Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/fXuU45IpTFK8H1T5dXlrJMMZ-hc.roa
File:                     fXuU45IpTFK8H1T5dXlrJMMZ-hc.roa (raw, json)
Hash identifier:          geIBF2v9B5xj4I2fm+SGnthuZ7a0EnEx/HPUQAZTP04=
Subject key identifier:   7D:7B:94:E3:92:29:4C:52:BC:1F:54:F9:75:79:6B:24:C3:19:FA:17
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018DF9A8D7879475054905087BD6B474C22E
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/fXuU45IpTFK8H1T5dXlrJMMZ-hc.roa
Signing time:             Fri 01 Mar 2024 10:56:48 +0000
ROA not before:           Fri 01 Mar 2024 10:56:48 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     834
IP address blocks:        81.168.119.0/24 maxlen: 24
                          82.153.136.0/22 maxlen: 22
                          89.213.148.0/22 maxlen: 24
                          89.213.152.0/22 maxlen: 24
                          89.213.156.0/22 maxlen: 24
                          89.213.165.0/24 maxlen: 24
                          89.213.172.0/22 maxlen: 24
                          89.213.173.0/24 maxlen: 24
                          89.213.180.0/24 maxlen: 24
                          185.49.126.0/23 maxlen: 24
                          213.152.42.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 03 Mar 2024 14:47:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:f9:a8:d7:87:94:75:05:49:05:08:7b:d6:b4:74:c2:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Mar  1 10:56:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=7d7b94e392294c52bc1f54f975796b24c319fa17
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:1e:5b:e5:80:1d:67:3b:c1:7c:e4:2c:38:ab:
                    c1:3b:10:17:f2:c0:0f:6a:4d:97:1c:72:c9:27:48:
                    d9:55:d8:41:7d:00:24:37:2d:b5:39:eb:69:53:3d:
                    de:e0:e9:5a:ca:a1:3f:70:67:41:1e:49:c2:77:cd:
                    e5:31:3c:bc:b5:b7:f3:84:c5:e0:1f:a7:c4:d4:3d:
                    09:e5:f9:7e:3c:ea:72:e4:34:41:d0:ba:c8:f5:0d:
                    81:db:96:a8:bf:f6:9c:8d:1f:9e:01:5e:1c:41:95:
                    d8:84:43:1c:28:ee:a3:dc:d4:6b:97:cf:22:5f:f7:
                    81:a6:c6:2e:5c:ac:33:e6:20:26:10:b0:b9:52:5c:
                    ca:d6:3c:77:7d:a4:13:e7:7c:c3:51:58:59:47:87:
                    c9:19:e9:0e:ef:ee:02:7b:81:d3:35:ba:1c:fa:e6:
                    9c:58:0a:1b:fc:c6:1d:03:fb:81:78:59:ff:cc:95:
                    5a:66:8b:75:d3:d5:96:e9:ce:73:e0:85:be:0c:88:
                    e1:8e:38:27:cc:c6:b7:c6:71:a0:b5:2b:3e:77:74:
                    de:6f:4e:c8:54:bf:60:b7:e1:f3:8a:28:29:64:62:
                    a8:3c:c1:ce:0a:88:f0:d3:00:72:be:c3:97:20:ac:
                    a8:86:83:88:73:15:77:36:a5:f3:d1:81:7f:dd:6a:
                    c2:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:7B:94:E3:92:29:4C:52:BC:1F:54:F9:75:79:6B:24:C3:19:FA:17
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/fXuU45IpTFK8H1T5dXlrJMMZ-hc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.168.119.0/24
                  82.153.136.0/22
                  89.213.148.0-89.213.159.255
                  89.213.165.0/24
                  89.213.172.0/22
                  89.213.180.0/24
                  185.49.126.0/23
                  213.152.42.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0f:55:4a:e8:fe:15:01:8f:ee:8a:85:bd:1c:1e:78:ba:87:d5:
         ea:3d:54:a4:54:36:7c:d9:f4:ca:8a:41:4e:a6:86:91:0e:5d:
         e1:80:96:2c:87:e8:38:1f:6d:88:75:67:5c:1d:cd:0d:1f:f1:
         e2:18:88:1a:b5:4a:76:82:6a:3b:19:88:f5:34:79:c7:24:1c:
         4c:83:5b:b7:f1:ab:55:6d:4e:cb:01:5c:66:e0:43:81:4d:b0:
         db:50:74:91:7d:57:8a:7c:37:54:81:1d:bd:bb:bd:1f:39:b2:
         de:53:37:2e:71:79:98:72:af:20:d6:a7:07:16:68:5d:1e:4c:
         ac:7f:fe:2f:7c:0b:73:9f:2d:99:4c:83:66:e8:94:a7:d1:5d:
         aa:c3:17:59:ad:52:6f:94:24:24:67:a1:e2:0e:e3:0c:6d:48:
         6a:78:df:6c:9d:31:27:eb:83:b8:c2:da:95:e5:63:40:6b:ae:
         bd:d6:ea:1e:46:75:1a:f4:ee:71:f6:86:52:7a:db:f1:ab:ce:
         7e:d1:04:9d:b6:98:a8:60:4f:19:fa:8b:25:cd:16:ff:d7:85:
         b5:8e:ac:0f:80:61:77:68:4f:5e:e2:f8:25:1f:41:cb:44:3e:
         e4:98:aa:5e:d4:85:4d:ba:c1:7d:22:3d:88:40:f9:b4:f0:88:
         54:0a:1b:9d
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAY35qNeHlHUFSQUIe9a0dMIuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMzAxMTA1NjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDdiOTRlMzkyMjk0YzUyYmMxZjU0Zjk3NTc5NmIyNGMzMTlmYTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoR5b5YAdZzvBfOQsOKvBOxAX8sAP
ak2XHHLJJ0jZVdhBfQAkNy21OetpUz3e4OlayqE/cGdBHknCd83lMTy8tbfzhMXg
H6fE1D0J5fl+POpy5DRB0LrI9Q2B25aov/acjR+eAV4cQZXYhEMcKO6j3NRrl88i
X/eBpsYuXKwz5iAmELC5UlzK1jx3faQT53zDUVhZR4fJGekO7+4Ce4HTNboc+uac
WAob/MYdA/uBeFn/zJVaZot109WW6c5z4IW+DIjhjjgnzMa3xnGgtSs+d3Teb07I
VL9gt+HziigpZGKoPMHOCojw0wByvsOXIKyohoOIcxV3NqXz0YF/3WrCLwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFH17lOOSKUxSvB9U+XV5ayTDGfoXMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvZlh1VTQ1SXBURks4SDFUNWRYbHJKTU1aLWhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQAUah3AwQC
UpmIMAwDBAJZ1ZQDBAVZ1YADBABZ1aUDBAJZ1awDBABZ1bQDBAG5MX4DBADVmCow
DQYJKoZIhvcNAQELBQADggEBAA9VSuj+FQGP7oqFvRweeLqH1eo9VKRUNnzZ9MqK
QU6mhpEOXeGAliyH6DgfbYh1Z1wdzQ0f8eIYiBq1SnaCajsZiPU0ecckHEyDW7fx
q1VtTssBXGbgQ4FNsNtQdJF9V4p8N1SBHb27vR85st5TNy5xeZhyryDWpwcWaF0e
TKx//i98C3OfLZlMg2bolKfRXarDF1mtUm+UJCRnoeIO4wxtSGp432ydMSfrg7jC
2pXlY0Brrr3W6h5GdRr07nH2hlJ62/Grzn7RBJ22mKhgTxn6iyXNFv/XhbWOrA+A
YXdoT17i+CUfQctEPuSYql7UhU26wX0iPYhA+bTwiFQKG50=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:30 2024 by rpki-client on console-ams.rpki-client.org