Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/cUXNBHVQ9ZCAunhjUwfM8LmNyfE.roa
File:                     cUXNBHVQ9ZCAunhjUwfM8LmNyfE.roa (raw, json)
Hash identifier:          dEGI1nVd7053vQwTL3GshzLUCYN6U4AH7zDZqZgEfrI=
Subject key identifier:   71:45:CD:04:75:50:F5:90:80:BA:78:63:53:07:CC:F0:B9:8D:C9:F1
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       0188C4F7A6494B3CFED3AB55CE58CE1FD289
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/cUXNBHVQ9ZCAunhjUwfM8LmNyfE.roa
Signing time:             Fri 16 Jun 2023 16:09:04 +0000
ROA not before:           Fri 16 Jun 2023 16:09:04 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     8851
IP address blocks:        89.213.64.0/18 maxlen: 24
                          37.252.24.0/21 maxlen: 24
                          80.240.80.0/20 maxlen: 20
                          77.107.64.0/18 maxlen: 24
                          213.210.0.0/18 maxlen: 24
                          85.159.128.0/21 maxlen: 24
                          212.38.64.0/19 maxlen: 24
                          37.98.144.0/21 maxlen: 24
                          37.98.144.0/22 maxlen: 24
                          109.176.0.0/16 maxlen: 16
                          89.213.48.0/20 maxlen: 24
                          213.218.208.0/20 maxlen: 24
                          89.213.192.0/18 maxlen: 24
                          89.31.232.0/21 maxlen: 24
                          79.99.72.0/21 maxlen: 24
                          185.20.32.0/22 maxlen: 24
                          185.20.34.0/24 maxlen: 24
                          185.20.35.0/24 maxlen: 24
                          213.218.224.0/19 maxlen: 24
                          81.168.0.0/17 maxlen: 17
                          82.163.0.0/19 maxlen: 24
                          217.144.144.0/20 maxlen: 24
                          217.145.64.0/20 maxlen: 24
                          185.49.124.0/22 maxlen: 24
                          185.24.84.0/22 maxlen: 24
                          89.213.0.0/21 maxlen: 24
                          213.130.128.0/19 maxlen: 24
                          194.105.64.0/19 maxlen: 24
                          81.5.128.0/18 maxlen: 18
                          82.152.0.0/15 maxlen: 15
                          195.128.138.0/24 maxlen: 24
                          213.152.32.0/19 maxlen: 19
                          2a02:21f8::/32 maxlen: 32
                          2a00:c60::/32 maxlen: 32
                          2001:1a90::/32 maxlen: 32

Validation:               Failed, certificate revoked on Sun 18 Jun 2023 14:49:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:c4:f7:a6:49:4b:3c:fe:d3:ab:55:ce:58:ce:1f:d2:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jun 16 16:09:04 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7145cd047550f59080ba78635307ccf0b98dc9f1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:50:46:45:34:54:e9:f7:03:14:87:ad:82:aa:
                    c0:45:12:67:4e:2a:20:b7:12:29:f3:5a:15:bf:d7:
                    a4:ea:66:f5:e8:9a:6a:bf:b2:0c:87:89:a1:ad:dc:
                    86:af:4a:e3:cd:59:d8:a8:24:e7:f6:18:b2:2e:ec:
                    9f:52:e2:77:c8:12:94:34:55:c4:38:6d:15:32:d0:
                    e2:61:cc:fb:ff:2a:88:25:be:88:6f:05:b9:3e:78:
                    81:72:85:f2:56:cb:65:13:82:4d:71:42:90:5a:bc:
                    7e:d7:e0:99:b0:01:ad:99:5b:17:28:48:13:0a:9f:
                    5e:56:eb:4f:ae:12:32:1e:06:02:63:7d:6f:16:73:
                    5f:cd:61:7f:05:e9:09:f2:4f:ba:16:be:b4:5c:66:
                    80:df:86:04:28:3a:ff:4e:7f:0b:d6:10:77:3f:9b:
                    54:af:04:56:70:31:88:b6:be:bf:2f:49:d2:08:45:
                    8f:6e:e9:da:b7:2d:ac:12:bf:c4:31:86:03:82:21:
                    ab:73:4e:c7:d0:33:a3:f2:4f:d5:72:0d:90:54:45:
                    6f:f2:d9:6e:42:e3:8e:be:b9:5a:f4:56:08:6f:63:
                    ea:68:2e:0e:90:da:ba:e7:af:f2:8e:38:eb:34:da:
                    2f:90:6e:4e:f4:33:05:7e:60:32:dd:75:ae:d4:f8:
                    9d:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:45:CD:04:75:50:F5:90:80:BA:78:63:53:07:CC:F0:B9:8D:C9:F1
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/cUXNBHVQ9ZCAunhjUwfM8LmNyfE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.98.144.0/21
                  37.252.24.0/21
                  77.107.64.0/18
                  79.99.72.0/21
                  80.240.80.0/20
                  81.5.128.0/18
                  81.168.0.0/17
                  82.152.0.0/15
                  82.163.0.0/19
                  85.159.128.0/21
                  89.31.232.0/21
                  89.213.0.0/21
                  89.213.48.0-89.213.127.255
                  89.213.192.0/18
                  109.176.0.0/16
                  185.20.32.0/22
                  185.24.84.0/22
                  185.49.124.0/22
                  194.105.64.0/19
                  195.128.138.0/24
                  212.38.64.0/19
                  213.130.128.0/19
                  213.152.32.0/19
                  213.210.0.0/18
                  213.218.208.0-213.218.255.255
                  217.144.144.0/20
                  217.145.64.0/20
                IPv6:
                  2001:1a90::/32
                  2a00:c60::/32
                  2a02:21f8::/32

    Signature Algorithm: sha256WithRSAEncryption
         3a:79:4b:67:56:94:a6:ad:99:66:e1:06:11:f4:75:58:1c:e9:
         70:64:38:c9:a1:b6:a2:82:12:39:e3:8c:ad:43:83:c4:be:47:
         59:4a:d1:87:5c:17:fb:cc:f4:36:26:7c:ca:97:22:c3:5f:a7:
         b5:65:dd:57:cb:3a:4b:b9:3b:a7:30:97:59:18:af:e0:a0:dd:
         04:e6:1c:e8:35:b4:f6:60:a5:2c:c9:40:b0:40:95:0b:df:97:
         00:e6:9c:b8:4e:db:b4:ef:13:f2:8a:c6:2a:35:0d:f3:0b:f7:
         bd:dc:3f:19:5b:38:e5:b5:bd:92:ca:b8:e0:38:69:59:74:a5:
         8d:d4:e4:7f:34:80:fe:9e:33:4a:c6:a8:1d:49:6b:a6:4b:5d:
         33:7f:b7:b6:01:c7:05:fe:19:e9:17:ed:6e:e6:e9:41:cb:83:
         6f:4c:a3:29:54:c9:0a:3f:b5:b4:24:ec:3d:0c:e3:87:65:5d:
         51:22:74:27:d5:aa:9a:00:75:11:8a:8e:13:60:39:ce:d1:1f:
         3e:1e:8a:50:42:4f:94:4b:2d:59:2c:b4:a7:d9:8c:53:d4:50:
         10:ff:ab:aa:9b:0a:ec:37:9b:99:7f:c6:bb:32:1c:7d:a8:d9:
         bc:ce:61:59:be:c5:e2:f7:84:9b:fa:83:67:a2:04:2a:99:2a:
         c2:68:4d:54
-----BEGIN CERTIFICATE-----
MIIFyDCCBLCgAwIBAgISAYjE96ZJSzz+06tVzljOH9KJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNjE2MTYwOTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTQ1Y2QwNDc1NTBmNTkwODBiYTc4NjM1MzA3Y2NmMGI5OGRjOWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn1BGRTRU6fcDFIetgqrARRJnTiog
txIp81oVv9ek6mb16Jpqv7IMh4mhrdyGr0rjzVnYqCTn9hiyLuyfUuJ3yBKUNFXE
OG0VMtDiYcz7/yqIJb6IbwW5PniBcoXyVstlE4JNcUKQWrx+1+CZsAGtmVsXKEgT
Cp9eVutPrhIyHgYCY31vFnNfzWF/BekJ8k+6Fr60XGaA34YEKDr/Tn8L1hB3P5tU
rwRWcDGItr6/L0nSCEWPbunaty2sEr/EMYYDgiGrc07H0DOj8k/Vcg2QVEVv8tlu
QuOOvrla9FYIb2PqaC4OkNq656/yjjjrNNovkG5O9DMFfmAy3XWu1Pid8QIDAQAB
o4IC1DCCAtAwHQYDVR0OBBYEFHFFzQR1UPWQgLp4Y1MHzPC5jcnxMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvY1VYTkJIVlE5WkNBdW5oalV3Zk04TG1OeWZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHpBggrBgEFBQcBBwEB/wSB2TCB1jCBtgQCAAEwga8DBAMl
YpADBAMl/BgDBAZNa0ADBANPY0gDBARQ8FADBAZRBYADBAdRqAADAwFSmAMEBVKj
AAMEA1WfgAMEA1kf6AMEA1nVADAMAwQEWdUwAwQHWdUAAwQGWdXAAwMAbbADBAK5
FCADBAK5GFQDBAK5MXwDBAXCaUADBADDgIoDBAXUJkADBAXVgoADBAXVmCADBAbV
0gAwCwMEBNXa0AMDANXaAwQE2ZCQAwQE2ZFAMBsEAgACMBUDBQAgARqQAwUAKgAM
YAMFACoCIfgwDQYJKoZIhvcNAQELBQADggEBADp5S2dWlKatmWbhBhH0dVgc6XBk
OMmhtqKCEjnjjK1Dg8S+R1lK0YdcF/vM9DYmfMqXIsNfp7Vl3VfLOku5O6cwl1kY
r+Cg3QTmHOg1tPZgpSzJQLBAlQvflwDmnLhO27TvE/KKxio1DfML973cPxlbOOW1
vZLKuOA4aVl0pY3U5H80gP6eM0rGqB1Ja6ZLXTN/t7YBxwX+GekX7W7m6UHLg29M
oylUyQo/tbQk7D0M44dlXVEidCfVqpoAdRGKjhNgOc7RHz4eilBCT5RLLVkstKfZ
jFPUUBD/q6qbCuw3m5l/xrsyHH2o2bzOYVm+xeL3hJv6g2eiBCqZKsJoTVQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:24 2024 by rpki-client on console-ams.rpki-client.org