Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/K6rLbLXuNVJpYEoZNClnMkCfl00.roa
File:                     K6rLbLXuNVJpYEoZNClnMkCfl00.roa (raw, json)
Hash identifier:          84dtjYsF6OGNm+hRNnd+AaHjplWlHBiZQXI6+53fOoI=
Subject key identifier:   2B:AA:CB:6C:B5:EE:35:52:69:60:4A:19:34:29:67:32:40:9F:97:4D
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018D5F6E9751E677B0F2ACE024BA07DD221A
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/K6rLbLXuNVJpYEoZNClnMkCfl00.roa
Signing time:             Wed 31 Jan 2024 12:11:39 +0000
ROA not before:           Wed 31 Jan 2024 12:11:39 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     834
IP address blocks:        82.153.136.0/22 maxlen: 22
                          89.213.148.0/22 maxlen: 24
                          89.213.152.0/22 maxlen: 24
                          89.213.156.0/22 maxlen: 24
                          89.213.165.0/24 maxlen: 24
                          89.213.172.0/22 maxlen: 24
                          89.213.173.0/24 maxlen: 24
                          89.213.180.0/24 maxlen: 24
                          109.176.252.0/24 maxlen: 24
                          185.49.126.0/23 maxlen: 24
                          213.152.42.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 01 Feb 2024 08:58:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:5f:6e:97:51:e6:77:b0:f2:ac:e0:24:ba:07:dd:22:1a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jan 31 12:11:39 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=2baacb6cb5ee355269604a1934296732409f974d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:8f:96:e8:d0:41:4c:ef:f4:d7:ef:40:34:ea:
                    1c:8f:de:c8:e0:ad:77:4d:78:ad:32:1d:3a:cc:5f:
                    14:db:6a:11:52:cb:66:b9:34:88:73:95:94:4d:1b:
                    40:46:d2:db:08:32:0d:60:4b:61:56:cc:96:73:57:
                    f2:30:56:30:5b:15:f2:70:ad:98:3d:a8:eb:e9:68:
                    01:ea:40:1a:19:75:4b:c2:d3:0e:79:3a:0e:98:fd:
                    c8:0d:bf:91:63:e4:fa:d1:52:02:c8:0f:fe:22:34:
                    c3:ee:ba:cb:34:bd:da:71:78:ab:6d:e1:76:67:5c:
                    a1:f2:ea:46:ad:b3:79:cb:07:14:96:7c:24:12:3f:
                    8c:11:8f:41:df:f1:0c:dc:12:78:35:2c:2c:28:de:
                    bd:8e:a3:51:28:6e:41:de:f9:cd:07:e4:f3:70:19:
                    2d:a5:1f:55:d9:67:ce:26:3b:08:2d:8d:dd:e3:77:
                    58:66:f7:0d:7d:45:f9:bc:d4:50:41:88:49:2d:e8:
                    36:08:02:5a:7d:ed:22:4b:2c:00:97:03:ea:a8:ea:
                    9c:08:74:f8:52:58:2b:41:5d:77:a2:a6:0a:a7:f5:
                    8d:d9:ab:b1:f2:41:4e:56:e1:0f:d6:19:3e:e8:04:
                    61:9e:3c:a7:64:4a:c1:4c:34:ad:e7:86:ae:f3:e8:
                    09:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:AA:CB:6C:B5:EE:35:52:69:60:4A:19:34:29:67:32:40:9F:97:4D
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/K6rLbLXuNVJpYEoZNClnMkCfl00.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.136.0/22
                  89.213.148.0-89.213.159.255
                  89.213.165.0/24
                  89.213.172.0/22
                  89.213.180.0/24
                  109.176.252.0/24
                  185.49.126.0/23
                  213.152.42.0/24

    Signature Algorithm: sha256WithRSAEncryption
         57:cb:f3:4f:25:c6:69:55:3d:d2:6d:3a:cb:4e:26:54:6c:9b:
         37:e1:7c:8d:d3:e5:f5:b7:5e:7e:e7:4f:84:91:14:8b:4a:ce:
         0c:03:bb:04:c8:fc:41:c9:07:b1:4d:e2:8f:77:fc:bb:64:bc:
         d2:98:2b:52:b6:1b:a2:04:93:1c:bf:c7:96:12:e7:4d:f4:ef:
         85:79:39:44:4a:92:8b:99:a7:53:0b:d6:e9:f8:65:e5:84:db:
         b9:91:3b:65:61:56:d1:75:fd:0b:57:5c:54:5e:dc:6a:ca:51:
         cd:ec:f8:8f:53:d1:c1:41:87:df:7d:fe:e0:30:6c:1c:49:da:
         00:58:73:f3:8e:61:34:d0:95:bf:02:0e:ec:d2:01:74:cc:04:
         be:b0:16:e9:4f:28:6c:98:08:29:9b:70:e4:68:9d:4e:c8:56:
         05:f3:9e:50:25:88:e7:31:c8:ed:9b:34:f7:75:2c:ba:3c:2d:
         1e:0c:5d:eb:9a:82:e1:ec:d4:ea:d6:4f:e3:23:31:5e:1f:9f:
         20:01:80:ba:5f:a1:d3:4d:40:cf:98:25:75:58:80:5a:34:93:
         e6:0e:67:10:a9:86:d0:f9:5a:8d:4c:f5:5b:f0:96:08:c9:47:
         35:dc:09:4d:a8:d8:cd:8d:b6:be:3d:a7:b4:5f:d9:4c:f9:aa:
         f4:b3:be:b1
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAY1fbpdR5new8qzgJLoH3SIaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMTMxMTIxMTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmFhY2I2Y2I1ZWUzNTUyNjk2MDRhMTkzNDI5NjczMjQwOWY5NzRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1o+W6NBBTO/01+9ANOocj97I4K13
TXitMh06zF8U22oRUstmuTSIc5WUTRtARtLbCDINYEthVsyWc1fyMFYwWxXycK2Y
Pajr6WgB6kAaGXVLwtMOeToOmP3IDb+RY+T60VICyA/+IjTD7rrLNL3acXirbeF2
Z1yh8upGrbN5ywcUlnwkEj+MEY9B3/EM3BJ4NSwsKN69jqNRKG5B3vnNB+TzcBkt
pR9V2WfOJjsILY3d43dYZvcNfUX5vNRQQYhJLeg2CAJafe0iSywAlwPqqOqcCHT4
UlgrQV13oqYKp/WN2aux8kFOVuEP1hk+6ARhnjynZErBTDSt54au8+gJPQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFCuqy2y17jVSaWBKGTQpZzJAn5dNMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvSzZyTGJMWHVOVkpwWUVvWk5DbG5Na0NmbDAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQCUpmIMAwD
BAJZ1ZQDBAVZ1YADBABZ1aUDBAJZ1awDBABZ1bQDBABtsPwDBAG5MX4DBADVmCow
DQYJKoZIhvcNAQELBQADggEBAFfL808lxmlVPdJtOstOJlRsmzfhfI3T5fW3Xn7n
T4SRFItKzgwDuwTI/EHJB7FN4o93/LtkvNKYK1K2G6IEkxy/x5YS503074V5OURK
kouZp1ML1un4ZeWE27mRO2VhVtF1/QtXXFRe3GrKUc3s+I9T0cFBh999/uAwbBxJ
2gBYc/OOYTTQlb8CDuzSAXTMBL6wFulPKGyYCCmbcORonU7IVgXznlAliOcxyO2b
NPd1LLo8LR4MXeuaguHs1OrWT+MjMV4fnyABgLpfodNNQM+YJXVYgFo0k+YOZxCp
htD5Wo1M9VvwlgjJRzXcCU2o2M2Ntr49p7Rf2Uz5qvSzvrE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:15 2024 by rpki-client on console-fra.rpki-client.org