Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ArvUbbP2jYLJcVtftusc8fpQoeU.roa
File:                     ArvUbbP2jYLJcVtftusc8fpQoeU.roa (raw, json)
Hash identifier:          lDqI6VQp1zLdHD0VJOaupLt8LH7qGc3t6D5WV8f3Yr4=
Subject key identifier:   02:BB:D4:6D:B3:F6:8D:82:C9:71:5B:5F:B6:EB:1C:F1:FA:50:A1:E5
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018D8CF8C0FFB957B66246A16376861B8CAF
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ArvUbbP2jYLJcVtftusc8fpQoeU.roa
Signing time:             Fri 09 Feb 2024 08:25:29 +0000
ROA not before:           Fri 09 Feb 2024 08:25:29 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     834
IP address blocks:        82.153.136.0/22 maxlen: 22
                          82.153.245.0/24 maxlen: 24
                          89.213.148.0/22 maxlen: 24
                          89.213.152.0/22 maxlen: 24
                          89.213.156.0/22 maxlen: 24
                          89.213.165.0/24 maxlen: 24
                          89.213.172.0/22 maxlen: 24
                          89.213.173.0/24 maxlen: 24
                          89.213.180.0/24 maxlen: 24
                          185.49.126.0/23 maxlen: 24
                          213.152.42.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 10 Feb 2024 09:59:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:8c:f8:c0:ff:b9:57:b6:62:46:a1:63:76:86:1b:8c:af
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Feb  9 08:25:29 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=02bbd46db3f68d82c9715b5fb6eb1cf1fa50a1e5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:16:81:ae:5c:cc:b2:7b:16:55:85:d1:90:80:
                    71:af:41:d6:bb:41:ae:5a:07:c9:d6:2a:b1:0c:8e:
                    91:2c:ee:58:79:9a:52:8a:23:bf:ba:a9:e5:66:0d:
                    11:75:45:7a:85:bf:0f:50:b3:d1:0a:ae:9c:4b:64:
                    37:a6:a6:8b:45:a7:48:d1:c1:2a:36:16:64:c0:90:
                    8b:a0:6f:11:94:b1:a5:47:0d:90:e3:d6:ab:4d:99:
                    53:73:ab:bb:a0:41:25:b6:00:30:d0:7a:12:dd:35:
                    3f:ae:68:e1:1a:32:80:f4:91:24:8e:8b:87:c3:ed:
                    5e:ab:c1:ef:cf:06:99:67:e5:f8:82:84:6e:69:6d:
                    99:13:c6:6c:31:2e:43:32:4d:e6:e7:fa:79:80:69:
                    05:1e:ff:2d:b3:19:57:8c:54:cc:fd:c0:52:d4:af:
                    1c:08:07:3b:51:8c:c8:b7:f6:c2:43:16:25:85:92:
                    cb:e0:8d:7f:d1:a7:5e:b2:9c:17:9c:4f:c9:cc:28:
                    67:39:f2:57:14:2d:7e:8c:47:e7:96:05:5c:6b:2f:
                    04:0e:1d:fd:55:cd:95:c9:74:9a:f6:2f:79:19:c8:
                    fc:a8:8c:99:d7:78:14:da:67:ac:07:14:96:2b:0d:
                    27:df:d6:9c:62:3c:5d:77:67:04:d9:76:f4:25:a8:
                    c2:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:BB:D4:6D:B3:F6:8D:82:C9:71:5B:5F:B6:EB:1C:F1:FA:50:A1:E5
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ArvUbbP2jYLJcVtftusc8fpQoeU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.136.0/22
                  82.153.245.0/24
                  89.213.148.0-89.213.159.255
                  89.213.165.0/24
                  89.213.172.0/22
                  89.213.180.0/24
                  185.49.126.0/23
                  213.152.42.0/24

    Signature Algorithm: sha256WithRSAEncryption
         99:5e:57:1b:9c:5a:24:de:96:bf:c0:89:37:c3:88:da:c9:80:
         52:29:28:b7:64:57:63:df:1e:fe:a9:03:15:97:cb:72:b1:a3:
         f9:96:ee:e5:81:06:cb:9b:6e:cc:26:bb:ac:ec:ed:2b:d1:4e:
         45:6b:42:84:2c:04:02:e0:58:7d:b2:5f:9e:b3:04:5b:e0:0f:
         4b:5a:c3:f4:05:82:19:33:89:87:50:d4:56:d0:78:b8:fd:6d:
         61:8b:ec:e0:d7:80:e4:16:eb:56:0c:5e:6a:07:b7:58:63:98:
         4e:1f:79:22:03:6f:fb:87:7f:38:b1:c4:a4:d3:bd:b6:68:89:
         92:52:84:63:f4:7b:a6:07:1e:19:eb:ef:99:cb:8a:b8:80:5a:
         06:8f:ed:82:a9:e3:b9:de:8c:c7:06:e9:46:58:20:c2:2c:be:
         45:c0:96:bf:0b:43:2c:74:9c:94:f8:ba:cd:d0:46:e1:14:32:
         87:c1:fb:05:30:f0:aa:13:ae:cd:15:d8:fd:56:43:d8:1b:8a:
         b7:65:6a:36:4f:a6:a8:7c:bc:5b:40:4f:ba:da:e8:f0:9b:0a:
         62:73:f1:03:d1:20:f6:eb:7f:1e:46:19:39:6f:88:2a:a0:e4:
         34:1c:d3:1c:15:29:da:e5:db:b8:c3:03:b4:e8:ee:93:4b:20:
         75:66:d9:15
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAY2M+MD/uVe2YkahY3aGG4yvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMjA5MDgyNTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmJiZDQ2ZGIzZjY4ZDgyYzk3MTViNWZiNmViMWNmMWZhNTBhMWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzBaBrlzMsnsWVYXRkIBxr0HWu0Gu
WgfJ1iqxDI6RLO5YeZpSiiO/uqnlZg0RdUV6hb8PULPRCq6cS2Q3pqaLRadI0cEq
NhZkwJCLoG8RlLGlRw2Q49arTZlTc6u7oEEltgAw0HoS3TU/rmjhGjKA9JEkjouH
w+1eq8HvzwaZZ+X4goRuaW2ZE8ZsMS5DMk3m5/p5gGkFHv8tsxlXjFTM/cBS1K8c
CAc7UYzIt/bCQxYlhZLL4I1/0adespwXnE/JzChnOfJXFC1+jEfnlgVcay8EDh39
Vc2VyXSa9i95Gcj8qIyZ13gU2mesBxSWKw0n39acYjxdd2cE2Xb0JajCwwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFAK71G2z9o2CyXFbX7brHPH6UKHlMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvQXJ2VWJiUDJqWUxKY1Z0ZnR1c2M4ZnBRb2VVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQCUpmIAwQA
Upn1MAwDBAJZ1ZQDBAVZ1YADBABZ1aUDBAJZ1awDBABZ1bQDBAG5MX4DBADVmCow
DQYJKoZIhvcNAQELBQADggEBAJleVxucWiTelr/AiTfDiNrJgFIpKLdkV2PfHv6p
AxWXy3Kxo/mW7uWBBsubbswmu6zs7SvRTkVrQoQsBALgWH2yX56zBFvgD0taw/QF
ghkziYdQ1FbQeLj9bWGL7ODXgOQW61YMXmoHt1hjmE4feSIDb/uHfzixxKTTvbZo
iZJShGP0e6YHHhnr75nLiriAWgaP7YKp47nejMcG6UZYIMIsvkXAlr8LQyx0nJT4
us3QRuEUMofB+wUw8KoTrs0V2P1WQ9gbirdlajZPpqh8vFtAT7ra6PCbCmJz8QPR
IPbrfx5GGTlviCqg5DQc0xwVKdrl27jDA7To7pNLIHVm2RU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:14 2024 by rpki-client on console-fra.rpki-client.org