Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/EtUbEqbi7tgiKtYGnKTr2a-eryA.roa
File:                     EtUbEqbi7tgiKtYGnKTr2a-eryA.roa (raw, json)
Hash identifier:          XU0pvm8FJMs8+T69/wKTIFuWjVa1udv/qab//GA8+T4=
Subject key identifier:   12:D5:1B:12:A6:E2:EE:D8:22:2A:D6:06:9C:A4:EB:D9:AF:9E:AF:20
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018A6970B23DF468037160312D6BF30D6696
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/EtUbEqbi7tgiKtYGnKTr2a-eryA.roa
Signing time:             Wed 06 Sep 2023 07:41:47 +0000
ROA not before:           Wed 06 Sep 2023 07:41:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        81.168.41.0/24 maxlen: 24
                          82.153.137.0/24 maxlen: 24
                          82.153.139.0/24 maxlen: 24
                          82.153.136.0/22 maxlen: 22
                          82.153.140.0/24 maxlen: 24
                          82.153.67.0/24 maxlen: 24
                          109.176.216.0/24 maxlen: 24
                          109.176.217.0/24 maxlen: 24
                          109.176.218.0/24 maxlen: 24
                          109.176.219.0/24 maxlen: 24
                          82.153.73.0/24 maxlen: 24
                          109.176.221.0/24 maxlen: 24
                          109.176.222.0/24 maxlen: 24
                          109.176.223.0/24 maxlen: 24
                          109.176.220.0/24 maxlen: 24
                          82.153.78.0/24 maxlen: 24
                          109.176.245.0/24 maxlen: 24
                          109.176.246.0/24 maxlen: 24
                          109.176.249.0/24 maxlen: 24
                          109.176.250.0/24 maxlen: 24
                          109.176.248.0/24 maxlen: 24
                          82.153.227.0/24 maxlen: 24
                          185.49.125.0/24 maxlen: 24
                          82.153.240.0/24 maxlen: 24
                          185.49.126.0/23 maxlen: 24
                          82.153.249.0/24 maxlen: 24
                          82.153.250.0/24 maxlen: 24
                          81.5.156.0/24 maxlen: 24
                          82.153.221.0/24 maxlen: 24
                          82.153.223.0/24 maxlen: 24
                          82.153.225.0/24 maxlen: 24
                          82.152.111.0/24 maxlen: 24
                          89.213.173.0/24 maxlen: 24
                          89.213.174.0/24 maxlen: 24
                          89.213.184.0/24 maxlen: 24
                          89.213.185.0/24 maxlen: 24
                          89.213.188.0/24 maxlen: 24
                          89.213.189.0/24 maxlen: 24
                          109.176.211.0/24 maxlen: 24
                          109.176.208.0/24 maxlen: 24
                          109.176.209.0/24 maxlen: 24
                          89.213.133.0/24 maxlen: 24
                          89.213.137.0/24 maxlen: 24
                          89.213.138.0/24 maxlen: 24
                          89.213.139.0/24 maxlen: 24
                          89.213.134.0/24 maxlen: 24
                          89.213.135.0/24 maxlen: 24
                          89.213.136.0/24 maxlen: 24
                          89.213.145.0/24 maxlen: 24
                          89.213.141.0/24 maxlen: 24
                          82.152.253.0/24 maxlen: 24
                          82.152.252.0/24 maxlen: 24
                          89.213.158.0/24 maxlen: 24
                          89.213.156.0/24 maxlen: 24
                          89.213.157.0/24 maxlen: 24
                          82.152.255.0/24 maxlen: 24
                          82.153.1.0/24 maxlen: 24
                          89.213.160.0/24 maxlen: 24
                          89.213.162.0/24 maxlen: 24
                          89.213.163.0/24 maxlen: 24
                          89.213.164.0/24 maxlen: 24
                          89.213.172.0/24 maxlen: 24
                          89.213.170.0/24 maxlen: 24
                          89.213.168.0/24 maxlen: 24
                          81.168.116.0/24 maxlen: 24
                          81.168.123.0/24 maxlen: 24
                          81.168.119.0/24 maxlen: 24
                          213.152.61.0/24 maxlen: 24
                          213.152.42.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 06 Sep 2023 13:32:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:69:70:b2:3d:f4:68:03:71:60:31:2d:6b:f3:0d:66:96
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Sep  6 07:41:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=12d51b12a6e2eed8222ad6069ca4ebd9af9eaf20
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:05:62:a0:0c:5b:6f:a5:0f:72:08:86:bc:30:
                    31:08:21:2b:5c:0d:8c:51:49:2b:ee:f8:dd:60:bb:
                    f6:e3:a5:58:66:6b:3b:45:4f:ac:bd:f1:fc:b6:20:
                    97:56:90:21:c0:e3:53:97:65:bb:4e:1c:ff:35:e8:
                    79:ea:c9:a2:b3:f4:2e:3c:14:cc:07:d7:d7:e2:81:
                    68:2d:d1:da:bf:fc:99:e9:0a:35:f8:fd:45:3b:21:
                    e5:6d:2f:b2:44:c3:4c:ab:3f:a9:37:48:71:88:49:
                    2b:c9:06:71:c0:68:c3:cc:6c:c4:a7:f9:64:80:23:
                    61:e9:32:91:e4:91:02:67:f5:55:94:41:a4:26:fd:
                    fb:65:31:57:05:0e:a0:1b:05:b8:bd:e2:6e:a8:ae:
                    56:ba:35:94:26:53:00:69:aa:5d:6b:b2:7f:b5:07:
                    06:7e:ba:e4:89:a1:26:10:12:9a:c5:e6:7e:ae:8d:
                    57:90:57:16:17:c0:1e:31:f5:4f:8d:71:5b:a6:75:
                    be:21:23:b1:dc:c5:d1:16:c6:c8:2e:fd:c4:12:d4:
                    76:fc:87:a1:8b:cc:0c:a8:9c:34:70:c5:87:d5:93:
                    95:38:33:e8:8e:6d:33:87:0a:b9:37:1a:e5:d5:d8:
                    0f:96:41:21:82:04:a7:79:fe:63:e6:29:59:cc:9e:
                    02:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:D5:1B:12:A6:E2:EE:D8:22:2A:D6:06:9C:A4:EB:D9:AF:9E:AF:20
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/EtUbEqbi7tgiKtYGnKTr2a-eryA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.5.156.0/24
                  81.168.41.0/24
                  81.168.116.0/24
                  81.168.119.0/24
                  81.168.123.0/24
                  82.152.111.0/24
                  82.152.252.0/23
                  82.152.255.0/24
                  82.153.1.0/24
                  82.153.67.0/24
                  82.153.73.0/24
                  82.153.78.0/24
                  82.153.136.0-82.153.140.255
                  82.153.221.0/24
                  82.153.223.0/24
                  82.153.225.0/24
                  82.153.227.0/24
                  82.153.240.0/24
                  82.153.249.0-82.153.250.255
                  89.213.133.0-89.213.139.255
                  89.213.141.0/24
                  89.213.145.0/24
                  89.213.156.0-89.213.158.255
                  89.213.160.0/24
                  89.213.162.0-89.213.164.255
                  89.213.168.0/24
                  89.213.170.0/24
                  89.213.172.0-89.213.174.255
                  89.213.184.0/23
                  89.213.188.0/23
                  109.176.208.0/23
                  109.176.211.0/24
                  109.176.216.0/21
                  109.176.245.0-109.176.246.255
                  109.176.248.0-109.176.250.255
                  185.49.125.0-185.49.127.255
                  213.152.42.0/24
                  213.152.61.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7c:54:0a:78:df:42:35:4a:a4:9d:8f:25:58:7a:82:55:2f:1d:
         8c:08:60:e3:7d:9a:b5:55:2e:95:71:4e:bc:59:77:be:ee:43:
         2b:73:55:02:ea:4c:89:69:0b:07:cb:48:a3:be:80:28:18:2b:
         85:4f:c9:c1:62:62:62:fa:d8:61:b9:0f:55:2d:84:10:bb:2f:
         bd:86:52:0a:66:e2:16:a4:7d:0e:88:b8:b5:e9:5e:29:ec:9c:
         44:8c:df:86:ce:20:6e:11:14:d9:6e:e5:50:6a:2e:a1:08:69:
         2d:2e:63:b2:07:4c:86:73:fe:35:cf:1b:0f:d4:a2:ed:ae:80:
         02:d6:cd:59:c4:cb:46:2c:ea:70:a6:26:12:b8:c8:a6:a7:4d:
         64:30:de:6b:58:de:13:fb:43:36:ea:23:e4:a5:91:63:1b:a2:
         f3:a7:da:05:78:8a:2e:46:a8:5c:97:e3:9b:e9:25:85:0b:93:
         4d:2b:16:2a:82:87:90:a7:d8:af:fa:1d:96:f3:2b:df:be:01:
         85:03:86:8d:81:2a:b0:48:13:66:9e:3e:d7:1b:9e:3f:4d:24:
         b1:74:82:4b:60:8b:7d:b6:ab:c2:48:31:f7:73:83:60:e9:31:
         23:8a:b6:fd:5c:f0:70:5e:89:27:b2:7e:2c:63:cc:55:7f:e0:
         4c:39:b5:b7
-----BEGIN CERTIFICATE-----
MIIGLTCCBRWgAwIBAgISAYppcLI99GgDcWAxLWvzDWaWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwOTA2MDc0MTQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMmQ1MWIxMmE2ZTJlZWQ4MjIyYWQ2MDY5Y2E0ZWJkOWFmOWVhZjIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtwVioAxbb6UPcgiGvDAxCCErXA2M
UUkr7vjdYLv246VYZms7RU+svfH8tiCXVpAhwONTl2W7Thz/Neh56smis/QuPBTM
B9fX4oFoLdHav/yZ6Qo1+P1FOyHlbS+yRMNMqz+pN0hxiEkryQZxwGjDzGzEp/lk
gCNh6TKR5JECZ/VVlEGkJv37ZTFXBQ6gGwW4veJuqK5WujWUJlMAaapda7J/tQcG
frrkiaEmEBKaxeZ+ro1XkFcWF8AeMfVPjXFbpnW+ISOx3MXRFsbILv3EEtR2/Ieh
i8wMqJw0cMWH1ZOVODPojm0zhwq5Nxrl1dgPlkEhggSnef5j5ilZzJ4CGQIDAQAB
o4IDOTCCAzUwHQYDVR0OBBYEFBLVGxKm4u7YIirWBpyk69mvnq8gMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvRXRVYkVxYmk3dGdpS3RZR25LVHIyYS1lcnlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBTQYIKwYBBQUHAQcBAf8EggE8MIIBODCCATQEAgABMIIB
LAMEAFEFnAMEAFGoKQMEAFGodAMEAFGodwMEAFGoewMEAFKYbwMEAVKY/AMEAFKY
/wMEAFKZAQMEAFKZQwMEAFKZSQMEAFKZTjAMAwQDUpmIAwQAUpmMAwQAUpndAwQA
UpnfAwQAUpnhAwQAUpnjAwQAUpnwMAwDBABSmfkDBABSmfowDAMEAFnVhQMEAlnV
iAMEAFnVjQMEAFnVkTAMAwQCWdWcAwQAWdWeAwQAWdWgMAwDBAFZ1aIDBABZ1aQD
BABZ1agDBABZ1aowDAMEAlnVrAMEAFnVrgMEAVnVuAMEAVnVvAMEAW2w0AMEAG2w
0wMEA22w2DAMAwQAbbD1AwQAbbD2MAwDBANtsPgDBABtsPowDAMEALkxfQMEB7kx
AAMEANWYKgMEANWYPTANBgkqhkiG9w0BAQsFAAOCAQEAfFQKeN9CNUqknY8lWHqC
VS8djAhg432atVUulXFOvFl3vu5DK3NVAupMiWkLB8tIo76AKBgrhU/JwWJiYvrY
YbkPVS2EELsvvYZSCmbiFqR9Doi4teleKeycRIzfhs4gbhEU2W7lUGouoQhpLS5j
sgdMhnP+Nc8bD9Si7a6AAtbNWcTLRizqcKYmErjIpqdNZDDea1jeE/tDNuoj5KWR
Yxui86faBXiKLkaoXJfjm+klhQuTTSsWKoKHkKfYr/odlvMr374BhQOGjYEqsEgT
Zp4+1xueP00ksXSCS2CLfbarwkgx93ODYOkxI4q2/VzwcF6JJ7J+LGPMVX/gTDm1
tw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:14 2024 by rpki-client on console-fra.rpki-client.org