Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/aRcDp-jsyTeIU1gSJgO3uK0HYVs.roa
File:                     aRcDp-jsyTeIU1gSJgO3uK0HYVs.roa (raw, json)
Hash identifier:          dCTXV7ozwFE+3Z/a3m8OennhfuouEGJFPgs3wpB/P5Q=
Subject key identifier:   69:17:03:A7:E8:EC:C9:37:88:53:58:12:26:03:B7:B8:AD:07:61:5B
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018AD06B2526524DBD350FB88218DE64677E
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/aRcDp-jsyTeIU1gSJgO3uK0HYVs.roa
Signing time:             Tue 26 Sep 2023 07:36:37 +0000
ROA not before:           Tue 26 Sep 2023 07:36:37 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61317
IP address blocks:        89.213.190.0/24 maxlen: 24
                          109.176.208.0/24 maxlen: 24
                          89.213.130.0/24 maxlen: 24
                          82.152.251.0/24 maxlen: 24
                          82.152.248.0/24 maxlen: 24
                          82.153.1.0/24 maxlen: 24
                          82.152.254.0/24 maxlen: 24
                          89.213.161.0/24 maxlen: 24
                          82.153.132.0/24 maxlen: 24
                          82.153.69.0/24 maxlen: 24
                          82.153.72.0/24 maxlen: 24
                          81.168.116.0/24 maxlen: 24
                          82.153.79.0/24 maxlen: 24
                          81.168.123.0/24 maxlen: 24
                          81.168.120.0/24 maxlen: 24
                          81.168.119.0/24 maxlen: 24
                          109.176.240.0/24 maxlen: 24
                          81.168.126.0/24 maxlen: 24
                          109.176.247.0/24 maxlen: 24
                          109.176.251.0/24 maxlen: 24
                          185.49.124.0/24 maxlen: 24
                          81.5.189.0/24 maxlen: 24
                          89.213.7.0/24 maxlen: 24
                          89.213.6.0/24 maxlen: 24
                          82.153.224.0/24 maxlen: 24
                          82.153.225.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 27 Sep 2023 07:09:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:d0:6b:25:26:52:4d:bd:35:0f:b8:82:18:de:64:67:7e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Sep 26 07:36:37 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=691703a7e8ecc937885358122603b7b8ad07615b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:01:65:28:a7:90:bc:05:bc:0f:e3:a8:fa:60:
                    77:40:b3:23:06:fb:3b:b5:29:6f:23:e7:76:0f:28:
                    5d:c3:a4:01:98:c0:e6:7c:72:52:52:0a:8b:1a:44:
                    92:ac:5a:e8:26:1a:bc:96:18:ce:45:88:ed:61:8b:
                    6a:66:d2:cc:d2:51:8f:26:6d:02:ab:f6:91:93:b6:
                    fc:d0:40:6f:ca:d2:f2:55:5f:15:5e:e0:28:30:03:
                    4d:e1:9c:0d:c3:30:b0:84:fa:83:cb:40:93:1a:e0:
                    cf:d9:b8:ee:d0:9d:e5:2b:83:99:62:ea:a3:97:f5:
                    59:26:96:bf:bb:84:70:64:14:79:8e:4e:02:21:bf:
                    00:55:1b:30:41:4d:92:44:82:e0:f2:8e:dd:72:08:
                    c4:d7:c0:52:07:55:97:c9:b6:bf:bd:93:bb:c9:ef:
                    17:02:40:d5:2c:7a:c3:8f:09:1e:8d:d9:76:6a:c4:
                    c8:17:b1:d9:aa:99:4c:92:7e:ef:e7:a2:1c:e2:f4:
                    dd:d9:fa:5f:21:d4:86:f4:0e:e4:ca:c8:99:ca:b3:
                    b4:f5:0e:2c:61:00:72:b7:e0:c2:14:c9:b9:e8:e7:
                    4e:3c:3e:c0:7a:d0:6e:0a:b5:c0:c9:de:29:a6:82:
                    bb:92:5c:a1:57:68:ed:f3:65:b9:d6:6b:4f:29:03:
                    86:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:17:03:A7:E8:EC:C9:37:88:53:58:12:26:03:B7:B8:AD:07:61:5B
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/aRcDp-jsyTeIU1gSJgO3uK0HYVs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.5.189.0/24
                  81.168.116.0/24
                  81.168.119.0-81.168.120.255
                  81.168.123.0/24
                  81.168.126.0/24
                  82.152.248.0/24
                  82.152.251.0/24
                  82.152.254.0/24
                  82.153.1.0/24
                  82.153.69.0/24
                  82.153.72.0/24
                  82.153.79.0/24
                  82.153.132.0/24
                  82.153.224.0/23
                  89.213.6.0/23
                  89.213.130.0/24
                  89.213.161.0/24
                  89.213.190.0/24
                  109.176.208.0/24
                  109.176.240.0/24
                  109.176.247.0/24
                  109.176.251.0/24
                  185.49.124.0/24

    Signature Algorithm: sha256WithRSAEncryption
         17:45:b5:48:b6:17:71:3e:5a:9f:84:3d:40:05:42:44:d8:29:
         07:79:3b:3c:5f:77:ee:cc:81:85:a5:6b:93:77:26:53:18:d4:
         eb:76:f9:bf:0a:09:c5:95:16:fc:db:74:f9:ba:cd:53:cd:7b:
         87:90:1a:dd:0a:68:ff:1f:a0:7a:26:fc:a6:d7:0d:7c:9b:19:
         04:66:40:10:ad:a6:23:56:ca:21:31:c0:fb:ed:59:7d:34:fe:
         df:ab:7a:4d:2e:cd:0c:40:ae:c7:e2:ec:f9:44:30:b4:e5:d2:
         9d:6c:11:23:bd:92:b5:71:7f:27:99:a4:2d:56:9b:9f:f6:b3:
         76:b9:15:73:49:e0:1b:15:df:84:ca:0e:03:75:b2:36:a1:d1:
         eb:6d:4d:64:b4:98:83:38:14:97:e6:b1:af:aa:14:28:9c:56:
         c1:b6:58:1b:45:7d:99:77:fe:c3:4c:c9:d5:4b:53:43:a7:6d:
         3c:9f:2c:c0:ab:74:24:51:14:c9:aa:2d:8a:36:bb:79:f3:90:
         62:54:ef:a0:73:69:d9:2e:62:2a:f4:c3:50:aa:ac:49:8e:de:
         23:40:bf:2d:39:c4:c0:7c:01:02:09:cd:90:dd:91:2c:af:bc:
         17:04:81:ed:5f:6c:f6:80:8e:11:62:f3:68:91:bb:dd:97:29:
         6b:c9:31:a6
-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgISAYrQayUmUk29NQ+4ghjeZGd+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwOTI2MDczNjM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTE3MDNhN2U4ZWNjOTM3ODg1MzU4MTIyNjAzYjdiOGFkMDc2MTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvQFlKKeQvAW8D+Oo+mB3QLMjBvs7
tSlvI+d2Dyhdw6QBmMDmfHJSUgqLGkSSrFroJhq8lhjORYjtYYtqZtLM0lGPJm0C
q/aRk7b80EBvytLyVV8VXuAoMANN4ZwNwzCwhPqDy0CTGuDP2bju0J3lK4OZYuqj
l/VZJpa/u4RwZBR5jk4CIb8AVRswQU2SRILg8o7dcgjE18BSB1WXyba/vZO7ye8X
AkDVLHrDjwkejdl2asTIF7HZqplMkn7v56Ic4vTd2fpfIdSG9A7kysiZyrO09Q4s
YQByt+DCFMm56OdOPD7AetBuCrXAyd4ppoK7klyhV2jt82W51mtPKQOGEQIDAQAB
o4ICmjCCApYwHQYDVR0OBBYEFGkXA6fo7Mk3iFNYEiYDt7itB2FbMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvYVJjRHAtanN5VGVJVTFnU0pnTzN1SzBIWVZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGvBggrBgEFBQcBBwEB/wSBnzCBnDCBmQQCAAEwgZIDBABR
Bb0DBABRqHQwDAMEAFGodwMEAFGoeAMEAFGoewMEAFGofgMEAFKY+AMEAFKY+wME
AFKY/gMEAFKZAQMEAFKZRQMEAFKZSAMEAFKZTwMEAFKZhAMEAVKZ4AMEAVnVBgME
AFnVggMEAFnVoQMEAFnVvgMEAG2w0AMEAG2w8AMEAG2w9wMEAG2w+wMEALkxfDAN
BgkqhkiG9w0BAQsFAAOCAQEAF0W1SLYXcT5an4Q9QAVCRNgpB3k7PF937syBhaVr
k3cmUxjU63b5vwoJxZUW/Nt0+brNU817h5Aa3Qpo/x+geib8ptcNfJsZBGZAEK2m
I1bKITHA++1ZfTT+36t6TS7NDECux+Ls+UQwtOXSnWwRI72StXF/J5mkLVabn/az
drkVc0ngGxXfhMoOA3WyNqHR621NZLSYgzgUl+axr6oUKJxWwbZYG0V9mXf+w0zJ
1UtTQ6dtPJ8swKt0JFEUyaotija7efOQYlTvoHNp2S5iKvTDUKqsSY7eI0C/LTnE
wHwBAgnNkN2RLK+8FwSB7V9s9oCOEWLzaJG73Zcpa8kxpg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:16 2024 by rpki-client on console-fra.rpki-client.org