Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/mA8bpy4IEqvzEN4aG4GuGdk6wGk.roa
File:                     mA8bpy4IEqvzEN4aG4GuGdk6wGk.roa (raw, json)
Hash identifier:          XPYacHPbOrh8OwUss6Dpw0amNpG6QR1FRQFw+e0GASg=
Subject key identifier:   98:0F:1B:A7:2E:08:12:AB:F3:10:DE:1A:1B:81:AE:19:D9:3A:C0:69
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       0189BAB25A383BDC932B1AF4CDCC477E178C
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/mA8bpy4IEqvzEN4aG4GuGdk6wGk.roa
Signing time:             Thu 03 Aug 2023 09:19:57 +0000
ROA not before:           Thu 03 Aug 2023 09:19:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61317
IP address blocks:        82.153.132.0/24 maxlen: 24
                          82.153.69.0/24 maxlen: 24
                          82.153.68.0/24 maxlen: 24
                          82.153.71.0/24 maxlen: 24
                          82.153.72.0/24 maxlen: 24
                          82.153.79.0/24 maxlen: 24
                          81.168.123.0/24 maxlen: 24
                          81.168.120.0/24 maxlen: 24
                          81.168.119.0/24 maxlen: 24
                          81.168.126.0/24 maxlen: 24
                          185.49.124.0/24 maxlen: 24
                          81.5.189.0/24 maxlen: 24
                          89.213.190.0/24 maxlen: 24
                          89.213.6.0/24 maxlen: 24
                          89.213.130.0/24 maxlen: 24
                          82.152.251.0/24 maxlen: 24
                          82.152.248.0/24 maxlen: 24
                          81.168.35.0/24 maxlen: 24
                          82.152.254.0/24 maxlen: 24
                          89.213.161.0/24 maxlen: 24
                          82.153.224.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 07 Aug 2023 15:39:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:ba:b2:5a:38:3b:dc:93:2b:1a:f4:cd:cc:47:7e:17:8c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Aug  3 09:19:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=980f1ba72e0812abf310de1a1b81ae19d93ac069
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:1e:06:aa:b6:2e:28:6e:bb:f4:58:04:3b:3f:
                    ca:9c:a4:30:ae:0f:e6:74:d7:8b:47:f7:f7:cb:18:
                    07:41:c1:5c:ef:f8:0e:5b:61:2b:50:4a:de:61:16:
                    5c:cb:7c:eb:89:7c:6b:3c:b1:22:d3:2d:0d:73:84:
                    81:f4:40:fe:24:1d:4e:ba:08:29:2a:78:ff:0a:82:
                    7e:4f:99:9e:81:c6:11:20:76:2a:a4:08:ed:18:3e:
                    ea:8e:c9:85:4e:ac:58:c9:d2:fb:28:bd:f2:e4:7e:
                    96:4a:3a:1e:be:b4:f2:f4:51:ea:55:a2:7c:33:3b:
                    06:08:f4:52:3f:2e:3b:6e:ee:d4:b4:4d:e0:20:c6:
                    1c:0e:1d:77:0a:8e:6a:70:54:77:c8:fc:cf:bb:da:
                    c0:ab:b9:58:e8:1f:72:57:c3:3e:64:34:14:89:12:
                    20:b4:f5:85:fd:b0:72:03:94:8d:4a:a3:bb:80:77:
                    f9:02:5e:ff:2d:90:40:62:03:39:3b:f3:4d:eb:54:
                    23:14:3b:98:3a:22:e2:37:2c:80:bc:25:3f:7b:3b:
                    16:4c:2f:7b:90:ae:e9:b8:b4:ae:98:bb:d5:32:7e:
                    2f:2b:93:cb:4b:fa:3a:5a:0b:0e:07:51:38:8a:dc:
                    4a:64:00:2a:54:58:5c:97:6a:ff:4e:c2:14:79:17:
                    79:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:0F:1B:A7:2E:08:12:AB:F3:10:DE:1A:1B:81:AE:19:D9:3A:C0:69
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/mA8bpy4IEqvzEN4aG4GuGdk6wGk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.5.189.0/24
                  81.168.35.0/24
                  81.168.119.0-81.168.120.255
                  81.168.123.0/24
                  81.168.126.0/24
                  82.152.248.0/24
                  82.152.251.0/24
                  82.152.254.0/24
                  82.153.68.0/23
                  82.153.71.0-82.153.72.255
                  82.153.79.0/24
                  82.153.132.0/24
                  82.153.224.0/24
                  89.213.6.0/24
                  89.213.130.0/24
                  89.213.161.0/24
                  89.213.190.0/24
                  185.49.124.0/24

    Signature Algorithm: sha256WithRSAEncryption
         84:56:b5:00:44:08:f3:ff:c5:ea:e6:30:5a:cb:5c:28:a0:c5:
         d2:81:15:b2:38:80:3c:ed:f9:81:5d:83:5c:ab:76:ab:5e:8b:
         78:8f:3e:12:28:39:91:33:b7:aa:1d:91:37:34:dc:1d:e6:ba:
         2a:44:3a:77:a2:7a:ce:81:f8:c0:07:73:f0:d9:a7:35:73:57:
         4b:bd:fd:dc:d7:b0:8f:98:0e:78:05:9e:e4:fc:13:e3:a8:11:
         b3:71:09:d7:33:6f:c3:0f:b5:38:8b:8c:e7:35:95:4d:9d:eb:
         eb:f9:81:6d:0b:4a:95:30:47:9b:8c:21:6c:9e:86:2f:1c:a8:
         bc:bd:49:52:68:a2:b9:02:10:03:7b:cf:4c:9a:fe:20:43:fd:
         fd:8f:4d:22:a6:49:4c:9a:f7:6c:f8:6d:60:ce:0b:d1:af:b5:
         d3:84:98:c0:65:c3:ed:28:b8:c1:d9:ca:6f:e9:fd:61:f0:46:
         ff:24:26:ea:dc:14:62:d7:61:81:d1:0b:46:78:22:8c:cf:64:
         31:29:35:75:a9:4c:3f:89:40:75:30:7e:30:b3:dd:b8:9f:8b:
         70:74:57:c1:aa:5a:47:4b:08:8d:b2:a9:f6:5d:91:f4:2b:9b:
         bb:7c:5d:a6:9c:65:dd:95:dc:cb:0a:62:68:2a:8d:3c:3b:40:
         52:9f:52:ca
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgISAYm6slo4O9yTKxr0zcxHfheMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwODAzMDkxOTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODBmMWJhNzJlMDgxMmFiZjMxMGRlMWExYjgxYWUxOWQ5M2FjMDY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjB4GqrYuKG679FgEOz/KnKQwrg/m
dNeLR/f3yxgHQcFc7/gOW2ErUEreYRZcy3zriXxrPLEi0y0Nc4SB9ED+JB1Ouggp
Knj/CoJ+T5megcYRIHYqpAjtGD7qjsmFTqxYydL7KL3y5H6WSjoevrTy9FHqVaJ8
MzsGCPRSPy47bu7UtE3gIMYcDh13Co5qcFR3yPzPu9rAq7lY6B9yV8M+ZDQUiRIg
tPWF/bByA5SNSqO7gHf5Al7/LZBAYgM5O/NN61QjFDuYOiLiNyyAvCU/ezsWTC97
kK7puLSumLvVMn4vK5PLS/o6WgsOB1E4itxKZAAqVFhcl2r/TsIUeRd5RwIDAQAB
o4ICgzCCAn8wHQYDVR0OBBYEFJgPG6cuCBKr8xDeGhuBrhnZOsBpMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvbUE4YnB5NElFcXZ6RU40YUc0R3VHZGs2d0drLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGYBggrBgEFBQcBBwEB/wSBiDCBhTCBggQCAAEwfAMEAFEF
vQMEAFGoIzAMAwQAUah3AwQAUah4AwQAUah7AwQAUah+AwQAUpj4AwQAUpj7AwQA
Upj+AwQBUplEMAwDBABSmUcDBABSmUgDBABSmU8DBABSmYQDBABSmeADBABZ1QYD
BABZ1YIDBABZ1aEDBABZ1b4DBAC5MXwwDQYJKoZIhvcNAQELBQADggEBAIRWtQBE
CPP/xermMFrLXCigxdKBFbI4gDzt+YFdg1yrdqtei3iPPhIoOZEzt6odkTc03B3m
uipEOneies6B+MAHc/DZpzVzV0u9/dzXsI+YDngFnuT8E+OoEbNxCdczb8MPtTiL
jOc1lU2d6+v5gW0LSpUwR5uMIWyehi8cqLy9SVJoorkCEAN7z0ya/iBD/f2PTSKm
SUya92z4bWDOC9GvtdOEmMBlw+0ouMHZym/p/WHwRv8kJurcFGLXYYHRC0Z4IozP
ZDEpNXWpTD+JQHUwfjCz3bifi3B0V8GqWkdLCI2yqfZdkfQrm7t8XaacZd2V3MsK
YmgqjTw7QFKfUso=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:17 2024 by rpki-client on console-fra.rpki-client.org