Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/RPBEKUm_79If_Z70SFB_swRzQpw.roa
File:                     RPBEKUm_79If_Z70SFB_swRzQpw.roa (raw, json)
Hash identifier:          668V9IWqY0uR6XWX0wvTuNwhHISEAwviVHu7wZAjdfk=
Subject key identifier:   44:F0:44:29:49:BF:EF:D2:1F:FD:9E:F4:48:50:7F:B3:04:73:42:9C
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018832D36226DBFA04B9077DDA1DAC01CAC2
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/RPBEKUm_79If_Z70SFB_swRzQpw.roa
Signing time:             Fri 19 May 2023 07:04:53 +0000
ROA not before:           Fri 19 May 2023 07:04:53 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        82.152.174.0/23 maxlen: 23
                          82.153.64.0/24 maxlen: 24
                          82.152.253.0/24 maxlen: 24
                          82.152.249.0/24 maxlen: 24
                          82.152.251.0/24 maxlen: 24
                          81.168.35.0/24 maxlen: 24
                          82.152.254.0/24 maxlen: 24
                          82.152.255.0/24 maxlen: 24
                          82.153.4.0/24 maxlen: 24
                          82.153.10.0/24 maxlen: 24
                          82.153.132.0/24 maxlen: 24
                          82.153.68.0/24 maxlen: 24
                          82.153.65.0/24 maxlen: 24
                          82.153.70.0/24 maxlen: 24
                          82.153.71.0/24 maxlen: 24
                          82.153.73.0/24 maxlen: 24
                          81.168.123.0/24 maxlen: 24
                          81.168.119.0/24 maxlen: 24
                          82.153.246.0/24 maxlen: 24
                          82.153.248.0/24 maxlen: 24
                          82.153.249.0/24 maxlen: 24
                          82.153.208.0/24 maxlen: 24
                          82.153.209.0/24 maxlen: 24
                          82.153.210.0/24 maxlen: 24
                          82.153.211.0/24 maxlen: 24
                          82.153.222.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 22 May 2023 08:09:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:32:d3:62:26:db:fa:04:b9:07:7d:da:1d:ac:01:ca:c2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: May 19 07:04:53 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=44f0442949bfefd21ffd9ef448507fb30473429c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:7e:47:14:dc:df:33:7d:64:3e:e5:4b:58:8e:
                    d0:35:87:59:15:35:33:48:3f:1f:26:d3:52:75:28:
                    82:26:ec:fb:8f:01:90:4d:86:09:71:98:d0:a1:c1:
                    ba:4b:2a:fa:9a:91:76:1a:b3:3a:e1:f8:b9:07:fc:
                    7f:34:f3:48:0e:ee:a3:fe:e8:44:bd:cc:6f:4d:a1:
                    99:17:16:f4:c4:6a:bb:77:f1:40:71:05:98:7e:e0:
                    c8:ff:fb:52:f9:d1:8f:69:9f:86:b8:f9:78:4f:4d:
                    87:37:3c:95:44:4d:9d:31:b0:a7:7c:04:51:aa:8e:
                    cd:de:02:c9:f2:d7:26:8f:b0:9e:65:a9:2c:b0:26:
                    99:80:a4:64:ad:77:c5:8f:95:45:31:57:6d:49:ba:
                    ad:ba:5c:9f:f2:7f:67:d3:f9:b4:08:83:ba:0d:4a:
                    7e:a0:ae:2d:c2:78:57:ad:e1:22:a9:3c:0d:4b:8c:
                    d8:c8:fb:01:ce:b6:aa:25:87:57:c3:20:80:32:b2:
                    d5:2f:f2:40:fd:5d:3b:ca:31:c9:a7:29:5b:ef:69:
                    d4:eb:eb:56:86:94:6a:33:ad:2a:89:6a:9a:1a:b3:
                    9e:4e:96:2a:73:3f:8a:9c:71:00:21:bf:df:ec:62:
                    58:ae:d8:d1:a3:b7:b2:11:46:22:49:f4:16:63:4c:
                    7d:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:F0:44:29:49:BF:EF:D2:1F:FD:9E:F4:48:50:7F:B3:04:73:42:9C
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/RPBEKUm_79If_Z70SFB_swRzQpw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.168.35.0/24
                  81.168.119.0/24
                  81.168.123.0/24
                  82.152.174.0/23
                  82.152.249.0/24
                  82.152.251.0/24
                  82.152.253.0-82.152.255.255
                  82.153.4.0/24
                  82.153.10.0/24
                  82.153.64.0/23
                  82.153.68.0/24
                  82.153.70.0/23
                  82.153.73.0/24
                  82.153.132.0/24
                  82.153.208.0/22
                  82.153.222.0/24
                  82.153.246.0/24
                  82.153.248.0/23

    Signature Algorithm: sha256WithRSAEncryption
         a9:51:28:a3:e4:27:eb:66:bd:e3:0b:72:e9:99:06:7d:13:fd:
         7f:fd:a6:6f:b5:39:4a:41:6c:79:36:85:fb:64:24:88:ca:f2:
         95:1d:06:87:c8:c3:5f:4d:b9:6b:34:d8:c5:e4:98:be:ed:9f:
         65:65:11:db:f6:6f:8b:c5:6c:a9:38:05:5f:05:80:99:32:21:
         c5:2d:8b:53:c6:e0:14:70:77:f4:b7:63:96:df:ab:8d:7c:c9:
         02:30:b4:d7:0e:fc:5a:e1:a5:d2:76:7d:be:71:8e:87:11:05:
         e7:ae:6b:af:5f:a5:03:a8:71:32:f9:af:2b:dc:7f:cc:2b:43:
         2b:0a:d9:0e:ae:d2:6c:c5:67:20:8b:f5:1f:3c:38:8b:f1:02:
         2e:2a:d0:55:a2:3a:18:c4:2b:4f:d4:4f:2b:b4:63:d5:d7:f3:
         15:3f:dc:80:18:9a:87:8f:99:b8:0a:63:cc:ec:5d:b3:07:22:
         4a:8e:78:50:ef:4d:43:ac:ee:26:9c:13:d9:84:a9:39:0d:7d:
         52:ea:2c:b1:75:c5:27:1f:c8:38:32:26:97:53:15:c6:ca:ed:
         cd:48:d4:bc:98:cb:28:68:dd:86:36:12:fc:f2:80:8c:ae:01:
         65:fd:83:e6:48:76:3f:db:86:7b:de:64:38:63:29:cb:12:75:
         6f:7d:c4:e0
-----BEGIN CERTIFICATE-----
MIIFazCCBFOgAwIBAgISAYgy02Im2/oEuQd92h2sAcrCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNTE5MDcwNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGYwNDQyOTQ5YmZlZmQyMWZmZDllZjQ0ODUwN2ZiMzA0NzM0MjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2H5HFNzfM31kPuVLWI7QNYdZFTUz
SD8fJtNSdSiCJuz7jwGQTYYJcZjQocG6Syr6mpF2GrM64fi5B/x/NPNIDu6j/uhE
vcxvTaGZFxb0xGq7d/FAcQWYfuDI//tS+dGPaZ+GuPl4T02HNzyVRE2dMbCnfARR
qo7N3gLJ8tcmj7CeZakssCaZgKRkrXfFj5VFMVdtSbqtulyf8n9n0/m0CIO6DUp+
oK4twnhXreEiqTwNS4zYyPsBzraqJYdXwyCAMrLVL/JA/V07yjHJpylb72nU6+tW
hpRqM60qiWqaGrOeTpYqcz+KnHEAIb/f7GJYrtjRo7eyEUYiSfQWY0x9ZQIDAQAB
o4ICdzCCAnMwHQYDVR0OBBYEFETwRClJv+/SH/2e9EhQf7MEc0KcMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvUlBCRUtVbV83OUlmX1o3MFNGQl9zd1J6UXB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGMBggrBgEFBQcBBwEB/wR9MHsweQQCAAEwcwMEAFGoIwME
AFGodwMEAFGoewMEAVKYrgMEAFKY+QMEAFKY+zALAwQAUpj9AwMAUpgDBABSmQQD
BABSmQoDBAFSmUADBABSmUQDBAFSmUYDBABSmUkDBABSmYQDBAJSmdADBABSmd4D
BABSmfYDBAFSmfgwDQYJKoZIhvcNAQELBQADggEBAKlRKKPkJ+tmveMLcumZBn0T
/X/9pm+1OUpBbHk2hftkJIjK8pUdBofIw19NuWs02MXkmL7tn2VlEdv2b4vFbKk4
BV8FgJkyIcUti1PG4BRwd/S3Y5bfq418yQIwtNcO/FrhpdJ2fb5xjocRBeeua69f
pQOocTL5ryvcf8wrQysK2Q6u0mzFZyCL9R88OIvxAi4q0FWiOhjEK0/UTyu0Y9XX
8xU/3IAYmoePmbgKY8zsXbMHIkqOeFDvTUOs7iacE9mEqTkNfVLqLLF1xScfyDgy
JpdTFcbK7c1I1LyYyyho3YY2EvzygIyuAWX9g+ZIdj/bhnveZDhjKcsSdW99xOA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:23 2024 by rpki-client on console-ams.rpki-client.org