Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/SzRnwlmWPhG9_FnCoEse2NQThjo.roa
File:                     SzRnwlmWPhG9_FnCoEse2NQThjo.roa (raw, json)
Hash identifier:          Wy10zjssd1wHYTPd25nJO/CehR0t5mnYOpFG/nVMIOw=
Subject key identifier:   4B:34:67:C2:59:96:3E:11:BD:FC:59:C2:A0:4B:1E:D8:D4:13:86:3A
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       01898C0CA484BC07EF0BE1926843482DF9EC
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/SzRnwlmWPhG9_FnCoEse2NQThjo.roa
Signing time:             Tue 25 Jul 2023 07:56:26 +0000
ROA not before:           Tue 25 Jul 2023 07:56:26 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61317
IP address blocks:        82.153.132.0/24 maxlen: 24
                          82.153.69.0/24 maxlen: 24
                          82.153.68.0/24 maxlen: 24
                          82.153.71.0/24 maxlen: 24
                          82.153.72.0/24 maxlen: 24
                          82.153.79.0/24 maxlen: 24
                          81.168.123.0/24 maxlen: 24
                          81.168.120.0/24 maxlen: 24
                          81.168.119.0/24 maxlen: 24
                          81.168.126.0/24 maxlen: 24
                          185.49.124.0/24 maxlen: 24
                          81.5.189.0/24 maxlen: 24
                          82.152.251.0/24 maxlen: 24
                          82.152.248.0/24 maxlen: 24
                          81.168.35.0/24 maxlen: 24
                          82.152.254.0/24 maxlen: 24
                          89.213.161.0/24 maxlen: 24
                          82.153.224.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 01 Aug 2023 08:39:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:8c:0c:a4:84:bc:07:ef:0b:e1:92:68:43:48:2d:f9:ec
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jul 25 07:56:26 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4b3467c259963e11bdfc59c2a04b1ed8d413863a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:4a:61:22:0c:51:a0:8e:24:a6:03:f4:b4:d0:
                    05:94:8b:1b:06:ad:d5:1b:95:30:9b:c2:14:08:7b:
                    d7:07:4e:bf:b1:86:b2:69:f0:53:97:c0:b0:c4:e2:
                    cf:e8:29:11:9c:65:62:7e:96:fb:b9:22:17:05:84:
                    68:7f:de:b2:92:8a:b0:a0:38:11:47:70:82:09:90:
                    10:50:a1:12:fe:71:d6:4f:0d:94:63:3f:99:03:47:
                    8f:6e:e9:a7:3d:d5:64:d7:11:0a:57:eb:40:17:b9:
                    11:ad:a5:cb:a2:a5:90:39:db:0d:89:e1:8e:a7:c2:
                    f1:95:70:00:1a:ca:55:cb:2f:4d:3a:0a:96:65:32:
                    10:d1:ed:d1:5b:92:01:a0:b4:c8:73:48:3d:38:b9:
                    5b:12:20:67:36:9b:7e:47:47:fc:e5:18:67:03:79:
                    15:fa:07:74:3b:6d:b2:8c:6f:32:ae:4e:21:37:c9:
                    49:6a:3f:19:d3:0e:fe:97:6f:e8:18:bd:1e:15:ad:
                    41:42:9f:e5:34:b9:fd:ca:5a:40:de:4b:6f:a0:72:
                    47:52:12:be:92:ab:5e:b5:99:07:76:01:d3:11:48:
                    a3:dd:e1:1c:14:e0:80:89:0c:46:02:cb:3d:14:34:
                    26:48:0f:87:d1:6a:00:ad:4b:f6:44:36:0d:87:fa:
                    af:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:34:67:C2:59:96:3E:11:BD:FC:59:C2:A0:4B:1E:D8:D4:13:86:3A
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/SzRnwlmWPhG9_FnCoEse2NQThjo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.5.189.0/24
                  81.168.35.0/24
                  81.168.119.0-81.168.120.255
                  81.168.123.0/24
                  81.168.126.0/24
                  82.152.248.0/24
                  82.152.251.0/24
                  82.152.254.0/24
                  82.153.68.0/23
                  82.153.71.0-82.153.72.255
                  82.153.79.0/24
                  82.153.132.0/24
                  82.153.224.0/24
                  89.213.161.0/24
                  185.49.124.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a8:d8:c3:1e:e4:25:bf:17:b8:03:8e:ef:10:ec:40:bd:e3:30:
         63:75:e6:2e:fa:6a:a6:50:f1:7f:8b:cc:b0:f1:6e:7c:80:bc:
         35:ca:cc:dc:a4:5c:5b:b2:cf:54:43:3e:16:94:19:7a:17:f6:
         2a:f6:6d:79:f2:35:cb:be:8f:80:1c:c4:25:91:58:c0:4d:0e:
         a0:ae:ad:e0:bd:6e:a4:89:d5:0c:30:bd:05:a5:8a:a3:13:5c:
         c8:9b:45:3d:c3:d0:7a:2d:c4:5c:b0:48:a0:eb:6e:5c:c3:c8:
         46:92:bf:65:e1:3e:ff:09:ba:89:f2:64:e8:5a:a8:e1:f3:bd:
         d8:84:69:94:b0:5d:3b:3d:e6:40:9a:ad:d6:ac:91:3c:84:b5:
         4d:43:99:1d:68:4d:6e:73:64:5e:16:26:09:e7:14:24:ac:c7:
         83:6e:e8:87:7b:b7:03:dd:2d:af:a5:91:1d:61:12:2c:89:d0:
         f9:cd:b7:e6:0d:9c:da:3d:2e:f4:f6:20:79:ba:f5:d3:58:69:
         9d:2a:6f:fb:1c:4d:71:ff:4b:a6:b7:65:ba:0e:18:2d:fe:c5:
         7a:80:c9:c9:9c:c3:f4:ab:e0:4b:02:5f:80:88:cf:00:70:19:
         b1:3d:69:cf:03:18:c3:6c:2d:9b:d2:b8:1d:59:6e:63:96:1d:
         85:e5:a4:19
-----BEGIN CERTIFICATE-----
MIIFYjCCBEqgAwIBAgISAYmMDKSEvAfvC+GSaENILfnsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNzI1MDc1NjI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjM0NjdjMjU5OTYzZTExYmRmYzU5YzJhMDRiMWVkOGQ0MTM4NjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkkphIgxRoI4kpgP0tNAFlIsbBq3V
G5Uwm8IUCHvXB06/sYayafBTl8CwxOLP6CkRnGVifpb7uSIXBYRof96ykoqwoDgR
R3CCCZAQUKES/nHWTw2UYz+ZA0ePbumnPdVk1xEKV+tAF7kRraXLoqWQOdsNieGO
p8LxlXAAGspVyy9NOgqWZTIQ0e3RW5IBoLTIc0g9OLlbEiBnNpt+R0f85RhnA3kV
+gd0O22yjG8yrk4hN8lJaj8Z0w7+l2/oGL0eFa1BQp/lNLn9ylpA3ktvoHJHUhK+
kqtetZkHdgHTEUij3eEcFOCAiQxGAss9FDQmSA+H0WoArUv2RDYNh/qvywIDAQAB
o4ICbjCCAmowHQYDVR0OBBYEFEs0Z8JZlj4RvfxZwqBLHtjUE4Y6MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvU3pSbndsbVdQaEc5X0ZuQ29Fc2UyTlFUaGpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGDBggrBgEFBQcBBwEB/wR0MHIwcAQCAAEwagMEAFEFvQME
AFGoIzAMAwQAUah3AwQAUah4AwQAUah7AwQAUah+AwQAUpj4AwQAUpj7AwQAUpj+
AwQBUplEMAwDBABSmUcDBABSmUgDBABSmU8DBABSmYQDBABSmeADBABZ1aEDBAC5
MXwwDQYJKoZIhvcNAQELBQADggEBAKjYwx7kJb8XuAOO7xDsQL3jMGN15i76aqZQ
8X+LzLDxbnyAvDXKzNykXFuyz1RDPhaUGXoX9ir2bXnyNcu+j4AcxCWRWMBNDqCu
reC9bqSJ1QwwvQWliqMTXMibRT3D0HotxFywSKDrblzDyEaSv2XhPv8JuonyZOha
qOHzvdiEaZSwXTs95kCardaskTyEtU1DmR1oTW5zZF4WJgnnFCSsx4Nu6Id7twPd
La+lkR1hEiyJ0PnNt+YNnNo9LvT2IHm69dNYaZ0qb/scTXH/S6a3ZboOGC3+xXqA
ycmcw/Sr4EsCX4CIzwBwGbE9ac8DGMNsLZvSuB1ZbmOWHYXlpBk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:16 2024 by rpki-client on console-fra.rpki-client.org