Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/FvpPti52yYtZ2L0SC2NxFjjsHDM.roa
File:                     FvpPti52yYtZ2L0SC2NxFjjsHDM.roa (raw, json)
Hash identifier:          lO9+/FcOBm3d2SZ3hKB8ClIML6F5VHdMyGEanwg3MyQ=
Subject key identifier:   16:FA:4F:B6:2E:76:C9:8B:59:D8:BD:12:0B:63:71:16:38:EC:1C:33
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       01887B22B5E319119C9F73BCDD1C5743B741
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/FvpPti52yYtZ2L0SC2NxFjjsHDM.roa
Signing time:             Fri 02 Jun 2023 08:04:12 +0000
ROA not before:           Fri 02 Jun 2023 08:04:12 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61317
IP address blocks:        82.153.132.0/24 maxlen: 24
                          82.153.69.0/24 maxlen: 24
                          82.153.68.0/24 maxlen: 24
                          82.153.71.0/24 maxlen: 24
                          82.153.78.0/24 maxlen: 24
                          82.153.72.0/24 maxlen: 24
                          81.168.123.0/24 maxlen: 24
                          81.168.120.0/24 maxlen: 24
                          81.168.119.0/24 maxlen: 24
                          81.168.126.0/24 maxlen: 24
                          81.5.189.0/24 maxlen: 24
                          82.152.251.0/24 maxlen: 24
                          82.152.253.0/24 maxlen: 24
                          82.152.248.0/24 maxlen: 24
                          81.168.35.0/24 maxlen: 24
                          82.152.255.0/24 maxlen: 24
                          82.153.1.0/24 maxlen: 24
                          82.152.254.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 05 Jun 2023 08:06:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:7b:22:b5:e3:19:11:9c:9f:73:bc:dd:1c:57:43:b7:41
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jun  2 08:04:12 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=16fa4fb62e76c98b59d8bd120b63711638ec1c33
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:ec:a8:bf:1b:57:e5:f2:02:7c:45:66:d9:d1:
                    8f:bb:a9:da:2d:bd:03:0e:dd:59:48:aa:48:7e:76:
                    d0:a3:ac:83:0f:67:b4:e1:55:db:05:c9:b6:01:b6:
                    03:7b:94:e7:f9:e0:ef:26:5a:b2:ba:fb:47:6c:d8:
                    22:61:96:ae:38:a7:ce:a9:93:b0:ff:ab:94:82:37:
                    71:57:b9:95:5e:b1:09:9f:c1:68:94:8a:ed:2d:d5:
                    74:17:83:a0:35:d2:7f:8d:6f:50:f9:d8:d9:c1:39:
                    87:af:38:01:15:af:88:c5:01:ee:b6:a6:1f:37:52:
                    75:84:5a:c0:03:75:7b:2a:ad:f0:72:b4:84:c6:21:
                    b2:00:b6:00:55:6f:3e:35:66:9b:5f:57:47:93:56:
                    d1:41:14:ba:b7:18:90:2c:73:c6:42:6f:40:9a:5a:
                    1d:02:b1:50:51:61:cf:39:04:cb:6a:27:26:59:57:
                    62:87:80:1c:51:6e:6d:b8:e1:d5:47:b0:8c:cf:36:
                    36:3a:cb:f7:46:b6:fd:b0:48:bd:f4:a4:75:5b:eb:
                    35:57:c5:97:19:ca:bd:a3:f6:ca:e4:59:15:86:e0:
                    62:73:50:ab:a9:b3:32:25:b9:e7:47:2a:66:b2:09:
                    ae:4a:88:f7:51:fe:6e:b9:20:84:f8:31:14:ec:f5:
                    26:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:FA:4F:B6:2E:76:C9:8B:59:D8:BD:12:0B:63:71:16:38:EC:1C:33
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/FvpPti52yYtZ2L0SC2NxFjjsHDM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.5.189.0/24
                  81.168.35.0/24
                  81.168.119.0-81.168.120.255
                  81.168.123.0/24
                  81.168.126.0/24
                  82.152.248.0/24
                  82.152.251.0/24
                  82.152.253.0-82.152.255.255
                  82.153.1.0/24
                  82.153.68.0/23
                  82.153.71.0-82.153.72.255
                  82.153.78.0/24
                  82.153.132.0/24

    Signature Algorithm: sha256WithRSAEncryption
         75:6f:2a:ec:07:5f:e9:9c:8c:21:04:2f:77:3c:5b:67:b1:2a:
         5e:04:e5:3f:92:14:4a:a1:db:77:f6:e3:e0:7b:b8:77:01:c6:
         c1:42:63:8b:59:4f:cb:cb:38:df:6e:7d:b6:e5:6a:d5:a2:c8:
         38:cf:77:6c:29:6c:12:e9:50:df:ea:9b:b3:55:85:ed:72:4c:
         0a:ef:5e:9b:a5:c3:dc:0d:59:56:c1:81:94:36:cf:b4:4b:af:
         3c:a9:79:14:3a:ed:75:5f:3e:92:d4:d7:24:25:70:7b:2e:7f:
         b7:b3:7a:3c:e6:6b:99:6b:51:45:d3:59:cd:a0:5c:c5:85:29:
         02:7a:26:21:09:35:49:6d:75:4d:d6:4b:b6:60:21:5a:55:1f:
         8a:ad:6b:24:ce:cb:44:4e:14:29:2a:dd:ff:b1:b1:01:90:5a:
         49:e7:7a:77:e4:e5:a0:9a:2a:f0:38:17:aa:69:af:fa:91:5f:
         0f:23:94:bb:13:57:1e:60:12:b5:fe:c1:28:e9:3a:ef:48:9f:
         c5:7e:43:16:d7:fc:28:20:4d:8c:0f:90:66:47:5f:a5:f3:03:
         8b:ae:2c:fb:c6:75:91:9b:d7:00:28:a6:43:3f:a5:83:cc:1b:
         6a:11:26:a5:aa:c3:92:e5:a0:18:c2:ad:8c:39:e8:9c:a8:b2:
         34:f7:04:a1
-----BEGIN CERTIFICATE-----
MIIFXDCCBESgAwIBAgISAYh7IrXjGRGcn3O83RxXQ7dBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNjAyMDgwNDEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNmZhNGZiNjJlNzZjOThiNTlkOGJkMTIwYjYzNzExNjM4ZWMxYzMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi+yovxtX5fICfEVm2dGPu6naLb0D
Dt1ZSKpIfnbQo6yDD2e04VXbBcm2AbYDe5Tn+eDvJlqyuvtHbNgiYZauOKfOqZOw
/6uUgjdxV7mVXrEJn8FolIrtLdV0F4OgNdJ/jW9Q+djZwTmHrzgBFa+IxQHutqYf
N1J1hFrAA3V7Kq3wcrSExiGyALYAVW8+NWabX1dHk1bRQRS6txiQLHPGQm9Amlod
ArFQUWHPOQTLaicmWVdih4AcUW5tuOHVR7CMzzY2Osv3Rrb9sEi99KR1W+s1V8WX
Gcq9o/bK5FkVhuBic1CrqbMyJbnnRypmsgmuSoj3Uf5uuSCE+DEU7PUmSwIDAQAB
o4ICaDCCAmQwHQYDVR0OBBYEFBb6T7YudsmLWdi9EgtjcRY47BwzMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvRnZwUHRpNTJ5WXRaMkwwU0MyTnhGampzSERNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH4GCCsGAQUFBwEHAQH/BG8wbTBrBAIAATBlAwQAUQW9AwQA
UagjMAwDBABRqHcDBABRqHgDBABRqHsDBABRqH4DBABSmPgDBABSmPswCwMEAFKY
/QMDAFKYAwQAUpkBAwQBUplEMAwDBABSmUcDBABSmUgDBABSmU4DBABSmYQwDQYJ
KoZIhvcNAQELBQADggEBAHVvKuwHX+mcjCEEL3c8W2exKl4E5T+SFEqh23f24+B7
uHcBxsFCY4tZT8vLON9ufbblatWiyDjPd2wpbBLpUN/qm7NVhe1yTArvXpulw9wN
WVbBgZQ2z7RLrzypeRQ67XVfPpLU1yQlcHsuf7ezejzma5lrUUXTWc2gXMWFKQJ6
JiEJNUltdU3WS7ZgIVpVH4qtayTOy0ROFCkq3f+xsQGQWknnenfk5aCaKvA4F6pp
r/qRXw8jlLsTVx5gErX+wSjpOu9In8V+QxbX/CggTYwPkGZHX6XzA4uuLPvGdZGb
1wAopkM/pYPMG2oRJqWqw5LloBjCrYw56JyosjT3BKE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:21 2024 by rpki-client on console-ams.rpki-client.org