Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/hVRVpvsgthI2OhF12GTVP6X2RXc.roa
File:                     hVRVpvsgthI2OhF12GTVP6X2RXc.roa (raw, json)
Hash identifier:          IpAUd4XzUN+wUx2nHblHMp0x8SWX4NycI2Onvq1evyI=
Subject key identifier:   85:54:55:A6:FB:20:B6:12:36:3A:11:75:D8:64:D5:3F:A5:F6:45:77
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       0189B7035DAD3D76FEEA287A1ECFB8F4C5E6
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/hVRVpvsgthI2OhF12GTVP6X2RXc.roa
Signing time:             Wed 02 Aug 2023 16:09:58 +0000
ROA not before:           Wed 02 Aug 2023 16:09:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        82.152.111.0/24 maxlen: 24
                          89.213.173.0/24 maxlen: 24
                          89.213.176.0/24 maxlen: 24
                          89.213.180.0/24 maxlen: 24
                          89.213.182.0/24 maxlen: 24
                          89.213.186.0/24 maxlen: 24
                          89.213.184.0/24 maxlen: 24
                          89.213.185.0/24 maxlen: 24
                          89.213.187.0/24 maxlen: 24
                          109.176.211.0/24 maxlen: 24
                          109.176.213.0/24 maxlen: 24
                          109.176.210.0/24 maxlen: 24
                          89.213.139.0/24 maxlen: 24
                          89.213.136.0/24 maxlen: 24
                          89.213.140.0/24 maxlen: 24
                          89.213.152.0/24 maxlen: 24
                          82.152.253.0/24 maxlen: 24
                          82.152.252.0/24 maxlen: 24
                          82.152.255.0/24 maxlen: 24
                          82.153.1.0/24 maxlen: 24
                          81.168.41.0/24 maxlen: 24
                          89.213.168.0/24 maxlen: 24
                          82.153.137.0/24 maxlen: 24
                          82.153.136.0/22 maxlen: 22
                          82.153.140.0/24 maxlen: 24
                          82.153.73.0/24 maxlen: 24
                          81.168.116.0/24 maxlen: 24
                          82.153.78.0/24 maxlen: 24
                          81.168.123.0/24 maxlen: 24
                          81.168.119.0/24 maxlen: 24
                          109.176.240.0/24 maxlen: 24
                          109.176.242.0/24 maxlen: 24
                          109.176.241.0/24 maxlen: 24
                          82.153.227.0/24 maxlen: 24
                          82.153.240.0/24 maxlen: 24
                          185.49.126.0/23 maxlen: 24
                          82.153.249.0/24 maxlen: 24
                          89.213.6.0/24 maxlen: 24
                          81.5.156.0/24 maxlen: 24
                          213.152.42.0/24 maxlen: 24
                          82.153.223.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 03 Aug 2023 09:14:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:b7:03:5d:ad:3d:76:fe:ea:28:7a:1e:cf:b8:f4:c5:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Aug  2 16:09:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=855455a6fb20b612363a1175d864d53fa5f64577
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:4f:fd:88:23:ff:9a:96:44:ac:1d:bb:50:44:
                    7c:d0:09:8b:97:35:e2:15:fe:2d:48:9b:10:ee:4d:
                    c9:c8:82:b3:cb:56:ed:d8:3f:da:10:91:1d:b0:c5:
                    1a:2d:20:c4:96:d4:39:81:33:5b:1c:99:c6:25:49:
                    92:20:9f:39:cc:74:87:98:29:60:d2:ca:56:a2:13:
                    eb:da:44:12:24:18:ee:69:bb:ef:62:94:65:bc:3f:
                    29:4d:af:cb:5e:bb:78:cb:3d:c4:4e:c5:83:93:1d:
                    f0:8d:36:10:7a:8c:69:94:b5:e0:d4:36:61:db:8a:
                    1a:48:53:c2:73:85:8f:54:3c:66:5f:2d:ec:93:e0:
                    72:55:9d:93:13:b2:8a:d5:f6:6e:4b:27:90:30:b8:
                    8c:d2:8b:34:01:83:00:61:24:0c:cd:3f:72:4f:82:
                    69:ad:f5:4e:7d:61:b5:31:48:a1:9b:e5:65:f6:0d:
                    07:90:af:51:69:a3:8d:0c:78:2a:a7:1d:9a:56:e1:
                    1f:96:6c:c9:13:fe:a3:6b:7e:e2:8a:75:76:93:76:
                    59:1f:9a:6a:bf:25:59:aa:65:c3:e0:05:0b:d1:9b:
                    e2:a9:90:7d:90:7b:df:43:53:cb:c7:82:cd:9f:ed:
                    13:34:ec:80:95:ec:72:ae:16:af:c0:5c:19:10:e6:
                    06:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:54:55:A6:FB:20:B6:12:36:3A:11:75:D8:64:D5:3F:A5:F6:45:77
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/hVRVpvsgthI2OhF12GTVP6X2RXc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.5.156.0/24
                  81.168.41.0/24
                  81.168.116.0/24
                  81.168.119.0/24
                  81.168.123.0/24
                  82.152.111.0/24
                  82.152.252.0/23
                  82.152.255.0/24
                  82.153.1.0/24
                  82.153.73.0/24
                  82.153.78.0/24
                  82.153.136.0-82.153.140.255
                  82.153.223.0/24
                  82.153.227.0/24
                  82.153.240.0/24
                  82.153.249.0/24
                  89.213.6.0/24
                  89.213.136.0/24
                  89.213.139.0-89.213.140.255
                  89.213.152.0/24
                  89.213.168.0/24
                  89.213.173.0/24
                  89.213.176.0/24
                  89.213.180.0/24
                  89.213.182.0/24
                  89.213.184.0/22
                  109.176.210.0/23
                  109.176.213.0/24
                  109.176.240.0-109.176.242.255
                  185.49.126.0/23
                  213.152.42.0/24

    Signature Algorithm: sha256WithRSAEncryption
         27:f5:a3:bc:1c:04:f6:f7:da:ce:b7:ee:fb:23:aa:da:53:71:
         fd:60:c9:88:35:e7:1f:06:df:f9:a0:69:2b:85:1c:44:ab:15:
         74:d8:9a:3a:03:01:19:f4:f8:6f:ad:93:29:d2:c2:64:ce:47:
         a6:8d:10:1b:38:08:2d:47:ec:83:ba:c0:b8:09:b5:78:bc:37:
         30:7a:e8:f9:b6:d4:fc:4e:df:e1:c0:8f:6f:e9:80:88:16:33:
         31:56:63:08:e7:7c:61:6a:cf:e0:06:f7:ad:85:32:d1:03:df:
         c8:86:60:59:52:0b:12:8f:b1:17:31:42:c2:0b:63:e6:79:b9:
         5c:58:97:b0:6f:a5:83:ca:6e:48:43:7c:10:f0:37:0e:d3:22:
         d4:e3:b6:eb:8c:fb:d7:e3:3c:f7:34:8d:9e:71:48:2a:e0:72:
         69:a7:cc:4d:19:35:7d:a6:44:72:18:79:85:11:c9:0e:6f:d3:
         9e:37:ed:d9:89:50:e3:be:52:81:8b:4d:be:be:a9:23:71:c5:
         78:7b:13:39:05:0c:43:85:d3:2e:89:96:45:70:2b:1a:83:cf:
         ff:64:48:73:4e:f0:6b:b5:7a:cf:a1:de:f2:36:59:23:0a:51:
         32:90:ab:57:a4:92:a9:d1:10:69:05:40:d1:0f:6e:9c:5d:32:
         38:b5:aa:d1
-----BEGIN CERTIFICATE-----
MIIFzjCCBLagAwIBAgISAYm3A12tPXb+6ih6Hs+49MXmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwODAyMTYwOTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTU0NTVhNmZiMjBiNjEyMzYzYTExNzVkODY0ZDUzZmE1ZjY0NTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj0/9iCP/mpZErB27UER80AmLlzXi
Ff4tSJsQ7k3JyIKzy1bt2D/aEJEdsMUaLSDEltQ5gTNbHJnGJUmSIJ85zHSHmClg
0spWohPr2kQSJBjuabvvYpRlvD8pTa/LXrt4yz3ETsWDkx3wjTYQeoxplLXg1DZh
24oaSFPCc4WPVDxmXy3sk+ByVZ2TE7KK1fZuSyeQMLiM0os0AYMAYSQMzT9yT4Jp
rfVOfWG1MUihm+Vl9g0HkK9RaaONDHgqpx2aVuEflmzJE/6ja37iinV2k3ZZH5pq
vyVZqmXD4AUL0ZviqZB9kHvfQ1PLx4LNn+0TNOyAlexyrhavwFwZEOYG+QIDAQAB
o4IC2jCCAtYwHQYDVR0OBBYEFIVUVab7ILYSNjoRddhk1T+l9kV3MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvaFZSVnB2c2d0aEkyT2hGMTJHVFZQNlgyUlhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHvBggrBgEFBQcBBwEB/wSB3zCB3DCB2QQCAAEwgdIDBABR
BZwDBABRqCkDBABRqHQDBABRqHcDBABRqHsDBABSmG8DBAFSmPwDBABSmP8DBABS
mQEDBABSmUkDBABSmU4wDAMEA1KZiAMEAFKZjAMEAFKZ3wMEAFKZ4wMEAFKZ8AME
AFKZ+QMEAFnVBgMEAFnViDAMAwQAWdWLAwQAWdWMAwQAWdWYAwQAWdWoAwQAWdWt
AwQAWdWwAwQAWdW0AwQAWdW2AwQCWdW4AwQBbbDSAwQAbbDVMAwDBARtsPADBABt
sPIDBAG5MX4DBADVmCowDQYJKoZIhvcNAQELBQADggEBACf1o7wcBPb32s637vsj
qtpTcf1gyYg15x8G3/mgaSuFHESrFXTYmjoDARn0+G+tkynSwmTOR6aNEBs4CC1H
7IO6wLgJtXi8NzB66Pm21PxO3+HAj2/pgIgWMzFWYwjnfGFqz+AG962FMtED38iG
YFlSCxKPsRcxQsILY+Z5uVxYl7BvpYPKbkhDfBDwNw7TItTjtuuM+9fjPPc0jZ5x
SCrgcmmnzE0ZNX2mRHIYeYURyQ5v05437dmJUOO+UoGLTb6+qSNxxXh7EzkFDEOF
0y6JlkVwKxqDz/9kSHNO8Gu1es+h3vI2WSMKUTKQq1ekkqnREGkFQNEPbpxdMji1
qtE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:17 2024 by rpki-client on console-fra.rpki-client.org