Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/LW6V3_HaOiMlzySgBcQPeflD2l4.roa
File:                     LW6V3_HaOiMlzySgBcQPeflD2l4.roa (raw, json)
Hash identifier:          aZwb5jSW11Qkn7EADsvZLk8e6DlkViK5MkvNT1IqC10=
Subject key identifier:   2D:6E:95:DF:F1:DA:3A:23:25:CF:24:A0:05:C4:0F:79:F9:43:DA:5E
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018F2E155CDEE5AB3FF4D38909B481B140B6
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/LW6V3_HaOiMlzySgBcQPeflD2l4.roa
Signing time:             Tue 30 Apr 2024 08:18:23 +0000
ROA not before:           Tue 30 Apr 2024 08:18:23 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     400866
IP address blocks:        82.152.54.0/24 maxlen: 24
                          89.213.98.0/24 maxlen: 24
                          109.176.201.0/24 maxlen: 24
                          109.176.202.0/24 maxlen: 24
                          213.130.130.0/24 maxlen: 24
                          213.130.149.0/24 maxlen: 24
                          213.130.150.0/24 maxlen: 24
                          213.130.151.0/24 maxlen: 24
                          213.130.156.0/24 maxlen: 24
                          213.210.58.0/24 maxlen: 24
                          213.210.59.0/24 maxlen: 24
                          213.218.227.0/24 maxlen: 24
                          213.218.231.0/24 maxlen: 24
                          217.144.158.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 07 May 2024 07:11:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:2e:15:5c:de:e5:ab:3f:f4:d3:89:09:b4:81:b1:40:b6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Apr 30 08:18:23 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=2d6e95dff1da3a2325cf24a005c40f79f943da5e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:46:81:4b:26:62:9c:9e:d7:89:a4:44:98:f2:
                    2d:ef:57:a6:56:87:ac:0c:ba:a2:74:ab:30:4b:b1:
                    36:db:fc:15:ed:ab:6a:9c:eb:6d:3b:81:5c:7c:b4:
                    ab:05:87:a2:d4:04:3d:19:74:59:76:3d:f1:c4:6a:
                    cf:d6:8a:27:4a:1f:81:d9:1e:d3:22:84:11:08:79:
                    b2:05:28:41:3a:76:98:9a:d0:73:21:e0:b1:bd:b3:
                    a4:82:f6:77:aa:b4:23:c9:77:6e:a1:e8:c9:21:dc:
                    dd:66:70:d9:0c:8e:5c:a6:f8:30:43:12:76:02:9b:
                    24:32:e7:3c:5c:47:27:05:0b:e6:82:9a:e2:df:4f:
                    2e:4a:f3:c4:d9:ef:33:06:c5:16:54:19:c0:83:3f:
                    eb:ae:ed:e3:1e:3d:7e:5a:23:b1:cc:08:3b:49:9e:
                    a3:89:c9:1b:0b:cf:71:8e:17:35:fd:c6:9f:59:cd:
                    8f:53:fb:29:69:12:84:00:f5:73:84:b9:7d:74:8e:
                    28:6c:4c:32:13:08:1e:be:ee:8f:60:35:32:61:48:
                    a7:77:4c:bc:de:60:f6:0e:9b:fd:20:5e:7d:c9:8f:
                    18:83:5a:f7:4c:f1:5f:b4:44:4c:18:2e:99:b3:09:
                    95:24:bf:50:29:4b:b5:61:a0:cf:2d:67:78:a9:85:
                    81:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:6E:95:DF:F1:DA:3A:23:25:CF:24:A0:05:C4:0F:79:F9:43:DA:5E
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/LW6V3_HaOiMlzySgBcQPeflD2l4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.152.54.0/24
                  89.213.98.0/24
                  109.176.201.0-109.176.202.255
                  213.130.130.0/24
                  213.130.149.0-213.130.151.255
                  213.130.156.0/24
                  213.210.58.0/23
                  213.218.227.0/24
                  213.218.231.0/24
                  217.144.158.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2e:95:aa:2b:f2:00:7a:7b:50:fe:58:2b:28:60:6b:a6:11:cf:
         43:55:cd:4d:96:ac:e9:08:8a:6a:fc:da:f2:27:d6:cd:b5:f5:
         5d:67:81:15:54:b9:9e:da:c2:0d:6e:3b:94:6d:cc:97:b7:2c:
         ce:aa:39:41:05:7c:06:61:d5:4b:22:93:9f:ac:e6:66:62:73:
         56:ca:0a:ed:e8:7f:74:ca:c4:e3:10:af:d1:6a:3e:f5:f7:6b:
         1b:56:1a:22:91:e7:95:41:9c:16:7b:60:5b:c0:fa:b3:06:6d:
         3b:03:ad:7b:aa:9d:ae:08:3a:7d:71:55:59:d8:0c:44:f5:55:
         ac:e9:8b:82:72:c5:16:76:f9:48:2b:d8:c7:d9:f1:73:22:7e:
         74:29:6b:6b:d3:6a:7d:df:b9:e4:f1:fa:19:51:b5:03:c2:0b:
         eb:4f:b2:8d:b2:fe:e0:26:e0:1f:84:e2:07:13:f6:83:29:c7:
         35:2f:ad:3f:b6:73:76:65:5c:2a:13:1b:b8:09:38:e5:0e:9b:
         03:48:0f:27:8c:85:af:ab:10:35:11:df:e3:95:89:d8:4d:b4:
         8f:dc:69:53:46:90:e0:b5:e7:47:50:a7:64:f1:d6:7f:ef:91:
         e6:71:72:0c:b1:fa:1e:8f:69:71:ec:09:8e:ae:ca:e4:0f:bb:
         99:95:44:f7
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAY8uFVze5as/9NOJCbSBsUC2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNDMwMDgxODIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDZlOTVkZmYxZGEzYTIzMjVjZjI0YTAwNWM0MGY3OWY5NDNkYTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtkaBSyZinJ7XiaREmPIt71emVoes
DLqidKswS7E22/wV7atqnOttO4FcfLSrBYei1AQ9GXRZdj3xxGrP1oonSh+B2R7T
IoQRCHmyBShBOnaYmtBzIeCxvbOkgvZ3qrQjyXduoejJIdzdZnDZDI5cpvgwQxJ2
ApskMuc8XEcnBQvmgpri308uSvPE2e8zBsUWVBnAgz/rru3jHj1+WiOxzAg7SZ6j
ickbC89xjhc1/cafWc2PU/spaRKEAPVzhLl9dI4obEwyEwgevu6PYDUyYUind0y8
3mD2Dpv9IF59yY8Yg1r3TPFftERMGC6ZswmVJL9QKUu1YaDPLWd4qYWBmwIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFC1uld/x2jojJc8koAXED3n5Q9peMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvTFc2VjNfSGFPaU1senlTZ0JjUVBlZmxEMmw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAATBMAwQAUpg2AwQA
WdViMAwDBABtsMkDBABtsMoDBADVgoIwDAMEANWClQMEA9WCkAMEANWCnAMEAdXS
OgMEANXa4wMEANXa5wMEANmQnjANBgkqhkiG9w0BAQsFAAOCAQEALpWqK/IAentQ
/lgrKGBrphHPQ1XNTZas6QiKavza8ifWzbX1XWeBFVS5ntrCDW47lG3Ml7cszqo5
QQV8BmHVSyKTn6zmZmJzVsoK7eh/dMrE4xCv0Wo+9fdrG1YaIpHnlUGcFntgW8D6
swZtOwOte6qdrgg6fXFVWdgMRPVVrOmLgnLFFnb5SCvYx9nxcyJ+dClra9Nqfd+5
5PH6GVG1A8IL60+yjbL+4CbgH4TiBxP2gynHNS+tP7ZzdmVcKhMbuAk45Q6bA0gP
J4yFr6sQNRHf45WJ2E20j9xpU0aQ4LXnR1CnZPHWf++R5nFyDLH6Ho9pcewJjq7K
5A+7mZVE9w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:22 2024 by rpki-client on console-ams.rpki-client.org