Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/8v3C1f66-1ZAbB3-FkVn47n59lg.roa
File:                     8v3C1f66-1ZAbB3-FkVn47n59lg.roa (raw, json)
Hash identifier:          qZaU/bYKSLdztw6O9avpVlchl8mv0JBUwoLmVsVO/74=
Subject key identifier:   F2:FD:C2:D5:FE:BA:FB:56:40:6C:1D:FE:16:45:67:E3:B9:F9:F6:58
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018B943F454EFB4890464836BAE37D009D6F
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/8v3C1f66-1ZAbB3-FkVn47n59lg.roa
Signing time:             Fri 03 Nov 2023 08:14:16 +0000
ROA not before:           Fri 03 Nov 2023 08:14:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        89.213.180.0/22 maxlen: 24
                          185.49.126.0/23 maxlen: 24
                          82.153.136.0/22 maxlen: 22
                          81.168.123.0/24 maxlen: 24
                          81.168.119.0/24 maxlen: 24
                          89.213.147.0/24 maxlen: 24
                          89.213.152.0/22 maxlen: 24
                          89.213.148.0/22 maxlen: 24
                          109.176.248.0/24 maxlen: 24
                          89.213.156.0/22 maxlen: 24
                          213.152.42.0/24 maxlen: 24
                          82.153.220.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 06 Nov 2023 07:37:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:94:3f:45:4e:fb:48:90:46:48:36:ba:e3:7d:00:9d:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Nov  3 08:14:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f2fdc2d5febafb56406c1dfe164567e3b9f9f658
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:9e:9e:0d:8d:5a:36:d3:11:bb:76:ba:63:e8:
                    b4:b0:5a:bc:e9:78:62:de:35:16:8b:5d:2f:29:e1:
                    ad:e6:6e:bf:f9:b8:c2:2c:c5:ed:76:60:21:d5:39:
                    48:0c:08:f8:c2:c2:85:a1:b5:e9:b4:18:eb:cc:a4:
                    d4:32:bf:0a:d5:da:55:e2:11:b9:18:47:1b:aa:1b:
                    eb:0e:f7:2b:07:a7:30:b2:23:61:1f:1d:78:2a:b5:
                    02:aa:07:c8:f1:fb:bb:00:3f:92:10:3c:60:44:e3:
                    1c:14:36:af:cf:a5:6b:f1:0f:7d:74:f2:de:16:48:
                    bf:eb:51:b6:35:7e:37:85:4c:55:65:7e:0f:0d:d9:
                    01:2f:90:90:5a:46:12:3a:69:aa:c9:a1:8f:83:03:
                    aa:8f:87:e5:e1:76:cb:27:1f:04:b2:7b:bd:a7:8b:
                    ce:30:32:af:f1:86:ae:71:4a:da:26:ca:bc:a1:c1:
                    7c:30:b7:21:03:b1:37:80:9d:23:97:90:4a:86:5b:
                    6d:00:1c:49:22:f9:f6:81:1d:ef:29:e2:fe:a9:b5:
                    0e:4f:f4:e5:c1:d3:db:5c:50:94:da:eb:89:72:de:
                    2e:84:66:e7:34:7b:2a:c4:aa:0a:f0:7a:96:bc:47:
                    68:74:37:c2:92:92:01:8a:70:63:c3:58:68:88:dc:
                    29:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:FD:C2:D5:FE:BA:FB:56:40:6C:1D:FE:16:45:67:E3:B9:F9:F6:58
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/8v3C1f66-1ZAbB3-FkVn47n59lg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.168.119.0/24
                  81.168.123.0/24
                  82.153.136.0/22
                  82.153.220.0/24
                  89.213.147.0-89.213.159.255
                  89.213.180.0/22
                  109.176.248.0/24
                  185.49.126.0/23
                  213.152.42.0/24

    Signature Algorithm: sha256WithRSAEncryption
         69:80:bd:88:a4:9e:ac:8b:fd:66:e9:f0:ca:3f:a4:77:0c:e7:
         f8:25:46:f6:4c:ce:87:7d:89:f9:9e:ee:63:5a:19:6a:bc:e1:
         dc:77:dd:df:2d:25:44:bf:e7:a2:29:2b:2e:f3:79:df:0b:fc:
         38:9b:91:84:00:bf:aa:e6:29:53:90:18:0b:e5:43:b5:32:b6:
         1f:16:be:53:a7:76:cd:a2:7f:06:25:bf:60:54:27:b8:54:86:
         43:43:a3:17:f4:be:03:6f:75:af:b4:8d:df:77:af:60:88:1f:
         2a:74:73:29:fd:af:51:01:97:22:d9:75:21:d0:e7:fc:ce:00:
         6b:d2:7e:33:0f:06:d8:be:91:eb:47:59:16:aa:20:32:6c:95:
         22:f7:59:72:b1:5d:4b:75:44:da:af:d4:79:94:7b:9e:f0:99:
         2e:51:db:ad:96:72:d2:fb:75:4d:78:6e:69:38:e3:c4:20:3f:
         4e:b7:9b:59:ab:32:4a:ee:24:45:55:16:7a:c9:20:ee:46:47:
         b5:07:89:fe:45:a2:70:81:00:5a:4e:26:24:34:7f:96:35:de:
         2e:0f:37:ef:70:41:97:8c:64:40:c3:70:62:35:5c:74:73:22:
         21:5e:1e:9b:9f:99:b0:8c:14:f7:a2:73:cc:64:00:d4:df:89:
         63:14:f2:f1
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYuUP0VO+0iQRkg2uuN9AJ1vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMxMTAzMDgxNDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmZkYzJkNWZlYmFmYjU2NDA2YzFkZmUxNjQ1NjdlM2I5ZjlmNjU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApJ6eDY1aNtMRu3a6Y+i0sFq86Xhi
3jUWi10vKeGt5m6/+bjCLMXtdmAh1TlIDAj4wsKFobXptBjrzKTUMr8K1dpV4hG5
GEcbqhvrDvcrB6cwsiNhHx14KrUCqgfI8fu7AD+SEDxgROMcFDavz6Vr8Q99dPLe
Fki/61G2NX43hUxVZX4PDdkBL5CQWkYSOmmqyaGPgwOqj4fl4XbLJx8Esnu9p4vO
MDKv8YaucUraJsq8ocF8MLchA7E3gJ0jl5BKhlttABxJIvn2gR3vKeL+qbUOT/Tl
wdPbXFCU2uuJct4uhGbnNHsqxKoK8HqWvEdodDfCkpIBinBjw1hoiNwpzQIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFPL9wtX+uvtWQGwd/hZFZ+O5+fZYMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvOHYzQzFmNjYtMVpBYkIzLUZrVm40N241OWxnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQAUah3AwQA
Uah7AwQCUpmIAwQAUpncMAwDBABZ1ZMDBAVZ1YADBAJZ1bQDBABtsPgDBAG5MX4D
BADVmCowDQYJKoZIhvcNAQELBQADggEBAGmAvYiknqyL/Wbp8Mo/pHcM5/glRvZM
zod9ifme7mNaGWq84dx33d8tJUS/56IpKy7zed8L/DibkYQAv6rmKVOQGAvlQ7Uy
th8WvlOnds2ifwYlv2BUJ7hUhkNDoxf0vgNvda+0jd93r2CIHyp0cyn9r1EBlyLZ
dSHQ5/zOAGvSfjMPBti+ketHWRaqIDJslSL3WXKxXUt1RNqv1HmUe57wmS5R262W
ctL7dU14bmk448QgP063m1mrMkruJEVVFnrJIO5GR7UHif5FonCBAFpOJiQ0f5Y1
3i4PN+9wQZeMZEDDcGI1XHRzIiFeHpufmbCMFPeic8xkANTfiWMU8vE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:20 2024 by rpki-client on console-ams.rpki-client.org