Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Ouvy5xrHJWGZsYpOoP3fQ6uiOP0.roa
File:                     Ouvy5xrHJWGZsYpOoP3fQ6uiOP0.roa (raw, json)
Hash identifier:          pH6hqdFXyeF6vAC60PRn8tPdCdHQOTaGHXJRTMDWzsc=
Subject key identifier:   3A:EB:F2:E7:1A:C7:25:61:99:B1:8A:4E:A0:FD:DF:43:AB:A2:38:FD
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018F85CB5054577A4ECE4344CAC87B5026B6
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Ouvy5xrHJWGZsYpOoP3fQ6uiOP0.roa
Signing time:             Fri 17 May 2024 09:04:05 +0000
ROA not before:           Fri 17 May 2024 09:04:05 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     61317
IP address blocks:        81.168.83.0/24 maxlen: 24
                          81.168.120.0/24 maxlen: 24
                          82.152.8.0/24 maxlen: 24
                          82.152.248.0/24 maxlen: 24
                          82.152.251.0/24 maxlen: 24
                          82.152.254.0/24 maxlen: 24
                          82.153.69.0/24 maxlen: 24
                          82.153.72.0/24 maxlen: 24
                          82.153.79.0/24 maxlen: 24
                          82.153.132.0/24 maxlen: 24
                          82.153.224.0/24 maxlen: 24
                          89.213.4.0/24 maxlen: 24
                          89.213.6.0/24 maxlen: 24
                          89.213.7.0/24 maxlen: 24
                          89.213.130.0/24 maxlen: 24
                          89.213.190.0/24 maxlen: 24
                          109.176.247.0/24 maxlen: 24
                          109.176.251.0/24 maxlen: 24
                          185.49.124.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 20 May 2024 18:04:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:85:cb:50:54:57:7a:4e:ce:43:44:ca:c8:7b:50:26:b6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: May 17 09:04:05 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=3aebf2e71ac7256199b18a4ea0fddf43aba238fd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:ed:b4:95:94:d2:a0:3b:d7:84:88:fb:bc:4a:
                    0a:e8:13:bd:fe:61:89:5a:09:9e:d2:9a:7b:83:15:
                    0e:a9:56:b5:83:5f:fa:82:3e:26:8c:4b:f7:c4:5b:
                    f1:cc:29:3c:7a:67:5f:d5:c8:3d:4d:73:c9:dd:69:
                    e1:ee:18:ed:8f:70:72:d8:59:75:8c:23:ff:cf:2f:
                    12:2d:39:54:15:76:91:3d:c9:c1:f7:8d:c4:69:55:
                    b0:d2:12:76:e0:4a:f8:51:05:78:13:94:96:26:49:
                    3f:b5:3a:d8:50:97:e3:83:9b:97:c0:ff:dc:1b:cd:
                    6e:2d:2d:34:89:92:3d:f7:89:d7:92:d0:6f:cf:30:
                    71:eb:79:11:35:a8:61:e9:ce:f7:8b:27:8e:53:9b:
                    cc:6f:f5:af:0d:98:67:5e:f5:c0:93:a5:2c:e1:e1:
                    ca:c8:44:d8:b0:32:8f:ff:37:56:0f:99:6d:6f:a4:
                    61:b4:4e:71:ee:1c:91:6b:78:50:c6:bf:da:82:4d:
                    c0:e4:92:76:15:d5:f9:c5:5a:5e:98:df:ac:8b:18:
                    b4:67:43:1d:de:c9:67:7a:c0:ac:03:73:a9:74:f5:
                    10:70:5a:da:db:26:4a:fb:82:34:3e:dd:ca:c3:4d:
                    e7:ad:96:16:e6:bf:c2:c5:a1:37:70:21:c7:f3:a8:
                    ab:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:EB:F2:E7:1A:C7:25:61:99:B1:8A:4E:A0:FD:DF:43:AB:A2:38:FD
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Ouvy5xrHJWGZsYpOoP3fQ6uiOP0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.168.83.0/24
                  81.168.120.0/24
                  82.152.8.0/24
                  82.152.248.0/24
                  82.152.251.0/24
                  82.152.254.0/24
                  82.153.69.0/24
                  82.153.72.0/24
                  82.153.79.0/24
                  82.153.132.0/24
                  82.153.224.0/24
                  89.213.4.0/24
                  89.213.6.0/23
                  89.213.130.0/24
                  89.213.190.0/24
                  109.176.247.0/24
                  109.176.251.0/24
                  185.49.124.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3b:78:65:33:ff:93:3f:1c:11:b8:f7:71:79:1c:8f:ce:4a:3c:
         a5:8b:39:3f:90:df:03:c2:e7:f5:cb:70:7c:e4:c3:6f:3e:c8:
         59:31:31:df:e2:f1:1d:c3:18:5f:98:09:51:b7:07:00:76:36:
         0a:e8:73:f1:ce:f6:5f:c3:52:50:02:9e:69:54:06:69:52:31:
         18:2c:37:47:0b:45:40:a2:ab:8b:b5:ec:47:1b:39:1d:9f:b7:
         09:c3:ce:cb:c3:97:58:bc:65:20:b5:1b:1e:1a:75:a4:1f:03:
         54:32:6c:ae:eb:73:49:72:a6:f5:b5:83:fb:58:0f:95:6d:9f:
         2a:eb:98:8a:3f:b8:1f:bb:ab:3c:07:0d:1d:b0:1a:c6:e9:ac:
         26:cc:35:67:64:18:82:5e:e2:f6:ef:90:3f:54:f7:32:b6:3a:
         a0:7d:c1:77:93:00:b4:80:de:f1:1d:b2:2a:fb:1d:d3:e4:62:
         d3:3f:c0:93:62:be:8a:a2:58:33:1d:88:5a:15:84:6e:11:d5:
         d9:32:9e:73:5c:5c:af:17:f5:a6:5d:6b:12:8d:1d:b6:18:f4:
         ee:8f:d2:30:b0:79:37:36:dc:a3:5b:f5:1e:ce:7c:9d:f7:7c:
         2e:7c:55:2f:17:50:a1:ef:42:91:f6:98:2e:69:a8:e5:85:f3:
         94:3a:7c:2d
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAY+Fy1BUV3pOzkNEysh7UCa2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNTE3MDkwNDA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWViZjJlNzFhYzcyNTYxOTliMThhNGVhMGZkZGY0M2FiYTIzOGZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwO20lZTSoDvXhIj7vEoK6BO9/mGJ
Wgme0pp7gxUOqVa1g1/6gj4mjEv3xFvxzCk8emdf1cg9TXPJ3Wnh7hjtj3By2Fl1
jCP/zy8SLTlUFXaRPcnB943EaVWw0hJ24Er4UQV4E5SWJkk/tTrYUJfjg5uXwP/c
G81uLS00iZI994nXktBvzzBx63kRNahh6c73iyeOU5vMb/WvDZhnXvXAk6Us4eHK
yETYsDKP/zdWD5ltb6RhtE5x7hyRa3hQxr/agk3A5JJ2FdX5xVpemN+sixi0Z0Md
3slnesCsA3OpdPUQcFra2yZK+4I0Pt3Kw03nrZYW5r/CxaE3cCHH86irVQIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFDrr8ucaxyVhmbGKTqD930Orojj9MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvT3V2eTV4ckhKV0dac1lwT29QM2ZRNnVpT1AwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwcgQCAAEwbAMEAFGoUwME
AFGoeAMEAFKYCAMEAFKY+AMEAFKY+wMEAFKY/gMEAFKZRQMEAFKZSAMEAFKZTwME
AFKZhAMEAFKZ4AMEAFnVBAMEAVnVBgMEAFnVggMEAFnVvgMEAG2w9wMEAG2w+wME
ALkxfDANBgkqhkiG9w0BAQsFAAOCAQEAO3hlM/+TPxwRuPdxeRyPzko8pYs5P5Df
A8Ln9ctwfOTDbz7IWTEx3+LxHcMYX5gJUbcHAHY2Cuhz8c72X8NSUAKeaVQGaVIx
GCw3RwtFQKKri7XsRxs5HZ+3CcPOy8OXWLxlILUbHhp1pB8DVDJsrutzSXKm9bWD
+1gPlW2fKuuYij+4H7urPAcNHbAaxumsJsw1Z2QYgl7i9u+QP1T3MrY6oH3Bd5MA
tIDe8R2yKvsd0+Ri0z/Ak2K+iqJYMx2IWhWEbhHV2TKec1xcrxf1pl1rEo0dthj0
7o/SMLB5Nzbco1v1Hs58nfd8LnxVLxdQoe9CkfaYLmmo5YXzlDp8LQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:15 2024 by rpki-client on console-fra.rpki-client.org