Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/CjCaLZvnxWiBVgF3pRqT7pgRaPQ.roa
File:                     CjCaLZvnxWiBVgF3pRqT7pgRaPQ.roa (raw, json)
Hash identifier:          rgV2HQHNsrGWiu3SIAkQXaAq5pFAKe+gu9aB7tyCPq0=
Subject key identifier:   0A:30:9A:2D:9B:E7:C5:68:81:56:01:77:A5:1A:93:EE:98:11:68:F4
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018AD578A1892CAE1A334898D2729803165B
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/CjCaLZvnxWiBVgF3pRqT7pgRaPQ.roa
Signing time:             Wed 27 Sep 2023 07:09:27 +0000
ROA not before:           Wed 27 Sep 2023 07:09:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61317
IP address blocks:        89.213.43.0/24 maxlen: 24
                          89.213.190.0/24 maxlen: 24
                          109.176.208.0/24 maxlen: 24
                          89.213.130.0/24 maxlen: 24
                          89.213.145.0/24 maxlen: 24
                          89.213.146.0/24 maxlen: 24
                          82.152.251.0/24 maxlen: 24
                          82.152.248.0/24 maxlen: 24
                          82.153.1.0/24 maxlen: 24
                          82.152.254.0/24 maxlen: 24
                          89.213.161.0/24 maxlen: 24
                          82.153.132.0/24 maxlen: 24
                          82.153.69.0/24 maxlen: 24
                          82.153.72.0/24 maxlen: 24
                          81.168.116.0/24 maxlen: 24
                          82.153.79.0/24 maxlen: 24
                          81.168.123.0/24 maxlen: 24
                          81.168.120.0/24 maxlen: 24
                          81.168.119.0/24 maxlen: 24
                          109.176.240.0/24 maxlen: 24
                          81.168.126.0/24 maxlen: 24
                          109.176.247.0/24 maxlen: 24
                          109.176.251.0/24 maxlen: 24
                          185.49.124.0/24 maxlen: 24
                          81.5.189.0/24 maxlen: 24
                          89.213.7.0/24 maxlen: 24
                          89.213.6.0/24 maxlen: 24
                          82.153.224.0/24 maxlen: 24
                          82.153.225.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 02 Oct 2023 06:47:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:d5:78:a1:89:2c:ae:1a:33:48:98:d2:72:98:03:16:5b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Sep 27 07:09:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0a309a2d9be7c56881560177a51a93ee981168f4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:8a:15:43:0a:1b:ff:1a:1f:d4:93:38:22:19:
                    bf:b2:d6:cc:26:27:af:1d:b9:6e:27:82:ba:3d:f9:
                    fe:99:ad:53:21:9c:7a:1f:e5:86:ad:d7:80:1c:f4:
                    65:40:e8:0b:07:6a:52:2e:2d:c1:ce:19:c2:12:e8:
                    83:06:fb:4e:42:f9:9d:e3:07:83:6b:18:68:06:d7:
                    29:72:e3:95:e2:9b:34:ae:43:f4:06:94:43:93:75:
                    1c:19:18:db:77:3d:77:5d:bf:fd:d0:b0:4a:cf:43:
                    c5:c3:0f:a0:05:e8:b6:c7:a9:5f:96:c2:f7:be:d7:
                    74:3c:f0:b6:97:d5:91:9a:1c:12:53:f1:56:fb:ff:
                    85:cd:2d:e9:bc:9a:26:31:a5:2c:e7:2c:20:d4:36:
                    a6:d9:57:e7:c9:8a:01:ea:d3:2b:35:82:c3:e9:13:
                    b0:84:e1:2e:64:2b:42:95:d8:7b:5c:5e:c5:3e:94:
                    83:9f:76:48:1c:07:a9:6b:e7:9f:6a:dd:4f:1e:a7:
                    cc:fa:45:57:84:7a:11:ff:5c:60:a2:3e:59:81:50:
                    89:3c:55:ad:85:03:ee:1c:c4:44:c1:32:33:c5:d2:
                    18:5b:f8:12:a5:28:24:70:57:60:d0:25:09:39:81:
                    23:77:20:bd:3a:44:db:58:17:28:0c:5c:31:b9:8a:
                    43:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:30:9A:2D:9B:E7:C5:68:81:56:01:77:A5:1A:93:EE:98:11:68:F4
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/CjCaLZvnxWiBVgF3pRqT7pgRaPQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.5.189.0/24
                  81.168.116.0/24
                  81.168.119.0-81.168.120.255
                  81.168.123.0/24
                  81.168.126.0/24
                  82.152.248.0/24
                  82.152.251.0/24
                  82.152.254.0/24
                  82.153.1.0/24
                  82.153.69.0/24
                  82.153.72.0/24
                  82.153.79.0/24
                  82.153.132.0/24
                  82.153.224.0/23
                  89.213.6.0/23
                  89.213.43.0/24
                  89.213.130.0/24
                  89.213.145.0-89.213.146.255
                  89.213.161.0/24
                  89.213.190.0/24
                  109.176.208.0/24
                  109.176.240.0/24
                  109.176.247.0/24
                  109.176.251.0/24
                  185.49.124.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0a:8d:fa:0a:d8:70:b6:cc:05:cd:85:d5:6d:8a:14:27:a1:2c:
         fd:0f:b2:a7:92:38:14:3e:d3:59:23:d7:32:2c:86:c2:1e:47:
         b4:cd:5b:ec:6d:f5:b0:be:fd:d8:d0:22:98:cc:e8:cb:55:0c:
         63:fa:39:67:73:92:30:b4:21:52:a0:d6:ac:74:92:1e:7b:29:
         c0:93:57:7a:80:5c:73:03:f9:be:ac:2b:de:3b:22:ce:64:f7:
         5b:85:c0:53:d4:31:c9:a4:53:d4:e4:ba:8e:05:6f:ef:90:6c:
         4c:dc:4c:9f:77:6e:17:ca:b3:d0:d9:15:6f:86:de:20:d5:79:
         98:0a:cf:11:4b:df:a8:a6:3a:08:f2:a5:35:7f:1e:1d:6b:1c:
         9e:f4:d6:38:ed:ef:a8:83:40:a3:9f:bf:e6:6a:f4:30:3c:44:
         d9:0a:80:b8:35:1e:aa:fe:af:be:9a:63:6a:67:d4:d8:15:81:
         8f:f9:c7:56:82:d9:dd:a5:02:38:7f:6c:55:88:ed:a4:37:f0:
         af:1e:c1:88:bb:03:3c:21:03:40:78:00:30:c8:9f:eb:9d:47:
         67:ec:b0:ac:d8:3a:a9:94:9a:f0:25:83:90:2c:fe:10:f4:61:
         b3:4e:c0:79:cf:7a:6d:9e:5f:37:71:d4:6b:ca:0b:4f:4f:d5:
         16:0a:d9:5f
-----BEGIN CERTIFICATE-----
MIIFojCCBIqgAwIBAgISAYrVeKGJLK4aM0iY0nKYAxZbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwOTI3MDcwOTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTMwOWEyZDliZTdjNTY4ODE1NjAxNzdhNTFhOTNlZTk4MTE2OGY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhooVQwob/xof1JM4Ihm/stbMJiev
HbluJ4K6Pfn+ma1TIZx6H+WGrdeAHPRlQOgLB2pSLi3BzhnCEuiDBvtOQvmd4weD
axhoBtcpcuOV4ps0rkP0BpRDk3UcGRjbdz13Xb/90LBKz0PFww+gBei2x6lflsL3
vtd0PPC2l9WRmhwSU/FW+/+FzS3pvJomMaUs5ywg1Dam2VfnyYoB6tMrNYLD6ROw
hOEuZCtCldh7XF7FPpSDn3ZIHAepa+efat1PHqfM+kVXhHoR/1xgoj5ZgVCJPFWt
hQPuHMREwTIzxdIYW/gSpSgkcFdg0CUJOYEjdyC9OkTbWBcoDFwxuYpDwwIDAQAB
o4ICrjCCAqowHQYDVR0OBBYEFAowmi2b58VogVYBd6Uak+6YEWj0MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvQ2pDYUxadm54V2lCVmdGM3BScVQ3cGdSYVBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHDBggrBgEFBQcBBwEB/wSBszCBsDCBrQQCAAEwgaYDBABR
Bb0DBABRqHQwDAMEAFGodwMEAFGoeAMEAFGoewMEAFGofgMEAFKY+AMEAFKY+wME
AFKY/gMEAFKZAQMEAFKZRQMEAFKZSAMEAFKZTwMEAFKZhAMEAVKZ4AMEAVnVBgME
AFnVKwMEAFnVgjAMAwQAWdWRAwQAWdWSAwQAWdWhAwQAWdW+AwQAbbDQAwQAbbDw
AwQAbbD3AwQAbbD7AwQAuTF8MA0GCSqGSIb3DQEBCwUAA4IBAQAKjfoK2HC2zAXN
hdVtihQnoSz9D7KnkjgUPtNZI9cyLIbCHke0zVvsbfWwvv3Y0CKYzOjLVQxj+jln
c5IwtCFSoNasdJIeeynAk1d6gFxzA/m+rCveOyLOZPdbhcBT1DHJpFPU5LqOBW/v
kGxM3Eyfd24XyrPQ2RVvht4g1XmYCs8RS9+opjoI8qU1fx4daxye9NY47e+og0Cj
n7/mavQwPETZCoC4NR6q/q++mmNqZ9TYFYGP+cdWgtndpQI4f2xViO2kN/CvHsGI
uwM8IQNAeAAwyJ/rnUdn7LCs2DqplJrwJYOQLP4Q9GGzTsB5z3ptnl83cdRrygtP
T9UWCtlf
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:21 2024 by rpki-client on console-ams.rpki-client.org