Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/IJgDhr6aLqpZk7M-NVmWc_Z4X_E.roa
File:                     IJgDhr6aLqpZk7M-NVmWc_Z4X_E.roa (raw, json)
Hash identifier:          W1HXFRSUpMJT//aDmOj9dauJK53h4LoNL97hXB5WnGI=
Subject key identifier:   20:98:03:86:BE:9A:2E:AA:59:93:B3:3E:35:59:96:73:F6:78:5F:F1
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018F805CF21891D6B3C21E71748EE15DCD65
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/IJgDhr6aLqpZk7M-NVmWc_Z4X_E.roa
Signing time:             Thu 16 May 2024 07:45:25 +0000
ROA not before:           Thu 16 May 2024 07:45:25 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     834
IP address blocks:        82.152.176.0/23 maxlen: 23
                          82.153.50.0/24 maxlen: 24
                          82.153.136.0/22 maxlen: 22
                          89.213.97.0/24 maxlen: 24
                          89.213.98.0/24 maxlen: 24
                          89.213.148.0/22 maxlen: 24
                          89.213.152.0/22 maxlen: 24
                          89.213.156.0/22 maxlen: 24
                          89.213.172.0/22 maxlen: 24
                          109.176.16.0/21 maxlen: 24
                          109.176.201.0/24 maxlen: 24
                          109.176.253.0/24 maxlen: 24
                          185.49.126.0/23 maxlen: 24
                          194.105.80.0/20 maxlen: 20
                          213.130.130.0/24 maxlen: 24
                          213.130.149.0/24 maxlen: 24
                          213.210.59.0/24 maxlen: 24
                          213.218.210.0/24 maxlen: 24
                          213.218.211.0/24 maxlen: 24
                          213.218.213.0/24 maxlen: 24
                          213.218.227.0/24 maxlen: 24
                          213.218.231.0/24 maxlen: 24
                          213.218.249.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 16 May 2024 10:12:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:80:5c:f2:18:91:d6:b3:c2:1e:71:74:8e:e1:5d:cd:65
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: May 16 07:45:25 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=20980386be9a2eaa5993b33e35599673f6785ff1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:e8:8c:7b:8b:13:55:9a:58:5a:9b:d5:13:0e:
                    d0:dc:f0:66:c2:39:d1:d2:07:58:22:49:ca:77:36:
                    95:85:66:31:c7:4e:6c:14:89:58:88:2b:d5:e9:39:
                    b2:9e:71:0e:86:c8:4b:dc:2a:af:99:8b:7c:75:9c:
                    98:58:36:70:6f:87:ba:ca:a1:17:af:0a:07:74:e2:
                    20:5b:e0:c3:b6:9a:0b:04:75:d6:f1:0b:d3:65:81:
                    3b:39:44:f9:11:98:8c:4e:59:21:4f:90:c3:e7:40:
                    11:a1:23:ac:2f:75:55:e5:bc:ac:59:ac:c7:9e:1d:
                    b5:2d:4c:e1:a5:a0:38:48:25:c0:21:b4:84:4f:32:
                    48:fc:57:c3:33:be:ae:41:4e:2c:1f:38:b0:10:f4:
                    84:31:02:59:8c:87:93:4c:66:07:7f:12:83:63:d8:
                    fc:4f:5d:70:48:97:ca:ce:7f:b2:24:6d:5f:f7:ce:
                    1a:49:8b:ea:66:f6:b6:78:75:80:f6:81:9c:a3:bb:
                    25:bc:d3:2e:35:aa:d9:74:21:48:06:3b:b1:03:e4:
                    63:a4:1d:37:25:9b:ad:98:5f:ac:63:f2:e5:0a:d9:
                    7b:fa:dd:74:57:eb:46:2d:ff:30:97:ac:3b:d1:57:
                    b2:0b:b3:47:ca:ba:1e:dc:18:61:5b:65:c8:cf:49:
                    43:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:98:03:86:BE:9A:2E:AA:59:93:B3:3E:35:59:96:73:F6:78:5F:F1
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/IJgDhr6aLqpZk7M-NVmWc_Z4X_E.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.152.176.0/23
                  82.153.50.0/24
                  82.153.136.0/22
                  89.213.97.0-89.213.98.255
                  89.213.148.0-89.213.159.255
                  89.213.172.0/22
                  109.176.16.0/21
                  109.176.201.0/24
                  109.176.253.0/24
                  185.49.126.0/23
                  194.105.80.0/20
                  213.130.130.0/24
                  213.130.149.0/24
                  213.210.59.0/24
                  213.218.210.0/23
                  213.218.213.0/24
                  213.218.227.0/24
                  213.218.231.0/24
                  213.218.249.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5f:1c:da:62:56:68:44:b3:02:cf:fd:e2:34:6f:36:1d:b9:6e:
         96:83:ef:13:a0:83:3e:18:30:76:98:23:f8:2e:91:0c:3e:94:
         26:1e:ac:89:fb:8f:aa:d6:c7:14:3a:3a:64:36:cb:98:75:60:
         89:3f:9c:64:d0:c7:d2:34:bb:88:e3:09:fa:4f:b1:ef:e0:96:
         56:64:ca:38:8b:79:ff:99:6e:71:1f:b1:f9:30:7a:c3:5d:cb:
         8e:ab:e5:9b:8c:f2:01:9a:e3:e0:94:8d:6f:fc:12:5f:9c:08:
         01:36:36:30:c2:98:c2:0b:c5:d0:37:27:ab:20:27:0b:57:6c:
         3e:44:97:26:b6:f8:74:a9:54:8d:75:9c:cc:ca:1d:d2:12:a5:
         c5:1f:97:ad:6f:51:3c:f0:7c:cf:eb:d4:63:df:dd:07:98:dd:
         25:e8:4e:99:11:73:22:a8:b8:11:49:e5:26:e9:44:67:87:b7:
         43:9a:ff:fc:b1:e0:62:25:48:43:b5:87:bd:2f:6c:71:b6:c8:
         51:9f:f5:44:42:7b:ad:a8:fd:88:74:af:f0:26:3c:fa:2d:f2:
         e2:21:b6:35:57:17:9b:bd:49:a8:4e:88:59:7a:40:c5:3d:05:
         23:c2:d1:1a:73:9f:58:15:dc:32:32:c3:97:7e:54:7e:2e:c8:
         a9:78:5e:a7
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgISAY+AXPIYkdazwh5xdI7hXc1lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNTE2MDc0NTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDk4MDM4NmJlOWEyZWFhNTk5M2IzM2UzNTU5OTY3M2Y2Nzg1ZmYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArOiMe4sTVZpYWpvVEw7Q3PBmwjnR
0gdYIknKdzaVhWYxx05sFIlYiCvV6TmynnEOhshL3CqvmYt8dZyYWDZwb4e6yqEX
rwoHdOIgW+DDtpoLBHXW8QvTZYE7OUT5EZiMTlkhT5DD50ARoSOsL3VV5bysWazH
nh21LUzhpaA4SCXAIbSETzJI/FfDM76uQU4sHziwEPSEMQJZjIeTTGYHfxKDY9j8
T11wSJfKzn+yJG1f984aSYvqZva2eHWA9oGco7slvNMuNarZdCFIBjuxA+RjpB03
JZutmF+sY/LlCtl7+t10V+tGLf8wl6w70VeyC7NHyroe3BhhW2XIz0lD2QIDAQAB
o4ICijCCAoYwHQYDVR0OBBYEFCCYA4a+mi6qWZOzPjVZlnP2eF/xMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvSUpnRGhyNmFMcXBaazdNLU5WbVdjX1o0WF9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGfBggrBgEFBQcBBwEB/wSBjzCBjDCBiQQCAAEwgYIDBAFS
mLADBABSmTIDBAJSmYgwDAMEAFnVYQMEAFnVYjAMAwQCWdWUAwQFWdWAAwQCWdWs
AwQDbbAQAwQAbbDJAwQAbbD9AwQBuTF+AwQEwmlQAwQA1YKCAwQA1YKVAwQA1dI7
AwQB1drSAwQA1drVAwQA1drjAwQA1drnAwQA1dr5MA0GCSqGSIb3DQEBCwUAA4IB
AQBfHNpiVmhEswLP/eI0bzYduW6Wg+8ToIM+GDB2mCP4LpEMPpQmHqyJ+4+q1scU
OjpkNsuYdWCJP5xk0MfSNLuI4wn6T7Hv4JZWZMo4i3n/mW5xH7H5MHrDXcuOq+Wb
jPIBmuPglI1v/BJfnAgBNjYwwpjCC8XQNyerICcLV2w+RJcmtvh0qVSNdZzMyh3S
EqXFH5etb1E88HzP69Rj390HmN0l6E6ZEXMiqLgRSeUm6URnh7dDmv/8seBiJUhD
tYe9L2xxtshRn/VEQnutqP2IdK/wJjz6LfLiIbY1VxebvUmoTohZekDFPQUjwtEa
c59YFdwyMsOXflR+LsipeF6n
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:15 2024 by rpki-client on console-fra.rpki-client.org