Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/8dp9S7rhzB2rFloxyOfpqfZEyTk.roa
File:                     8dp9S7rhzB2rFloxyOfpqfZEyTk.roa (raw, json)
Hash identifier:          cP8ZHRQ3docF8OWfzQRBaoeyku8OuBtGZnrUkRSxKeI=
Subject key identifier:   F1:DA:7D:4B:BA:E1:CC:1D:AB:16:5A:31:C8:E7:E9:A9:F6:44:C9:39
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018A02444B06E702850F74D652E32AAA4B47
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/8dp9S7rhzB2rFloxyOfpqfZEyTk.roa
Signing time:             Thu 17 Aug 2023 06:52:24 +0000
ROA not before:           Thu 17 Aug 2023 06:52:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        81.168.41.0/24 maxlen: 24
                          82.153.137.0/24 maxlen: 24
                          82.153.139.0/24 maxlen: 24
                          82.153.136.0/22 maxlen: 22
                          82.153.140.0/24 maxlen: 24
                          109.176.216.0/24 maxlen: 24
                          109.176.217.0/24 maxlen: 24
                          109.176.218.0/24 maxlen: 24
                          109.176.219.0/24 maxlen: 24
                          82.153.73.0/24 maxlen: 24
                          109.176.221.0/24 maxlen: 24
                          109.176.222.0/24 maxlen: 24
                          109.176.223.0/24 maxlen: 24
                          109.176.220.0/24 maxlen: 24
                          82.153.78.0/24 maxlen: 24
                          109.176.240.0/24 maxlen: 24
                          109.176.242.0/24 maxlen: 24
                          109.176.243.0/24 maxlen: 24
                          109.176.245.0/24 maxlen: 24
                          109.176.246.0/24 maxlen: 24
                          109.176.249.0/24 maxlen: 24
                          109.176.250.0/24 maxlen: 24
                          109.176.248.0/24 maxlen: 24
                          82.153.227.0/24 maxlen: 24
                          185.49.125.0/24 maxlen: 24
                          82.153.240.0/24 maxlen: 24
                          185.49.126.0/23 maxlen: 24
                          82.153.249.0/24 maxlen: 24
                          82.153.250.0/24 maxlen: 24
                          81.5.156.0/24 maxlen: 24
                          82.153.221.0/24 maxlen: 24
                          82.153.223.0/24 maxlen: 24
                          82.153.225.0/24 maxlen: 24
                          82.152.111.0/24 maxlen: 24
                          89.213.40.0/24 maxlen: 24
                          89.213.41.0/24 maxlen: 24
                          89.213.42.0/24 maxlen: 24
                          89.213.43.0/24 maxlen: 24
                          89.213.44.0/24 maxlen: 24
                          89.213.45.0/24 maxlen: 24
                          89.213.173.0/24 maxlen: 24
                          89.213.174.0/24 maxlen: 24
                          89.213.175.0/24 maxlen: 24
                          89.213.179.0/24 maxlen: 24
                          89.213.176.0/24 maxlen: 24
                          89.213.177.0/24 maxlen: 24
                          89.213.178.0/24 maxlen: 24
                          89.213.180.0/24 maxlen: 24
                          89.213.181.0/24 maxlen: 24
                          89.213.182.0/24 maxlen: 24
                          89.213.186.0/24 maxlen: 24
                          89.213.183.0/24 maxlen: 24
                          89.213.184.0/24 maxlen: 24
                          89.213.185.0/24 maxlen: 24
                          89.213.187.0/24 maxlen: 24
                          89.213.188.0/24 maxlen: 24
                          89.213.189.0/24 maxlen: 24
                          109.176.211.0/24 maxlen: 24
                          89.213.133.0/24 maxlen: 24
                          89.213.139.0/24 maxlen: 24
                          89.213.134.0/24 maxlen: 24
                          89.213.136.0/24 maxlen: 24
                          89.213.141.0/24 maxlen: 24
                          89.213.140.0/24 maxlen: 24
                          89.213.146.0/24 maxlen: 24
                          89.213.151.0/24 maxlen: 24
                          89.213.152.0/24 maxlen: 24
                          89.213.148.0/24 maxlen: 24
                          89.213.149.0/24 maxlen: 24
                          89.213.150.0/24 maxlen: 24
                          82.152.253.0/24 maxlen: 24
                          82.152.252.0/24 maxlen: 24
                          89.213.153.0/24 maxlen: 24
                          89.213.154.0/24 maxlen: 24
                          89.213.158.0/24 maxlen: 24
                          89.213.159.0/24 maxlen: 24
                          89.213.155.0/24 maxlen: 24
                          89.213.157.0/24 maxlen: 24
                          82.152.255.0/24 maxlen: 24
                          82.153.1.0/24 maxlen: 24
                          89.213.160.0/24 maxlen: 24
                          89.213.162.0/24 maxlen: 24
                          89.213.163.0/24 maxlen: 24
                          89.213.164.0/24 maxlen: 24
                          89.213.172.0/24 maxlen: 24
                          89.213.169.0/24 maxlen: 24
                          89.213.168.0/24 maxlen: 24
                          81.168.116.0/24 maxlen: 24
                          81.168.123.0/24 maxlen: 24
                          81.168.119.0/24 maxlen: 24
                          213.152.61.0/24 maxlen: 24
                          89.213.5.0/24 maxlen: 24
                          213.152.42.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 18 Aug 2023 06:58:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:02:44:4b:06:e7:02:85:0f:74:d6:52:e3:2a:aa:4b:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Aug 17 06:52:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f1da7d4bbae1cc1dab165a31c8e7e9a9f644c939
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:a9:e4:fa:79:6b:07:93:4a:d6:44:c0:ff:9d:
                    70:12:ac:2a:5a:63:ee:67:33:2f:19:2a:28:92:8e:
                    a6:72:a9:c8:b4:60:50:6d:20:ca:78:d1:44:de:c6:
                    bc:ef:23:5a:4d:33:af:08:26:71:d1:06:e2:27:74:
                    51:41:70:29:ff:a6:4b:a4:74:bd:90:4c:aa:01:24:
                    ea:65:cf:c9:eb:08:45:99:3d:7e:ca:63:e9:4e:68:
                    0b:7d:a9:18:96:93:c0:cc:64:18:e0:3b:09:71:9b:
                    7d:de:70:51:f0:ba:61:d3:19:ff:df:1e:f9:b1:7f:
                    7a:3d:19:34:a5:f1:d9:88:0d:fa:d4:2c:2b:95:8f:
                    56:39:96:5a:69:39:d2:c2:1a:b1:02:0d:ca:3d:a9:
                    81:e7:ba:0c:d0:a8:61:18:19:de:60:96:7c:7c:9b:
                    c7:ef:20:9b:7f:21:10:15:2f:30:b7:cf:0a:e6:1d:
                    e7:d6:9b:e5:c0:4c:21:ad:92:e3:73:5f:9e:f5:00:
                    2b:3b:5a:75:f5:da:f7:a2:bf:f8:45:62:56:66:31:
                    b4:76:10:b3:a7:c5:02:95:02:41:1f:65:a4:0f:86:
                    d5:3c:b6:ce:11:69:0f:11:53:fa:7c:1b:0f:9d:9e:
                    49:21:ec:c9:ed:7f:65:38:dc:d2:66:97:72:06:6a:
                    e7:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:DA:7D:4B:BA:E1:CC:1D:AB:16:5A:31:C8:E7:E9:A9:F6:44:C9:39
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/8dp9S7rhzB2rFloxyOfpqfZEyTk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.5.156.0/24
                  81.168.41.0/24
                  81.168.116.0/24
                  81.168.119.0/24
                  81.168.123.0/24
                  82.152.111.0/24
                  82.152.252.0/23
                  82.152.255.0/24
                  82.153.1.0/24
                  82.153.73.0/24
                  82.153.78.0/24
                  82.153.136.0-82.153.140.255
                  82.153.221.0/24
                  82.153.223.0/24
                  82.153.225.0/24
                  82.153.227.0/24
                  82.153.240.0/24
                  82.153.249.0-82.153.250.255
                  89.213.5.0/24
                  89.213.40.0-89.213.45.255
                  89.213.133.0-89.213.134.255
                  89.213.136.0/24
                  89.213.139.0-89.213.141.255
                  89.213.146.0/24
                  89.213.148.0-89.213.155.255
                  89.213.157.0-89.213.160.255
                  89.213.162.0-89.213.164.255
                  89.213.168.0/23
                  89.213.172.0-89.213.189.255
                  109.176.211.0/24
                  109.176.216.0/21
                  109.176.240.0/24
                  109.176.242.0/23
                  109.176.245.0-109.176.246.255
                  109.176.248.0-109.176.250.255
                  185.49.125.0-185.49.127.255
                  213.152.42.0/24
                  213.152.61.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3a:fe:f8:21:72:36:1f:42:d2:4d:a8:f2:b5:b5:42:21:04:e7:
         43:90:91:79:15:73:ed:fb:f1:83:05:f7:81:ad:27:4e:31:16:
         7b:60:cc:66:d7:c4:86:08:fb:4f:23:67:7e:6d:96:14:95:00:
         51:11:9e:1d:22:3f:97:02:32:86:91:7c:a5:03:13:22:3b:a8:
         5a:a2:a2:9b:49:42:77:3f:c9:b6:fe:49:8b:23:1a:62:29:bb:
         f1:a7:1a:3c:e9:43:bb:e8:7d:0e:9e:fb:4e:98:cd:7a:8e:11:
         9f:f6:a5:d2:7e:a6:2d:16:92:c7:2f:95:3f:27:89:4f:4a:24:
         02:55:a9:65:3c:c4:39:34:15:c0:ca:6d:8e:16:32:87:b0:c3:
         93:fa:25:46:72:4d:38:60:c0:f7:87:e4:bb:a3:2d:19:fa:02:
         7d:da:77:d7:6a:d8:ed:e5:98:29:97:60:cb:3c:9a:3f:ab:a3:
         db:5f:c0:cb:1b:f1:7c:85:6d:ae:a5:64:3c:d6:e5:b5:99:de:
         bd:e7:7f:23:97:71:bc:ed:b6:37:ac:e9:b2:f1:84:1d:91:f3:
         ce:a4:cc:3c:78:1b:f3:2c:15:a7:0d:e1:b5:3e:14:87:ca:b9:
         9b:aa:3e:98:ae:76:c9:7e:b0:4e:8b:e9:59:b8:7a:be:8d:a4:
         f2:1a:56:8c
-----BEGIN CERTIFICATE-----
MIIGRTCCBS2gAwIBAgISAYoCREsG5wKFD3TWUuMqqktHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwODE3MDY1MjI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWRhN2Q0YmJhZTFjYzFkYWIxNjVhMzFjOGU3ZTlhOWY2NDRjOTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlKnk+nlrB5NK1kTA/51wEqwqWmPu
ZzMvGSooko6mcqnItGBQbSDKeNFE3sa87yNaTTOvCCZx0QbiJ3RRQXAp/6ZLpHS9
kEyqASTqZc/J6whFmT1+ymPpTmgLfakYlpPAzGQY4DsJcZt93nBR8Lph0xn/3x75
sX96PRk0pfHZiA361CwrlY9WOZZaaTnSwhqxAg3KPamB57oM0KhhGBneYJZ8fJvH
7yCbfyEQFS8wt88K5h3n1pvlwEwhrZLjc1+e9QArO1p19dr3or/4RWJWZjG0dhCz
p8UClQJBH2WkD4bVPLbOEWkPEVP6fBsPnZ5JIezJ7X9lONzSZpdyBmrnswIDAQAB
o4IDUTCCA00wHQYDVR0OBBYEFPHafUu64cwdqxZaMcjn6an2RMk5MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvOGRwOVM3cmh6QjJyRmxveHlPZnBxZlpFeVRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBZQYIKwYBBQUHAQcBAf8EggFUMIIBUDCCAUwEAgABMIIB
RAMEAFEFnAMEAFGoKQMEAFGodAMEAFGodwMEAFGoewMEAFKYbwMEAVKY/AMEAFKY
/wMEAFKZAQMEAFKZSQMEAFKZTjAMAwQDUpmIAwQAUpmMAwQAUpndAwQAUpnfAwQA
UpnhAwQAUpnjAwQAUpnwMAwDBABSmfkDBABSmfoDBABZ1QUwDAMEA1nVKAMEAVnV
LDAMAwQAWdWFAwQAWdWGAwQAWdWIMAwDBABZ1YsDBAFZ1YwDBABZ1ZIwDAMEAlnV
lAMEAlnVmDAMAwQAWdWdAwQAWdWgMAwDBAFZ1aIDBABZ1aQDBAFZ1agwDAMEAlnV
rAMEAVnVvAMEAG2w0wMEA22w2AMEAG2w8AMEAW2w8jAMAwQAbbD1AwQAbbD2MAwD
BANtsPgDBABtsPowDAMEALkxfQMEB7kxAAMEANWYKgMEANWYPTANBgkqhkiG9w0B
AQsFAAOCAQEAOv74IXI2H0LSTajytbVCIQTnQ5CReRVz7fvxgwX3ga0nTjEWe2DM
ZtfEhgj7TyNnfm2WFJUAURGeHSI/lwIyhpF8pQMTIjuoWqKim0lCdz/Jtv5JiyMa
Yim78acaPOlDu+h9Dp77TpjNeo4Rn/al0n6mLRaSxy+VPyeJT0okAlWpZTzEOTQV
wMptjhYyh7DDk/olRnJNOGDA94fku6MtGfoCfdp312rY7eWYKZdgyzyaP6uj21/A
yxvxfIVtrqVkPNbltZneved/I5dxvO22N6zpsvGEHZHzzqTMPHgb8ywVpw3htT4U
h8q5m6o+mK52yX6wTovpWbh6vo2k8hpWjA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:20 2024 by rpki-client on console-ams.rpki-client.org