Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/J8b6qxqA0npw2REvXRGCh94Lvz4.roa
File:                     J8b6qxqA0npw2REvXRGCh94Lvz4.roa (raw, json)
Hash identifier:          N3RHSdRjkd/sxoA+KbMrX+UjKuaHUO6ke/BGOzy5yNs=
Subject key identifier:   27:C6:FA:AB:1A:80:D2:7A:70:D9:11:2F:5D:11:82:87:DE:0B:BF:3E
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       01881E452A5CA094F4FC9096CCF7255EEE8C
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/J8b6qxqA0npw2REvXRGCh94Lvz4.roa
Signing time:             Mon 15 May 2023 07:17:09 +0000
ROA not before:           Mon 15 May 2023 07:17:09 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        82.152.174.0/23 maxlen: 23
                          82.153.68.0/24 maxlen: 24
                          82.153.65.0/24 maxlen: 24
                          82.152.108.0/24 maxlen: 24
                          82.153.70.0/24 maxlen: 24
                          82.153.71.0/24 maxlen: 24
                          81.168.123.0/24 maxlen: 24
                          81.168.119.0/24 maxlen: 24
                          82.153.246.0/24 maxlen: 24
                          82.153.248.0/24 maxlen: 24
                          82.153.249.0/24 maxlen: 24
                          82.152.253.0/24 maxlen: 24
                          82.152.249.0/24 maxlen: 24
                          82.152.251.0/24 maxlen: 24
                          82.153.208.0/24 maxlen: 24
                          81.168.35.0/24 maxlen: 24
                          82.153.209.0/24 maxlen: 24
                          82.153.210.0/24 maxlen: 24
                          82.153.211.0/24 maxlen: 24
                          82.152.254.0/24 maxlen: 24
                          82.152.255.0/24 maxlen: 24
                          82.153.4.0/24 maxlen: 24
                          82.153.10.0/24 maxlen: 24
                          82.153.222.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 16 May 2023 07:57:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:1e:45:2a:5c:a0:94:f4:fc:90:96:cc:f7:25:5e:ee:8c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: May 15 07:17:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=27c6faab1a80d27a70d9112f5d118287de0bbf3e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:b2:7a:f3:31:2a:1c:ad:85:47:10:57:ca:bd:
                    96:6a:26:a9:49:87:28:30:31:ed:71:d0:78:78:e9:
                    92:17:04:82:52:ff:2f:8e:32:77:05:6e:9f:34:76:
                    07:48:c2:cc:2b:c4:ef:b8:93:38:f4:75:6e:72:31:
                    93:8b:99:3a:11:a7:fe:08:a5:f1:5d:46:fc:b6:21:
                    d5:7e:fd:ea:56:b9:de:fe:dd:1d:9b:0f:a2:43:d7:
                    10:6e:e1:52:18:17:85:41:8e:ce:93:74:b2:88:e6:
                    08:25:f7:24:e9:8d:47:c6:67:08:8d:52:ca:3b:5d:
                    77:9a:1d:3c:6d:e7:6b:d0:54:13:f1:9a:8e:02:19:
                    a2:91:2d:72:c7:a6:25:03:9d:48:3d:a8:c5:82:dd:
                    51:e1:26:ad:df:53:cb:d7:b8:25:13:3a:6a:4b:17:
                    75:44:d3:7c:d3:8d:91:85:b4:9d:ee:7f:a8:26:df:
                    aa:c7:35:04:5a:5e:04:d0:f4:c2:1c:95:57:c2:b0:
                    cc:b7:de:59:92:37:51:79:da:74:e7:39:2f:c2:98:
                    37:5f:e7:b3:fb:da:55:d0:c0:a3:92:ca:a6:0e:e1:
                    8b:88:73:41:f5:88:33:8b:44:a6:bc:55:01:63:59:
                    b4:5d:a3:74:66:ff:cf:e6:ab:35:f6:bc:3c:77:d5:
                    0f:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:C6:FA:AB:1A:80:D2:7A:70:D9:11:2F:5D:11:82:87:DE:0B:BF:3E
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/J8b6qxqA0npw2REvXRGCh94Lvz4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.168.35.0/24
                  81.168.119.0/24
                  81.168.123.0/24
                  82.152.108.0/24
                  82.152.174.0/23
                  82.152.249.0/24
                  82.152.251.0/24
                  82.152.253.0-82.152.255.255
                  82.153.4.0/24
                  82.153.10.0/24
                  82.153.65.0/24
                  82.153.68.0/24
                  82.153.70.0/23
                  82.153.208.0/22
                  82.153.222.0/24
                  82.153.246.0/24
                  82.153.248.0/23

    Signature Algorithm: sha256WithRSAEncryption
         8d:ba:61:58:66:9c:66:aa:9f:05:5d:49:b2:62:0e:48:26:36:
         3e:cb:3d:22:c5:3e:1a:29:1c:9f:51:4f:98:6a:ed:38:29:a5:
         64:c6:65:b0:45:c7:62:76:5f:21:cb:a1:d1:57:22:c7:f5:2d:
         59:ad:8d:78:15:9d:42:b1:8a:13:54:7b:74:0a:1c:30:a5:56:
         1b:65:71:d6:47:a9:c7:a1:cc:bc:8e:4e:c9:6f:c7:dd:23:9b:
         35:39:03:bd:bc:0a:10:66:df:71:49:58:1b:70:d1:3b:21:c7:
         e3:ed:88:c4:eb:61:e5:d4:51:4a:32:c3:39:de:a0:3f:86:a2:
         ca:c2:03:51:c9:06:58:2d:9b:92:60:0f:e3:fc:3f:70:a7:53:
         62:2e:83:8c:7d:4d:77:13:45:1b:b1:42:ac:c1:2e:f1:77:c4:
         e4:98:e1:0d:d9:53:dc:0d:16:94:f7:37:5d:7a:a5:83:5b:0b:
         06:c1:5a:d8:11:cb:e3:ee:3f:2f:96:6b:67:3f:f7:c1:1e:1f:
         35:e8:ac:5b:16:fa:9c:2f:dd:4b:86:95:a8:6b:62:c6:8b:04:
         28:0a:ed:7c:7a:4b:3f:9e:91:61:4b:bf:99:ba:60:e5:f8:a6:
         ef:97:4b:56:7c:ce:d1:04:73:0d:d4:c2:56:f9:d1:03:c1:46:
         2e:39:be:a8
-----BEGIN CERTIFICATE-----
MIIFZTCCBE2gAwIBAgISAYgeRSpcoJT0/JCWzPclXu6MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNTE1MDcxNzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyN2M2ZmFhYjFhODBkMjdhNzBkOTExMmY1ZDExODI4N2RlMGJiZjNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhbJ68zEqHK2FRxBXyr2WaiapSYco
MDHtcdB4eOmSFwSCUv8vjjJ3BW6fNHYHSMLMK8TvuJM49HVucjGTi5k6Eaf+CKXx
XUb8tiHVfv3qVrne/t0dmw+iQ9cQbuFSGBeFQY7Ok3SyiOYIJfck6Y1HxmcIjVLK
O113mh08bedr0FQT8ZqOAhmikS1yx6YlA51IPajFgt1R4Sat31PL17glEzpqSxd1
RNN8042RhbSd7n+oJt+qxzUEWl4E0PTCHJVXwrDMt95ZkjdRedp05zkvwpg3X+ez
+9pV0MCjksqmDuGLiHNB9Ygzi0SmvFUBY1m0XaN0Zv/P5qs19rw8d9UPLQIDAQAB
o4ICcTCCAm0wHQYDVR0OBBYEFCfG+qsagNJ6cNkRL10RgofeC78+MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvSjhiNnF4cUEwbnB3MlJFdlhSR0NoOTRMdno0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGGBggrBgEFBQcBBwEB/wR3MHUwcwQCAAEwbQMEAFGoIwME
AFGodwMEAFGoewMEAFKYbAMEAVKYrgMEAFKY+QMEAFKY+zALAwQAUpj9AwMAUpgD
BABSmQQDBABSmQoDBABSmUEDBABSmUQDBAFSmUYDBAJSmdADBABSmd4DBABSmfYD
BAFSmfgwDQYJKoZIhvcNAQELBQADggEBAI26YVhmnGaqnwVdSbJiDkgmNj7LPSLF
PhopHJ9RT5hq7TgppWTGZbBFx2J2XyHLodFXIsf1LVmtjXgVnUKxihNUe3QKHDCl
VhtlcdZHqcehzLyOTslvx90jmzU5A728ChBm33FJWBtw0Tshx+PtiMTrYeXUUUoy
wzneoD+GosrCA1HJBlgtm5JgD+P8P3CnU2Iug4x9TXcTRRuxQqzBLvF3xOSY4Q3Z
U9wNFpT3N116pYNbCwbBWtgRy+PuPy+Wa2c/98EeHzXorFsW+pwv3UuGlahrYsaL
BCgK7Xx6Sz+ekWFLv5m6YOX4pu+XS1Z8ztEEcw3Uwlb50QPBRi45vqg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:15 2024 by rpki-client on console-fra.rpki-client.org