Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/CGO3yyOnS_9mhz4ETLk7KJ2DJAs.roa
File:                     CGO3yyOnS_9mhz4ETLk7KJ2DJAs.roa (raw, json)
Hash identifier:          Lm2WwbOmLp70gtc7Z8q1Rp4AkwOmMnl5lxTa/ElQgfs=
Subject key identifier:   08:63:B7:CB:23:A7:4B:FF:66:87:3E:04:4C:B9:3B:28:9D:83:24:0B
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018E7617A64E595BD2E26266291632F70C73
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/CGO3yyOnS_9mhz4ETLk7KJ2DJAs.roa
Signing time:             Mon 25 Mar 2024 14:50:45 +0000
ROA not before:           Mon 25 Mar 2024 14:50:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     20473
IP address blocks:        80.240.84.0/24 maxlen: 24
                          81.5.189.0/24 maxlen: 24
                          82.152.49.0/24 maxlen: 24
                          82.153.65.0/24 maxlen: 24
                          89.213.152.0/24 maxlen: 24
                          89.213.176.0/24 maxlen: 24
                          89.213.183.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 30 Mar 2024 11:54:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:76:17:a6:4e:59:5b:d2:e2:62:66:29:16:32:f7:0c:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Mar 25 14:50:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=0863b7cb23a74bff66873e044cb93b289d83240b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:f7:50:26:cc:fc:c3:a8:2a:5b:e8:14:fa:84:
                    40:fd:73:27:e8:47:84:57:a4:53:2f:0b:03:13:b2:
                    3a:41:21:e7:07:ff:80:e0:69:e3:fc:a4:83:da:45:
                    e7:ee:04:ee:fe:b1:7a:0f:e7:50:46:4c:94:9e:4f:
                    5a:77:31:bf:29:7a:44:c6:69:bc:fa:03:43:a9:c3:
                    c9:ab:f4:ea:a0:7a:5c:a4:45:40:72:71:23:c6:6c:
                    51:56:4e:61:23:ae:7c:3c:4a:a6:e0:2c:da:c1:b8:
                    24:41:fd:5d:24:54:6d:3e:e2:c5:0b:8e:61:cc:40:
                    5e:21:d9:2a:62:b2:f0:32:cc:a5:97:9e:e2:0d:4a:
                    4e:92:8a:33:2a:76:d5:61:fe:be:c7:17:28:41:29:
                    e4:89:e1:3a:8c:d2:95:1a:69:49:4c:ff:7f:37:d7:
                    4e:03:94:19:bc:a8:35:24:18:6d:41:be:dd:09:40:
                    ec:9e:0f:55:93:f5:f7:63:2a:2b:60:9b:44:bf:ee:
                    71:ba:79:23:64:93:7e:94:d2:b8:0a:61:89:2a:7b:
                    d0:38:78:c0:2a:36:03:b5:fe:fb:f8:4a:85:c7:b7:
                    04:a1:32:2a:3a:08:58:5b:5d:c5:e3:5b:9f:0d:a5:
                    5d:15:36:57:e8:d7:1a:a0:df:ad:30:27:17:06:9d:
                    05:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:63:B7:CB:23:A7:4B:FF:66:87:3E:04:4C:B9:3B:28:9D:83:24:0B
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/CGO3yyOnS_9mhz4ETLk7KJ2DJAs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.240.84.0/24
                  81.5.189.0/24
                  82.152.49.0/24
                  82.153.65.0/24
                  89.213.152.0/24
                  89.213.176.0/24
                  89.213.183.0/24

    Signature Algorithm: sha256WithRSAEncryption
         10:57:79:91:ce:7e:5f:ac:77:1a:1e:9d:d5:13:bb:2a:ab:c0:
         11:39:e8:7e:d4:d6:93:49:38:a3:3c:73:6b:79:83:1e:1a:a8:
         ff:5f:bd:de:71:a6:a1:87:b1:45:17:69:1c:ea:92:9d:20:34:
         2d:eb:e9:16:8c:8e:1f:13:04:90:dd:3f:d9:e9:cd:dc:0b:fb:
         4c:03:b5:48:44:a0:19:6f:30:b6:88:3b:85:17:4d:e7:cd:15:
         35:64:5e:27:25:f2:70:34:1b:d9:e3:35:e1:20:f9:2a:a0:5a:
         74:69:0b:4c:db:24:31:53:2c:00:58:07:1c:3f:23:87:6c:59:
         ca:74:5a:04:e6:0f:86:c6:71:41:ad:3b:18:8c:d6:7d:fd:20:
         a1:32:37:a4:d3:c0:cb:65:29:25:20:a2:82:32:d2:30:30:81:
         98:07:cc:55:e4:c1:cf:3f:da:27:08:8f:7f:f2:47:3d:8a:a6:
         1c:36:36:73:78:04:d3:6a:a2:e9:4d:96:f9:e9:3a:59:99:b9:
         eb:89:c6:b1:cb:1a:3f:19:6b:fb:60:d6:9f:65:89:dc:1d:06:
         ba:97:fd:d8:ea:6a:ae:c3:09:45:31:bd:de:02:96:0e:76:9b:
         44:a8:ec:9f:57:cd:c4:d3:74:a6:f9:11:b1:12:93:e5:08:75:
         bc:7c:65:d1
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY52F6ZOWVvS4mJmKRYy9wxzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMzI1MTQ1MDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODYzYjdjYjIzYTc0YmZmNjY4NzNlMDQ0Y2I5M2IyODlkODMyNDBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlfdQJsz8w6gqW+gU+oRA/XMn6EeE
V6RTLwsDE7I6QSHnB/+A4Gnj/KSD2kXn7gTu/rF6D+dQRkyUnk9adzG/KXpExmm8
+gNDqcPJq/TqoHpcpEVAcnEjxmxRVk5hI658PEqm4CzawbgkQf1dJFRtPuLFC45h
zEBeIdkqYrLwMsyll57iDUpOkoozKnbVYf6+xxcoQSnkieE6jNKVGmlJTP9/N9dO
A5QZvKg1JBhtQb7dCUDsng9Vk/X3YyorYJtEv+5xunkjZJN+lNK4CmGJKnvQOHjA
KjYDtf77+EqFx7cEoTIqOghYW13F41ufDaVdFTZX6NcaoN+tMCcXBp0FKQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFAhjt8sjp0v/Zoc+BEy5OyidgyQLMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvQ0dPM3l5T25TXzltaHo0RVRMazdLSjJESkFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAUPBUAwQA
UQW9AwQAUpgxAwQAUplBAwQAWdWYAwQAWdWwAwQAWdW3MA0GCSqGSIb3DQEBCwUA
A4IBAQAQV3mRzn5frHcaHp3VE7sqq8AROeh+1NaTSTijPHNreYMeGqj/X73ecaah
h7FFF2kc6pKdIDQt6+kWjI4fEwSQ3T/Z6c3cC/tMA7VIRKAZbzC2iDuFF03nzRU1
ZF4nJfJwNBvZ4zXhIPkqoFp0aQtM2yQxUywAWAccPyOHbFnKdFoE5g+GxnFBrTsY
jNZ9/SChMjek08DLZSklIKKCMtIwMIGYB8xV5MHPP9onCI9/8kc9iqYcNjZzeATT
aqLpTZb56TpZmbnricaxyxo/GWv7YNafZYncHQa6l/3Y6mquwwlFMb3eApYOdptE
qOyfV83E03Sm+RGxEpPlCHW8fGXR
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:21 2024 by rpki-client on console-ams.rpki-client.org