Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Gabd0f56zJKLb1z09owS78yDq2E.roa
File:                     Gabd0f56zJKLb1z09owS78yDq2E.roa (raw, json)
Hash identifier:          jh2F/aztFdzUmxJuCd7tOo8nSMKcucUrWFOpRfJYbNE=
Subject key identifier:   19:A6:DD:D1:FE:7A:CC:92:8B:6F:5C:F4:F6:8C:12:EF:CC:83:AB:61
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       0187FF9F195A04506157445152CA1D3741D1
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Gabd0f56zJKLb1z09owS78yDq2E.roa
Signing time:             Tue 09 May 2023 08:27:09 +0000
ROA not before:           Tue 09 May 2023 08:27:09 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        82.152.174.0/23 maxlen: 23
                          82.153.68.0/24 maxlen: 24
                          82.153.65.0/24 maxlen: 24
                          82.153.70.0/24 maxlen: 24
                          82.153.71.0/24 maxlen: 24
                          81.168.123.0/24 maxlen: 24
                          81.168.119.0/24 maxlen: 24
                          82.153.246.0/24 maxlen: 24
                          82.153.248.0/24 maxlen: 24
                          82.153.249.0/24 maxlen: 24
                          82.152.253.0/24 maxlen: 24
                          82.152.249.0/24 maxlen: 24
                          82.152.251.0/24 maxlen: 24
                          82.153.208.0/24 maxlen: 24
                          81.168.35.0/24 maxlen: 24
                          82.153.209.0/24 maxlen: 24
                          82.153.210.0/24 maxlen: 24
                          82.153.211.0/24 maxlen: 24
                          82.152.254.0/24 maxlen: 24
                          82.152.255.0/24 maxlen: 24
                          82.153.4.0/24 maxlen: 24
                          82.153.10.0/24 maxlen: 24
                          82.153.222.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 15 May 2023 07:17:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:ff:9f:19:5a:04:50:61:57:44:51:52:ca:1d:37:41:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: May  9 08:27:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=19a6ddd1fe7acc928b6f5cf4f68c12efcc83ab61
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:5c:c2:de:9d:7a:ad:66:d3:63:bf:09:48:b2:
                    3f:4c:36:0e:06:fb:4d:fb:cb:96:2b:fa:ff:5c:91:
                    cc:c0:84:c2:60:59:26:0c:3e:7b:4c:75:2d:25:a3:
                    d4:30:e8:a6:90:3f:34:4a:f6:24:23:8b:02:34:7c:
                    68:2b:9c:23:26:bf:a9:7f:b7:57:6a:14:14:12:fe:
                    5a:36:65:50:b7:b8:00:f7:a8:69:42:2a:ff:f6:7b:
                    64:ad:ff:4c:b5:e7:1b:67:e8:79:c9:ae:17:e1:58:
                    1a:73:7c:9a:8c:80:01:42:c8:41:28:34:f8:c8:d4:
                    d6:46:a1:99:9a:f2:02:c5:0d:8e:21:41:62:d7:43:
                    bb:9c:e8:59:1b:c4:f4:f0:91:73:8f:47:91:c8:f4:
                    b4:b5:20:01:b9:4b:c0:1e:bb:05:a5:df:a3:11:08:
                    17:2b:f0:15:49:55:f5:ee:88:fd:8e:5b:e7:5d:b5:
                    08:39:2f:4d:79:27:a0:75:3e:b9:e5:a9:05:4f:d0:
                    5e:7f:c4:0b:b7:0f:e3:b3:b3:b0:c2:ef:48:34:43:
                    de:1d:a8:d8:2c:e5:54:f5:09:5c:e7:91:f9:a1:a1:
                    6b:a4:20:cf:c0:f0:93:68:cb:08:23:d2:4d:71:27:
                    15:c6:5a:c8:64:15:01:1f:3d:f5:10:e9:36:f5:fd:
                    ea:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:A6:DD:D1:FE:7A:CC:92:8B:6F:5C:F4:F6:8C:12:EF:CC:83:AB:61
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Gabd0f56zJKLb1z09owS78yDq2E.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.168.35.0/24
                  81.168.119.0/24
                  81.168.123.0/24
                  82.152.174.0/23
                  82.152.249.0/24
                  82.152.251.0/24
                  82.152.253.0-82.152.255.255
                  82.153.4.0/24
                  82.153.10.0/24
                  82.153.65.0/24
                  82.153.68.0/24
                  82.153.70.0/23
                  82.153.208.0/22
                  82.153.222.0/24
                  82.153.246.0/24
                  82.153.248.0/23

    Signature Algorithm: sha256WithRSAEncryption
         08:f2:d7:1b:b4:74:85:f2:ed:b9:81:2d:50:44:39:3a:08:07:
         b7:92:92:5b:eb:2b:4a:a2:0f:46:75:b8:4e:c1:ab:01:d9:09:
         fc:4b:27:cd:17:d4:06:21:bf:4e:54:b8:ad:e9:01:31:d8:85:
         28:42:b0:7e:1a:a7:fb:2f:3e:f8:05:b8:14:a8:55:1f:6d:59:
         25:64:8c:38:c9:18:e4:b7:f8:b2:98:5e:7b:4f:4d:c0:1d:58:
         11:c1:6d:25:9e:de:ad:ae:b6:40:31:75:14:b5:40:ae:c3:34:
         c4:ca:4e:8f:d1:35:72:33:b1:3b:81:24:90:3a:5c:8b:b8:85:
         b8:37:09:b9:10:3e:13:2e:66:63:a0:6c:07:9c:1f:6c:81:84:
         0b:30:3f:8e:e5:3e:5b:d5:8b:44:ee:f3:f0:d5:18:cc:21:4f:
         1f:15:52:5f:bc:8b:0f:19:e6:3f:02:9d:e7:c8:04:38:ec:96:
         ea:ab:d7:1d:1d:c1:0b:0f:61:7a:34:5c:78:75:45:56:f2:7e:
         86:e2:ae:d8:54:f8:5a:90:73:09:f6:7e:67:9f:a7:36:b2:fa:
         51:a5:20:05:9f:1b:63:86:2d:11:3f:1d:79:5d:d3:ef:ea:cc:
         71:32:8a:62:0d:3a:fe:c6:77:e0:7b:2d:e9:82:bf:93:ec:ec:
         94:27:c4:d8
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgISAYf/nxlaBFBhV0RRUsodN0HRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNTA5MDgyNzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOWE2ZGRkMWZlN2FjYzkyOGI2ZjVjZjRmNjhjMTJlZmNjODNhYjYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoFzC3p16rWbTY78JSLI/TDYOBvtN
+8uWK/r/XJHMwITCYFkmDD57THUtJaPUMOimkD80SvYkI4sCNHxoK5wjJr+pf7dX
ahQUEv5aNmVQt7gA96hpQir/9ntkrf9MtecbZ+h5ya4X4Vgac3yajIABQshBKDT4
yNTWRqGZmvICxQ2OIUFi10O7nOhZG8T08JFzj0eRyPS0tSABuUvAHrsFpd+jEQgX
K/AVSVX17oj9jlvnXbUIOS9NeSegdT655akFT9Bef8QLtw/js7Owwu9INEPeHajY
LOVU9Qlc55H5oaFrpCDPwPCTaMsII9JNcScVxlrIZBUBHz31EOk29f3q+QIDAQAB
o4ICazCCAmcwHQYDVR0OBBYEFBmm3dH+esySi29c9PaMEu/Mg6thMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvR2FiZDBmNTZ6SktMYjF6MDlvd1M3OHlEcTJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGABggrBgEFBQcBBwEB/wRxMG8wbQQCAAEwZwMEAFGoIwME
AFGodwMEAFGoewMEAVKYrgMEAFKY+QMEAFKY+zALAwQAUpj9AwMAUpgDBABSmQQD
BABSmQoDBABSmUEDBABSmUQDBAFSmUYDBAJSmdADBABSmd4DBABSmfYDBAFSmfgw
DQYJKoZIhvcNAQELBQADggEBAAjy1xu0dIXy7bmBLVBEOToIB7eSklvrK0qiD0Z1
uE7BqwHZCfxLJ80X1AYhv05UuK3pATHYhShCsH4ap/svPvgFuBSoVR9tWSVkjDjJ
GOS3+LKYXntPTcAdWBHBbSWe3q2utkAxdRS1QK7DNMTKTo/RNXIzsTuBJJA6XIu4
hbg3CbkQPhMuZmOgbAecH2yBhAswP47lPlvVi0Tu8/DVGMwhTx8VUl+8iw8Z5j8C
nefIBDjsluqr1x0dwQsPYXo0XHh1RVbyfobirthU+FqQcwn2fmefpzay+lGlIAWf
G2OGLRE/HXld0+/qzHEyimINOv7Gd+B7LemCv5Ps7JQnxNg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:21 2024 by rpki-client on console-ams.rpki-client.org