Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/EF0glufU0sn5u13lzbjl7rl7W6k.roa
File:                     EF0glufU0sn5u13lzbjl7rl7W6k.roa (raw, json)
Hash identifier:          aWnwgOqXJ6MTtwI7JtLGM8KqNX39c20U17HOyy09g60=
Subject key identifier:   10:5D:20:96:E7:D4:D2:C9:F9:BB:5D:E5:CD:B8:E5:EE:B9:7B:5B:A9
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018FA456BA870512487194447555B4EF37C1
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/EF0glufU0sn5u13lzbjl7rl7W6k.roa
Signing time:             Thu 23 May 2024 07:24:58 +0000
ROA not before:           Thu 23 May 2024 07:24:58 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     834
IP address blocks:        82.152.176.0/23 maxlen: 23
                          82.152.176.0/24 maxlen: 24
                          82.153.136.0/22 maxlen: 22
                          89.213.98.0/24 maxlen: 24
                          89.213.148.0/22 maxlen: 24
                          89.213.152.0/22 maxlen: 24
                          89.213.156.0/22 maxlen: 24
                          89.213.172.0/22 maxlen: 24
                          89.213.196.0/22 maxlen: 24
                          89.213.200.0/22 maxlen: 24
                          89.213.204.0/22 maxlen: 24
                          89.213.232.0/22 maxlen: 24
                          89.213.236.0/22 maxlen: 24
                          109.176.16.0/21 maxlen: 24
                          185.49.126.0/23 maxlen: 24
                          194.105.80.0/20 maxlen: 20
                          213.130.130.0/24 maxlen: 24
                          213.130.149.0/24 maxlen: 24
                          213.218.210.0/24 maxlen: 24
                          213.218.211.0/24 maxlen: 24
                          213.218.231.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 24 May 2024 07:18:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:a4:56:ba:87:05:12:48:71:94:44:75:55:b4:ef:37:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: May 23 07:24:58 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=105d2096e7d4d2c9f9bb5de5cdb8e5eeb97b5ba9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:b1:c2:d1:b5:7a:e7:fd:e0:24:97:95:65:5f:
                    61:24:fb:3f:b9:bb:30:97:3a:15:6b:3d:56:f2:18:
                    7e:bf:6c:bb:81:1b:c9:2a:ba:12:46:15:df:92:be:
                    e3:1a:4a:bc:17:f1:06:01:b7:47:d8:f1:83:e0:25:
                    e5:52:06:61:e9:ca:93:6a:80:63:0b:6c:09:8e:a7:
                    26:cb:98:ff:d5:39:6b:c4:ed:ae:97:dd:2f:af:f4:
                    86:dd:34:65:4d:5a:e0:ea:cf:5a:9c:bb:78:02:7c:
                    83:69:ab:1d:1e:c5:78:8f:04:e6:ff:33:10:58:40:
                    e5:b2:45:fe:e8:3d:59:24:bb:4d:78:ef:36:81:07:
                    e1:e0:a3:d4:60:6b:9d:17:14:de:1e:77:ec:71:15:
                    76:b7:5a:43:bc:92:e7:9b:4f:cd:96:df:94:c9:66:
                    a7:d9:07:d6:ea:78:80:08:a7:0d:29:99:0a:a9:25:
                    aa:13:f5:34:c6:25:e7:72:b1:b9:2d:70:d7:c1:17:
                    43:41:94:53:ee:87:57:cd:f3:5c:39:10:5c:90:4c:
                    f0:5f:2f:0f:40:71:6d:bc:33:20:78:16:d3:c9:09:
                    c8:c3:2b:08:59:15:a7:66:de:67:c6:10:1e:d3:a8:
                    ab:e2:b4:22:be:d0:15:bd:25:6c:ab:5a:d0:81:f3:
                    a4:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:5D:20:96:E7:D4:D2:C9:F9:BB:5D:E5:CD:B8:E5:EE:B9:7B:5B:A9
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/EF0glufU0sn5u13lzbjl7rl7W6k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.152.176.0/23
                  82.153.136.0/22
                  89.213.98.0/24
                  89.213.148.0-89.213.159.255
                  89.213.172.0/22
                  89.213.196.0-89.213.207.255
                  89.213.232.0/21
                  109.176.16.0/21
                  185.49.126.0/23
                  194.105.80.0/20
                  213.130.130.0/24
                  213.130.149.0/24
                  213.218.210.0/23
                  213.218.231.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6d:d5:c3:32:cf:7d:69:2d:96:5b:c6:59:ea:93:34:14:69:82:
         e0:40:e3:8e:bd:98:86:76:1b:d7:89:b4:f1:91:ac:85:25:f4:
         00:89:cc:a1:5a:ae:86:b0:d3:6c:75:0b:0d:04:8c:cb:d5:b1:
         3d:2d:66:33:50:f7:a5:f6:50:c6:40:99:98:b6:68:ea:05:0c:
         ad:c5:0e:6d:69:2d:fe:1d:ef:ab:96:2f:f2:fb:ff:1b:bd:50:
         05:61:fa:6f:08:cc:08:78:d0:4e:fb:d8:58:27:ae:a0:80:91:
         3d:77:b1:14:7c:3b:45:f4:49:58:c9:97:35:3a:4d:38:c1:1d:
         e1:60:4b:ed:86:74:2c:3a:21:3c:f6:ee:ba:41:1c:3a:a4:fd:
         00:cb:db:27:20:b5:bd:1a:65:df:f0:a4:39:a9:58:2e:e9:fd:
         df:b0:87:20:23:e1:00:ed:98:34:8e:dd:c6:c0:4c:01:35:81:
         25:0e:05:72:ab:94:24:52:2f:47:60:d5:70:5f:27:3f:6e:b7:
         8d:fb:6d:a8:ca:7d:20:45:f2:f6:3d:09:4b:57:c3:b9:33:d6:
         93:e0:6a:dd:5f:41:ef:11:c0:1c:20:21:80:4e:ed:84:f1:b1:
         26:c3:88:04:8e:d4:f4:c3:84:67:36:94:c7:60:9a:6f:6d:f9:
         ff:47:92:bd
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgISAY+kVrqHBRJIcZREdVW07zfBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNTIzMDcyNDU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDVkMjA5NmU3ZDRkMmM5ZjliYjVkZTVjZGI4ZTVlZWI5N2I1YmE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzbHC0bV65/3gJJeVZV9hJPs/ubsw
lzoVaz1W8hh+v2y7gRvJKroSRhXfkr7jGkq8F/EGAbdH2PGD4CXlUgZh6cqTaoBj
C2wJjqcmy5j/1TlrxO2ul90vr/SG3TRlTVrg6s9anLt4AnyDaasdHsV4jwTm/zMQ
WEDlskX+6D1ZJLtNeO82gQfh4KPUYGudFxTeHnfscRV2t1pDvJLnm0/Nlt+UyWan
2QfW6niACKcNKZkKqSWqE/U0xiXncrG5LXDXwRdDQZRT7odXzfNcORBckEzwXy8P
QHFtvDMgeBbTyQnIwysIWRWnZt5nxhAe06ir4rQivtAVvSVsq1rQgfOkfwIDAQAB
o4ICZzCCAmMwHQYDVR0OBBYEFBBdIJbn1NLJ+btd5c245e65e1upMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvRUYwZ2x1ZlUwc241dTEzbHpiamw3cmw3VzZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH0GCCsGAQUFBwEHAQH/BG4wbDBqBAIAATBkAwQBUpiwAwQC
UpmIAwQAWdViMAwDBAJZ1ZQDBAVZ1YADBAJZ1awwDAMEAlnVxAMEBFnVwAMEA1nV
6AMEA22wEAMEAbkxfgMEBMJpUAMEANWCggMEANWClQMEAdXa0gMEANXa5zANBgkq
hkiG9w0BAQsFAAOCAQEAbdXDMs99aS2WW8ZZ6pM0FGmC4EDjjr2YhnYb14m08ZGs
hSX0AInMoVquhrDTbHULDQSMy9WxPS1mM1D3pfZQxkCZmLZo6gUMrcUObWkt/h3v
q5Yv8vv/G71QBWH6bwjMCHjQTvvYWCeuoICRPXexFHw7RfRJWMmXNTpNOMEd4WBL
7YZ0LDohPPbuukEcOqT9AMvbJyC1vRpl3/CkOalYLun937CHICPhAO2YNI7dxsBM
ATWBJQ4FcquUJFIvR2DVcF8nP263jfttqMp9IEXy9j0JS1fDuTPWk+Bq3V9B7xHA
HCAhgE7thPGxJsOIBI7U9MOEZzaUx2Cab235/0eSvQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:14 2024 by rpki-client on console-fra.rpki-client.org