Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/eMlaBCXv3DJug_lqVaWq2kz27KM.roa
File:                     eMlaBCXv3DJug_lqVaWq2kz27KM.roa (raw, json)
Hash identifier:          kphHmhXqFYZ3G4SIJGLC7YfWfQKZgFx1A4f6KBBbuoA=
Subject key identifier:   78:C9:5A:04:25:EF:DC:32:6E:83:F9:6A:55:A5:AA:DA:4C:F6:EC:A3
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018AD774BF4ADDAA02A7308CF14343DC50BD
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/eMlaBCXv3DJug_lqVaWq2kz27KM.roa
Signing time:             Wed 27 Sep 2023 16:24:27 +0000
ROA not before:           Wed 27 Sep 2023 16:24:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        185.49.126.0/23 maxlen: 24
                          82.153.136.0/22 maxlen: 22
                          82.153.68.0/24 maxlen: 24
                          82.153.71.0/24 maxlen: 24
                          81.168.123.0/24 maxlen: 24
                          81.168.119.0/24 maxlen: 24
                          213.152.42.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 29 Sep 2023 12:37:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:d7:74:bf:4a:dd:aa:02:a7:30:8c:f1:43:43:dc:50:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Sep 27 16:24:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=78c95a0425efdc326e83f96a55a5aada4cf6eca3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:37:3c:09:22:c3:b9:21:10:5e:fb:3d:ad:a6:
                    90:52:2c:cd:1c:3f:0d:02:f3:ac:84:c2:6e:3a:6a:
                    21:07:df:72:f9:7b:df:8f:1c:23:de:a4:3d:a4:6e:
                    48:9c:83:7a:e7:c2:ac:62:b2:ed:3e:23:21:7f:5f:
                    25:bf:c3:f4:3c:b1:65:43:d1:a9:0b:8d:ff:12:0e:
                    72:db:b8:b1:59:8a:b2:ac:f6:38:b9:7f:59:f0:0b:
                    0b:9a:38:4b:59:e3:56:72:d6:ea:ab:07:ad:29:f1:
                    f5:e5:fa:a5:14:48:b0:5a:f7:5e:d1:40:4b:f8:8e:
                    b9:e7:a5:73:ef:f2:35:29:d0:09:13:75:c1:76:5e:
                    70:c5:78:e5:25:6f:b2:cb:18:57:aa:16:f6:1d:65:
                    84:0c:df:5a:68:61:6a:de:a6:f2:8d:a3:c4:bc:d9:
                    88:9e:65:be:9a:cb:14:a1:20:46:ec:96:c9:0e:a2:
                    23:28:5b:aa:15:db:ff:28:ad:25:32:67:72:46:1c:
                    c8:cf:9f:62:6f:c1:f1:74:67:f0:7d:69:c9:57:b0:
                    b1:96:86:3b:d6:b2:2f:86:4b:3e:36:61:e2:89:75:
                    45:fb:2a:17:6d:7f:7a:b8:08:81:48:56:b6:81:7c:
                    f5:42:94:2c:fe:34:f8:7c:6a:73:78:aa:15:02:cb:
                    10:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:C9:5A:04:25:EF:DC:32:6E:83:F9:6A:55:A5:AA:DA:4C:F6:EC:A3
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/eMlaBCXv3DJug_lqVaWq2kz27KM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.168.119.0/24
                  81.168.123.0/24
                  82.153.68.0/24
                  82.153.71.0/24
                  82.153.136.0/22
                  185.49.126.0/23
                  213.152.42.0/24

    Signature Algorithm: sha256WithRSAEncryption
         40:e0:8a:16:f5:31:3d:81:a7:56:d9:b5:5f:0e:c6:8a:1f:cc:
         89:71:88:b3:46:e6:fa:eb:9f:cb:87:03:6a:c4:49:61:c2:f1:
         c6:8c:c6:0b:3a:8a:40:59:3b:0c:5d:e6:e1:b0:00:4e:92:5b:
         c2:94:55:5e:a3:57:83:9e:c7:f9:1a:8f:96:5a:51:72:2f:2e:
         6f:80:33:0b:99:c2:68:16:f2:a8:47:d2:8a:77:ed:4b:51:a5:
         e0:79:65:90:75:0d:1d:b6:e4:3d:7c:7d:4d:8f:fc:a5:49:f0:
         21:39:a1:d8:43:61:7b:58:74:5c:8d:ca:ba:cb:a7:fa:a3:dd:
         40:2f:3b:0d:78:84:38:43:48:1d:ce:da:9f:87:3d:13:45:a2:
         cb:c5:b0:12:e2:44:65:4a:b6:e9:18:be:ed:35:89:38:5e:7e:
         a4:86:8f:8b:6f:50:ab:b0:80:05:6d:6e:a1:6c:91:55:90:fc:
         97:0d:30:1d:2d:49:63:79:bd:76:fb:29:ec:70:1f:b5:8a:55:
         15:87:6a:5e:ba:56:4b:1e:4b:e2:59:0f:3e:23:72:95:96:01:
         9a:98:35:65:a0:fb:06:2e:b4:53:64:5b:41:b9:c0:d1:e1:9c:
         a7:de:aa:79:53:b3:8e:4a:2b:46:0f:76:18:0d:9f:dd:dd:5d:
         4c:22:ae:ab
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYrXdL9K3aoCpzCM8UND3FC9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwOTI3MTYyNDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OGM5NWEwNDI1ZWZkYzMyNmU4M2Y5NmE1NWE1YWFkYTRjZjZlY2EzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArjc8CSLDuSEQXvs9raaQUizNHD8N
AvOshMJuOmohB99y+Xvfjxwj3qQ9pG5InIN658KsYrLtPiMhf18lv8P0PLFlQ9Gp
C43/Eg5y27ixWYqyrPY4uX9Z8AsLmjhLWeNWctbqqwetKfH15fqlFEiwWvde0UBL
+I6556Vz7/I1KdAJE3XBdl5wxXjlJW+yyxhXqhb2HWWEDN9aaGFq3qbyjaPEvNmI
nmW+mssUoSBG7JbJDqIjKFuqFdv/KK0lMmdyRhzIz59ib8HxdGfwfWnJV7CxloY7
1rIvhks+NmHiiXVF+yoXbX96uAiBSFa2gXz1QpQs/jT4fGpzeKoVAssQxwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFHjJWgQl79wyboP5alWlqtpM9uyjMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvZU1sYUJDWHYzREp1Z19scVZhV3Eya3oyN0tNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAUah3AwQA
Uah7AwQAUplEAwQAUplHAwQCUpmIAwQBuTF+AwQA1ZgqMA0GCSqGSIb3DQEBCwUA
A4IBAQBA4IoW9TE9gadW2bVfDsaKH8yJcYizRub665/LhwNqxElhwvHGjMYLOopA
WTsMXebhsABOklvClFVeo1eDnsf5Go+WWlFyLy5vgDMLmcJoFvKoR9KKd+1LUaXg
eWWQdQ0dtuQ9fH1Nj/ylSfAhOaHYQ2F7WHRcjcq6y6f6o91ALzsNeIQ4Q0gdztqf
hz0TRaLLxbAS4kRlSrbpGL7tNYk4Xn6kho+Lb1CrsIAFbW6hbJFVkPyXDTAdLUlj
eb12+ynscB+1ilUVh2peulZLHkviWQ8+I3KVlgGamDVloPsGLrRTZFtBucDR4Zyn
3qp5U7OOSitGD3YYDZ/d3V1MIq6r
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:17 2024 by rpki-client on console-fra.rpki-client.org