Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/N60fq6tGNS7nN2TGRPJ5VfD3xKE.roa
File:                     N60fq6tGNS7nN2TGRPJ5VfD3xKE.roa (raw, json)
Hash identifier:          SG0IO9klxGC7h1zOHJSC4Emgyt3dTP3VwPx8wt9Wa2E=
Subject key identifier:   37:AD:1F:AB:AB:46:35:2E:E7:37:64:C6:44:F2:79:55:F0:F7:C4:A1
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       0189CF8BE09D3611CCA01FA1686C0B85C7BA
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/N60fq6tGNS7nN2TGRPJ5VfD3xKE.roa
Signing time:             Mon 07 Aug 2023 10:29:57 +0000
ROA not before:           Mon 07 Aug 2023 10:29:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        81.168.41.0/24 maxlen: 24
                          82.153.137.0/24 maxlen: 24
                          82.153.136.0/22 maxlen: 22
                          82.153.140.0/24 maxlen: 24
                          109.176.214.0/24 maxlen: 24
                          109.176.215.0/24 maxlen: 24
                          109.176.216.0/24 maxlen: 24
                          109.176.218.0/24 maxlen: 24
                          82.153.73.0/24 maxlen: 24
                          109.176.220.0/24 maxlen: 24
                          82.153.78.0/24 maxlen: 24
                          109.176.240.0/24 maxlen: 24
                          109.176.242.0/24 maxlen: 24
                          109.176.243.0/24 maxlen: 24
                          109.176.250.0/24 maxlen: 24
                          109.176.251.0/24 maxlen: 24
                          109.176.247.0/24 maxlen: 24
                          109.176.248.0/24 maxlen: 24
                          82.153.227.0/24 maxlen: 24
                          185.49.125.0/24 maxlen: 24
                          82.153.240.0/24 maxlen: 24
                          185.49.126.0/23 maxlen: 24
                          82.153.249.0/24 maxlen: 24
                          81.5.156.0/24 maxlen: 24
                          82.153.221.0/24 maxlen: 24
                          82.153.223.0/24 maxlen: 24
                          82.152.111.0/24 maxlen: 24
                          89.213.41.0/24 maxlen: 24
                          89.213.42.0/24 maxlen: 24
                          89.213.44.0/24 maxlen: 24
                          89.213.173.0/24 maxlen: 24
                          89.213.175.0/24 maxlen: 24
                          89.213.179.0/24 maxlen: 24
                          89.213.176.0/24 maxlen: 24
                          89.213.177.0/24 maxlen: 24
                          89.213.180.0/24 maxlen: 24
                          89.213.181.0/24 maxlen: 24
                          89.213.182.0/24 maxlen: 24
                          89.213.186.0/24 maxlen: 24
                          89.213.184.0/24 maxlen: 24
                          89.213.185.0/24 maxlen: 24
                          89.213.187.0/24 maxlen: 24
                          109.176.211.0/24 maxlen: 24
                          109.176.213.0/24 maxlen: 24
                          89.213.139.0/24 maxlen: 24
                          89.213.136.0/24 maxlen: 24
                          89.213.140.0/24 maxlen: 24
                          89.213.152.0/24 maxlen: 24
                          89.213.148.0/24 maxlen: 24
                          89.213.149.0/24 maxlen: 24
                          89.213.150.0/24 maxlen: 24
                          82.152.253.0/24 maxlen: 24
                          82.152.252.0/24 maxlen: 24
                          89.213.158.0/24 maxlen: 24
                          89.213.155.0/24 maxlen: 24
                          89.213.156.0/24 maxlen: 24
                          89.213.157.0/24 maxlen: 24
                          82.152.255.0/24 maxlen: 24
                          82.153.1.0/24 maxlen: 24
                          89.213.160.0/24 maxlen: 24
                          89.213.162.0/24 maxlen: 24
                          89.213.163.0/24 maxlen: 24
                          89.213.169.0/24 maxlen: 24
                          89.213.168.0/24 maxlen: 24
                          81.168.116.0/24 maxlen: 24
                          81.168.123.0/24 maxlen: 24
                          81.168.119.0/24 maxlen: 24
                          89.213.7.0/24 maxlen: 24
                          213.152.42.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 07 Aug 2023 15:23:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:cf:8b:e0:9d:36:11:cc:a0:1f:a1:68:6c:0b:85:c7:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Aug  7 10:29:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=37ad1fabab46352ee73764c644f27955f0f7c4a1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:a9:b2:31:0b:1a:1e:81:5c:54:e3:5a:0f:1e:
                    eb:c5:82:2c:ab:ff:6b:76:cd:47:ed:98:34:49:cc:
                    9f:57:0f:cf:4d:20:b8:f2:d3:b8:c3:10:c4:dd:19:
                    48:3c:98:48:06:b5:64:26:e6:40:60:0c:06:0c:ee:
                    57:12:ae:26:44:c4:f3:ee:97:f8:1c:67:b5:2d:dd:
                    cf:aa:0f:cc:37:11:41:bb:e0:41:34:92:ed:e0:1c:
                    3d:b4:93:0d:16:c7:5e:15:36:50:6e:d9:24:34:d6:
                    c2:43:a9:a0:e9:d9:ed:7e:c5:fc:a7:22:41:e9:5a:
                    37:4b:c0:07:3b:05:bb:c5:f1:b1:13:37:26:63:89:
                    19:b1:58:de:72:72:f6:e8:ac:78:86:7b:0d:35:30:
                    ce:88:af:64:f8:bb:6e:15:7b:be:1b:8f:bc:3a:92:
                    99:0d:42:30:ce:96:37:12:60:9e:ca:68:64:2b:03:
                    74:d0:16:07:8b:64:c8:f0:bf:6b:6e:e5:86:e8:d4:
                    6a:3f:d0:34:94:ed:47:e0:4d:0f:1c:22:6b:27:71:
                    73:51:ad:99:83:0d:2e:38:ed:04:8b:1e:c7:33:93:
                    df:db:39:92:f1:88:b3:7f:d2:91:20:1b:be:18:e2:
                    e2:1b:5b:95:13:e3:a0:cd:48:4a:c8:72:43:60:19:
                    7f:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:AD:1F:AB:AB:46:35:2E:E7:37:64:C6:44:F2:79:55:F0:F7:C4:A1
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/N60fq6tGNS7nN2TGRPJ5VfD3xKE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.5.156.0/24
                  81.168.41.0/24
                  81.168.116.0/24
                  81.168.119.0/24
                  81.168.123.0/24
                  82.152.111.0/24
                  82.152.252.0/23
                  82.152.255.0/24
                  82.153.1.0/24
                  82.153.73.0/24
                  82.153.78.0/24
                  82.153.136.0-82.153.140.255
                  82.153.221.0/24
                  82.153.223.0/24
                  82.153.227.0/24
                  82.153.240.0/24
                  82.153.249.0/24
                  89.213.7.0/24
                  89.213.41.0-89.213.42.255
                  89.213.44.0/24
                  89.213.136.0/24
                  89.213.139.0-89.213.140.255
                  89.213.148.0-89.213.150.255
                  89.213.152.0/24
                  89.213.155.0-89.213.158.255
                  89.213.160.0/24
                  89.213.162.0/23
                  89.213.168.0/23
                  89.213.173.0/24
                  89.213.175.0-89.213.177.255
                  89.213.179.0-89.213.182.255
                  89.213.184.0/22
                  109.176.211.0/24
                  109.176.213.0-109.176.216.255
                  109.176.218.0/24
                  109.176.220.0/24
                  109.176.240.0/24
                  109.176.242.0/23
                  109.176.247.0-109.176.248.255
                  109.176.250.0/23
                  185.49.125.0-185.49.127.255
                  213.152.42.0/24

    Signature Algorithm: sha256WithRSAEncryption
         98:a4:9d:8c:3d:2d:d1:61:ab:6a:2a:98:f4:72:15:4b:7b:a2:
         4b:8f:c7:17:6d:ed:26:e0:d6:95:aa:b5:35:d3:ee:94:0c:be:
         18:0c:dc:93:6a:56:9f:2d:5c:7b:5d:b5:3a:2b:88:84:b3:ae:
         2f:ec:00:23:51:21:f0:2f:b5:39:f8:fd:fd:7a:3d:78:c1:30:
         05:2f:62:9c:f4:4b:5f:90:f4:74:87:e5:72:f0:90:9d:2d:f9:
         cb:d1:b1:d0:18:13:e9:83:20:71:41:68:9e:b2:6a:a3:ce:a2:
         75:78:2d:c9:7d:af:ee:80:f0:16:19:75:f8:44:89:30:ed:a5:
         ad:d5:c6:cc:05:9b:7a:3d:ca:7b:26:67:85:74:6b:e6:7b:da:
         fe:54:ec:77:16:74:4e:3d:b5:a8:c9:64:6c:13:c7:13:e0:a3:
         14:66:aa:42:0f:18:4e:37:38:9e:20:dd:85:c1:c9:41:b9:ca:
         80:4e:36:b6:6d:a4:4f:c8:32:1f:32:ef:3a:8b:16:25:15:55:
         e4:54:63:a8:bb:33:68:55:f4:e2:3d:14:ca:05:21:17:15:0b:
         21:68:66:f6:a1:5b:f3:36:11:de:e5:1d:0b:e3:6a:0a:10:7e:
         5c:32:f3:98:5a:96:2b:03:2c:95:ac:5f:9d:50:4b:a0:ea:a0:
         1c:23:89:e3
-----BEGIN CERTIFICATE-----
MIIGTTCCBTWgAwIBAgISAYnPi+CdNhHMoB+haGwLhce6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwODA3MTAyOTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2FkMWZhYmFiNDYzNTJlZTczNzY0YzY0NGYyNzk1NWYwZjdjNGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl6myMQsaHoFcVONaDx7rxYIsq/9r
ds1H7Zg0ScyfVw/PTSC48tO4wxDE3RlIPJhIBrVkJuZAYAwGDO5XEq4mRMTz7pf4
HGe1Ld3Pqg/MNxFBu+BBNJLt4Bw9tJMNFsdeFTZQbtkkNNbCQ6mg6dntfsX8pyJB
6Vo3S8AHOwW7xfGxEzcmY4kZsVjecnL26Kx4hnsNNTDOiK9k+LtuFXu+G4+8OpKZ
DUIwzpY3EmCeymhkKwN00BYHi2TI8L9rbuWG6NRqP9A0lO1H4E0PHCJrJ3FzUa2Z
gw0uOO0Eix7HM5Pf2zmS8Yizf9KRIBu+GOLiG1uVE+OgzUhKyHJDYBl/0QIDAQAB
o4IDWTCCA1UwHQYDVR0OBBYEFDetH6urRjUu5zdkxkTyeVXw98ShMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvTjYwZnE2dEdOUzduTjJUR1JQSjVWZkQzeEtFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBbQYIKwYBBQUHAQcBAf8EggFcMIIBWDCCAVQEAgABMIIB
TAMEAFEFnAMEAFGoKQMEAFGodAMEAFGodwMEAFGoewMEAFKYbwMEAVKY/AMEAFKY
/wMEAFKZAQMEAFKZSQMEAFKZTjAMAwQDUpmIAwQAUpmMAwQAUpndAwQAUpnfAwQA
UpnjAwQAUpnwAwQAUpn5AwQAWdUHMAwDBABZ1SkDBABZ1SoDBABZ1SwDBABZ1Ygw
DAMEAFnViwMEAFnVjDAMAwQCWdWUAwQAWdWWAwQAWdWYMAwDBABZ1ZsDBABZ1Z4D
BABZ1aADBAFZ1aIDBAFZ1agDBABZ1a0wDAMEAFnVrwMEAVnVsDAMAwQAWdWzAwQA
WdW2AwQCWdW4AwQAbbDTMAwDBABtsNUDBABtsNgDBABtsNoDBABtsNwDBABtsPAD
BAFtsPIwDAMEAG2w9wMEAG2w+AMEAW2w+jAMAwQAuTF9AwQHuTEAAwQA1ZgqMA0G
CSqGSIb3DQEBCwUAA4IBAQCYpJ2MPS3RYatqKpj0chVLe6JLj8cXbe0m4NaVqrU1
0+6UDL4YDNyTalafLVx7XbU6K4iEs64v7AAjUSHwL7U5+P39ej14wTAFL2Kc9Etf
kPR0h+Vy8JCdLfnL0bHQGBPpgyBxQWiesmqjzqJ1eC3Jfa/ugPAWGXX4RIkw7aWt
1cbMBZt6Pcp7JmeFdGvme9r+VOx3FnROPbWoyWRsE8cT4KMUZqpCDxhONzieIN2F
wclBucqATja2baRPyDIfMu86ixYlFVXkVGOouzNoVfTiPRTKBSEXFQshaGb2oVvz
NhHe5R0L42oKEH5cMvOYWpYrAyyVrF+dUEug6qAcI4nj
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:15 2024 by rpki-client on console-fra.rpki-client.org