Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/UknePGEKpntlSgqMOc0tTyPwn7M.roa
File:                     UknePGEKpntlSgqMOc0tTyPwn7M.roa (raw, json)
Hash identifier:          sItofbxFL7wDcnW1tfozCKoEJbpuAdQPu4lwcoUgvww=
Subject key identifier:   52:49:DE:3C:61:0A:A6:7B:65:4A:0A:8C:39:CD:2D:4F:23:F0:9F:B3
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018992268E6EE914DDB3D810364C0E729DAE
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/UknePGEKpntlSgqMOc0tTyPwn7M.roa
Signing time:             Wed 26 Jul 2023 12:22:27 +0000
ROA not before:           Wed 26 Jul 2023 12:22:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     42831
IP address blocks:        89.213.191.0/24 maxlen: 24
                          82.153.246.0/24 maxlen: 24
                          82.152.110.0/24 maxlen: 24
                          89.213.132.0/24 maxlen: 24
                          89.213.131.0/24 maxlen: 24
                          109.176.253.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 01 Aug 2023 08:37:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:92:26:8e:6e:e9:14:dd:b3:d8:10:36:4c:0e:72:9d:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jul 26 12:22:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5249de3c610aa67b654a0a8c39cd2d4f23f09fb3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:6a:77:c0:01:29:c6:fb:5a:f2:5f:30:35:8d:
                    c1:f5:b3:c5:10:b1:f6:9a:3d:4a:24:20:76:90:15:
                    22:37:20:af:d7:55:0b:2d:e9:96:73:f0:5e:4b:d8:
                    2d:b7:52:76:59:d1:33:a9:4b:7d:90:a2:9a:60:6e:
                    58:bb:09:01:5c:5c:42:8d:38:e0:d5:14:c0:ae:b1:
                    d6:ed:d1:44:87:2c:bb:42:55:05:38:3e:20:8e:52:
                    c7:10:55:62:85:38:7c:50:b1:d8:d6:1b:79:b8:81:
                    e0:7a:25:59:5f:94:60:d4:e1:ab:52:0c:58:30:f2:
                    ed:5d:97:f9:6a:ee:37:30:bf:7e:87:25:93:09:79:
                    a8:b0:39:84:93:49:a5:da:4d:81:89:93:21:0a:68:
                    6a:39:f9:17:a7:2d:f9:60:31:8a:df:c3:af:6b:42:
                    5d:8f:cb:14:19:d9:ac:35:a4:4f:e0:c9:b5:a4:71:
                    15:71:a4:f2:93:0f:19:ae:2d:90:36:71:c8:27:b9:
                    69:68:9d:59:bf:d1:63:bf:12:ae:8d:3e:65:f9:de:
                    7e:5e:53:46:a7:27:3e:9a:7b:3d:91:cf:c7:6f:a4:
                    5f:a3:2f:74:f5:3b:92:2e:54:8a:bb:2e:07:79:e1:
                    4b:28:19:0d:13:5e:df:ea:01:e3:25:b7:59:96:52:
                    31:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:49:DE:3C:61:0A:A6:7B:65:4A:0A:8C:39:CD:2D:4F:23:F0:9F:B3
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/UknePGEKpntlSgqMOc0tTyPwn7M.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.152.110.0/24
                  82.153.246.0/24
                  89.213.131.0-89.213.132.255
                  89.213.191.0/24
                  109.176.253.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a3:d4:4a:83:28:ea:99:52:48:30:b8:8d:8c:45:eb:59:26:ee:
         fa:ed:52:ca:fd:99:d7:22:51:67:6c:2a:c1:8e:3e:76:62:a7:
         d0:68:61:2d:a6:b1:bd:a9:58:9f:72:a4:ec:51:70:15:c6:6d:
         e7:b9:74:5d:35:f8:0b:99:54:48:55:c9:ed:a6:63:e0:ef:b1:
         ac:9c:de:e5:b3:d6:fe:bf:b3:1e:9a:5d:aa:c5:3d:b7:db:d5:
         ec:21:91:7d:04:3b:2f:03:b8:e9:0a:94:51:79:a1:db:f9:ab:
         c6:ed:d0:41:fd:68:2d:97:fb:b4:75:fb:08:1b:27:dc:35:25:
         c4:4a:92:31:24:ad:1b:52:d6:00:e9:17:c1:6c:b2:23:02:94:
         6d:54:24:7b:8c:3d:7a:b5:ab:d3:76:db:2e:6b:d3:07:53:22:
         ba:bc:45:2c:0e:a9:d6:f2:d5:67:56:e4:5e:e7:e2:1a:31:85:
         16:06:3b:e1:e2:32:7a:42:96:c1:9a:ed:2c:7a:3b:0c:1d:44:
         c1:f6:f4:0d:1f:58:e2:6c:17:4c:b6:10:b4:97:7d:65:54:9e:
         f2:66:9f:29:47:0a:eb:9d:b6:73:1b:6d:fa:d6:6d:31:92:77:
         d9:af:52:fe:e6:3a:73:e5:fe:aa:f4:bd:96:da:e9:46:f3:7d:
         01:d1:ee:18
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYmSJo5u6RTds9gQNkwOcp2uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNzI2MTIyMjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjQ5ZGUzYzYxMGFhNjdiNjU0YTBhOGMzOWNkMmQ0ZjIzZjA5ZmIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArWp3wAEpxvta8l8wNY3B9bPFELH2
mj1KJCB2kBUiNyCv11ULLemWc/BeS9gtt1J2WdEzqUt9kKKaYG5YuwkBXFxCjTjg
1RTArrHW7dFEhyy7QlUFOD4gjlLHEFVihTh8ULHY1ht5uIHgeiVZX5Rg1OGrUgxY
MPLtXZf5au43ML9+hyWTCXmosDmEk0ml2k2BiZMhCmhqOfkXpy35YDGK38Ova0Jd
j8sUGdmsNaRP4Mm1pHEVcaTykw8Zri2QNnHIJ7lpaJ1Zv9FjvxKujT5l+d5+XlNG
pyc+mns9kc/Hb6Rfoy909TuSLlSKuy4HeeFLKBkNE17f6gHjJbdZllIxFQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFFJJ3jxhCqZ7ZUoKjDnNLU8j8J+zMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvVWtuZVBHRUtwbnRsU2dxTU9jMHRUeVB3bjdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAUphuAwQA
Upn2MAwDBABZ1YMDBABZ1YQDBABZ1b8DBABtsP0wDQYJKoZIhvcNAQELBQADggEB
AKPUSoMo6plSSDC4jYxF61km7vrtUsr9mdciUWdsKsGOPnZip9BoYS2msb2pWJ9y
pOxRcBXGbee5dF01+AuZVEhVye2mY+Dvsayc3uWz1v6/sx6aXarFPbfb1ewhkX0E
Oy8DuOkKlFF5odv5q8bt0EH9aC2X+7R1+wgbJ9w1JcRKkjEkrRtS1gDpF8FssiMC
lG1UJHuMPXq1q9N22y5r0wdTIrq8RSwOqdby1WdW5F7n4hoxhRYGO+HiMnpClsGa
7Sx6OwwdRMH29A0fWOJsF0y2ELSXfWVUnvJmnylHCuudtnMbbfrWbTGSd9mvUv7m
OnPl/qr0vZba6UbzfQHR7hg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:23 2024 by rpki-client on console-ams.rpki-client.org