Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/jjG7_Vf86MeOZdM5J5E2L6Ybo78.roa
File:                     jjG7_Vf86MeOZdM5J5E2L6Ybo78.roa (raw, json)
Hash identifier:          K5AGfH128jYY2yO5IcdE6wUKMhx+2raZ08tTMXgakE0=
Subject key identifier:   8E:31:BB:FD:57:FC:E8:C7:8E:65:D3:39:27:91:36:2F:A6:1B:A3:BF
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018871C984A869618F0D3B34C6534459144B
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/jjG7_Vf86MeOZdM5J5E2L6Ybo78.roa
Signing time:             Wed 31 May 2023 12:30:12 +0000
ROA not before:           Wed 31 May 2023 12:30:12 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        81.5.189.0/24 maxlen: 24
                          82.152.174.0/23 maxlen: 23
                          82.153.248.0/24 maxlen: 24
                          82.153.249.0/24 maxlen: 24
                          82.153.73.0/24 maxlen: 24
                          81.168.116.0/24 maxlen: 24
                          81.168.123.0/24 maxlen: 24
                          81.168.119.0/24 maxlen: 24
                          82.152.253.0/24 maxlen: 24
                          82.152.249.0/24 maxlen: 24
                          82.152.255.0/24 maxlen: 24
                          82.153.222.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 31 May 2023 14:31:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:71:c9:84:a8:69:61:8f:0d:3b:34:c6:53:44:59:14:4b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: May 31 12:30:12 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8e31bbfd57fce8c78e65d3392791362fa61ba3bf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:e3:c3:c3:3c:af:9c:19:54:4c:4d:e3:05:86:
                    0f:32:c4:8c:b1:89:96:6f:db:1e:67:fd:3d:41:0e:
                    b5:73:8f:40:fb:a7:33:9d:e3:b7:ae:6a:a6:09:44:
                    84:91:e5:14:0d:63:a2:17:5f:14:fb:63:6e:2a:37:
                    1f:1f:8e:a5:bd:45:bf:a7:07:f7:61:d1:db:cc:73:
                    b5:6a:87:48:ac:86:66:fb:ff:6d:96:9f:b9:ab:0f:
                    b7:91:6d:57:32:53:c6:43:cb:d4:10:0a:5a:b2:47:
                    62:f9:01:c1:a5:c3:1f:8c:4e:e0:69:39:c3:eb:8d:
                    d6:3c:bf:4e:a8:ae:e8:92:cb:48:0a:ea:86:4c:d4:
                    c0:e6:dc:8e:f3:65:9c:56:7b:be:bb:4f:cd:a8:d0:
                    18:a4:49:1c:6c:7d:17:97:7a:95:76:4b:8d:c2:4b:
                    ed:8d:c4:a1:a5:05:6f:e6:92:c1:4e:54:f3:f9:ab:
                    e0:2a:2b:73:1a:d9:5f:f2:f6:0b:12:6b:7d:9a:50:
                    73:2b:07:4b:a8:ba:d9:36:4a:37:c1:27:de:30:8b:
                    db:76:aa:90:e7:69:92:27:9f:df:22:e1:ee:b7:7b:
                    79:d6:0b:c2:6d:a4:10:7d:66:29:c2:07:c8:0b:3d:
                    f2:8e:96:fc:8c:3c:54:c1:52:e4:17:e8:40:9e:7a:
                    87:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:31:BB:FD:57:FC:E8:C7:8E:65:D3:39:27:91:36:2F:A6:1B:A3:BF
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/jjG7_Vf86MeOZdM5J5E2L6Ybo78.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.5.189.0/24
                  81.168.116.0/24
                  81.168.119.0/24
                  81.168.123.0/24
                  82.152.174.0/23
                  82.152.249.0/24
                  82.152.253.0/24
                  82.152.255.0/24
                  82.153.73.0/24
                  82.153.222.0/24
                  82.153.248.0/23

    Signature Algorithm: sha256WithRSAEncryption
         8b:3e:b0:23:05:b1:4a:9c:9d:d4:c9:68:59:10:d4:85:fa:71:
         3e:fb:ca:19:df:87:9e:6d:2e:bd:e6:80:82:56:ef:7e:bd:6f:
         86:3c:a4:35:5e:3f:67:78:d9:0c:88:9a:8f:61:96:f7:34:3b:
         af:94:d8:1c:39:ff:28:4d:f9:46:98:61:04:a0:2e:14:9c:80:
         f3:4f:54:f6:50:16:7c:a1:75:4d:46:f0:50:f8:02:5c:b6:43:
         41:86:da:f5:8c:d5:9d:a8:5a:53:da:6f:b3:4f:00:be:eb:51:
         fc:9b:f3:bf:a0:7c:be:65:41:37:bc:9d:05:14:12:0b:9e:38:
         a0:8f:3a:5a:df:4f:47:f1:2e:a6:8f:56:f4:a0:7a:ae:7c:ad:
         13:c4:4d:09:09:ee:a9:9a:31:1d:83:d3:32:3e:9d:07:c3:ce:
         15:24:fe:11:f1:1f:0d:f1:e0:34:16:e9:49:74:6f:be:5c:d1:
         bb:5b:fd:50:f7:41:28:fb:9e:9d:34:27:5c:4f:d2:a1:f7:08:
         e6:08:25:0f:99:5d:2a:34:2f:72:80:2f:cb:a7:53:85:a5:2d:
         0d:00:bf:66:c8:6b:20:3d:03:cf:5d:9e:61:b4:a2:7a:93:d7:
         c9:ca:a4:ee:23:c6:f0:91:94:82:8c:f5:06:cd:10:68:52:e4:
         00:32:ad:48
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYhxyYSoaWGPDTs0xlNEWRRLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNTMxMTIzMDEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTMxYmJmZDU3ZmNlOGM3OGU2NWQzMzkyNzkxMzYyZmE2MWJhM2JmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmuPDwzyvnBlUTE3jBYYPMsSMsYmW
b9seZ/09QQ61c49A+6czneO3rmqmCUSEkeUUDWOiF18U+2NuKjcfH46lvUW/pwf3
YdHbzHO1aodIrIZm+/9tlp+5qw+3kW1XMlPGQ8vUEApaskdi+QHBpcMfjE7gaTnD
643WPL9OqK7okstICuqGTNTA5tyO82WcVnu+u0/NqNAYpEkcbH0Xl3qVdkuNwkvt
jcShpQVv5pLBTlTz+avgKitzGtlf8vYLEmt9mlBzKwdLqLrZNko3wSfeMIvbdqqQ
52mSJ5/fIuHut3t51gvCbaQQfWYpwgfICz3yjpb8jDxUwVLkF+hAnnqHMwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFI4xu/1X/OjHjmXTOSeRNi+mG6O/MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvampHN19WZjg2TWVPWmRNNUo1RTJMNllibzc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAUQW9AwQA
Uah0AwQAUah3AwQAUah7AwQBUpiuAwQAUpj5AwQAUpj9AwQAUpj/AwQAUplJAwQA
UpneAwQBUpn4MA0GCSqGSIb3DQEBCwUAA4IBAQCLPrAjBbFKnJ3UyWhZENSF+nE+
+8oZ34eebS695oCCVu9+vW+GPKQ1Xj9neNkMiJqPYZb3NDuvlNgcOf8oTflGmGEE
oC4UnIDzT1T2UBZ8oXVNRvBQ+AJctkNBhtr1jNWdqFpT2m+zTwC+61H8m/O/oHy+
ZUE3vJ0FFBILnjigjzpa309H8S6mj1b0oHqufK0TxE0JCe6pmjEdg9MyPp0Hw84V
JP4R8R8N8eA0FulJdG++XNG7W/1Q90Eo+56dNCdcT9Kh9wjmCCUPmV0qNC9ygC/L
p1OFpS0NAL9myGsgPQPPXZ5htKJ6k9fJyqTuI8bwkZSCjPUGzRBoUuQAMq1I
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:30 2024 by rpki-client on console-ams.rpki-client.org