Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/WLLQSHrx8NoiigXBfKVCBpUcm74.roa
File:                     WLLQSHrx8NoiigXBfKVCBpUcm74.roa (raw, json)
Hash identifier:          oUszuqrQBjCZGYOpXum/i6N+HeJEdoZXofXz3R3OYIs=
Subject key identifier:   58:B2:D0:48:7A:F1:F0:DA:22:8A:05:C1:7C:A5:42:06:95:1C:9B:BE
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018F5471D4B968127C35443A91475F9B2FCD
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/WLLQSHrx8NoiigXBfKVCBpUcm74.roa
Signing time:             Tue 07 May 2024 19:04:57 +0000
ROA not before:           Tue 07 May 2024 19:04:57 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     834
IP address blocks:        79.99.76.0/24 maxlen: 24
                          81.168.126.0/24 maxlen: 24
                          82.152.176.0/23 maxlen: 23
                          82.153.50.0/24 maxlen: 24
                          82.153.136.0/22 maxlen: 22
                          82.163.0.0/24 maxlen: 24
                          89.213.148.0/22 maxlen: 24
                          89.213.152.0/22 maxlen: 24
                          89.213.156.0/22 maxlen: 24
                          89.213.172.0/22 maxlen: 24
                          89.213.180.0/24 maxlen: 24
                          109.176.16.0/21 maxlen: 24
                          109.176.193.0/24 maxlen: 24
                          109.176.244.0/24 maxlen: 24
                          185.49.126.0/23 maxlen: 24
                          194.105.80.0/20 maxlen: 20
                          212.38.79.0/24 maxlen: 24
                          213.130.149.0/24 maxlen: 24
                          213.218.210.0/24 maxlen: 24
                          213.218.211.0/24 maxlen: 24
                          213.218.213.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 08 May 2024 08:45:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:54:71:d4:b9:68:12:7c:35:44:3a:91:47:5f:9b:2f:cd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: May  7 19:04:57 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=58b2d0487af1f0da228a05c17ca54206951c9bbe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:44:59:70:c0:b5:2d:12:0d:ab:2b:f9:97:eb:
                    c7:ac:6a:5b:a0:f7:0c:e8:be:78:92:4e:be:25:99:
                    24:84:df:40:6b:99:a9:76:ad:6a:ed:23:f5:2f:26:
                    d6:0c:38:b8:ad:b8:ca:70:0a:ad:27:c8:a0:47:24:
                    a5:1a:ab:c1:40:72:68:2e:de:67:5a:55:da:8b:5d:
                    2e:5e:cc:9e:6e:f9:6d:53:f8:0a:1f:37:aa:4d:41:
                    d3:09:f5:44:fa:a1:f6:16:43:43:29:51:77:6c:49:
                    5a:4d:99:f1:71:b8:47:64:09:02:6b:cc:b9:65:4c:
                    ca:e7:48:97:88:f3:69:4c:70:09:ca:dc:78:7b:07:
                    e2:31:f5:c0:7e:cf:20:b9:17:bb:92:24:16:4b:9e:
                    38:70:d5:17:85:ee:93:4c:c3:36:be:1c:07:eb:06:
                    e4:0d:da:67:d2:f7:5f:43:42:9f:e1:c8:f2:ca:db:
                    b1:d5:8b:95:e6:c5:28:e4:e3:f8:64:c6:40:d1:6a:
                    ba:a2:6b:34:e9:84:f7:8d:3b:f3:b4:a4:54:34:83:
                    4b:b6:1d:7d:d9:25:65:a5:57:3f:d5:b8:60:2a:99:
                    af:98:85:d8:2c:af:9f:9e:25:ed:00:e1:59:ac:27:
                    ad:a1:da:6e:f7:b7:1b:2b:b3:0e:4c:d3:5b:31:29:
                    dd:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:B2:D0:48:7A:F1:F0:DA:22:8A:05:C1:7C:A5:42:06:95:1C:9B:BE
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/WLLQSHrx8NoiigXBfKVCBpUcm74.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  79.99.76.0/24
                  81.168.126.0/24
                  82.152.176.0/23
                  82.153.50.0/24
                  82.153.136.0/22
                  82.163.0.0/24
                  89.213.148.0-89.213.159.255
                  89.213.172.0/22
                  89.213.180.0/24
                  109.176.16.0/21
                  109.176.193.0/24
                  109.176.244.0/24
                  185.49.126.0/23
                  194.105.80.0/20
                  212.38.79.0/24
                  213.130.149.0/24
                  213.218.210.0/23
                  213.218.213.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7a:70:23:a4:6c:49:7c:5c:7a:d9:7b:ee:6d:57:0c:0f:b6:b9:
         7a:52:09:45:7b:fa:27:f6:6b:a1:f8:6a:20:db:60:48:6b:11:
         51:ae:e8:98:01:4f:45:be:95:34:41:8f:26:32:a5:29:45:4e:
         5d:3a:de:51:ca:da:5d:07:e9:6a:c2:8d:b1:9b:69:b5:d4:52:
         0d:a5:5f:c5:37:39:a9:77:c1:7a:03:f2:1c:6a:3c:e3:c6:b2:
         73:08:e4:32:d4:cc:b1:89:9a:de:6d:49:97:b2:7b:ff:dd:55:
         b1:c2:d7:df:68:9c:eb:67:35:7e:26:87:e6:0a:7f:b6:6a:e1:
         0f:ab:ff:8a:42:1f:1c:ab:f4:96:07:52:c1:e3:fb:d7:66:65:
         22:e8:3a:74:09:d5:10:cd:d0:00:c4:d2:9d:a9:fd:06:e6:69:
         61:d2:b6:a0:70:f1:c7:da:3c:d3:18:65:e6:c0:2f:a4:61:fd:
         82:79:42:31:89:4b:9e:63:a7:18:a3:e9:43:90:22:85:c2:5f:
         35:c8:02:ea:2e:05:b6:5c:f7:80:79:62:29:42:a9:64:8e:42:
         8e:8a:09:41:93:c6:84:be:20:6b:2d:ec:2a:31:f7:7d:94:f2:
         74:6f:74:a4:e1:64:28:8f:a6:77:fe:e4:03:a3:9f:77:cd:4d:
         94:86:4d:ee
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgISAY9UcdS5aBJ8NUQ6kUdfmy/NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNTA3MTkwNDU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OGIyZDA0ODdhZjFmMGRhMjI4YTA1YzE3Y2E1NDIwNjk1MWM5YmJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp0RZcMC1LRINqyv5l+vHrGpboPcM
6L54kk6+JZkkhN9Aa5mpdq1q7SP1LybWDDi4rbjKcAqtJ8igRySlGqvBQHJoLt5n
WlXai10uXsyebvltU/gKHzeqTUHTCfVE+qH2FkNDKVF3bElaTZnxcbhHZAkCa8y5
ZUzK50iXiPNpTHAJytx4ewfiMfXAfs8guRe7kiQWS544cNUXhe6TTMM2vhwH6wbk
Ddpn0vdfQ0Kf4cjyytux1YuV5sUo5OP4ZMZA0Wq6oms06YT3jTvztKRUNINLth19
2SVlpVc/1bhgKpmvmIXYLK+fniXtAOFZrCetodpu97cbK7MOTNNbMSndrwIDAQAB
o4ICeDCCAnQwHQYDVR0OBBYEFFiy0Eh68fDaIooFwXylQgaVHJu+MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvV0xMUVNIcng4Tm9paWdYQmZLVkNCcFVjbTc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGNBggrBgEFBQcBBwEB/wR+MHwwegQCAAEwdAMEAE9jTAME
AFGofgMEAVKYsAMEAFKZMgMEAlKZiAMEAFKjADAMAwQCWdWUAwQFWdWAAwQCWdWs
AwQAWdW0AwQDbbAQAwQAbbDBAwQAbbD0AwQBuTF+AwQEwmlQAwQA1CZPAwQA1YKV
AwQB1drSAwQA1drVMA0GCSqGSIb3DQEBCwUAA4IBAQB6cCOkbEl8XHrZe+5tVwwP
trl6UglFe/on9muh+Gog22BIaxFRruiYAU9FvpU0QY8mMqUpRU5dOt5RytpdB+lq
wo2xm2m11FINpV/FNzmpd8F6A/IcajzjxrJzCOQy1MyxiZrebUmXsnv/3VWxwtff
aJzrZzV+JofmCn+2auEPq/+KQh8cq/SWB1LB4/vXZmUi6Dp0CdUQzdAAxNKdqf0G
5mlh0ragcPHH2jzTGGXmwC+kYf2CeUIxiUueY6cYo+lDkCKFwl81yALqLgW2XPeA
eWIpQqlkjkKOiglBk8aEviBrLewqMfd9lPJ0b3Sk4WQoj6Z3/uQDo593zU2Uhk3u
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:16 2024 by rpki-client on console-fra.rpki-client.org