Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/lSGRVVW_2EE5v6u7dIiuZMPiRiY.roa
File:                     lSGRVVW_2EE5v6u7dIiuZMPiRiY.roa (raw, json)
Hash identifier:          fqgwhZ8sJCn24++qT1HJAOHoPmMQ9uIiH1Fd6/3qMow=
Subject key identifier:   95:21:91:55:55:BF:D8:41:39:BF:AB:BB:74:88:AE:64:C3:E2:46:26
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018C6D723ED265285CA35D0597E8368121D0
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/lSGRVVW_2EE5v6u7dIiuZMPiRiY.roa
Signing time:             Fri 15 Dec 2023 12:27:32 +0000
ROA not before:           Fri 15 Dec 2023 12:27:32 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61317
IP address blocks:        89.213.43.0/24 maxlen: 24
                          89.213.190.0/24 maxlen: 24
                          109.176.208.0/24 maxlen: 24
                          89.213.130.0/24 maxlen: 24
                          89.213.145.0/24 maxlen: 24
                          89.213.146.0/24 maxlen: 24
                          82.152.251.0/24 maxlen: 24
                          82.152.248.0/24 maxlen: 24
                          82.152.254.0/24 maxlen: 24
                          89.213.161.0/24 maxlen: 24
                          82.153.132.0/24 maxlen: 24
                          82.153.69.0/24 maxlen: 24
                          82.153.72.0/24 maxlen: 24
                          81.168.116.0/24 maxlen: 24
                          82.153.79.0/24 maxlen: 24
                          81.168.120.0/24 maxlen: 24
                          81.168.119.0/24 maxlen: 24
                          109.176.247.0/24 maxlen: 24
                          109.176.251.0/24 maxlen: 24
                          185.49.124.0/24 maxlen: 24
                          89.213.4.0/24 maxlen: 24
                          89.213.7.0/24 maxlen: 24
                          89.213.6.0/24 maxlen: 24
                          82.153.224.0/24 maxlen: 24
                          82.153.225.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 18 Dec 2023 09:18:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:6d:72:3e:d2:65:28:5c:a3:5d:05:97:e8:36:81:21:d0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Dec 15 12:27:32 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9521915555bfd84139bfabbb7488ae64c3e24626
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:1a:e4:2e:f5:10:8c:46:00:a8:c5:99:63:8a:
                    42:48:95:fb:6a:6a:de:53:a0:59:7b:a4:f1:03:8a:
                    ad:ad:23:40:3f:1e:ad:b0:97:85:31:ce:b8:3a:7a:
                    39:58:83:82:14:76:f8:37:b5:5b:a5:01:67:e3:e7:
                    d6:61:11:75:1f:ff:fa:43:2b:f7:c3:dd:b2:f8:11:
                    31:db:29:c6:04:8c:65:3a:57:cd:1f:aa:13:21:10:
                    b8:93:10:5d:cb:3d:0c:65:2b:dc:b8:26:75:62:4f:
                    88:e8:39:98:db:05:1f:e0:db:5b:70:97:2b:ac:0a:
                    b8:7d:3c:cc:36:e1:22:5b:d9:2d:e1:8c:b4:d2:88:
                    71:7f:13:f9:19:b3:33:23:58:46:8b:f8:1a:88:92:
                    d6:49:bc:56:70:c2:a4:1a:c3:42:a6:3a:40:98:e2:
                    e5:90:96:b9:a1:7c:b7:35:6e:e5:b8:d5:07:41:d6:
                    bf:bd:5d:62:e2:42:c8:e7:d4:74:44:5e:28:22:e8:
                    61:65:cf:77:b9:a1:8b:54:ad:d9:9e:82:ff:4b:b6:
                    36:26:53:2a:87:c7:d1:19:1b:58:04:89:df:44:f5:
                    24:64:f4:91:1d:a2:8f:e3:24:22:ae:3a:e2:3a:1d:
                    a2:cf:70:47:64:12:85:17:6b:5a:90:2d:86:fd:27:
                    3c:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:21:91:55:55:BF:D8:41:39:BF:AB:BB:74:88:AE:64:C3:E2:46:26
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/lSGRVVW_2EE5v6u7dIiuZMPiRiY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.168.116.0/24
                  81.168.119.0-81.168.120.255
                  82.152.248.0/24
                  82.152.251.0/24
                  82.152.254.0/24
                  82.153.69.0/24
                  82.153.72.0/24
                  82.153.79.0/24
                  82.153.132.0/24
                  82.153.224.0/23
                  89.213.4.0/24
                  89.213.6.0/23
                  89.213.43.0/24
                  89.213.130.0/24
                  89.213.145.0-89.213.146.255
                  89.213.161.0/24
                  89.213.190.0/24
                  109.176.208.0/24
                  109.176.247.0/24
                  109.176.251.0/24
                  185.49.124.0/24

    Signature Algorithm: sha256WithRSAEncryption
         47:24:42:05:ca:ec:d5:1f:0e:4f:a3:d4:76:35:59:4c:40:8d:
         22:d1:fb:14:7f:37:ae:74:db:09:6c:95:02:a8:91:f1:78:90:
         35:0a:8a:80:85:e1:cf:fa:c5:c9:31:83:57:29:47:25:f4:1a:
         d3:1c:f2:29:c6:b2:0b:63:d6:53:79:cd:22:1a:fb:86:0f:06:
         83:37:de:cc:c2:40:8c:43:3e:ca:e7:d6:af:0a:a7:e3:c4:b0:
         86:15:cb:2b:13:d8:47:4f:33:17:12:37:89:83:a1:e6:73:09:
         c6:b0:a0:77:96:4b:2c:e9:0e:73:36:a8:ec:a5:e7:08:bd:cd:
         42:9c:91:13:a9:5a:7c:df:14:b1:14:1b:cb:0c:eb:ba:1e:ad:
         56:d7:73:de:ce:2f:bf:9a:e5:0b:d3:18:4d:4b:5b:7f:4a:82:
         04:27:f8:5e:9d:b5:25:5d:03:cc:37:d0:76:58:f8:95:b9:f0:
         52:46:ed:a6:a2:bc:94:11:5b:01:10:23:fd:38:2c:4d:9b:1c:
         0c:c9:83:d1:93:45:ed:97:d7:98:e6:ce:f5:6d:00:4d:9c:9b:
         54:06:0e:ad:a2:8d:a2:33:a4:59:79:c8:f8:a1:68:a3:73:e9:
         ec:5d:06:4b:d6:4d:eb:92:bb:ea:ea:8c:92:07:b2:98:92:91:
         9a:1e:d7:02
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgISAYxtcj7SZShco10Fl+g2gSHQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMxMjE1MTIyNzMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTIxOTE1NTU1YmZkODQxMzliZmFiYmI3NDg4YWU2NGMzZTI0NjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnhrkLvUQjEYAqMWZY4pCSJX7amre
U6BZe6TxA4qtrSNAPx6tsJeFMc64Ono5WIOCFHb4N7VbpQFn4+fWYRF1H//6Qyv3
w92y+BEx2ynGBIxlOlfNH6oTIRC4kxBdyz0MZSvcuCZ1Yk+I6DmY2wUf4NtbcJcr
rAq4fTzMNuEiW9kt4Yy00ohxfxP5GbMzI1hGi/gaiJLWSbxWcMKkGsNCpjpAmOLl
kJa5oXy3NW7luNUHQda/vV1i4kLI59R0RF4oIuhhZc93uaGLVK3ZnoL/S7Y2JlMq
h8fRGRtYBInfRPUkZPSRHaKP4yQirjriOh2iz3BHZBKFF2takC2G/Sc8xQIDAQAB
o4ICljCCApIwHQYDVR0OBBYEFJUhkVVVv9hBOb+ru3SIrmTD4kYmMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvbFNHUlZWV18yRUU1djZ1N2RJaXVaTVBpUmlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGrBggrBgEFBQcBBwEB/wSBmzCBmDCBlQQCAAEwgY4DBABR
qHQwDAMEAFGodwMEAFGoeAMEAFKY+AMEAFKY+wMEAFKY/gMEAFKZRQMEAFKZSAME
AFKZTwMEAFKZhAMEAVKZ4AMEAFnVBAMEAVnVBgMEAFnVKwMEAFnVgjAMAwQAWdWR
AwQAWdWSAwQAWdWhAwQAWdW+AwQAbbDQAwQAbbD3AwQAbbD7AwQAuTF8MA0GCSqG
SIb3DQEBCwUAA4IBAQBHJEIFyuzVHw5Po9R2NVlMQI0i0fsUfzeudNsJbJUCqJHx
eJA1CoqAheHP+sXJMYNXKUcl9BrTHPIpxrILY9ZTec0iGvuGDwaDN97MwkCMQz7K
59avCqfjxLCGFcsrE9hHTzMXEjeJg6HmcwnGsKB3lkss6Q5zNqjspecIvc1CnJET
qVp83xSxFBvLDOu6Hq1W13Pezi+/muUL0xhNS1t/SoIEJ/henbUlXQPMN9B2WPiV
ufBSRu2moryUEVsBECP9OCxNmxwMyYPRk0Xtl9eY5s71bQBNnJtUBg6too2iM6RZ
ecj4oWijc+nsXQZL1k3rkrvq6oySB7KYkpGaHtcC
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:17 2024 by rpki-client on console-fra.rpki-client.org