Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/R9H0XokgtE8iDGFYWkPEu16P8GY.roa
File:                     R9H0XokgtE8iDGFYWkPEu16P8GY.roa (raw, json)
Hash identifier:          Wx7ZAWlpx0xyt3tDOSYvJyDrTLnJIs2JhbhEdlCrWaQ=
Subject key identifier:   47:D1:F4:5E:89:20:B4:4F:22:0C:61:58:5A:43:C4:BB:5E:8F:F0:66
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018AACF065C7E838DA292CBF99C6974C44C1
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/R9H0XokgtE8iDGFYWkPEu16P8GY.roa
Signing time:             Tue 19 Sep 2023 10:15:50 +0000
ROA not before:           Tue 19 Sep 2023 10:15:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61317
IP address blocks:        89.213.190.0/24 maxlen: 24
                          109.176.208.0/24 maxlen: 24
                          89.213.130.0/24 maxlen: 24
                          82.152.251.0/24 maxlen: 24
                          82.152.248.0/24 maxlen: 24
                          81.168.35.0/24 maxlen: 24
                          82.153.1.0/24 maxlen: 24
                          82.152.254.0/24 maxlen: 24
                          89.213.161.0/24 maxlen: 24
                          82.153.132.0/24 maxlen: 24
                          82.153.69.0/24 maxlen: 24
                          82.153.68.0/24 maxlen: 24
                          82.153.71.0/24 maxlen: 24
                          82.153.72.0/24 maxlen: 24
                          81.168.116.0/24 maxlen: 24
                          82.153.79.0/24 maxlen: 24
                          81.168.123.0/24 maxlen: 24
                          81.168.120.0/24 maxlen: 24
                          81.168.119.0/24 maxlen: 24
                          109.176.240.0/24 maxlen: 24
                          81.168.126.0/24 maxlen: 24
                          109.176.247.0/24 maxlen: 24
                          109.176.251.0/24 maxlen: 24
                          185.49.124.0/24 maxlen: 24
                          81.5.189.0/24 maxlen: 24
                          89.213.7.0/24 maxlen: 24
                          89.213.6.0/24 maxlen: 24
                          82.153.224.0/24 maxlen: 24
                          82.153.225.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 25 Sep 2023 11:19:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:ac:f0:65:c7:e8:38:da:29:2c:bf:99:c6:97:4c:44:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Sep 19 10:15:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=47d1f45e8920b44f220c61585a43c4bb5e8ff066
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:2e:a5:0a:e9:04:91:f7:d7:16:d3:ba:60:ad:
                    a9:8c:0f:bd:70:49:8f:54:dc:27:0b:d0:be:0c:ea:
                    68:c0:99:61:49:db:dd:27:2a:23:de:5e:1b:f4:b6:
                    ac:cc:37:e7:4a:21:68:42:14:60:16:b7:bd:97:6c:
                    dc:72:05:d0:f8:cf:56:0c:2e:a9:a5:40:84:f8:c2:
                    81:e5:55:d7:98:e1:19:1b:d9:c7:f9:30:6c:28:b3:
                    03:90:cd:a6:b1:03:02:4e:69:b4:89:8b:e4:2e:fe:
                    c7:e7:5b:83:05:cb:f9:d3:8d:2f:d7:ac:e7:c1:42:
                    7c:04:83:7c:4b:f4:a5:ae:18:0e:11:5a:c2:0b:5c:
                    67:08:df:c1:4c:1f:1c:b1:d7:76:56:6b:a6:5e:03:
                    dd:56:91:53:fd:2c:7a:e3:3c:34:b8:19:bb:fd:3c:
                    16:52:cc:85:ff:1d:bd:ba:07:c7:18:78:cc:e9:dc:
                    07:9f:3c:9e:d3:f0:f7:4a:d1:1c:a9:90:1c:8a:42:
                    33:d4:b5:67:2b:e8:32:b9:89:45:76:ad:f2:94:35:
                    ef:b2:fc:32:8b:3f:9f:d1:20:9c:ef:e3:5b:1f:1a:
                    8e:94:41:9a:2e:00:ab:86:66:53:af:e8:fa:be:47:
                    de:f9:7d:b5:46:06:4d:0d:d1:bb:b2:ab:7a:21:53:
                    a0:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:D1:F4:5E:89:20:B4:4F:22:0C:61:58:5A:43:C4:BB:5E:8F:F0:66
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/R9H0XokgtE8iDGFYWkPEu16P8GY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.5.189.0/24
                  81.168.35.0/24
                  81.168.116.0/24
                  81.168.119.0-81.168.120.255
                  81.168.123.0/24
                  81.168.126.0/24
                  82.152.248.0/24
                  82.152.251.0/24
                  82.152.254.0/24
                  82.153.1.0/24
                  82.153.68.0/23
                  82.153.71.0-82.153.72.255
                  82.153.79.0/24
                  82.153.132.0/24
                  82.153.224.0/23
                  89.213.6.0/23
                  89.213.130.0/24
                  89.213.161.0/24
                  89.213.190.0/24
                  109.176.208.0/24
                  109.176.240.0/24
                  109.176.247.0/24
                  109.176.251.0/24
                  185.49.124.0/24

    Signature Algorithm: sha256WithRSAEncryption
         51:2e:bf:82:b6:8d:6e:e5:46:3e:96:02:c2:da:86:11:98:06:
         22:f2:a0:81:37:a4:73:41:f5:09:f5:69:1b:27:26:6d:2c:0b:
         0d:15:0f:a8:25:f3:65:40:ab:f7:f0:bc:46:13:f8:3f:b9:79:
         8d:4d:15:04:3a:7e:58:5b:8c:c5:e5:66:72:12:07:72:69:bc:
         2d:f4:35:58:74:01:75:b6:8c:a0:c9:69:91:0c:a1:4d:16:03:
         34:d1:71:50:36:fd:dd:7d:28:74:3c:2c:49:83:f6:7d:aa:ac:
         3b:91:4d:84:f8:85:88:13:13:9d:89:91:a9:0d:84:dc:5a:8f:
         c4:7a:cd:0d:9f:d4:cb:93:b4:1f:95:7f:9f:92:07:e9:25:ea:
         7d:c9:3f:58:b0:2c:64:3d:f9:39:de:94:53:76:fe:21:31:58:
         17:8c:ee:93:39:89:88:8e:7e:49:a3:5c:91:3b:90:f3:2e:34:
         20:18:50:26:4b:97:f2:c7:d7:c3:3c:aa:bd:63:50:02:f7:53:
         e5:2f:9b:ec:e9:b5:0e:c5:0c:e4:50:7e:c6:00:89:1d:a0:cf:
         ba:8c:29:fc:9b:78:9b:8c:2b:86:20:52:d1:42:7e:05:2d:78:
         cf:ae:48:65:a8:1b:77:1d:d4:f8:98:a4:80:f8:a2:1d:70:5f:
         0f:83:ca:d3
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgISAYqs8GXH6DjaKSy/mcaXTETBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwOTE5MTAxNTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0N2QxZjQ1ZTg5MjBiNDRmMjIwYzYxNTg1YTQzYzRiYjVlOGZmMDY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArS6lCukEkffXFtO6YK2pjA+9cEmP
VNwnC9C+DOpowJlhSdvdJyoj3l4b9LaszDfnSiFoQhRgFre9l2zccgXQ+M9WDC6p
pUCE+MKB5VXXmOEZG9nH+TBsKLMDkM2msQMCTmm0iYvkLv7H51uDBcv5040v16zn
wUJ8BIN8S/SlrhgOEVrCC1xnCN/BTB8csdd2VmumXgPdVpFT/Sx64zw0uBm7/TwW
UsyF/x29ugfHGHjM6dwHnzye0/D3StEcqZAcikIz1LVnK+gyuYlFdq3ylDXvsvwy
iz+f0SCc7+NbHxqOlEGaLgCrhmZTr+j6vkfe+X21RgZNDdG7sqt6IVOgWQIDAQAB
o4ICqDCCAqQwHQYDVR0OBBYEFEfR9F6JILRPIgxhWFpDxLtej/BmMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvUjlIMFhva2d0RThpREdGWVdrUEV1MTZQOEdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG9BggrBgEFBQcBBwEB/wSBrTCBqjCBpwQCAAEwgaADBABR
Bb0DBABRqCMDBABRqHQwDAMEAFGodwMEAFGoeAMEAFGoewMEAFGofgMEAFKY+AME
AFKY+wMEAFKY/gMEAFKZAQMEAVKZRDAMAwQAUplHAwQAUplIAwQAUplPAwQAUpmE
AwQBUpngAwQBWdUGAwQAWdWCAwQAWdWhAwQAWdW+AwQAbbDQAwQAbbDwAwQAbbD3
AwQAbbD7AwQAuTF8MA0GCSqGSIb3DQEBCwUAA4IBAQBRLr+Cto1u5UY+lgLC2oYR
mAYi8qCBN6RzQfUJ9WkbJyZtLAsNFQ+oJfNlQKv38LxGE/g/uXmNTRUEOn5YW4zF
5WZyEgdyabwt9DVYdAF1toygyWmRDKFNFgM00XFQNv3dfSh0PCxJg/Z9qqw7kU2E
+IWIExOdiZGpDYTcWo/Ees0Nn9TLk7QflX+fkgfpJep9yT9YsCxkPfk53pRTdv4h
MVgXjO6TOYmIjn5Jo1yRO5DzLjQgGFAmS5fyx9fDPKq9Y1AC91PlL5vs6bUOxQzk
UH7GAIkdoM+6jCn8m3ibjCuGIFLRQn4FLXjPrkhlqBt3HdT4mKSA+KIdcF8Pg8rT
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:23 2024 by rpki-client on console-ams.rpki-client.org