Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/LaranFMLTz1uAwq9bzpwRqu1Gbg.roa
File:                     LaranFMLTz1uAwq9bzpwRqu1Gbg.roa (raw, json)
Hash identifier:          Tx7D2kZR4QSrXDQbg7HBWvOi8MKHNF5MjXVCje3KpGs=
Subject key identifier:   2D:AA:DA:9C:53:0B:4F:3D:6E:03:0A:BD:6F:3A:70:46:AB:B5:19:B8
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018EA89A23E0CB39F3A8E1D78C13A4A7A414
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/LaranFMLTz1uAwq9bzpwRqu1Gbg.roa
Signing time:             Thu 04 Apr 2024 10:14:17 +0000
ROA not before:           Thu 04 Apr 2024 10:14:17 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     834
IP address blocks:        82.152.176.0/23 maxlen: 23
                          82.152.249.0/24 maxlen: 24
                          82.153.136.0/22 maxlen: 22
                          89.213.133.0/24 maxlen: 24
                          89.213.148.0/22 maxlen: 24
                          89.213.152.0/22 maxlen: 24
                          89.213.156.0/22 maxlen: 24
                          89.213.172.0/22 maxlen: 24
                          89.213.180.0/24 maxlen: 24
                          109.176.245.0/24 maxlen: 24
                          185.49.126.0/23 maxlen: 24
                          213.130.149.0/24 maxlen: 24
                          213.152.42.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 04 Apr 2024 15:59:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:a8:9a:23:e0:cb:39:f3:a8:e1:d7:8c:13:a4:a7:a4:14
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Apr  4 10:14:17 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=2daada9c530b4f3d6e030abd6f3a7046abb519b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:5d:0f:cc:e1:68:2a:80:60:5a:e1:47:19:20:
                    03:5e:2c:ba:c3:66:e7:5e:92:bd:38:1b:60:0f:4b:
                    41:94:0b:24:43:97:5c:30:f3:8a:f0:cb:46:a5:66:
                    ef:04:e0:f2:1b:b1:60:26:50:63:f2:ae:ea:c6:4e:
                    71:56:26:ff:7e:ef:f0:72:6e:ce:82:c2:ac:f2:42:
                    b9:c6:df:cb:28:05:98:93:b0:fe:b4:a8:6a:d5:66:
                    d5:b0:75:da:cd:b4:71:ac:2c:59:f8:03:69:56:22:
                    df:45:ff:c0:07:62:62:b6:2f:99:22:5d:33:ff:3c:
                    7c:56:c8:ff:e4:9e:e5:8f:59:c0:53:e7:09:a3:82:
                    9d:37:1e:e1:ad:9a:d4:38:61:14:13:b1:1d:a1:55:
                    7b:d9:2b:2e:bc:17:df:6a:43:ca:50:93:b3:9e:45:
                    9b:29:96:0f:0e:bf:77:55:fa:cf:93:4a:af:f4:d0:
                    e4:08:ef:16:48:95:94:ed:aa:2c:7b:89:f2:43:bc:
                    e4:f7:a8:a8:a5:4f:bc:51:8d:85:e2:9c:af:01:01:
                    57:c2:7d:4c:71:d7:be:97:dc:d2:17:d7:fd:53:6f:
                    06:cd:a5:0c:27:a5:20:62:47:31:21:1b:70:2a:44:
                    99:b7:51:d7:40:9f:4e:0f:ae:11:8c:b9:6a:ee:9d:
                    8a:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:AA:DA:9C:53:0B:4F:3D:6E:03:0A:BD:6F:3A:70:46:AB:B5:19:B8
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/LaranFMLTz1uAwq9bzpwRqu1Gbg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.152.176.0/23
                  82.152.249.0/24
                  82.153.136.0/22
                  89.213.133.0/24
                  89.213.148.0-89.213.159.255
                  89.213.172.0/22
                  89.213.180.0/24
                  109.176.245.0/24
                  185.49.126.0/23
                  213.130.149.0/24
                  213.152.42.0/24

    Signature Algorithm: sha256WithRSAEncryption
         87:f3:96:9e:91:3d:3d:ac:55:19:9b:8f:1a:e3:9f:db:9d:32:
         26:f2:0e:17:66:ae:18:3c:e7:e2:06:ac:c7:b5:68:85:44:bb:
         0d:2d:f3:fd:3f:8d:fc:91:e7:fc:67:8c:4e:6a:b5:b2:32:2f:
         8b:6f:e3:3a:b9:5d:24:f2:5d:e7:34:88:38:21:53:62:2a:fc:
         bc:12:6d:30:dc:0d:be:8d:f8:91:b3:fd:ba:3f:21:20:40:41:
         8e:dd:02:15:8f:2a:df:28:e4:bd:6f:e4:d2:f7:37:67:18:59:
         9f:b0:73:1f:63:41:6b:d4:e8:af:18:70:7e:17:7a:2f:9e:40:
         98:b8:52:aa:50:59:6c:fa:e4:43:34:17:d8:c1:ce:40:4e:38:
         db:f3:ee:e7:b6:e8:53:52:97:3c:b3:1b:6e:34:7d:3a:dd:41:
         24:00:3a:20:93:53:96:67:ca:da:92:f9:99:a5:c3:a7:b6:af:
         ca:84:2e:39:ed:00:d8:fc:2a:2c:db:cb:dd:51:f2:3f:df:64:
         67:92:dc:ad:fc:78:8b:13:51:71:36:12:14:02:22:8e:5f:6b:
         2b:8a:83:2a:dd:45:4f:dd:e7:49:7c:c0:cb:31:24:45:ad:78:
         6e:a0:41:fe:ac:22:6f:45:65:6e:ef:3d:f1:4f:99:9e:9b:3b:
         70:cb:51:4d
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAY6omiPgyznzqOHXjBOkp6QUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNDA0MTAxNDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGFhZGE5YzUzMGI0ZjNkNmUwMzBhYmQ2ZjNhNzA0NmFiYjUxOWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0l0PzOFoKoBgWuFHGSADXiy6w2bn
XpK9OBtgD0tBlAskQ5dcMPOK8MtGpWbvBODyG7FgJlBj8q7qxk5xVib/fu/wcm7O
gsKs8kK5xt/LKAWYk7D+tKhq1WbVsHXazbRxrCxZ+ANpViLfRf/AB2Jiti+ZIl0z
/zx8Vsj/5J7lj1nAU+cJo4KdNx7hrZrUOGEUE7EdoVV72SsuvBffakPKUJOznkWb
KZYPDr93VfrPk0qv9NDkCO8WSJWU7aose4nyQ7zk96iopU+8UY2F4pyvAQFXwn1M
cde+l9zSF9f9U28GzaUMJ6UgYkcxIRtwKkSZt1HXQJ9OD64RjLlq7p2KpQIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFC2q2pxTC089bgMKvW86cEartRm4MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvTGFyYW5GTUxUejF1QXdxOWJ6cHdScXUxR2JnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAATBKAwQBUpiwAwQA
Upj5AwQCUpmIAwQAWdWFMAwDBAJZ1ZQDBAVZ1YADBAJZ1awDBABZ1bQDBABtsPUD
BAG5MX4DBADVgpUDBADVmCowDQYJKoZIhvcNAQELBQADggEBAIfzlp6RPT2sVRmb
jxrjn9udMibyDhdmrhg85+IGrMe1aIVEuw0t8/0/jfyR5/xnjE5qtbIyL4tv4zq5
XSTyXec0iDghU2Iq/LwSbTDcDb6N+JGz/bo/ISBAQY7dAhWPKt8o5L1v5NL3N2cY
WZ+wcx9jQWvU6K8YcH4Xei+eQJi4UqpQWWz65EM0F9jBzkBOONvz7ue26FNSlzyz
G240fTrdQSQAOiCTU5ZnytqS+Zmlw6e2r8qELjntANj8Kizby91R8j/fZGeS3K38
eIsTUXE2EhQCIo5fayuKgyrdRU/d50l8wMsxJEWteG6gQf6sIm9FZW7vPfFPmZ6b
O3DLUU0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:22 2024 by rpki-client on console-ams.rpki-client.org