Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/JMoNmNEcag2Xx9JKHSrFB7oKlWw.roa
File:                     JMoNmNEcag2Xx9JKHSrFB7oKlWw.roa (raw, json)
Hash identifier:          6Wr8cm7WSJbyUlQ+FEiI8PHXWvzovSFdM8tr0fiKZIc=
Subject key identifier:   24:CA:0D:98:D1:1C:6A:0D:97:C7:D2:4A:1D:2A:C5:07:BA:0A:95:6C
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       0189D0A7B76AF83B5A31A9725E49A90735FE
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/JMoNmNEcag2Xx9JKHSrFB7oKlWw.roa
Signing time:             Mon 07 Aug 2023 15:39:59 +0000
ROA not before:           Mon 07 Aug 2023 15:39:59 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61317
IP address blocks:        82.153.132.0/24 maxlen: 24
                          82.153.69.0/24 maxlen: 24
                          82.153.68.0/24 maxlen: 24
                          82.153.71.0/24 maxlen: 24
                          82.153.72.0/24 maxlen: 24
                          82.153.79.0/24 maxlen: 24
                          81.168.123.0/24 maxlen: 24
                          81.168.120.0/24 maxlen: 24
                          81.168.119.0/24 maxlen: 24
                          81.168.126.0/24 maxlen: 24
                          109.176.247.0/24 maxlen: 24
                          109.176.251.0/24 maxlen: 24
                          185.49.124.0/24 maxlen: 24
                          81.5.189.0/24 maxlen: 24
                          89.213.190.0/24 maxlen: 24
                          89.213.7.0/24 maxlen: 24
                          89.213.6.0/24 maxlen: 24
                          89.213.130.0/24 maxlen: 24
                          82.152.251.0/24 maxlen: 24
                          82.152.248.0/24 maxlen: 24
                          81.168.35.0/24 maxlen: 24
                          82.152.254.0/24 maxlen: 24
                          89.213.161.0/24 maxlen: 24
                          82.153.224.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 04 Sep 2023 11:50:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:d0:a7:b7:6a:f8:3b:5a:31:a9:72:5e:49:a9:07:35:fe
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Aug  7 15:39:59 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=24ca0d98d11c6a0d97c7d24a1d2ac507ba0a956c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:c8:d8:48:67:5c:8a:e3:16:0f:10:f3:be:76:
                    8b:f9:4f:57:35:d3:63:3f:b4:c8:57:76:35:93:9f:
                    6e:bb:f2:12:06:cf:67:fb:95:1a:5e:a7:e6:23:91:
                    6a:3a:14:e4:7b:14:4a:ae:8b:e2:e6:a0:3b:2c:e9:
                    ba:51:8e:1c:8e:ee:9a:fa:bc:b0:53:cc:35:29:bc:
                    00:7c:4e:2d:94:b9:9b:09:11:4c:37:43:85:2e:bf:
                    1d:21:2c:e7:b0:fa:13:83:bc:ad:e8:ff:85:d2:31:
                    fb:e8:31:fd:27:78:95:e2:c9:9c:65:65:fc:dd:2a:
                    bc:8f:c4:c3:40:43:37:08:e8:df:75:51:a8:f9:98:
                    d7:35:54:bd:24:ab:64:19:b0:dd:a7:23:cd:f4:c6:
                    36:73:1b:30:dc:fb:e9:e2:1f:78:a1:78:86:8d:c1:
                    64:07:29:09:8e:6c:71:ef:6b:e7:5e:e7:f4:a0:c9:
                    ea:fc:17:c0:08:e1:aa:2b:69:d1:18:da:32:e8:23:
                    82:8b:e8:6d:45:25:b0:99:b6:94:f0:4c:60:8c:9a:
                    44:06:a7:eb:5d:90:94:25:71:ff:b7:27:ce:44:4e:
                    fb:32:20:41:d8:6f:23:bb:76:9c:4d:02:15:69:24:
                    b6:0f:5d:46:2c:fb:8a:fd:9f:9b:ff:f8:12:a0:bb:
                    e1:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:CA:0D:98:D1:1C:6A:0D:97:C7:D2:4A:1D:2A:C5:07:BA:0A:95:6C
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/JMoNmNEcag2Xx9JKHSrFB7oKlWw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.5.189.0/24
                  81.168.35.0/24
                  81.168.119.0-81.168.120.255
                  81.168.123.0/24
                  81.168.126.0/24
                  82.152.248.0/24
                  82.152.251.0/24
                  82.152.254.0/24
                  82.153.68.0/23
                  82.153.71.0-82.153.72.255
                  82.153.79.0/24
                  82.153.132.0/24
                  82.153.224.0/24
                  89.213.6.0/23
                  89.213.130.0/24
                  89.213.161.0/24
                  89.213.190.0/24
                  109.176.247.0/24
                  109.176.251.0/24
                  185.49.124.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7b:d1:26:e2:a3:59:61:f1:c1:fb:aa:35:db:04:05:b4:be:f4:
         f8:b3:49:97:cd:82:e5:7e:31:2f:d4:1e:f5:a1:00:36:cc:0c:
         d5:bd:2b:fc:90:35:3c:d3:d6:6b:13:26:ab:0c:7c:b6:79:4a:
         82:57:6a:76:f8:49:a9:15:be:06:2e:91:48:ac:15:8a:cf:77:
         7e:b4:cd:f1:b6:79:d7:ce:bb:49:46:d7:4f:a3:f6:21:8a:5d:
         a9:ea:02:d7:35:b4:c9:1d:9c:03:d8:86:5d:ee:59:ac:16:6b:
         ee:c5:5d:f2:f2:1b:88:45:cd:8e:b8:54:59:65:c5:91:c5:77:
         c8:99:80:95:3c:c4:91:ed:25:ad:8b:55:90:bf:6c:21:74:fe:
         1e:3a:af:68:26:8f:46:54:51:6a:f8:ed:b1:b2:3e:43:84:9c:
         ab:07:54:9c:91:29:31:fb:36:51:79:3b:30:5f:b9:82:7f:01:
         23:94:9c:a4:98:1e:68:e5:54:2f:e5:97:23:d3:af:73:b9:88:
         d6:96:12:d1:af:43:d5:bd:ad:e3:4d:e2:0c:da:c6:3b:2c:0e:
         a1:98:52:f6:c7:5a:e3:70:a4:d5:21:ce:9d:f8:a5:5a:03:4d:
         0a:30:d3:4b:66:7f:35:36:e0:4a:d0:9a:0e:d3:d4:18:78:dd:
         ce:8c:c3:f5
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgISAYnQp7dq+DtaMalyXkmpBzX+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwODA3MTUzOTU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGNhMGQ5OGQxMWM2YTBkOTdjN2QyNGExZDJhYzUwN2JhMGE5NTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtcjYSGdciuMWDxDzvnaL+U9XNdNj
P7TIV3Y1k59uu/ISBs9n+5UaXqfmI5FqOhTkexRKrovi5qA7LOm6UY4cju6a+ryw
U8w1KbwAfE4tlLmbCRFMN0OFLr8dISznsPoTg7yt6P+F0jH76DH9J3iV4smcZWX8
3Sq8j8TDQEM3COjfdVGo+ZjXNVS9JKtkGbDdpyPN9MY2cxsw3Pvp4h94oXiGjcFk
BykJjmxx72vnXuf0oMnq/BfACOGqK2nRGNoy6COCi+htRSWwmbaU8ExgjJpEBqfr
XZCUJXH/tyfORE77MiBB2G8ju3acTQIVaSS2D11GLPuK/Z+b//gSoLvhcwIDAQAB
o4ICkDCCAowwHQYDVR0OBBYEFCTKDZjRHGoNl8fSSh0qxQe6CpVsMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvSk1vTm1ORWNhZzJYeDlKS0hTckZCN29LbFd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGlBggrBgEFBQcBBwEB/wSBlTCBkjCBjwQCAAEwgYgDBABR
Bb0DBABRqCMwDAMEAFGodwMEAFGoeAMEAFGoewMEAFGofgMEAFKY+AMEAFKY+wME
AFKY/gMEAVKZRDAMAwQAUplHAwQAUplIAwQAUplPAwQAUpmEAwQAUpngAwQBWdUG
AwQAWdWCAwQAWdWhAwQAWdW+AwQAbbD3AwQAbbD7AwQAuTF8MA0GCSqGSIb3DQEB
CwUAA4IBAQB70Sbio1lh8cH7qjXbBAW0vvT4s0mXzYLlfjEv1B71oQA2zAzVvSv8
kDU809ZrEyarDHy2eUqCV2p2+EmpFb4GLpFIrBWKz3d+tM3xtnnXzrtJRtdPo/Yh
il2p6gLXNbTJHZwD2IZd7lmsFmvuxV3y8huIRc2OuFRZZcWRxXfImYCVPMSR7SWt
i1WQv2whdP4eOq9oJo9GVFFq+O2xsj5DhJyrB1SckSkx+zZReTswX7mCfwEjlJyk
mB5o5VQv5Zcj069zuYjWlhLRr0PVva3jTeIM2sY7LA6hmFL2x1rjcKTVIc6d+KVa
A00KMNNLZn81NuBK0JoO09QYeN3OjMP1
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:15 2024 by rpki-client on console-fra.rpki-client.org