen: 24
                          109.176.247.0/24 maxlen: 24
                          109.176.251.0/24 maxlen: 24
                          185.49.124.0/24 maxlen: 24
                          89.213.7.0/24 maxlen: 24
                          89.213.6.0/24 maxlen: 24
                          82.153.224.0/24 maxlen: 24
                          82.153.225.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 08 Nov 2023 07:59:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:f4:68:51:b8:1b:a8:d3:31:ce:00:a9:62:28:1d:cf:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Oct  3 07:19:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e965318015da2d69d4ee6049d18f282eff50a784
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:0f:f1:70:03:e3:ce:4a:e0:1b:e0:83:b1:5d:
                    cc:f6:5c:7c:d5:1f:08:a0:cd:54:e9:be:10:71:44:
                    dc:d4:f3:7f:e4:32:9c:04:3e:be:45:4d:58:e7:59:
                    67:9f:f1:ef:67:24:96:e8:74:d9:48:55:16:55:1c:
                    17:3b:20:5a:96:45:34:1c:b1:bb:d0:66:03:a2:f0:
                    2f:ee:74:69:4c:01:a8:89:2c:92:09:d8:64:bd:89:
                    b8:06:41:5c:a4:3d:f6:8b:28:58:4a:5f:89:7f:15:
                    91:ca:dc:3a:ee:92:bb:36:bd:a8:5f:86:78:96:0d:
                    b8:28:73:e0:cd:34:17:93:f1:72:54:9e:1a:6b:47:
                    d8:f8:f4:04:34:ef:fc:f1:66:08:ee:68:c8:09:83:
                    27:9c:1f:ae:e0:f1:1a:ef:7f:ff:d2:b7:3f:25:ce:
                    3c:3a:cb:39:fa:56:b0:6e:a7:93:8b:c4:52:97:62:
                    ab:32:6e:c0:29:fa:c4:99:a5:26:37:39:e6:1f:2b:
                    f0:57:0b:b1:72:f7:32:72:f0:65:0b:e3:53:d9:38:
                    f9:6a:35:27:76:5e:1b:90:ec:23:48:3b:e4:0d:3b:
                    b0:9c:5f:4a:2f:4f:60:e9:7f:00:fc:1e:50:0b:e8:
                    3b:6a:f2:1d:92:c3:4e:0c:3c:fe:3e:9f:87:b1:e7:
                    3b:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:65:31:80:15:DA:2D:69:D4:EE:60:49:D1:8F:28:2E:FF:50:A7:84
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/6WUxgBXaLWnU7mBJ0Y8oLv9Qp4Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.168.116.0/24
                  81.168.119.0-81.168.120.255
                  81.168.123.0/24
                  81.168.126.0/24
                  82.152.248.0/24
                  82.152.251.0/24
                  82.152.254.0/24
                  82.153.1.0/24
                  82.153.69.0/24
                  82.153.72.0/24
                  82.153.79.0/24
                  82.153.132.0/24
                  82.153.224.0/23
                  89.213.6.0/23
                  89.213.43.0/24
                  89.213.130.0/24
                  89.213.145.0-89.213.146.255
                  89.213.161.0/24
                  89.213.190.0/24
                  109.176.208.0/24
                  109.176.247.0/24
                  109.176.251.0/24
                  185.49.124.0/24

    Signature Algorithm: sha256WithRSAEncryption
         18:d8:43:7e:a1:d7:bc:66:d2:6b:55:a2:98:0c:a0:b7:9a:37:
         c8:2d:7d:9e:54:0c:99:bf:6b:3b:8a:0a:04:d3:e2:72:59:68:
         0b:0c:35:04:49:b1:28:14:09:9b:b9:c3:3d:58:3d:c7:66:ba:
         7f:5d:23:79:97:88:2f:a9:9e:01:6e:d8:6f:7b:0a:33:79:be:
         52:a6:d4:fd:b2:99:07:2a:1f:e3:11:d5:3d:03:b4:44:66:b9:
         af:2b:c0:e3:be:a3:19:85:84:ea:8f:03:c5:e2:c9:a9:99:59:
         7b:45:b7:08:58:ba:67:c7:15:33:85:ac:e3:83:06:76:68:93:
         04:42:7d:1c:c5:5e:f3:d7:12:62:13:f2:cb:6e:3c:ad:25:9b:
         b9:e1:44:cc:e3:45:1f:c2:3e:5a:cb:78:de:89:bb:7d:62:3d:
         23:5c:48:a7:93:e6:31:98:95:6d:fd:6d:da:7f:8a:2c:ca:78:
         e9:a6:1a:9d:31:4f:18:44:ea:2e:a9:8a:40:c4:c2:28:8f:16:
         30:1c:0d:12:05:6d:5d:77:9e:f0:dc:b8:9d:b2:da:67:a4:92:
         43:c5:3f:96:a5:b7:18:70:e1:28:e9:10:85:04:96:a2:bb:fc:
         8e:d9:c3:76:af:19:a8:ff:f2:00:66:3b:ad:5a:9e:3d:17:3a:
         21:64:29:5e
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgISAYr0aFG4G6jTMc4AqWIoHc8PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMxMDAzMDcxOTUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOTY1MzE4MDE1ZGEyZDY5ZDRlZTYwNDlkMThmMjgyZWZmNTBhNzg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjw/xcAPjzkrgG+CDsV3M9lx81R8I
oM1U6b4QcUTc1PN/5DKcBD6+RU1Y51lnn/HvZySW6HTZSFUWVRwXOyBalkU0HLG7
0GYDovAv7nRpTAGoiSySCdhkvYm4BkFcpD32iyhYSl+JfxWRytw67pK7Nr2oX4Z4
lg24KHPgzTQXk/FyVJ4aa0fY+PQENO/88WYI7mjICYMnnB+u4PEa73//0rc/Jc48
Oss5+lawbqeTi8RSl2KrMm7AKfrEmaUmNznmHyvwVwuxcvcycvBlC+NT2Tj5ajUn
dl4bkOwjSDvkDTuwnF9KL09g6X8A/B5QC+g7avIdksNODDz+Pp+Hsec7gQIDAQAB
o4ICojCCAp4wHQYDVR0OBBYEFOllMYAV2i1p1O5gSdGPKC7/UKeEMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvNldVeGdCWGFMV25VN21CSjBZOG9MdjlRcDRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG3BggrBgEFBQcBBwEB/wSBpzCBpDCBoQQCAAEwgZoDBABR
qHQwDAMEAFGodwMEAFGoeAMEAFGoewMEAFGofgMEAFKY+AMEAFKY+wMEAFKY/gME
AFKZAQMEAFKZRQMEAFKZSAMEAFKZTwMEAFKZhAMEAVKZ4AMEAVnVBgMEAFnVKwME
AFnVgjAMAwQAWdWRAwQAWdWSAwQAWdWhAwQAWdW+AwQAbbDQAwQAbbD3AwQAbbD7
AwQAuTF8MA0GCSqGSIb3DQEBCwUAA4IBAQAY2EN+ode8ZtJrVaKYDKC3mjfILX2e
VAyZv2s7igoE0+JyWWgLDDUESbEoFAmbucM9WD3HZrp/XSN5l4gvqZ4Bbthvewoz
eb5SptT9spkHKh/jEdU9A7REZrmvK8DjvqMZhYTqjwPF4smpmVl7RbcIWLpnxxUz
hazjgwZ2aJMEQn0cxV7z1xJiE/LLbjytJZu54UTM40Ufwj5ay3jeibt9Yj0jXEin
k+YxmJVt/W3af4osynjpphqdMU8YROouqYpAxMIojxYwHA0SBW1dd57w3Lidstpn
pJJDxT+WpbcYcOEo6RCFBJaiu/yO2cN2rxmo//IAZjutWp49FzohZCle
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:20 2024 by rpki-client on console-ams.rpki-client.org