Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/KxRm_ftregy-47g4avqYULIVWzw.roa
File:                     KxRm_ftregy-47g4avqYULIVWzw.roa (raw, json)
Hash identifier:          hOk6kvHH/PLpOHw686HuSugtd0gqtKD0s6gO8OjnjvQ=
Subject key identifier:   2B:14:66:FD:FB:6B:7A:0C:BE:E3:B8:38:6A:FA:98:50:B2:15:5B:3C
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       0187D3D40A3EA253910910DFF7DCED15E4CD
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/KxRm_ftregy-47g4avqYULIVWzw.roa
Signing time:             Sun 30 Apr 2023 20:21:41 +0000
ROA not before:           Sun 30 Apr 2023 20:21:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        82.152.174.0/23 maxlen: 23
                          82.153.68.0/24 maxlen: 24
                          82.153.65.0/24 maxlen: 24
                          82.153.70.0/24 maxlen: 24
                          82.153.71.0/24 maxlen: 24
                          81.168.123.0/24 maxlen: 24
                          81.168.119.0/24 maxlen: 24
                          82.153.246.0/24 maxlen: 24
                          82.153.248.0/24 maxlen: 24
                          82.153.249.0/24 maxlen: 24
                          82.152.249.0/24 maxlen: 24
                          82.152.251.0/24 maxlen: 24
                          81.168.35.0/24 maxlen: 24
                          82.153.209.0/24 maxlen: 24
                          82.153.210.0/24 maxlen: 24
                          82.152.254.0/24 maxlen: 24
                          82.152.255.0/24 maxlen: 24
                          82.153.4.0/24 maxlen: 24
                          82.153.10.0/24 maxlen: 24
                          82.153.222.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 09 May 2023 08:25:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:d3:d4:0a:3e:a2:53:91:09:10:df:f7:dc:ed:15:e4:cd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Apr 30 20:21:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2b1466fdfb6b7a0cbee3b8386afa9850b2155b3c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:06:62:1b:fb:a7:ae:dc:33:a3:57:03:5f:1d:
                    f1:16:3c:e6:1f:c7:34:4c:51:cd:48:d2:66:6c:3e:
                    7b:29:84:e1:f0:80:53:97:23:18:de:6b:b5:67:d0:
                    a7:71:c7:88:46:b7:2c:b5:e8:4e:a0:49:40:9a:ea:
                    53:19:4d:42:48:53:08:48:90:02:23:7e:97:09:be:
                    3a:53:5f:e0:23:60:44:92:34:c0:53:de:98:1f:d6:
                    38:ba:5b:5d:20:d8:d6:0a:58:03:37:89:04:36:43:
                    e3:8c:84:53:9f:7d:30:f7:a8:6e:7d:74:a3:8a:44:
                    02:9f:3f:e2:d8:0d:7d:aa:d8:f0:1d:37:53:b5:6a:
                    5d:67:59:b6:91:1b:f3:85:ce:fb:8b:5a:ef:62:b5:
                    6d:d5:61:2b:ad:63:4c:62:45:99:eb:0e:c4:13:1c:
                    0c:24:0a:0b:c5:85:ec:05:de:a4:36:1c:08:a9:61:
                    fa:61:df:6e:3c:1f:54:ae:0b:2e:b8:ed:32:0a:54:
                    c3:ec:7f:89:5c:86:19:bf:1a:a6:26:0c:03:b6:b1:
                    67:90:0f:19:2e:76:95:7b:08:5f:ba:45:ef:46:4d:
                    6f:8e:6b:27:36:9b:1f:ad:8c:44:8a:af:3f:95:a5:
                    69:74:fa:25:e6:37:7a:74:f1:62:b7:71:49:cc:6a:
                    67:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:14:66:FD:FB:6B:7A:0C:BE:E3:B8:38:6A:FA:98:50:B2:15:5B:3C
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/KxRm_ftregy-47g4avqYULIVWzw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.168.35.0/24
                  81.168.119.0/24
                  81.168.123.0/24
                  82.152.174.0/23
                  82.152.249.0/24
                  82.152.251.0/24
                  82.152.254.0/23
                  82.153.4.0/24
                  82.153.10.0/24
                  82.153.65.0/24
                  82.153.68.0/24
                  82.153.70.0/23
                  82.153.209.0-82.153.210.255
                  82.153.222.0/24
                  82.153.246.0/24
                  82.153.248.0/23

    Signature Algorithm: sha256WithRSAEncryption
         3a:2a:d2:47:ae:8c:6b:5c:fe:94:d9:a5:d5:a2:f3:cf:54:28:
         71:7e:d7:af:89:2f:e2:a8:59:fd:a3:c6:ff:21:07:66:e3:83:
         e7:5a:63:d3:66:05:e7:ec:ef:57:af:a9:19:81:7b:42:9b:56:
         8a:ec:ae:3c:48:e0:ac:dc:9b:3e:7b:df:b9:55:de:ca:35:b6:
         4f:90:2c:71:e8:ff:be:3f:f2:80:39:7d:1b:69:23:1f:28:d5:
         8e:93:c4:32:4a:b5:20:59:aa:98:d5:a1:8d:1c:70:5e:19:97:
         e1:9a:a0:33:80:3b:a4:ab:a7:b9:29:84:9c:32:9a:f2:16:68:
         a2:c6:62:f5:c0:75:62:e5:c1:46:96:7d:ac:ad:ad:9d:c4:9f:
         62:e6:32:5d:3d:a2:ca:6e:38:41:f0:bf:17:ab:97:dc:52:ab:
         b6:78:ae:18:6b:e9:a3:cf:ea:fe:c2:d8:c5:93:6c:5f:9f:1b:
         0d:31:cc:21:2e:0d:68:50:2e:d2:66:45:07:fb:aa:b7:f3:7f:
         9f:7e:7f:2c:19:12:46:c6:7b:f7:1b:85:5e:00:54:ac:5c:7f:
         49:c9:82:38:86:f7:68:35:28:b9:ae:e1:7f:86:73:a0:9a:0a:
         2c:f7:de:e3:00:52:da:8a:ec:ee:48:ad:7b:77:66:50:6d:e0:
         b5:f0:47:91
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgISAYfT1Ao+olORCRDf99ztFeTNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNDMwMjAyMTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjE0NjZmZGZiNmI3YTBjYmVlM2I4Mzg2YWZhOTg1MGIyMTU1YjNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6wZiG/unrtwzo1cDXx3xFjzmH8c0
TFHNSNJmbD57KYTh8IBTlyMY3mu1Z9CncceIRrcstehOoElAmupTGU1CSFMISJAC
I36XCb46U1/gI2BEkjTAU96YH9Y4ultdINjWClgDN4kENkPjjIRTn30w96hufXSj
ikQCnz/i2A19qtjwHTdTtWpdZ1m2kRvzhc77i1rvYrVt1WErrWNMYkWZ6w7EExwM
JAoLxYXsBd6kNhwIqWH6Yd9uPB9UrgsuuO0yClTD7H+JXIYZvxqmJgwDtrFnkA8Z
LnaVewhfukXvRk1vjmsnNpsfrYxEiq8/laVpdPol5jd6dPFit3FJzGpnEQIDAQAB
o4ICbDCCAmgwHQYDVR0OBBYEFCsUZv37a3oMvuO4OGr6mFCyFVs8MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvS3hSbV9mdHJlZ3ktNDdnNGF2cVlVTElWV3p3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGBBggrBgEFBQcBBwEB/wRyMHAwbgQCAAEwaAMEAFGoIwME
AFGodwMEAFGoewMEAVKYrgMEAFKY+QMEAFKY+wMEAVKY/gMEAFKZBAMEAFKZCgME
AFKZQQMEAFKZRAMEAVKZRjAMAwQAUpnRAwQAUpnSAwQAUpneAwQAUpn2AwQBUpn4
MA0GCSqGSIb3DQEBCwUAA4IBAQA6KtJHroxrXP6U2aXVovPPVChxfteviS/iqFn9
o8b/IQdm44PnWmPTZgXn7O9Xr6kZgXtCm1aK7K48SOCs3Js+e9+5Vd7KNbZPkCxx
6P++P/KAOX0baSMfKNWOk8QySrUgWaqY1aGNHHBeGZfhmqAzgDukq6e5KYScMpry
FmiixmL1wHVi5cFGln2sra2dxJ9i5jJdPaLKbjhB8L8Xq5fcUqu2eK4Ya+mjz+r+
wtjFk2xfnxsNMcwhLg1oUC7SZkUH+6q383+ffn8sGRJGxnv3G4VeAFSsXH9JyYI4
hvdoNSi5ruF/hnOgmgos997jAFLaiuzuSK17d2ZQbeC18EeR
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:22 2024 by rpki-client on console-ams.rpki-client.org