Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/WZL_HfjOcGSjrzLKa9UdOkRfjTg.roa
File:                     WZL_HfjOcGSjrzLKa9UdOkRfjTg.roa (raw, json)
Hash identifier:          hvhVzOhDI0sEfhKbrYfk5c9pCD2SMSVWLhRMtH3tDZ8=
Subject key identifier:   59:92:FF:1D:F8:CE:70:64:A3:AF:32:CA:6B:D5:1D:3A:44:5F:8D:38
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018F5288EFBE45F7BEDB53B86C99F52E4137
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/WZL_HfjOcGSjrzLKa9UdOkRfjTg.roa
Signing time:             Tue 07 May 2024 10:10:56 +0000
ROA not before:           Tue 07 May 2024 10:10:56 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     834
IP address blocks:        37.252.27.0/24 maxlen: 24
                          79.99.76.0/24 maxlen: 24
                          81.168.126.0/24 maxlen: 24
                          82.152.176.0/23 maxlen: 23
                          82.153.50.0/24 maxlen: 24
                          82.153.136.0/22 maxlen: 22
                          82.153.245.0/24 maxlen: 24
                          82.163.0.0/24 maxlen: 24
                          89.213.148.0/22 maxlen: 24
                          89.213.152.0/22 maxlen: 24
                          89.213.156.0/22 maxlen: 24
                          89.213.172.0/22 maxlen: 24
                          89.213.180.0/24 maxlen: 24
                          109.176.16.0/21 maxlen: 24
                          109.176.193.0/24 maxlen: 24
                          109.176.244.0/24 maxlen: 24
                          185.49.126.0/23 maxlen: 24
                          194.105.80.0/20 maxlen: 20
                          212.38.74.0/24 maxlen: 24
                          212.38.79.0/24 maxlen: 24
                          213.130.149.0/24 maxlen: 24
                          213.218.210.0/24 maxlen: 24
                          213.218.211.0/24 maxlen: 24
                          213.218.213.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 07 May 2024 13:13:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:52:88:ef:be:45:f7:be:db:53:b8:6c:99:f5:2e:41:37
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: May  7 10:10:56 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=5992ff1df8ce7064a3af32ca6bd51d3a445f8d38
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:68:8d:2f:a0:dc:3e:1a:3d:71:9f:95:a9:b9:
                    8e:79:91:b3:ba:e9:dc:06:35:32:85:15:2f:ac:8e:
                    ed:4b:d2:42:51:84:37:5a:8d:c7:01:ca:81:41:d3:
                    e8:0a:88:45:5c:96:2b:38:3d:98:bd:d5:49:c8:7c:
                    5a:48:32:c6:ce:ff:d3:9d:3e:ce:10:90:ce:65:8f:
                    8f:b3:2e:21:c9:f3:ec:53:0a:e8:17:38:32:d0:bf:
                    18:87:af:73:e1:3a:d5:ea:0a:31:c6:32:b6:7e:5a:
                    07:c4:aa:88:f5:19:7d:32:3a:1d:ef:cd:fb:72:0b:
                    f2:ef:4d:14:2a:55:1c:20:79:a2:b5:6d:4e:c4:d6:
                    a0:ba:1b:67:b9:ea:25:94:46:56:6a:6c:66:6d:ba:
                    f0:a1:45:21:9f:a7:5f:5d:0e:4b:52:90:e3:a9:cc:
                    cc:f4:13:12:ef:97:4c:a2:73:5a:36:8c:56:4d:14:
                    c3:a2:d3:f2:35:d7:51:12:1f:96:46:7f:6b:20:fe:
                    0c:03:9e:0d:df:fb:d1:08:f6:3a:ba:5b:b4:94:1e:
                    59:9c:69:2a:ee:a4:a0:4d:90:c8:bd:35:1b:f1:7f:
                    48:d4:5c:9a:2e:85:70:22:b2:f5:d3:74:28:90:c1:
                    70:f5:3b:aa:89:af:b7:0c:5e:0e:7b:ce:53:91:47:
                    60:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:92:FF:1D:F8:CE:70:64:A3:AF:32:CA:6B:D5:1D:3A:44:5F:8D:38
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/WZL_HfjOcGSjrzLKa9UdOkRfjTg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.252.27.0/24
                  79.99.76.0/24
                  81.168.126.0/24
                  82.152.176.0/23
                  82.153.50.0/24
                  82.153.136.0/22
                  82.153.245.0/24
                  82.163.0.0/24
                  89.213.148.0-89.213.159.255
                  89.213.172.0/22
                  89.213.180.0/24
                  109.176.16.0/21
                  109.176.193.0/24
                  109.176.244.0/24
                  185.49.126.0/23
                  194.105.80.0/20
                  212.38.74.0/24
                  212.38.79.0/24
                  213.130.149.0/24
                  213.218.210.0/23
                  213.218.213.0/24

    Signature Algorithm: sha256WithRSAEncryption
         31:2e:ab:22:75:26:9b:a7:96:71:92:d3:c7:dc:77:2f:5f:de:
         26:4a:84:65:4f:ab:20:df:22:d9:c8:75:64:ee:ca:43:3f:a8:
         cb:33:cb:d9:b5:be:b4:10:78:3d:ad:13:9e:8a:98:1d:e7:21:
         bc:9e:a4:46:e1:46:f4:39:cf:00:ba:28:6d:e2:4f:5d:23:5d:
         65:7c:0b:76:2c:9d:d3:d1:73:dc:2a:fc:11:bc:22:d7:38:fd:
         a4:2b:fe:a5:58:9d:3b:b3:22:a1:ae:4e:84:10:07:76:19:7a:
         09:90:41:9f:c3:f2:f5:f3:c3:9a:68:35:a6:6a:3b:6b:03:c7:
         b8:2b:ed:26:7d:44:07:d9:2d:f6:08:d3:3f:48:24:af:1e:e3:
         00:ef:c8:a3:8a:94:13:cc:e1:ea:3c:ab:e1:de:57:a7:31:36:
         d6:c2:f1:c7:af:6a:e6:cf:85:18:6f:7e:5c:0f:e1:d8:5c:87:
         ec:e0:e8:2b:51:23:2d:1c:2f:7e:1f:46:0e:f2:65:07:88:3c:
         28:2b:42:28:29:7b:53:69:c4:26:e0:b2:f1:3e:ca:7c:c6:9e:
         dd:ba:b1:d1:3d:b0:09:73:c8:46:a6:46:4f:1b:ac:63:78:a5:
         77:38:e9:65:6c:8c:2d:e8:ea:60:a1:10:c8:35:f2:b7:37:db:
         4a:50:6a:ac
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgISAY9SiO++Rfe+21O4bJn1LkE3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNTA3MTAxMDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTkyZmYxZGY4Y2U3MDY0YTNhZjMyY2E2YmQ1MWQzYTQ0NWY4ZDM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu2iNL6DcPho9cZ+VqbmOeZGzuunc
BjUyhRUvrI7tS9JCUYQ3Wo3HAcqBQdPoCohFXJYrOD2YvdVJyHxaSDLGzv/TnT7O
EJDOZY+Psy4hyfPsUwroFzgy0L8Yh69z4TrV6goxxjK2floHxKqI9Rl9Mjod7837
cgvy700UKlUcIHmitW1OxNaguhtnueollEZWamxmbbrwoUUhn6dfXQ5LUpDjqczM
9BMS75dMonNaNoxWTRTDotPyNddREh+WRn9rIP4MA54N3/vRCPY6ulu0lB5ZnGkq
7qSgTZDIvTUb8X9I1FyaLoVwIrL103QokMFw9Tuqia+3DF4Oe85TkUdgoQIDAQAB
o4ICjjCCAoowHQYDVR0OBBYEFFmS/x34znBko68yymvVHTpEX404MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvV1pMX0hmak9jR1NqcnpMS2E5VWRPa1JmalRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGjBggrBgEFBQcBBwEB/wSBkzCBkDCBjQQCAAEwgYYDBAAl
/BsDBABPY0wDBABRqH4DBAFSmLADBABSmTIDBAJSmYgDBABSmfUDBABSowAwDAME
AlnVlAMEBVnVgAMEAlnVrAMEAFnVtAMEA22wEAMEAG2wwQMEAG2w9AMEAbkxfgME
BMJpUAMEANQmSgMEANQmTwMEANWClQMEAdXa0gMEANXa1TANBgkqhkiG9w0BAQsF
AAOCAQEAMS6rInUmm6eWcZLTx9x3L1/eJkqEZU+rIN8i2ch1ZO7KQz+oyzPL2bW+
tBB4Pa0TnoqYHechvJ6kRuFG9DnPALoobeJPXSNdZXwLdiyd09Fz3Cr8Ebwi1zj9
pCv+pVidO7Mioa5OhBAHdhl6CZBBn8Py9fPDmmg1pmo7awPHuCvtJn1EB9kt9gjT
P0gkrx7jAO/Io4qUE8zh6jyr4d5XpzE21sLxx69q5s+FGG9+XA/h2FyH7ODoK1Ej
LRwvfh9GDvJlB4g8KCtCKCl7U2nEJuCy8T7KfMae3bqx0T2wCXPIRqZGTxusY3il
dzjpZWyMLejqYKEQyDXytzfbSlBqrA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:16 2024 by rpki-client on console-fra.rpki-client.org