Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/m8uzo0k1_XGkY8Kfr715DlO1NiY.roa
File:                     m8uzo0k1_XGkY8Kfr715DlO1NiY.roa (raw, json)
Hash identifier:          dD8YpJULfBAVvhSGxRGIenqdQtdeOHMoSl03R0H8nsI=
Subject key identifier:   9B:CB:B3:A3:49:35:FD:71:A4:63:C2:9F:AF:BD:79:0E:53:B5:36:26
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018ABBB46962DD19392E30222257FCE3A06E
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/m8uzo0k1_XGkY8Kfr715DlO1NiY.roa
Signing time:             Fri 22 Sep 2023 07:04:37 +0000
ROA not before:           Fri 22 Sep 2023 07:04:37 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        185.49.126.0/23 maxlen: 24
                          82.153.136.0/22 maxlen: 22
                          81.168.123.0/24 maxlen: 24
                          81.168.119.0/24 maxlen: 24
                          89.213.145.0/24 maxlen: 24
                          89.213.146.0/24 maxlen: 24
                          89.213.40.0/22 maxlen: 24
                          213.152.42.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 25 Sep 2023 11:19:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:bb:b4:69:62:dd:19:39:2e:30:22:22:57:fc:e3:a0:6e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Sep 22 07:04:37 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9bcbb3a34935fd71a463c29fafbd790e53b53626
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:3a:af:2c:75:00:e8:7a:b2:20:fc:31:a3:2f:
                    81:6d:13:c4:65:22:7b:dc:c6:ec:b3:6c:36:8f:fd:
                    12:f4:52:dd:85:c1:47:15:49:15:df:b6:07:8e:65:
                    1b:ad:1d:5c:e7:a2:8f:20:ab:92:20:28:63:58:f2:
                    3b:e6:c6:d8:3a:77:bc:e3:f1:d3:62:e1:a2:00:7c:
                    10:22:28:9e:0c:e0:73:9c:22:f7:9b:63:a7:f4:09:
                    4a:1b:dc:e1:1a:03:69:46:8c:4d:a3:ee:c0:3f:fc:
                    b5:5e:e6:5f:f9:ce:b5:92:3d:9f:4e:86:0e:9f:ea:
                    2e:7f:ec:35:e4:92:c1:df:2c:29:87:e7:05:44:bc:
                    e8:79:20:64:2c:c2:9a:90:79:57:57:d5:47:73:15:
                    e2:5a:4a:b0:28:85:d7:50:45:8e:2d:28:4b:48:08:
                    07:ec:81:94:33:a0:26:01:b3:84:80:87:f8:96:8c:
                    b9:75:13:08:86:3e:ac:01:c0:d1:3c:fa:73:78:e4:
                    93:c9:2b:b2:7a:77:bb:c9:3a:85:62:a5:d3:f3:48:
                    d1:d3:9e:32:fb:41:ba:be:ef:18:fc:d0:13:f9:dd:
                    b9:ba:88:36:57:68:cf:b2:77:1f:4b:5e:a4:bd:d9:
                    fa:b8:23:ef:f9:b8:58:94:d2:05:49:1d:f5:40:cc:
                    e8:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:CB:B3:A3:49:35:FD:71:A4:63:C2:9F:AF:BD:79:0E:53:B5:36:26
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/m8uzo0k1_XGkY8Kfr715DlO1NiY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.168.119.0/24
                  81.168.123.0/24
                  82.153.136.0/22
                  89.213.40.0/22
                  89.213.145.0-89.213.146.255
                  185.49.126.0/23
                  213.152.42.0/24

    Signature Algorithm: sha256WithRSAEncryption
         60:f9:f7:e8:7f:bd:09:6a:46:fd:e2:36:21:aa:39:ea:89:57:
         d8:24:3e:5d:d0:6a:5c:d4:46:ba:a2:18:e6:d1:06:6e:ae:a3:
         e9:65:9e:ab:8a:9e:a2:76:2b:91:28:da:40:08:ea:51:b1:6d:
         a6:84:11:f1:4e:f9:36:b7:de:35:53:fd:81:ef:50:ce:01:13:
         2f:a6:7f:18:e0:1b:ec:ac:0a:18:95:fa:27:5e:af:9f:a9:24:
         b0:f5:4c:37:d8:ea:2d:b4:29:c5:5f:8f:56:41:f9:be:5e:1d:
         dd:b0:88:b0:bc:35:da:0a:ec:d5:e3:ed:2a:4f:76:bb:48:be:
         52:bf:54:31:7c:a6:2c:9d:83:06:1a:25:71:f9:35:f7:ab:03:
         8e:3e:e4:1c:01:bc:83:51:45:56:fe:28:49:09:a9:94:55:ea:
         8a:cb:2d:64:88:7d:31:aa:89:63:ac:78:c7:c5:19:13:4e:61:
         39:82:de:30:54:84:fd:fa:94:42:7f:25:c2:d7:1f:62:e7:44:
         71:b9:53:d4:32:dc:66:1e:36:b2:ae:ca:c6:f6:fa:b0:34:09:
         21:ab:3e:34:22:0a:f7:c2:af:b3:2b:69:da:c3:3e:91:23:45:
         e7:3b:18:b7:7b:82:ae:e5:16:c7:e3:f6:ee:17:42:12:fa:f7:
         59:4f:02:dc
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYq7tGli3Rk5LjAiIlf846BuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwOTIyMDcwNDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YmNiYjNhMzQ5MzVmZDcxYTQ2M2MyOWZhZmJkNzkwZTUzYjUzNjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxzqvLHUA6HqyIPwxoy+BbRPEZSJ7
3Mbss2w2j/0S9FLdhcFHFUkV37YHjmUbrR1c56KPIKuSIChjWPI75sbYOne84/HT
YuGiAHwQIiieDOBznCL3m2On9AlKG9zhGgNpRoxNo+7AP/y1XuZf+c61kj2fToYO
n+ouf+w15JLB3ywph+cFRLzoeSBkLMKakHlXV9VHcxXiWkqwKIXXUEWOLShLSAgH
7IGUM6AmAbOEgIf4loy5dRMIhj6sAcDRPPpzeOSTySuyene7yTqFYqXT80jR054y
+0G6vu8Y/NAT+d25uog2V2jPsncfS16kvdn6uCPv+bhYlNIFSR31QMzoewIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFJvLs6NJNf1xpGPCn6+9eQ5TtTYmMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvbTh1em8wazFfWEdrWThLZnI3MTVEbE8xTmlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQAUah3AwQA
Uah7AwQCUpmIAwQCWdUoMAwDBABZ1ZEDBABZ1ZIDBAG5MX4DBADVmCowDQYJKoZI
hvcNAQELBQADggEBAGD59+h/vQlqRv3iNiGqOeqJV9gkPl3QalzURrqiGObRBm6u
o+llnquKnqJ2K5Eo2kAI6lGxbaaEEfFO+Ta33jVT/YHvUM4BEy+mfxjgG+ysChiV
+ider5+pJLD1TDfY6i20KcVfj1ZB+b5eHd2wiLC8NdoK7NXj7SpPdrtIvlK/VDF8
piydgwYaJXH5NferA44+5BwBvINRRVb+KEkJqZRV6orLLWSIfTGqiWOseMfFGRNO
YTmC3jBUhP36lEJ/JcLXH2LnRHG5U9Qy3GYeNrKuysb2+rA0CSGrPjQiCvfCr7Mr
adrDPpEjRec7GLd7gq7lFsfj9u4XQhL691lPAtw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:17 2024 by rpki-client on console-fra.rpki-client.org