Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/akXaD6Y0xuvpJ9iqHDPPoYqUFMQ.roa
File:                     akXaD6Y0xuvpJ9iqHDPPoYqUFMQ.roa (raw, json)
Hash identifier:          0QBhVIF/UJ+gnaVDu3fYg8ksLNZG/TQmt/OHLHTtYMA=
Subject key identifier:   6A:45:DA:0F:A6:34:C6:EB:E9:27:D8:AA:1C:33:CF:A1:8A:94:14:C4
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018EC70C40594A5B0615C51AB0E7B42CA1E4
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/akXaD6Y0xuvpJ9iqHDPPoYqUFMQ.roa
Signing time:             Wed 10 Apr 2024 08:07:32 +0000
ROA not before:           Wed 10 Apr 2024 08:07:32 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     400866
IP address blocks:        82.152.54.0/24 maxlen: 24
                          89.213.98.0/24 maxlen: 24
                          109.176.201.0/24 maxlen: 24
                          109.176.202.0/24 maxlen: 24
                          213.130.130.0/24 maxlen: 24
                          213.130.149.0/24 maxlen: 24
                          213.130.150.0/24 maxlen: 24
                          213.130.151.0/24 maxlen: 24
                          213.130.156.0/24 maxlen: 24
                          213.210.58.0/24 maxlen: 24
                          213.210.59.0/24 maxlen: 24
                          213.218.208.0/24 maxlen: 24
                          213.218.209.0/24 maxlen: 24
                          213.218.210.0/24 maxlen: 24
                          213.218.211.0/24 maxlen: 24
                          213.218.212.0/24 maxlen: 24
                          213.218.213.0/24 maxlen: 24
                          213.218.214.0/24 maxlen: 24
                          213.218.215.0/24 maxlen: 24
                          213.218.227.0/24 maxlen: 24
                          213.218.231.0/24 maxlen: 24
                          213.218.232.0/24 maxlen: 24
                          213.218.233.0/24 maxlen: 24
                          213.218.234.0/24 maxlen: 24
                          213.218.235.0/24 maxlen: 24
                          217.144.158.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 30 Apr 2024 07:52:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:c7:0c:40:59:4a:5b:06:15:c5:1a:b0:e7:b4:2c:a1:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Apr 10 08:07:32 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=6a45da0fa634c6ebe927d8aa1c33cfa18a9414c4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:e7:06:b7:75:87:42:b9:35:98:78:09:5b:f2:
                    52:57:f9:51:9b:4e:f5:48:d3:fd:8b:74:82:c5:6d:
                    5f:f3:7a:aa:18:8e:07:a8:69:d5:68:dc:49:18:b1:
                    d7:76:ff:7f:86:02:8f:26:b6:17:b5:fe:e7:c7:58:
                    65:16:ad:8b:58:06:ef:65:9d:e4:61:a0:53:c4:2f:
                    8a:ed:3a:82:b4:33:28:78:9e:b2:d5:d5:51:e8:f6:
                    12:eb:c6:82:6d:8f:9f:7c:56:9b:19:b0:fd:ce:e8:
                    5e:fd:99:c6:33:df:0f:fd:f2:00:e3:b1:a1:9c:0c:
                    da:e2:ac:ff:ac:ee:9f:f0:66:83:41:49:a2:62:b9:
                    bb:d4:e4:4a:40:dc:66:34:b0:13:cd:2d:9d:f8:ad:
                    ef:2f:4d:b3:24:35:7e:3e:c2:de:62:1b:ee:da:2d:
                    28:30:ef:be:8c:52:27:33:0e:2c:69:ce:37:26:e2:
                    a8:25:0a:df:40:7e:88:35:cd:de:9f:c1:5d:0f:5f:
                    65:33:c1:d5:8b:8c:4d:f2:ea:1d:e6:7a:0f:fa:f7:
                    87:25:b8:73:8a:8f:3b:96:5f:6b:2e:41:0f:fb:7f:
                    cb:1d:1b:ef:5f:4f:3d:1c:a4:03:a9:c6:06:17:12:
                    5a:b7:4f:f5:93:52:65:8f:85:44:ce:eb:98:11:95:
                    87:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:45:DA:0F:A6:34:C6:EB:E9:27:D8:AA:1C:33:CF:A1:8A:94:14:C4
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/akXaD6Y0xuvpJ9iqHDPPoYqUFMQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.152.54.0/24
                  89.213.98.0/24
                  109.176.201.0-109.176.202.255
                  213.130.130.0/24
                  213.130.149.0-213.130.151.255
                  213.130.156.0/24
                  213.210.58.0/23
                  213.218.208.0/21
                  213.218.227.0/24
                  213.218.231.0-213.218.235.255
                  217.144.158.0/24

    Signature Algorithm: sha256WithRSAEncryption
         81:24:ad:7a:38:86:92:00:e7:6d:03:93:12:21:a4:4f:56:12:
         0c:4c:9e:60:16:bf:57:a5:a2:9a:a3:0b:47:d7:13:15:6e:68:
         f3:1e:e1:f0:c2:83:e1:4c:77:36:2b:1f:c6:64:49:a8:7f:67:
         26:ef:7e:ca:79:a4:92:7c:d6:19:ee:bd:b9:d8:84:c6:d9:29:
         27:16:3e:f8:91:7c:6e:8b:e8:57:85:b3:d0:e2:cd:49:e0:d8:
         5f:db:f1:4f:0f:6f:74:13:5d:d5:5b:c2:fc:06:46:37:27:42:
         7c:74:46:58:21:7e:cf:e4:9d:62:60:e1:9b:79:9c:58:56:86:
         15:b2:b8:31:14:de:5e:33:ef:e6:e2:d0:73:41:38:e0:66:97:
         19:dd:ca:d0:b0:ca:75:8e:17:70:d9:6c:07:c2:01:5d:39:27:
         3d:67:c8:52:77:4f:87:4c:65:d8:a8:c7:08:14:38:6e:af:6a:
         76:46:02:cd:a2:04:03:8f:b0:c9:c8:a6:0d:b2:8a:29:1f:b0:
         b9:f9:b5:77:f2:20:e8:98:36:bb:e9:32:37:ee:75:ae:9b:68:
         2f:5c:61:6f:8d:98:bf:ee:4b:30:57:d9:e8:f4:36:89:3d:53:
         5f:a8:b7:d8:be:db:2a:ec:ff:5b:1f:de:0c:1d:09:f2:b8:d9:
         d0:b6:a6:f5
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAY7HDEBZSlsGFcUasOe0LKHkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNDEwMDgwNzMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTQ1ZGEwZmE2MzRjNmViZTkyN2Q4YWExYzMzY2ZhMThhOTQxNGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtucGt3WHQrk1mHgJW/JSV/lRm071
SNP9i3SCxW1f83qqGI4HqGnVaNxJGLHXdv9/hgKPJrYXtf7nx1hlFq2LWAbvZZ3k
YaBTxC+K7TqCtDMoeJ6y1dVR6PYS68aCbY+ffFabGbD9zuhe/ZnGM98P/fIA47Gh
nAza4qz/rO6f8GaDQUmiYrm71ORKQNxmNLATzS2d+K3vL02zJDV+PsLeYhvu2i0o
MO++jFInMw4sac43JuKoJQrfQH6INc3en8FdD19lM8HVi4xN8uod5noP+veHJbhz
io87ll9rLkEP+3/LHRvvX089HKQDqcYGFxJat0/1k1Jlj4VEzuuYEZWHzQIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFGpF2g+mNMbr6SfYqhwzz6GKlBTEMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvYWtYYUQ2WTB4dXZwSjlpcUhEUFBvWXFVRk1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaAwQAUpg2AwQA
WdViMAwDBABtsMkDBABtsMoDBADVgoIwDAMEANWClQMEA9WCkAMEANWCnAMEAdXS
OgMEA9Xa0AMEANXa4zAMAwQA1drnAwQC1droAwQA2ZCeMA0GCSqGSIb3DQEBCwUA
A4IBAQCBJK16OIaSAOdtA5MSIaRPVhIMTJ5gFr9XpaKaowtH1xMVbmjzHuHwwoPh
THc2Kx/GZEmof2cm737KeaSSfNYZ7r252ITG2SknFj74kXxui+hXhbPQ4s1J4Nhf
2/FPD290E13VW8L8BkY3J0J8dEZYIX7P5J1iYOGbeZxYVoYVsrgxFN5eM+/m4tBz
QTjgZpcZ3crQsMp1jhdw2WwHwgFdOSc9Z8hSd0+HTGXYqMcIFDhur2p2RgLNogQD
j7DJyKYNsoopH7C5+bV38iDomDa76TI37nWum2gvXGFvjZi/7kswV9no9DaJPVNf
qLfYvtsq7P9bH94MHQnyuNnQtqb1
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:24 2024 by rpki-client on console-ams.rpki-client.org