Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/YRpT1BeY2wvG7lRcLMr6-cE-YcQ.roa
File:                     YRpT1BeY2wvG7lRcLMr6-cE-YcQ.roa (raw, json)
Hash identifier:          PfxybO4cpOChIyBw9h7+dOJ+QUjuPyvepXC7xgYpPNQ=
Subject key identifier:   61:1A:53:D4:17:98:DB:0B:C6:EE:54:5C:2C:CA:FA:F9:C1:3E:61:C4
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018F9EFF08B50BDD54267F501C078D3776D3
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/YRpT1BeY2wvG7lRcLMr6-cE-YcQ.roa
Signing time:             Wed 22 May 2024 06:31:04 +0000
ROA not before:           Wed 22 May 2024 06:31:04 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     400866
IP address blocks:        37.252.27.0/24 maxlen: 24
                          79.99.76.0/24 maxlen: 24
                          81.168.50.0/24 maxlen: 24
                          81.168.67.0/24 maxlen: 24
                          81.168.122.0/24 maxlen: 24
                          82.152.4.0/24 maxlen: 24
                          82.152.5.0/24 maxlen: 24
                          82.152.6.0/24 maxlen: 24
                          82.152.12.0/24 maxlen: 24
                          82.152.98.0/24 maxlen: 24
                          82.152.105.0/24 maxlen: 24
                          82.152.131.0/24 maxlen: 24
                          82.152.140.0/24 maxlen: 24
                          82.152.142.0/24 maxlen: 24
                          82.153.34.0/24 maxlen: 24
                          82.153.35.0/24 maxlen: 24
                          82.153.55.0/24 maxlen: 24
                          82.153.135.0/24 maxlen: 24
                          82.153.153.0/24 maxlen: 24
                          82.153.156.0/24 maxlen: 24
                          82.153.159.0/24 maxlen: 24
                          82.153.200.0/24 maxlen: 24
                          82.153.201.0/24 maxlen: 24
                          82.153.202.0/24 maxlen: 24
                          82.153.205.0/24 maxlen: 24
                          82.153.207.0/24 maxlen: 24
                          82.153.226.0/24 maxlen: 24
                          82.163.0.0/24 maxlen: 24
                          82.163.15.0/24 maxlen: 24
                          89.213.97.0/24 maxlen: 24
                          89.213.134.0/24 maxlen: 24
                          89.213.197.0/24 maxlen: 24
                          109.176.193.0/24 maxlen: 24
                          109.176.202.0/24 maxlen: 24
                          109.176.229.0/24 maxlen: 24
                          109.176.230.0/24 maxlen: 24
                          109.176.244.0/24 maxlen: 24
                          212.38.79.0/24 maxlen: 24
                          212.38.84.0/24 maxlen: 24
                          213.130.150.0/24 maxlen: 24
                          213.130.151.0/24 maxlen: 24
                          213.210.58.0/24 maxlen: 24
                          213.210.63.0/24 maxlen: 24
                          213.218.211.0/24 maxlen: 24
                          213.218.224.0/24 maxlen: 24
                          213.218.233.0/24 maxlen: 24
                          213.218.249.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 05 Jun 2024 16:22:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:9e:ff:08:b5:0b:dd:54:26:7f:50:1c:07:8d:37:76:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: May 22 06:31:04 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=611a53d41798db0bc6ee545c2ccafaf9c13e61c4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:ca:cd:6b:9f:6c:ea:cf:89:48:f1:88:61:91:
                    c6:f0:b7:0b:a7:ee:d4:1d:0a:c6:6b:df:cf:e4:66:
                    8c:6c:44:c3:aa:91:c6:92:74:ac:a7:16:cc:fb:a9:
                    27:c4:e6:e8:81:16:53:13:5c:9a:7e:57:63:28:06:
                    54:93:63:93:33:de:7c:9a:7c:fe:85:86:f1:3f:2e:
                    bc:5f:68:11:45:dc:4c:4a:90:d5:63:df:dd:a2:2d:
                    38:78:fb:47:b0:e5:c4:1f:fe:db:71:38:c3:67:87:
                    ac:c9:44:46:de:2b:bc:00:be:c7:bf:f7:e4:61:f7:
                    c2:80:b5:73:96:ad:35:8f:74:9d:7a:c2:eb:69:23:
                    f2:a0:00:d4:89:35:21:0a:e8:98:62:8f:de:44:be:
                    96:de:3d:70:53:ac:af:98:d5:84:fa:dd:86:44:1b:
                    64:38:2b:8a:ef:0d:0f:87:4e:74:27:6c:3e:ad:cb:
                    62:28:09:40:92:72:e6:ca:1c:01:7f:6a:20:c6:23:
                    7c:5b:d5:78:6d:2d:57:a2:4f:d6:31:76:52:68:6b:
                    1a:91:f3:66:bd:ff:93:50:39:c4:7f:32:49:d2:79:
                    c2:b9:47:2d:fa:a6:4e:70:78:ce:bb:a8:a6:59:62:
                    6e:77:89:52:b9:33:05:5f:ef:79:b4:75:ff:4d:eb:
                    31:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:1A:53:D4:17:98:DB:0B:C6:EE:54:5C:2C:CA:FA:F9:C1:3E:61:C4
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/YRpT1BeY2wvG7lRcLMr6-cE-YcQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.252.27.0/24
                  79.99.76.0/24
                  81.168.50.0/24
                  81.168.67.0/24
                  81.168.122.0/24
                  82.152.4.0-82.152.6.255
                  82.152.12.0/24
                  82.152.98.0/24
                  82.152.105.0/24
                  82.152.131.0/24
                  82.152.140.0/24
                  82.152.142.0/24
                  82.153.34.0/23
                  82.153.55.0/24
                  82.153.135.0/24
                  82.153.153.0/24
                  82.153.156.0/24
                  82.153.159.0/24
                  82.153.200.0-82.153.202.255
                  82.153.205.0/24
                  82.153.207.0/24
                  82.153.226.0/24
                  82.163.0.0/24
                  82.163.15.0/24
                  89.213.97.0/24
                  89.213.134.0/24
                  89.213.197.0/24
                  109.176.193.0/24
                  109.176.202.0/24
                  109.176.229.0-109.176.230.255
                  109.176.244.0/24
                  212.38.79.0/24
                  212.38.84.0/24
                  213.130.150.0/23
                  213.210.58.0/24
                  213.210.63.0/24
                  213.218.211.0/24
                  213.218.224.0/24
                  213.218.233.0/24
                  213.218.249.0/24

    Signature Algorithm: sha256WithRSAEncryption
         63:8b:24:4f:31:f0:3a:7d:b9:6c:82:05:58:41:7b:12:12:1a:
         54:fb:03:87:ae:b8:0f:f7:d9:99:2c:d4:1c:a9:f8:bc:80:82:
         10:f9:ed:7a:a3:b5:2a:5c:a2:27:cb:21:4c:ac:3a:03:f3:7f:
         c1:15:d5:0e:13:0a:99:a0:c7:b2:04:00:a1:b5:2f:05:36:74:
         d0:8a:4e:77:8d:0c:47:ad:18:4f:fc:58:64:fc:26:86:1d:0a:
         46:e7:8a:d4:2b:d3:59:e3:5a:d9:0b:2e:00:05:0a:35:09:a5:
         db:6f:3f:7c:e4:a9:e0:95:b9:3c:08:c9:be:7c:d0:03:27:7c:
         fb:6b:79:75:98:db:cd:c5:c5:5d:13:ac:6c:7c:2a:47:14:5d:
         14:48:d9:cb:f6:4f:d2:d0:d7:57:92:d2:cf:47:57:e5:9d:6f:
         84:82:16:7f:b3:0b:71:45:32:d6:2c:a9:30:ff:ea:42:40:38:
         ce:a6:2b:d9:b2:be:6d:d9:36:ff:ae:bc:b6:6a:dc:2c:b1:cd:
         05:44:97:8f:0b:3d:3a:e8:8c:81:45:20:96:1b:d9:5f:5e:57:
         87:e3:e0:ca:bc:4c:08:08:57:9f:ec:5c:b4:48:ea:d5:4d:27:
         17:56:5a:ca:1a:70:cb:a2:cd:dc:f8:2c:7b:71:e6:b9:e1:0f:
         0f:c1:b5:74
-----BEGIN CERTIFICATE-----
MIIGCTCCBPGgAwIBAgISAY+e/wi1C91UJn9QHAeNN3bTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNTIyMDYzMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTFhNTNkNDE3OThkYjBiYzZlZTU0NWMyY2NhZmFmOWMxM2U2MWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA08rNa59s6s+JSPGIYZHG8LcLp+7U
HQrGa9/P5GaMbETDqpHGknSspxbM+6knxObogRZTE1yafldjKAZUk2OTM958mnz+
hYbxPy68X2gRRdxMSpDVY9/doi04ePtHsOXEH/7bcTjDZ4esyURG3iu8AL7Hv/fk
YffCgLVzlq01j3SdesLraSPyoADUiTUhCuiYYo/eRL6W3j1wU6yvmNWE+t2GRBtk
OCuK7w0Ph050J2w+rctiKAlAknLmyhwBf2ogxiN8W9V4bS1Xok/WMXZSaGsakfNm
vf+TUDnEfzJJ0nnCuUct+qZOcHjOu6imWWJud4lSuTMFX+95tHX/Tesx0QIDAQAB
o4IDFTCCAxEwHQYDVR0OBBYEFGEaU9QXmNsLxu5UXCzK+vnBPmHEMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvWVJwVDFCZVkyd3ZHN2xSY0xNcjYtY0UtWWNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBKQYIKwYBBQUHAQcBAf8EggEYMIIBFDCCARAEAgABMIIB
CAMEACX8GwMEAE9jTAMEAFGoMgMEAFGoQwMEAFGoejAMAwQCUpgEAwQAUpgGAwQA
UpgMAwQAUphiAwQAUphpAwQAUpiDAwQAUpiMAwQAUpiOAwQBUpkiAwQAUpk3AwQA
UpmHAwQAUpmZAwQAUpmcAwQAUpmfMAwDBANSmcgDBABSmcoDBABSmc0DBABSmc8D
BABSmeIDBABSowADBABSow8DBABZ1WEDBABZ1YYDBABZ1cUDBABtsMEDBABtsMow
DAMEAG2w5QMEAG2w5gMEAG2w9AMEANQmTwMEANQmVAMEAdWClgMEANXSOgMEANXS
PwMEANXa0wMEANXa4AMEANXa6QMEANXa+TANBgkqhkiG9w0BAQsFAAOCAQEAY4sk
TzHwOn25bIIFWEF7EhIaVPsDh664D/fZmSzUHKn4vICCEPnteqO1KlyiJ8shTKw6
A/N/wRXVDhMKmaDHsgQAobUvBTZ00IpOd40MR60YT/xYZPwmhh0KRueK1CvTWeNa
2QsuAAUKNQml228/fOSp4JW5PAjJvnzQAyd8+2t5dZjbzcXFXROsbHwqRxRdFEjZ
y/ZP0tDXV5LSz0dX5Z1vhIIWf7MLcUUy1iypMP/qQkA4zqYr2bK+bdk2/668tmrc
LLHNBUSXjws9OuiMgUUglhvZX15Xh+PgyrxMCAhXn+xctEjq1U0nF1Zayhpwy6LN
3Pgse3HmueEPD8G1dA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:16 2024 by rpki-client on console-fra.rpki-client.org