Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/FsMROg7NLEfm7nnuPSzzOzzq4o8.roa
File:                     FsMROg7NLEfm7nnuPSzzOzzq4o8.roa (raw, json)
Hash identifier:          +YP27N57br7ZgQKjM0EpKPngDvFsHj7IoK0DD1IAsPE=
Subject key identifier:   16:C3:11:3A:0E:CD:2C:47:E6:EE:79:EE:3D:2C:F3:3B:3C:EA:E2:8F
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       0187FF9D43FCA4936E9267532DB1CF212D3C
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/FsMROg7NLEfm7nnuPSzzOzzq4o8.roa
Signing time:             Tue 09 May 2023 08:25:09 +0000
ROA not before:           Tue 09 May 2023 08:25:09 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        82.152.174.0/23 maxlen: 23
                          82.153.68.0/24 maxlen: 24
                          82.153.65.0/24 maxlen: 24
                          82.153.70.0/24 maxlen: 24
                          82.153.71.0/24 maxlen: 24
                          81.168.123.0/24 maxlen: 24
                          81.168.119.0/24 maxlen: 24
                          82.153.246.0/24 maxlen: 24
                          82.153.248.0/24 maxlen: 24
                          82.153.249.0/24 maxlen: 24
                          82.152.249.0/24 maxlen: 24
                          82.152.251.0/24 maxlen: 24
                          81.168.35.0/24 maxlen: 24
                          82.153.209.0/24 maxlen: 24
                          82.153.210.0/24 maxlen: 24
                          82.153.211.0/24 maxlen: 24
                          82.152.254.0/24 maxlen: 24
                          82.152.255.0/24 maxlen: 24
                          82.153.4.0/24 maxlen: 24
                          82.153.10.0/24 maxlen: 24
                          82.153.222.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 09 May 2023 08:26:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:ff:9d:43:fc:a4:93:6e:92:67:53:2d:b1:cf:21:2d:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: May  9 08:25:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=16c3113a0ecd2c47e6ee79ee3d2cf33b3ceae28f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:14:9e:7d:ce:1c:4c:f9:84:fc:96:61:23:9b:
                    36:3e:fc:f2:1f:20:30:f1:87:74:6e:51:64:32:57:
                    75:12:01:35:74:09:00:12:02:39:53:f7:02:9c:e7:
                    8f:5a:c2:a4:eb:79:ab:23:15:a1:dd:e4:06:06:ca:
                    eb:14:20:d6:2b:2a:fc:a2:9d:17:5c:6a:b7:ad:5c:
                    80:d7:9f:c0:1c:80:35:59:68:65:3f:43:3d:db:cf:
                    9d:1b:cd:b1:f5:7a:d5:4e:5e:7a:0b:86:8c:78:ef:
                    fa:f1:c2:8e:d0:1b:91:ce:c0:f2:6c:3d:d1:d0:e3:
                    03:04:c7:1e:f8:44:93:1f:91:1c:4b:5e:11:b6:ae:
                    62:96:39:f4:1f:9b:0e:13:32:01:c1:bf:29:a7:38:
                    7c:16:85:9a:32:1a:07:d5:5d:9d:c9:06:58:d5:30:
                    b0:6d:b8:f9:0c:3d:5f:1d:95:32:2c:6c:50:21:a2:
                    fc:59:b7:a8:e5:0d:50:b1:4e:f2:c2:9f:8d:7a:7c:
                    b2:b5:7c:4e:9d:f6:87:8e:8c:f7:d0:2e:cc:2f:3f:
                    3c:9e:42:f7:c5:f8:4e:1a:8c:b3:9b:50:c5:c2:67:
                    6c:66:59:1d:88:1e:77:62:1a:fa:5b:03:cf:4c:bd:
                    67:7f:66:a1:ee:7d:9e:cf:d9:1d:ab:dd:60:65:7b:
                    b1:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:C3:11:3A:0E:CD:2C:47:E6:EE:79:EE:3D:2C:F3:3B:3C:EA:E2:8F
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/FsMROg7NLEfm7nnuPSzzOzzq4o8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.168.35.0/24
                  81.168.119.0/24
                  81.168.123.0/24
                  82.152.174.0/23
                  82.152.249.0/24
                  82.152.251.0/24
                  82.152.254.0/23
                  82.153.4.0/24
                  82.153.10.0/24
                  82.153.65.0/24
                  82.153.68.0/24
                  82.153.70.0/23
                  82.153.209.0-82.153.211.255
                  82.153.222.0/24
                  82.153.246.0/24
                  82.153.248.0/23

    Signature Algorithm: sha256WithRSAEncryption
         56:84:f7:32:84:77:95:f0:20:10:42:73:52:84:25:87:a8:37:
         f6:15:28:9e:3b:81:c2:55:46:da:5b:fc:bc:a8:be:ed:99:88:
         87:a9:ae:c6:97:10:e4:77:2e:34:91:2b:3b:08:84:94:9e:f5:
         0d:10:71:38:9f:ee:f5:ab:db:cb:1d:a0:1a:56:3c:5b:e5:81:
         a5:fd:66:bc:c4:b4:7a:42:16:9b:7c:8c:8d:f6:f2:11:9e:ee:
         04:ff:32:fc:05:8c:11:e3:f4:bc:0d:b3:c1:32:8b:fe:73:81:
         1f:a9:5b:d5:1b:6c:fe:d7:c6:54:71:f2:f3:bd:bc:64:15:20:
         77:27:8b:07:7c:87:57:28:23:c9:96:2f:dc:30:f4:37:af:c4:
         55:41:15:bc:19:65:f0:e3:85:14:5d:91:eb:8f:17:c8:9a:80:
         34:d4:f7:8d:14:2c:41:df:ea:e3:7d:8f:a2:b6:7e:2b:6a:6d:
         b5:48:e8:2e:dc:c4:15:cc:78:6f:32:c9:46:7a:3a:e4:ab:65:
         21:b7:8b:76:25:22:42:13:9d:e5:9a:62:36:84:df:70:85:c6:
         20:a7:1f:e5:47:2d:ce:fd:6f:80:70:6d:af:4c:8f:6e:56:d2:
         9f:58:5c:a3:e3:f2:75:fa:43:b0:f6:d2:67:1f:29:ff:ea:b3:
         d2:b4:4f:19
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgISAYf/nUP8pJNukmdTLbHPIS08MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNTA5MDgyNTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNmMzMTEzYTBlY2QyYzQ3ZTZlZTc5ZWUzZDJjZjMzYjNjZWFlMjhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1BSefc4cTPmE/JZhI5s2PvzyHyAw
8Yd0blFkMld1EgE1dAkAEgI5U/cCnOePWsKk63mrIxWh3eQGBsrrFCDWKyr8op0X
XGq3rVyA15/AHIA1WWhlP0M928+dG82x9XrVTl56C4aMeO/68cKO0BuRzsDybD3R
0OMDBMce+ESTH5EcS14Rtq5iljn0H5sOEzIBwb8ppzh8FoWaMhoH1V2dyQZY1TCw
bbj5DD1fHZUyLGxQIaL8Wbeo5Q1QsU7ywp+NenyytXxOnfaHjoz30C7MLz88nkL3
xfhOGoyzm1DFwmdsZlkdiB53Yhr6WwPPTL1nf2ah7n2ez9kdq91gZXuxKwIDAQAB
o4ICbDCCAmgwHQYDVR0OBBYEFBbDEToOzSxH5u557j0s8zs86uKPMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvRnNNUk9nN05MRWZtN25udVBTenpPenpxNG84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGBBggrBgEFBQcBBwEB/wRyMHAwbgQCAAEwaAMEAFGoIwME
AFGodwMEAFGoewMEAVKYrgMEAFKY+QMEAFKY+wMEAVKY/gMEAFKZBAMEAFKZCgME
AFKZQQMEAFKZRAMEAVKZRjAMAwQAUpnRAwQCUpnQAwQAUpneAwQAUpn2AwQBUpn4
MA0GCSqGSIb3DQEBCwUAA4IBAQBWhPcyhHeV8CAQQnNShCWHqDf2FSieO4HCVUba
W/y8qL7tmYiHqa7GlxDkdy40kSs7CISUnvUNEHE4n+71q9vLHaAaVjxb5YGl/Wa8
xLR6QhabfIyN9vIRnu4E/zL8BYwR4/S8DbPBMov+c4EfqVvVG2z+18ZUcfLzvbxk
FSB3J4sHfIdXKCPJli/cMPQ3r8RVQRW8GWXw44UUXZHrjxfImoA01PeNFCxB3+rj
fY+itn4ram21SOgu3MQVzHhvMslGejrkq2Uht4t2JSJCE53lmmI2hN9whcYgpx/l
Ry3O/W+AcG2vTI9uVtKfWFyj4/J1+kOw9tJnHyn/6rPStE8Z
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:21 2024 by rpki-client on console-ams.rpki-client.org