Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/WmJtiuvYENi__i7K6eJQEiUCcZA.roa
File:                     WmJtiuvYENi__i7K6eJQEiUCcZA.roa (raw, json)
Hash identifier:          dO6kbu7YzDeMmXRX6sw66GsqxLZve3+/pvCCZ9uxRNo=
Subject key identifier:   5A:62:6D:8A:EB:D8:10:D8:BF:FE:2E:CA:E9:E2:50:12:25:02:71:90
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018825C6FB5120826FD91B23BE25CE223A96
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/WmJtiuvYENi__i7K6eJQEiUCcZA.roa
Signing time:             Tue 16 May 2023 18:16:17 +0000
ROA not before:           Tue 16 May 2023 18:16:17 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        82.152.174.0/23 maxlen: 23
                          82.152.253.0/24 maxlen: 24
                          82.152.249.0/24 maxlen: 24
                          82.152.251.0/24 maxlen: 24
                          81.168.35.0/24 maxlen: 24
                          82.152.254.0/24 maxlen: 24
                          82.152.255.0/24 maxlen: 24
                          82.153.4.0/24 maxlen: 24
                          82.153.10.0/24 maxlen: 24
                          82.153.132.0/24 maxlen: 24
                          82.153.68.0/24 maxlen: 24
                          82.153.65.0/24 maxlen: 24
                          82.153.70.0/24 maxlen: 24
                          82.153.71.0/24 maxlen: 24
                          82.153.73.0/24 maxlen: 24
                          81.168.123.0/24 maxlen: 24
                          81.168.119.0/24 maxlen: 24
                          82.153.246.0/24 maxlen: 24
                          82.153.248.0/24 maxlen: 24
                          82.153.249.0/24 maxlen: 24
                          82.153.208.0/24 maxlen: 24
                          82.153.209.0/24 maxlen: 24
                          82.153.210.0/24 maxlen: 24
                          82.153.211.0/24 maxlen: 24
                          82.153.222.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 19 May 2023 07:04:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:25:c6:fb:51:20:82:6f:d9:1b:23:be:25:ce:22:3a:96
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: May 16 18:16:17 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5a626d8aebd810d8bffe2ecae9e2501225027190
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:81:b7:11:3e:8e:62:f0:68:84:5a:59:b1:2c:
                    09:2f:0b:88:ec:ec:71:8b:8f:f3:66:e1:fd:7c:7a:
                    d6:e9:e5:d2:2f:9e:63:e9:a3:50:75:90:f4:84:89:
                    12:f2:7e:93:b7:15:d5:8d:9e:d2:b5:27:0d:b2:51:
                    87:f5:37:67:8d:a1:d4:b2:ab:7b:cc:39:96:e2:32:
                    78:b4:8d:1e:4e:10:1e:5d:88:f6:33:97:a1:0a:17:
                    a7:79:9a:ed:46:e6:9f:4a:c4:2d:1f:9f:a9:a5:a2:
                    1a:eb:06:f1:db:2c:e6:bc:c2:73:ce:9d:b9:2d:69:
                    d4:d2:06:81:68:74:a5:1a:2b:d2:ba:f9:10:00:9e:
                    79:ae:30:0f:3a:8a:c9:88:c4:c7:36:5d:75:f9:78:
                    e4:e5:85:2b:ee:e1:51:97:39:f3:a1:91:14:b2:97:
                    3d:e4:cc:a2:b7:37:91:ee:f5:7e:98:91:38:f2:96:
                    7e:19:a2:a1:e8:2f:0c:9f:35:51:a7:0b:f8:83:6f:
                    ac:22:60:89:36:b1:5a:07:1b:1a:56:ba:77:cb:74:
                    17:5d:a5:4a:44:2a:d8:68:f6:0f:1b:e0:a6:e9:5b:
                    1f:85:d1:64:e7:4d:6b:76:f7:20:f2:a3:4e:ac:91:
                    0c:93:aa:c0:90:d3:4d:e7:05:a6:10:20:7a:f7:b3:
                    6f:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:62:6D:8A:EB:D8:10:D8:BF:FE:2E:CA:E9:E2:50:12:25:02:71:90
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/WmJtiuvYENi__i7K6eJQEiUCcZA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.168.35.0/24
                  81.168.119.0/24
                  81.168.123.0/24
                  82.152.174.0/23
                  82.152.249.0/24
                  82.152.251.0/24
                  82.152.253.0-82.152.255.255
                  82.153.4.0/24
                  82.153.10.0/24
                  82.153.65.0/24
                  82.153.68.0/24
                  82.153.70.0/23
                  82.153.73.0/24
                  82.153.132.0/24
                  82.153.208.0/22
                  82.153.222.0/24
                  82.153.246.0/24
                  82.153.248.0/23

    Signature Algorithm: sha256WithRSAEncryption
         24:31:6e:3d:89:12:57:d2:06:7d:94:8c:51:6f:62:d4:0e:52:
         4c:05:8c:4a:bb:81:73:2c:e6:76:9c:c6:6a:3a:cb:03:cb:2f:
         b8:15:84:24:b2:8b:e9:01:6b:1c:de:2c:e1:06:63:7d:11:c0:
         28:76:ce:a8:01:e6:2e:3e:4f:ab:3d:42:e4:f4:43:4e:c5:d6:
         4d:e9:22:3e:ed:5c:d8:ad:52:a4:a5:54:7e:60:44:0e:1c:0a:
         c2:33:c6:a1:a0:35:16:ae:8c:bc:71:4b:fe:7a:8e:db:70:b6:
         d4:93:62:85:f5:0f:e3:af:cb:ca:f2:d9:b9:1c:fe:c0:5e:70:
         65:3f:f1:4e:a4:73:91:73:82:5c:16:50:b6:db:91:b9:fb:e4:
         bb:f0:d4:0b:12:50:49:d7:d8:3d:15:7b:81:96:b0:36:9a:14:
         c1:ac:a6:e0:ff:2d:86:8e:1b:1d:14:a3:d7:d5:0d:d7:d3:43:
         1f:13:37:47:ee:f2:b1:31:9f:39:3b:28:2a:ae:5c:2e:24:d8:
         03:3e:dc:cf:ab:1e:79:e3:97:77:ff:ac:11:92:99:a6:99:91:
         df:84:4e:64:3e:08:7a:6f:04:cd:23:b5:17:a0:a0:2a:ac:d7:
         6e:12:c3:7e:12:3b:8a:53:c3:de:d4:7d:86:67:fa:bc:21:e7:
         fb:f7:f4:75
-----BEGIN CERTIFICATE-----
MIIFazCCBFOgAwIBAgISAYglxvtRIIJv2RsjviXOIjqWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNTE2MTgxNjE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTYyNmQ4YWViZDgxMGQ4YmZmZTJlY2FlOWUyNTAxMjI1MDI3MTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjIG3ET6OYvBohFpZsSwJLwuI7Oxx
i4/zZuH9fHrW6eXSL55j6aNQdZD0hIkS8n6TtxXVjZ7StScNslGH9TdnjaHUsqt7
zDmW4jJ4tI0eThAeXYj2M5ehCheneZrtRuafSsQtH5+ppaIa6wbx2yzmvMJzzp25
LWnU0gaBaHSlGivSuvkQAJ55rjAPOorJiMTHNl11+Xjk5YUr7uFRlznzoZEUspc9
5MyitzeR7vV+mJE48pZ+GaKh6C8MnzVRpwv4g2+sImCJNrFaBxsaVrp3y3QXXaVK
RCrYaPYPG+Cm6VsfhdFk501rdvcg8qNOrJEMk6rAkNNN5wWmECB697NvvwIDAQAB
o4ICdzCCAnMwHQYDVR0OBBYEFFpibYrr2BDYv/4uyuniUBIlAnGQMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvV21KdGl1dllFTmlfX2k3SzZlSlFFaVVDY1pBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGMBggrBgEFBQcBBwEB/wR9MHsweQQCAAEwcwMEAFGoIwME
AFGodwMEAFGoewMEAVKYrgMEAFKY+QMEAFKY+zALAwQAUpj9AwMAUpgDBABSmQQD
BABSmQoDBABSmUEDBABSmUQDBAFSmUYDBABSmUkDBABSmYQDBAJSmdADBABSmd4D
BABSmfYDBAFSmfgwDQYJKoZIhvcNAQELBQADggEBACQxbj2JElfSBn2UjFFvYtQO
UkwFjEq7gXMs5nacxmo6ywPLL7gVhCSyi+kBaxzeLOEGY30RwCh2zqgB5i4+T6s9
QuT0Q07F1k3pIj7tXNitUqSlVH5gRA4cCsIzxqGgNRaujLxxS/56jttwttSTYoX1
D+Ovy8ry2bkc/sBecGU/8U6kc5FzglwWULbbkbn75Lvw1AsSUEnX2D0Ve4GWsDaa
FMGspuD/LYaOGx0Uo9fVDdfTQx8TN0fu8rExnzk7KCquXC4k2AM+3M+rHnnjl3f/
rBGSmaaZkd+ETmQ+CHpvBM0jtRegoCqs124Sw34SO4pTw97UfYZn+rwh5/v39HU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:23 2024 by rpki-client on console-ams.rpki-client.org