Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/nQiaS9GBW0s0ybJAekkaQffqq7Y.roa
File:                     nQiaS9GBW0s0ybJAekkaQffqq7Y.roa (raw, json)
Hash identifier:          Xd/Zzeoaix8mAkOq5vDIjQ6zOLFy/dM4irOa8w6Yz50=
Subject key identifier:   9D:08:9A:4B:D1:81:5B:4B:34:C9:B2:40:7A:49:1A:41:F7:EA:AB:B6
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       0189A6070D9A20E404A37F0D114E86AE141E
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/nQiaS9GBW0s0ybJAekkaQffqq7Y.roa
Signing time:             Sun 30 Jul 2023 09:00:27 +0000
ROA not before:           Sun 30 Jul 2023 09:00:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        82.153.136.0/22 maxlen: 22
                          82.152.111.0/24 maxlen: 24
                          82.153.73.0/24 maxlen: 24
                          82.153.78.0/24 maxlen: 24
                          81.168.123.0/24 maxlen: 24
                          81.168.119.0/24 maxlen: 24
                          82.153.240.0/24 maxlen: 24
                          89.213.184.0/24 maxlen: 24
                          89.213.190.0/24 maxlen: 24
                          82.153.249.0/24 maxlen: 24
                          109.176.211.0/24 maxlen: 24
                          109.176.210.0/24 maxlen: 24
                          89.213.130.0/24 maxlen: 24
                          89.213.139.0/24 maxlen: 24
                          89.213.136.0/24 maxlen: 24
                          82.152.253.0/24 maxlen: 24
                          82.152.252.0/24 maxlen: 24
                          81.5.156.0/24 maxlen: 24
                          213.152.42.0/24 maxlen: 24
                          82.152.255.0/24 maxlen: 24
                          82.153.1.0/24 maxlen: 24
                          82.153.223.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 01 Aug 2023 08:18:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:a6:07:0d:9a:20:e4:04:a3:7f:0d:11:4e:86:ae:14:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jul 30 09:00:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9d089a4bd1815b4b34c9b2407a491a41f7eaabb6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:3f:98:94:b8:e2:3c:30:82:e5:d9:9e:c6:f9:
                    37:31:fd:98:9a:2e:fe:ad:c9:52:18:7b:87:2a:b5:
                    25:03:2a:1a:65:ab:27:6f:7f:e4:a4:a1:f0:3c:a8:
                    c9:88:d9:91:fa:38:4c:59:e2:d5:93:24:1f:5c:9c:
                    b3:2b:af:2f:07:52:c7:91:ea:6a:cf:05:56:d5:af:
                    c0:2f:b6:5e:d9:7e:fe:8f:1f:e8:dc:9d:9e:f9:97:
                    0e:07:f6:ef:fd:41:e8:0e:ec:18:f1:4a:93:ed:db:
                    bd:08:62:00:10:3e:71:24:92:4b:27:b3:99:09:52:
                    2d:82:aa:9a:95:ab:c6:0b:d4:f4:90:81:31:f4:62:
                    a3:cd:9d:21:cb:fd:b0:52:d6:f4:df:ad:5a:7f:a5:
                    7d:dc:90:49:2e:34:78:60:ab:c3:b3:b0:20:0e:ac:
                    dc:85:e8:a9:66:7f:0e:24:75:d9:c1:79:28:e9:ac:
                    17:a2:c3:42:18:85:8a:fa:11:c4:12:5b:87:aa:ad:
                    5f:e9:74:48:19:4e:1c:80:f5:70:db:65:fd:e9:14:
                    a8:f0:8c:6a:27:d5:88:23:3b:e9:c2:a8:fc:59:76:
                    f6:08:0e:5b:e2:da:be:57:91:32:ef:5b:d5:69:c8:
                    7b:8f:6c:c5:0f:9b:bf:1b:aa:f3:d2:76:59:32:f3:
                    11:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:08:9A:4B:D1:81:5B:4B:34:C9:B2:40:7A:49:1A:41:F7:EA:AB:B6
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/nQiaS9GBW0s0ybJAekkaQffqq7Y.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.5.156.0/24
                  81.168.119.0/24
                  81.168.123.0/24
                  82.152.111.0/24
                  82.152.252.0/23
                  82.152.255.0/24
                  82.153.1.0/24
                  82.153.73.0/24
                  82.153.78.0/24
                  82.153.136.0/22
                  82.153.223.0/24
                  82.153.240.0/24
                  82.153.249.0/24
                  89.213.130.0/24
                  89.213.136.0/24
                  89.213.139.0/24
                  89.213.184.0/24
                  89.213.190.0/24
                  109.176.210.0/23
                  213.152.42.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a5:c8:b6:c6:c1:2c:cf:68:92:27:89:b3:6f:82:66:e5:fd:2e:
         92:7c:57:76:06:23:bc:f4:29:57:9f:bc:d6:68:96:5f:5b:d1:
         55:89:80:70:9e:4a:20:88:40:dc:31:2d:06:2e:71:12:ca:05:
         28:3a:4d:be:4a:7a:82:07:58:dd:92:b4:9e:0b:27:8d:3d:a4:
         ca:f8:7f:a5:8b:42:3f:e0:59:f0:7f:15:38:13:4f:49:e7:0e:
         8b:81:4a:27:ae:7c:e1:af:6d:f0:25:24:d2:60:e8:ab:25:58:
         15:c6:f8:d2:b7:7b:c6:be:74:ba:56:da:f5:c6:96:5b:c0:d8:
         d7:5e:a4:e7:08:e1:14:bb:58:52:a1:44:32:2b:06:d1:52:2a:
         59:15:5f:84:8f:24:5d:04:03:b7:82:1a:36:5e:e2:20:40:46:
         d0:39:92:8a:a7:25:27:b7:e1:0f:7f:1d:33:b8:04:ed:f6:58:
         9c:14:aa:d1:9c:1a:37:62:bb:33:09:42:3e:2a:16:81:ae:14:
         78:f4:5e:5e:de:5f:37:85:a5:13:5a:e5:c4:8f:ab:93:45:49:
         b0:7a:04:be:53:76:fc:c3:58:f4:53:51:6a:4c:2b:5f:dd:49:
         89:7c:33:bd:cc:a5:37:1a:ff:7c:a0:ed:03:d1:d9:1e:be:13:
         ca:8b:2f:7c
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgISAYmmBw2aIOQEo38NEU6GrhQeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNzMwMDkwMDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDA4OWE0YmQxODE1YjRiMzRjOWIyNDA3YTQ5MWE0MWY3ZWFhYmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuj+YlLjiPDCC5dmexvk3Mf2Ymi7+
rclSGHuHKrUlAyoaZasnb3/kpKHwPKjJiNmR+jhMWeLVkyQfXJyzK68vB1LHkepq
zwVW1a/AL7Ze2X7+jx/o3J2e+ZcOB/bv/UHoDuwY8UqT7du9CGIAED5xJJJLJ7OZ
CVItgqqalavGC9T0kIEx9GKjzZ0hy/2wUtb0361af6V93JBJLjR4YKvDs7AgDqzc
heipZn8OJHXZwXko6awXosNCGIWK+hHEEluHqq1f6XRIGU4cgPVw22X96RSo8Ixq
J9WIIzvpwqj8WXb2CA5b4tq+V5Ey71vVach7j2zFD5u/G6rz0nZZMvMR7wIDAQAB
o4ICfjCCAnowHQYDVR0OBBYEFJ0ImkvRgVtLNMmyQHpJGkH36qu2MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvblFpYVM5R0JXMHMweWJKQWVra2FRZmZxcTdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGTBggrBgEFBQcBBwEB/wSBgzCBgDB+BAIAATB4AwQAUQWc
AwQAUah3AwQAUah7AwQAUphvAwQBUpj8AwQAUpj/AwQAUpkBAwQAUplJAwQAUplO
AwQCUpmIAwQAUpnfAwQAUpnwAwQAUpn5AwQAWdWCAwQAWdWIAwQAWdWLAwQAWdW4
AwQAWdW+AwQBbbDSAwQA1ZgqMA0GCSqGSIb3DQEBCwUAA4IBAQClyLbGwSzPaJIn
ibNvgmbl/S6SfFd2BiO89ClXn7zWaJZfW9FViYBwnkogiEDcMS0GLnESygUoOk2+
SnqCB1jdkrSeCyeNPaTK+H+li0I/4FnwfxU4E09J5w6LgUonrnzhr23wJSTSYOir
JVgVxvjSt3vGvnS6Vtr1xpZbwNjXXqTnCOEUu1hSoUQyKwbRUipZFV+EjyRdBAO3
gho2XuIgQEbQOZKKpyUnt+EPfx0zuATt9licFKrRnBo3YrszCUI+KhaBrhR49F5e
3l83haUTWuXEj6uTRUmwegS+U3b8w1j0U1FqTCtf3UmJfDO9zKU3Gv98oO0D0dke
vhPKiy98
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:17 2024 by rpki-client on console-fra.rpki-client.org