Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/gSRKQJHL7CqXU28W693TnZcrA4I.roa
File:                     gSRKQJHL7CqXU28W693TnZcrA4I.roa (raw, json)
Hash identifier:          AmWQYsFrIAGUHm1OUyu/sOmIVifQ4CDCpuYO6sAxUBg=
Subject key identifier:   81:24:4A:40:91:CB:EC:2A:97:53:6F:16:EB:DD:D3:9D:97:2B:03:82
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018C91B8D4752B74AA5FD3E949185514F581
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/gSRKQJHL7CqXU28W693TnZcrA4I.roa
Signing time:             Fri 22 Dec 2023 13:30:58 +0000
ROA not before:           Fri 22 Dec 2023 13:30:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        185.49.126.0/23 maxlen: 24
                          89.213.180.0/24 maxlen: 24
                          82.153.136.0/22 maxlen: 22
                          81.168.119.0/24 maxlen: 24
                          81.168.126.0/24 maxlen: 24
                          89.213.152.0/22 maxlen: 24
                          89.213.148.0/22 maxlen: 24
                          89.213.156.0/22 maxlen: 24
                          213.152.42.0/24 maxlen: 24
                          89.213.172.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Sun 24 Dec 2023 14:54:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:91:b8:d4:75:2b:74:aa:5f:d3:e9:49:18:55:14:f5:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Dec 22 13:30:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=81244a4091cbec2a97536f16ebddd39d972b0382
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:53:77:0a:1b:fe:1e:bd:1b:db:10:0b:5d:5f:
                    d0:c4:68:d1:0d:5b:a3:0e:6b:26:b0:2f:83:ef:b4:
                    57:ed:17:4c:37:66:07:93:97:4c:7e:28:a9:1f:f6:
                    2a:72:05:4d:cd:92:30:f1:b0:56:f8:57:de:11:86:
                    8a:3e:74:15:7e:03:19:28:43:cd:52:60:cc:f3:be:
                    3b:c6:79:2d:89:dd:ca:a6:86:cd:ad:d6:c8:b9:bc:
                    50:8c:a3:79:44:ca:18:95:80:fb:c3:4b:55:e9:79:
                    bc:d8:02:e5:46:b5:ce:f6:d0:33:1e:52:01:b6:50:
                    d0:ad:95:78:3b:cc:41:7f:9b:a2:43:fb:7f:54:3a:
                    43:9b:64:13:9c:94:62:d0:9a:24:15:38:70:9e:e4:
                    2f:e2:5f:84:82:d1:c4:3d:5c:f7:f6:c6:cf:69:b0:
                    99:fc:3a:91:9d:d2:1b:84:c5:0e:8a:a8:cb:e9:3c:
                    04:78:23:fd:7b:8d:7f:90:d1:09:b8:cf:5d:86:c2:
                    3b:20:79:4f:07:3b:07:68:35:b1:b2:72:f5:cf:6b:
                    c8:14:bf:13:36:d2:86:8e:34:21:56:df:33:09:eb:
                    80:ec:eb:f3:7a:a5:34:14:d2:55:e3:99:83:62:f3:
                    b1:75:48:85:0c:bd:f8:c4:29:6f:d4:8b:3b:c4:ea:
                    ff:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:24:4A:40:91:CB:EC:2A:97:53:6F:16:EB:DD:D3:9D:97:2B:03:82
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/gSRKQJHL7CqXU28W693TnZcrA4I.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.168.119.0/24
                  81.168.126.0/24
                  82.153.136.0/22
                  89.213.148.0-89.213.159.255
                  89.213.172.0/22
                  89.213.180.0/24
                  185.49.126.0/23
                  213.152.42.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1d:59:a1:8c:6f:51:91:9b:4d:73:8b:df:4f:15:2f:3f:04:a0:
         56:a6:54:36:97:ab:3f:39:46:b7:31:3e:77:8c:ea:28:5b:38:
         e0:97:d3:74:d1:4e:1f:a4:91:83:52:07:13:45:f6:02:c9:c4:
         32:ca:ae:a8:f2:b4:98:67:98:c1:55:b1:55:ed:3a:73:88:2f:
         85:7a:bc:4e:76:b5:14:e8:f4:4d:18:73:19:25:85:5e:80:75:
         de:44:19:9e:53:9e:30:49:0a:7a:40:d7:e5:5e:8b:87:37:29:
         f1:d3:b2:d6:93:6f:5e:67:26:1a:86:5f:95:ff:a6:ed:5c:ac:
         bc:96:d1:0e:1a:38:68:e3:d9:42:11:5c:62:85:e8:61:b4:6d:
         90:aa:6a:54:bb:50:67:15:8f:9d:9d:65:2e:bb:e3:d2:9e:1c:
         d9:29:11:e5:99:93:1c:ab:ff:f0:3d:d2:f8:1f:94:c3:27:13:
         28:5b:ce:ff:3d:a8:f7:57:0a:fa:be:4b:a0:f0:6b:d4:71:d2:
         ec:26:fd:2c:42:6f:b8:e1:8a:72:3d:f8:9f:30:84:c0:47:18:
         f2:d6:30:35:bd:f0:53:6f:e6:fa:37:81:1d:a5:3c:2f:ef:97:
         d6:85:79:9e:72:21:9a:4d:77:89:40:d3:03:0e:85:27:b2:72:
         ec:5c:72:f5
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYyRuNR1K3SqX9PpSRhVFPWBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMxMjIyMTMzMDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTI0NGE0MDkxY2JlYzJhOTc1MzZmMTZlYmRkZDM5ZDk3MmIwMzgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh1N3Chv+Hr0b2xALXV/QxGjRDVuj
DmsmsC+D77RX7RdMN2YHk5dMfiipH/YqcgVNzZIw8bBW+FfeEYaKPnQVfgMZKEPN
UmDM8747xnktid3KpobNrdbIubxQjKN5RMoYlYD7w0tV6Xm82ALlRrXO9tAzHlIB
tlDQrZV4O8xBf5uiQ/t/VDpDm2QTnJRi0JokFThwnuQv4l+EgtHEPVz39sbPabCZ
/DqRndIbhMUOiqjL6TwEeCP9e41/kNEJuM9dhsI7IHlPBzsHaDWxsnL1z2vIFL8T
NtKGjjQhVt8zCeuA7OvzeqU0FNJV45mDYvOxdUiFDL34xClv1Is7xOr/fwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFIEkSkCRy+wql1NvFuvd052XKwOCMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvZ1NSS1FKSEw3Q3FYVTI4VzY5M1RuWmNyQTRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQAUah3AwQA
Uah+AwQCUpmIMAwDBAJZ1ZQDBAVZ1YADBAJZ1awDBABZ1bQDBAG5MX4DBADVmCow
DQYJKoZIhvcNAQELBQADggEBAB1ZoYxvUZGbTXOL308VLz8EoFamVDaXqz85Rrcx
PneM6ihbOOCX03TRTh+kkYNSBxNF9gLJxDLKrqjytJhnmMFVsVXtOnOIL4V6vE52
tRTo9E0YcxklhV6Add5EGZ5TnjBJCnpA1+Vei4c3KfHTstaTb15nJhqGX5X/pu1c
rLyW0Q4aOGjj2UIRXGKF6GG0bZCqalS7UGcVj52dZS6749KeHNkpEeWZkxyr//A9
0vgflMMnEyhbzv89qPdXCvq+S6Dwa9Rx0uwm/SxCb7jhinI9+J8whMBHGPLWMDW9
8FNv5vo3gR2lPC/vl9aFeZ5yIZpNd4lA0wMOhSeycuxccvU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:30 2024 by rpki-client on console-ams.rpki-client.org