Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/LHPqxBKz8vXZSdFuISTXboPKuq4.roa
File:                     LHPqxBKz8vXZSdFuISTXboPKuq4.roa (raw, json)
Hash identifier:          VMHv9gzG7TS4H9ScIlDQ5KgwjfGH24MxzM2WuxTQvPY=
Subject key identifier:   2C:73:EA:C4:12:B3:F2:F5:D9:49:D1:6E:21:24:D7:6E:83:CA:BA:AE
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018AFB722BC7F8F707CF4748595B11495CFF
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/LHPqxBKz8vXZSdFuISTXboPKuq4.roa
Signing time:             Wed 04 Oct 2023 16:07:58 +0000
ROA not before:           Wed 04 Oct 2023 16:07:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        89.213.176.0/22 maxlen: 24
                          89.213.180.0/22 maxlen: 24
                          185.49.126.0/23 maxlen: 24
                          82.153.136.0/22 maxlen: 22
                          81.168.123.0/24 maxlen: 24
                          81.168.119.0/24 maxlen: 24
                          109.176.240.0/24 maxlen: 24
                          89.213.152.0/22 maxlen: 24
                          89.213.148.0/22 maxlen: 24
                          213.152.42.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 05 Oct 2023 07:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:fb:72:2b:c7:f8:f7:07:cf:47:48:59:5b:11:49:5c:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Oct  4 16:07:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2c73eac412b3f2f5d949d16e2124d76e83cabaae
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:12:9a:7f:72:50:06:b6:68:72:26:cd:de:70:
                    f2:d5:2e:0d:6e:79:f4:11:43:e9:2a:59:89:69:dc:
                    3a:c4:05:d3:6b:3a:24:a7:49:fa:89:be:40:26:96:
                    ed:ae:36:28:ab:f9:7b:27:9d:84:04:e4:0d:22:0a:
                    84:6c:36:ef:29:d0:39:d4:1c:ff:58:e0:79:d4:7b:
                    c5:9f:c9:de:ff:57:c6:9b:25:48:9a:fb:56:5e:d7:
                    5d:9d:9f:69:a3:c6:eb:28:95:04:58:18:2f:ec:9c:
                    67:26:5c:41:12:91:52:b8:52:68:ab:28:14:c7:4d:
                    4c:f9:2c:d1:b7:4a:59:6e:6f:94:de:9a:ae:aa:bb:
                    70:74:96:46:d1:42:fb:5f:06:63:6d:39:f8:fd:c8:
                    d9:54:59:0d:68:83:e0:14:af:ec:7c:ec:0c:af:f1:
                    0a:a9:1c:1c:73:c7:47:f6:33:29:d8:83:b6:da:62:
                    3b:17:b0:2c:50:6b:5e:30:c3:10:df:ed:eb:77:cd:
                    f8:fe:d7:5b:17:e5:3f:ee:4b:89:39:47:7a:5f:29:
                    94:d7:9f:97:9c:56:bf:50:f8:14:0a:76:62:fc:04:
                    7c:56:1c:1c:91:cc:8c:c1:b3:f5:19:6e:a2:76:40:
                    ef:cf:84:97:ee:9d:2d:01:ce:cc:2c:1f:25:b3:bb:
                    cb:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:73:EA:C4:12:B3:F2:F5:D9:49:D1:6E:21:24:D7:6E:83:CA:BA:AE
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/LHPqxBKz8vXZSdFuISTXboPKuq4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.168.119.0/24
                  81.168.123.0/24
                  82.153.136.0/22
                  89.213.148.0-89.213.155.255
                  89.213.176.0/21
                  109.176.240.0/24
                  185.49.126.0/23
                  213.152.42.0/24

    Signature Algorithm: sha256WithRSAEncryption
         aa:c0:e9:8e:f6:56:3f:1a:21:d5:3d:f2:1f:d0:69:7b:e4:0c:
         34:1d:6b:45:da:d0:90:df:7f:88:65:4b:f9:9a:a8:ad:77:b1:
         3a:dd:5d:81:cc:a1:3e:46:d4:d7:21:8c:78:b2:fd:df:bf:14:
         d6:8f:b5:ae:bd:25:0b:dd:0c:bf:b8:0b:47:d4:28:a9:aa:69:
         8b:f5:b6:5c:94:5c:b8:34:4d:26:f4:a8:29:5b:6c:01:91:df:
         3d:da:3a:68:1f:d8:8c:cc:08:c4:9f:bf:90:9c:c5:d6:b4:e6:
         67:e7:04:8c:68:25:5b:8c:b5:62:49:e2:62:1b:aa:00:56:fa:
         3f:57:68:1b:20:55:42:a6:e5:f9:fc:65:a5:1f:2c:ce:da:cd:
         4c:84:f6:40:4a:13:ee:f2:ce:8d:cf:2b:da:2e:04:ad:64:32:
         b9:22:48:e2:ca:2f:9d:f3:ff:ea:a7:c9:60:65:87:3a:30:e6:
         94:a2:27:51:4b:db:b8:e9:dd:96:3a:72:fb:ce:e6:01:e7:d9:
         db:66:f6:cc:08:e2:6a:71:0a:8c:46:fe:1d:3c:66:b1:c8:76:
         46:21:a6:a4:dc:f2:74:58:df:cb:65:bc:ce:0e:71:ef:dc:4f:
         c2:53:66:c9:d5:d0:b7:2d:d8:bb:c2:d2:81:33:19:81:e3:63:
         63:5d:bf:0b
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYr7civH+PcHz0dIWVsRSVz/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMxMDA0MTYwNzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzczZWFjNDEyYjNmMmY1ZDk0OWQxNmUyMTI0ZDc2ZTgzY2FiYWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhhKaf3JQBrZocibN3nDy1S4Nbnn0
EUPpKlmJadw6xAXTazokp0n6ib5AJpbtrjYoq/l7J52EBOQNIgqEbDbvKdA51Bz/
WOB51HvFn8ne/1fGmyVImvtWXtddnZ9po8brKJUEWBgv7JxnJlxBEpFSuFJoqygU
x01M+SzRt0pZbm+U3pquqrtwdJZG0UL7XwZjbTn4/cjZVFkNaIPgFK/sfOwMr/EK
qRwcc8dH9jMp2IO22mI7F7AsUGteMMMQ3+3rd834/tdbF+U/7kuJOUd6XymU15+X
nFa/UPgUCnZi/AR8VhwckcyMwbP1GW6idkDvz4SX7p0tAc7MLB8ls7vLPwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFCxz6sQSs/L12UnRbiEk126DyrquMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvTEhQcXhCS3o4dlhaU2RGdUlTVFhib1BLdXE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQAUah3AwQA
Uah7AwQCUpmIMAwDBAJZ1ZQDBAJZ1ZgDBANZ1bADBABtsPADBAG5MX4DBADVmCow
DQYJKoZIhvcNAQELBQADggEBAKrA6Y72Vj8aIdU98h/QaXvkDDQda0Xa0JDff4hl
S/maqK13sTrdXYHMoT5G1NchjHiy/d+/FNaPta69JQvdDL+4C0fUKKmqaYv1tlyU
XLg0TSb0qClbbAGR3z3aOmgf2IzMCMSfv5Ccxda05mfnBIxoJVuMtWJJ4mIbqgBW
+j9XaBsgVUKm5fn8ZaUfLM7azUyE9kBKE+7yzo3PK9ouBK1kMrkiSOLKL53z/+qn
yWBlhzow5pSiJ1FL27jp3ZY6cvvO5gHn2dtm9swI4mpxCoxG/h08ZrHIdkYhpqTc
8nRY38tlvM4Oce/cT8JTZsnV0Lct2LvC0oEzGYHjY2Ndvws=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:22 2024 by rpki-client on console-ams.rpki-client.org