Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/n55AsdLqzzcmT8AocaNed6jMuWE.roa
File:                     n55AsdLqzzcmT8AocaNed6jMuWE.roa (raw, json)
Hash identifier:          qUJx8AVBo2TFKZsTPJ4L9A8+JMaChLaoU6bacpLq16E=
Subject key identifier:   9F:9E:40:B1:D2:EA:CF:37:26:4F:C0:28:71:A3:5E:77:A8:CC:B9:61
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       0189B0408BC17EB3069FDAD770E054CF4012
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/n55AsdLqzzcmT8AocaNed6jMuWE.roa
Signing time:             Tue 01 Aug 2023 08:39:27 +0000
ROA not before:           Tue 01 Aug 2023 08:39:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61317
IP address blocks:        82.153.132.0/24 maxlen: 24
                          82.153.69.0/24 maxlen: 24
                          82.153.68.0/24 maxlen: 24
                          82.153.71.0/24 maxlen: 24
                          82.153.72.0/24 maxlen: 24
                          82.153.79.0/24 maxlen: 24
                          81.168.123.0/24 maxlen: 24
                          81.168.120.0/24 maxlen: 24
                          81.168.119.0/24 maxlen: 24
                          81.168.126.0/24 maxlen: 24
                          185.49.124.0/24 maxlen: 24
                          81.5.189.0/24 maxlen: 24
                          89.213.190.0/24 maxlen: 24
                          89.213.130.0/24 maxlen: 24
                          82.152.251.0/24 maxlen: 24
                          82.152.248.0/24 maxlen: 24
                          81.168.35.0/24 maxlen: 24
                          82.152.254.0/24 maxlen: 24
                          89.213.161.0/24 maxlen: 24
                          82.153.224.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 03 Aug 2023 09:19:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:b0:40:8b:c1:7e:b3:06:9f:da:d7:70:e0:54:cf:40:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Aug  1 08:39:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9f9e40b1d2eacf37264fc02871a35e77a8ccb961
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:37:09:23:fd:a6:38:aa:78:22:33:cd:74:96:
                    df:9c:db:8e:2e:38:f1:5e:23:a1:48:fd:45:5d:05:
                    d5:d5:36:0c:e0:8e:e2:23:f1:19:5d:b9:32:c8:f0:
                    a5:e9:1d:89:2b:b0:69:bf:31:58:b1:6c:d3:ce:1c:
                    93:fe:1d:48:18:bc:6a:ba:76:5f:37:91:dd:e6:ca:
                    d0:7b:88:33:c0:fd:b3:1a:1c:2c:ce:99:d7:ee:83:
                    ca:c5:11:94:e8:22:0d:3c:5d:c5:11:2c:fd:77:aa:
                    34:3e:06:d7:04:ec:3e:60:42:df:8b:5e:4e:75:82:
                    a3:9a:5c:20:df:09:24:c5:78:3f:63:d0:d0:ed:e0:
                    4c:62:94:14:4a:24:1e:2d:54:2c:34:8d:87:07:5e:
                    17:62:4d:28:1d:ad:f9:d7:10:e2:2b:8c:ca:c4:67:
                    57:eb:97:55:c9:a5:6c:c2:23:61:81:b5:14:01:99:
                    c6:4e:3e:5a:91:1a:94:5f:04:64:9e:1a:fc:f9:f0:
                    51:26:85:2f:cb:13:03:2a:89:5d:de:c9:a3:e3:0f:
                    33:ec:ba:1a:c8:c5:9e:d4:73:43:e0:70:19:e9:de:
                    56:20:89:50:9c:a4:77:81:8c:8b:03:5b:84:9c:35:
                    0a:d8:1c:33:35:9c:5a:d0:c1:6b:0e:e7:f5:13:b8:
                    a5:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:9E:40:B1:D2:EA:CF:37:26:4F:C0:28:71:A3:5E:77:A8:CC:B9:61
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/n55AsdLqzzcmT8AocaNed6jMuWE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.5.189.0/24
                  81.168.35.0/24
                  81.168.119.0-81.168.120.255
                  81.168.123.0/24
                  81.168.126.0/24
                  82.152.248.0/24
                  82.152.251.0/24
                  82.152.254.0/24
                  82.153.68.0/23
                  82.153.71.0-82.153.72.255
                  82.153.79.0/24
                  82.153.132.0/24
                  82.153.224.0/24
                  89.213.130.0/24
                  89.213.161.0/24
                  89.213.190.0/24
                  185.49.124.0/24

    Signature Algorithm: sha256WithRSAEncryption
         85:57:a4:79:61:77:7a:f0:06:b2:64:5a:82:4e:c7:81:71:90:
         01:81:c6:01:04:af:dc:74:17:1a:e3:b1:af:05:ed:40:a9:ba:
         94:c1:8f:05:62:71:b2:50:50:74:3c:a6:ca:4d:e3:7b:86:11:
         06:84:18:20:32:68:88:e6:6a:de:dc:b3:9e:03:10:a7:ee:81:
         e1:ae:42:0c:ba:54:a4:03:53:46:20:f9:a5:47:83:e4:ab:6f:
         f5:31:f1:5c:12:50:11:1b:1c:f7:af:c1:1e:02:bd:17:1e:bf:
         78:c5:e8:73:fa:05:09:a5:aa:f0:91:73:ba:81:38:f7:d8:a3:
         74:c7:23:5a:3f:b5:5a:b3:79:bd:d5:48:3a:ab:d0:58:5b:3f:
         3f:72:ee:be:59:ce:75:55:e5:1b:93:bc:c4:a3:63:bf:d6:c5:
         0c:05:c6:7b:42:32:53:51:06:e7:cf:fd:db:6c:5b:2d:37:40:
         ee:98:ce:33:79:61:55:b5:5c:6e:87:c8:e7:73:45:cd:ea:d6:
         2d:62:9c:b0:10:9d:86:d0:4e:7a:af:79:84:f3:85:64:ea:1f:
         38:15:33:62:20:c8:31:9f:de:9b:f6:8d:d0:b0:93:2a:63:ce:
         83:42:a7:06:b5:2e:04:f6:dd:db:b9:23:1a:de:ed:ce:52:99:
         82:f5:a5:94
-----BEGIN CERTIFICATE-----
MIIFbzCCBFegAwIBAgISAYmwQIvBfrMGn9rXcOBUz0ASMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwODAxMDgzOTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjllNDBiMWQyZWFjZjM3MjY0ZmMwMjg3MWEzNWU3N2E4Y2NiOTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuzcJI/2mOKp4IjPNdJbfnNuOLjjx
XiOhSP1FXQXV1TYM4I7iI/EZXbkyyPCl6R2JK7BpvzFYsWzTzhyT/h1IGLxqunZf
N5Hd5srQe4gzwP2zGhwszpnX7oPKxRGU6CINPF3FESz9d6o0PgbXBOw+YELfi15O
dYKjmlwg3wkkxXg/Y9DQ7eBMYpQUSiQeLVQsNI2HB14XYk0oHa351xDiK4zKxGdX
65dVyaVswiNhgbUUAZnGTj5akRqUXwRknhr8+fBRJoUvyxMDKold3smj4w8z7Loa
yMWe1HND4HAZ6d5WIIlQnKR3gYyLA1uEnDUK2BwzNZxa0MFrDuf1E7ilnwIDAQAB
o4ICezCCAncwHQYDVR0OBBYEFJ+eQLHS6s83Jk/AKHGjXneozLlhMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvbjU1QXNkTHF6emNtVDhBb2NhTmVkNmpNdVdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGQBggrBgEFBQcBBwEB/wSBgDB+MHwEAgABMHYDBABRBb0D
BABRqCMwDAMEAFGodwMEAFGoeAMEAFGoewMEAFGofgMEAFKY+AMEAFKY+wMEAFKY
/gMEAVKZRDAMAwQAUplHAwQAUplIAwQAUplPAwQAUpmEAwQAUpngAwQAWdWCAwQA
WdWhAwQAWdW+AwQAuTF8MA0GCSqGSIb3DQEBCwUAA4IBAQCFV6R5YXd68AayZFqC
TseBcZABgcYBBK/cdBca47GvBe1AqbqUwY8FYnGyUFB0PKbKTeN7hhEGhBggMmiI
5mre3LOeAxCn7oHhrkIMulSkA1NGIPmlR4Pkq2/1MfFcElARGxz3r8EeAr0XHr94
xehz+gUJparwkXO6gTj32KN0xyNaP7Vas3m91Ug6q9BYWz8/cu6+Wc51VeUbk7zE
o2O/1sUMBcZ7QjJTUQbnz/3bbFstN0DumM4zeWFVtVxuh8jnc0XN6tYtYpywEJ2G
0E56r3mE84Vk6h84FTNiIMgxn96b9o3QsJMqY86DQqcGtS4E9t3buSMa3u3OUpmC
9aWU
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:17 2024 by rpki-client on console-fra.rpki-client.org