Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ACcQTupCFYTRmqT9f4gtYzZozYc.roa
File:                     ACcQTupCFYTRmqT9f4gtYzZozYc.roa (raw, json)
Hash identifier:          eX3l73ZU5yn1Vy5OZb0o5xW3fgusJSJP0SusLkpmFfw=
Subject key identifier:   00:27:10:4E:EA:42:15:84:D1:9A:A4:FD:7F:88:2D:63:36:68:CD:87
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018F1943033B31E2C50A41ED517032F4D5A8
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ACcQTupCFYTRmqT9f4gtYzZozYc.roa
Signing time:             Fri 26 Apr 2024 07:16:13 +0000
ROA not before:           Fri 26 Apr 2024 07:16:13 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     5065
IP address blocks:        82.152.52.0/23 maxlen: 24
                          82.152.55.0/24 maxlen: 24
                          82.163.22.0/23 maxlen: 24
                          89.213.210.0/23 maxlen: 24
                          89.213.248.0/23 maxlen: 24
                          109.176.25.0/24 maxlen: 24
                          109.176.27.0/24 maxlen: 24
                          212.38.88.0/23 maxlen: 24
                          213.210.40.0/23 maxlen: 24
                          213.210.48.0/23 maxlen: 24
                          213.210.62.0/23 maxlen: 24
                          213.218.226.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 29 Apr 2024 07:07:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:19:43:03:3b:31:e2:c5:0a:41:ed:51:70:32:f4:d5:a8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Apr 26 07:16:13 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=0027104eea421584d19aa4fd7f882d633668cd87
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:9e:3e:87:b9:b2:ac:f9:f8:89:c7:89:83:f1:
                    85:00:a0:54:c9:ae:bc:e9:a3:4f:21:1a:dc:82:f0:
                    31:35:54:fc:16:b9:a7:e6:45:64:4f:61:16:df:87:
                    1a:7e:7b:94:69:f7:4f:9a:d8:3f:1b:22:da:55:cf:
                    18:6c:b3:33:48:c3:bc:2f:46:ce:78:2e:db:86:b8:
                    d4:07:cc:48:18:ba:92:a2:4b:47:0b:26:99:0b:b6:
                    fe:c7:71:67:25:76:21:cf:8d:b2:5b:5b:2a:51:da:
                    ab:34:39:12:82:9f:76:ca:aa:57:6f:fa:14:a0:9a:
                    cd:00:c6:27:ce:e1:cd:ea:44:39:a9:30:26:0a:cc:
                    af:b9:a5:d5:26:a8:75:6c:67:75:7a:b1:a8:1f:d5:
                    6a:8d:22:98:61:c5:40:0c:83:3c:80:c1:de:38:00:
                    74:40:19:a6:1f:4c:d6:b6:4c:42:e5:a2:eb:4d:1b:
                    c8:7b:76:6e:3d:15:12:d1:0b:2d:65:66:ac:ae:31:
                    4f:41:6a:3f:50:80:54:d0:31:0b:14:a9:ad:f3:ab:
                    22:b8:45:74:50:fa:be:66:b4:2c:cc:6b:a9:b5:38:
                    49:93:6b:de:97:52:d6:ac:8e:74:1a:e0:71:57:e2:
                    5a:a2:95:49:72:17:d2:6b:c2:36:5b:1b:f9:23:63:
                    c0:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:27:10:4E:EA:42:15:84:D1:9A:A4:FD:7F:88:2D:63:36:68:CD:87
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ACcQTupCFYTRmqT9f4gtYzZozYc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.152.52.0/23
                  82.152.55.0/24
                  82.163.22.0/23
                  89.213.210.0/23
                  89.213.248.0/23
                  109.176.25.0/24
                  109.176.27.0/24
                  212.38.88.0/23
                  213.210.40.0/23
                  213.210.48.0/23
                  213.210.62.0/23
                  213.218.226.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9a:01:a3:1f:b6:e3:1f:8e:88:59:1f:ee:b9:7d:ca:40:f1:13:
         9e:67:07:67:df:9c:a2:13:83:a8:20:5a:13:05:1e:26:b9:96:
         44:37:d7:16:c3:3c:83:7b:0b:4b:14:0e:be:99:8e:09:25:ba:
         82:1c:c6:cc:d9:c8:17:21:fd:d7:a5:ab:f3:39:f5:18:ad:50:
         ea:5f:40:bc:f1:76:71:72:b5:f9:1a:04:24:16:ab:83:6f:52:
         c3:f9:46:47:21:af:b9:ff:c2:14:6a:2c:51:aa:66:90:80:82:
         ac:78:db:09:3b:43:00:e2:22:90:01:fc:57:11:da:b1:73:c4:
         8c:dd:81:02:10:36:0f:67:d8:18:69:f0:f2:11:88:b7:61:0c:
         cb:fa:6e:be:11:c5:4b:e1:68:08:be:ed:7a:7f:a0:74:27:86:
         1e:60:23:a8:7b:7d:02:80:a0:7b:c5:21:f3:fe:42:d1:b5:27:
         69:8e:ef:62:1c:ad:5e:ab:4c:97:75:e9:30:e2:1c:1b:6c:a2:
         52:8c:9d:28:18:fc:59:86:4e:66:e9:c4:00:c3:29:01:1b:08:
         c5:8e:ec:f3:b7:64:a2:d5:66:67:8c:fb:97:81:2d:d7:7a:a9:
         8f:6d:ce:f6:69:13:c4:6c:3d:fa:e5:0f:eb:e0:62:3c:6e:07:
         bf:65:bc:b9
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAY8ZQwM7MeLFCkHtUXAy9NWoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNDI2MDcxNjEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDI3MTA0ZWVhNDIxNTg0ZDE5YWE0ZmQ3Zjg4MmQ2MzM2NjhjZDg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlJ4+h7myrPn4iceJg/GFAKBUya68
6aNPIRrcgvAxNVT8Frmn5kVkT2EW34cafnuUafdPmtg/GyLaVc8YbLMzSMO8L0bO
eC7bhrjUB8xIGLqSoktHCyaZC7b+x3FnJXYhz42yW1sqUdqrNDkSgp92yqpXb/oU
oJrNAMYnzuHN6kQ5qTAmCsyvuaXVJqh1bGd1erGoH9VqjSKYYcVADIM8gMHeOAB0
QBmmH0zWtkxC5aLrTRvIe3ZuPRUS0QstZWasrjFPQWo/UIBU0DELFKmt86siuEV0
UPq+ZrQszGuptThJk2vel1LWrI50GuBxV+JaopVJchfSa8I2Wxv5I2PAKQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFAAnEE7qQhWE0Zqk/X+ILWM2aM2HMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvQUNjUVR1cENGWVRSbXFUOWY0Z3RZelpvelljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQBUpg0AwQA
Upg3AwQBUqMWAwQBWdXSAwQBWdX4AwQAbbAZAwQAbbAbAwQB1CZYAwQB1dIoAwQB
1dIwAwQB1dI+AwQA1driMA0GCSqGSIb3DQEBCwUAA4IBAQCaAaMftuMfjohZH+65
fcpA8ROeZwdn35yiE4OoIFoTBR4muZZEN9cWwzyDewtLFA6+mY4JJbqCHMbM2cgX
If3XpavzOfUYrVDqX0C88XZxcrX5GgQkFquDb1LD+UZHIa+5/8IUaixRqmaQgIKs
eNsJO0MA4iKQAfxXEdqxc8SM3YECEDYPZ9gYafDyEYi3YQzL+m6+EcVL4WgIvu16
f6B0J4YeYCOoe30CgKB7xSHz/kLRtSdpju9iHK1eq0yXdekw4hwbbKJSjJ0oGPxZ
hk5m6cQAwykBGwjFjuzzt2Si1WZnjPuXgS3XeqmPbc72aRPEbD365Q/r4GI8bge/
Zby5
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:20 2024 by rpki-client on console-ams.rpki-client.org