Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/pSQjbkRJotOl4-8IzGAWh585_Q8.roa
File:                     pSQjbkRJotOl4-8IzGAWh585_Q8.roa (raw, json)
Hash identifier:          mhtycZrVslCQrHMIf4OijF7s+yDxjVmtr+0FcdVP94M=
Subject key identifier:   A5:24:23:6E:44:49:A2:D3:A5:E3:EF:08:CC:60:16:87:9F:39:FD:0F
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018A6103F7B80A14353EE263AF6DEC92E5A0
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/pSQjbkRJotOl4-8IzGAWh585_Q8.roa
Signing time:             Mon 04 Sep 2023 16:26:04 +0000
ROA not before:           Mon 04 Sep 2023 16:26:04 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        81.168.41.0/24 maxlen: 24
                          82.153.137.0/24 maxlen: 24
                          82.153.139.0/24 maxlen: 24
                          82.153.136.0/22 maxlen: 22
                          82.153.140.0/24 maxlen: 24
                          109.176.216.0/24 maxlen: 24
                          109.176.217.0/24 maxlen: 24
                          109.176.218.0/24 maxlen: 24
                          109.176.219.0/24 maxlen: 24
                          82.153.73.0/24 maxlen: 24
                          109.176.221.0/24 maxlen: 24
                          109.176.222.0/24 maxlen: 24
                          109.176.223.0/24 maxlen: 24
                          109.176.220.0/24 maxlen: 24
                          82.153.78.0/24 maxlen: 24
                          109.176.245.0/24 maxlen: 24
                          109.176.246.0/24 maxlen: 24
                          109.176.249.0/24 maxlen: 24
                          109.176.250.0/24 maxlen: 24
                          109.176.248.0/24 maxlen: 24
                          82.153.227.0/24 maxlen: 24
                          185.49.125.0/24 maxlen: 24
                          82.153.240.0/24 maxlen: 24
                          185.49.126.0/23 maxlen: 24
                          82.153.249.0/24 maxlen: 24
                          82.153.250.0/24 maxlen: 24
                          81.5.156.0/24 maxlen: 24
                          82.153.221.0/24 maxlen: 24
                          82.153.223.0/24 maxlen: 24
                          82.153.225.0/24 maxlen: 24
                          82.152.111.0/24 maxlen: 24
                          89.213.173.0/24 maxlen: 24
                          89.213.174.0/24 maxlen: 24
                          89.213.179.0/24 maxlen: 24
                          89.213.176.0/24 maxlen: 24
                          89.213.177.0/24 maxlen: 24
                          89.213.178.0/24 maxlen: 24
                          89.213.180.0/24 maxlen: 24
                          89.213.181.0/24 maxlen: 24
                          89.213.182.0/24 maxlen: 24
                          89.213.183.0/24 maxlen: 24
                          89.213.184.0/24 maxlen: 24
                          89.213.185.0/24 maxlen: 24
                          89.213.188.0/24 maxlen: 24
                          89.213.189.0/24 maxlen: 24
                          109.176.211.0/24 maxlen: 24
                          109.176.208.0/24 maxlen: 24
                          109.176.209.0/24 maxlen: 24
                          89.213.133.0/24 maxlen: 24
                          89.213.137.0/24 maxlen: 24
                          89.213.138.0/24 maxlen: 24
                          89.213.139.0/24 maxlen: 24
                          89.213.134.0/24 maxlen: 24
                          89.213.135.0/24 maxlen: 24
                          89.213.136.0/24 maxlen: 24
                          89.213.145.0/24 maxlen: 24
                          89.213.141.0/24 maxlen: 24
                          89.213.151.0/24 maxlen: 24
                          89.213.152.0/24 maxlen: 24
                          89.213.149.0/24 maxlen: 24
                          89.213.150.0/24 maxlen: 24
                          82.152.253.0/24 maxlen: 24
                          82.152.252.0/24 maxlen: 24
                          89.213.153.0/24 maxlen: 24
                          89.213.154.0/24 maxlen: 24
                          89.213.158.0/24 maxlen: 24
                          89.213.155.0/24 maxlen: 24
                          89.213.156.0/24 maxlen: 24
                          89.213.157.0/24 maxlen: 24
                          82.152.255.0/24 maxlen: 24
                          82.153.1.0/24 maxlen: 24
                          89.213.160.0/24 maxlen: 24
                          89.213.162.0/24 maxlen: 24
                          89.213.163.0/24 maxlen: 24
                          89.213.164.0/24 maxlen: 24
                          89.213.172.0/24 maxlen: 24
                          89.213.170.0/24 maxlen: 24
                          89.213.167.0/24 maxlen: 24
                          89.213.168.0/24 maxlen: 24
                          81.168.116.0/24 maxlen: 24
                          81.168.123.0/24 maxlen: 24
                          81.168.119.0/24 maxlen: 24
                          213.152.61.0/24 maxlen: 24
                          89.213.5.0/24 maxlen: 24
                          213.152.42.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 05 Sep 2023 07:27:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:61:03:f7:b8:0a:14:35:3e:e2:63:af:6d:ec:92:e5:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Sep  4 16:26:04 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a524236e4449a2d3a5e3ef08cc6016879f39fd0f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:82:a5:eb:9f:9e:37:c6:f1:fe:7d:24:5e:8e:
                    04:0e:5d:30:db:2e:b9:d7:26:c7:0a:41:30:b6:a1:
                    b6:7c:13:4b:2f:e4:ab:0d:33:a9:c6:cc:8a:06:c9:
                    3a:d5:97:38:56:c1:b6:50:9b:89:88:89:ae:ad:35:
                    95:be:b0:19:c8:3c:e3:db:a0:af:33:0e:98:b9:04:
                    f1:17:c5:2f:da:da:5b:be:3d:e7:ca:c4:a8:68:65:
                    66:c6:a9:15:26:15:ef:45:80:a4:32:92:01:fe:db:
                    df:84:8b:b5:59:57:b7:2c:98:13:21:a4:2e:f3:89:
                    34:59:96:72:de:64:de:1e:e7:d8:da:a7:c2:f4:4e:
                    02:40:9e:b0:94:fc:f1:89:bb:c6:fc:ea:f3:c9:87:
                    63:4b:39:af:ab:34:d2:42:60:2a:31:73:98:a7:26:
                    31:a8:b0:89:40:a1:87:6f:f8:fe:ec:42:76:0f:56:
                    44:b0:ea:07:ab:ec:a4:6f:df:61:c0:01:28:a9:4f:
                    f7:20:91:73:6e:97:40:7f:de:69:8e:31:86:a6:30:
                    9f:d1:00:89:14:cc:00:c0:42:b0:f8:b0:cd:9e:85:
                    b2:2f:b4:bc:01:3b:13:fa:75:f9:ff:e0:44:9f:be:
                    8a:f9:8d:ab:72:67:6f:7a:4b:09:21:dd:d4:5a:54:
                    9b:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:24:23:6E:44:49:A2:D3:A5:E3:EF:08:CC:60:16:87:9F:39:FD:0F
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/pSQjbkRJotOl4-8IzGAWh585_Q8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.5.156.0/24
                  81.168.41.0/24
                  81.168.116.0/24
                  81.168.119.0/24
                  81.168.123.0/24
                  82.152.111.0/24
                  82.152.252.0/23
                  82.152.255.0/24
                  82.153.1.0/24
                  82.153.73.0/24
                  82.153.78.0/24
                  82.153.136.0-82.153.140.255
                  82.153.221.0/24
                  82.153.223.0/24
                  82.153.225.0/24
                  82.153.227.0/24
                  82.153.240.0/24
                  82.153.249.0-82.153.250.255
                  89.213.5.0/24
                  89.213.133.0-89.213.139.255
                  89.213.141.0/24
                  89.213.145.0/24
                  89.213.149.0-89.213.158.255
                  89.213.160.0/24
                  89.213.162.0-89.213.164.255
                  89.213.167.0-89.213.168.255
                  89.213.170.0/24
                  89.213.172.0-89.213.174.255
                  89.213.176.0-89.213.185.255
                  89.213.188.0/23
                  109.176.208.0/23
                  109.176.211.0/24
                  109.176.216.0/21
                  109.176.245.0-109.176.246.255
                  109.176.248.0-109.176.250.255
                  185.49.125.0-185.49.127.255
                  213.152.42.0/24
                  213.152.61.0/24

    Signature Algorithm: sha256WithRSAEncryption
         65:1e:6f:9b:97:db:ab:f9:82:4d:50:71:67:c6:59:f0:49:ab:
         02:dc:8c:d6:f7:47:92:0a:e6:56:fb:75:b5:7b:a9:3d:d7:62:
         1d:a0:1a:08:29:f2:e7:96:2d:7e:9e:c6:da:40:70:7c:2f:52:
         79:a5:ac:0e:0f:12:ed:fc:ee:8f:82:0a:ab:14:14:4b:af:5c:
         79:d5:88:a7:a2:6c:d4:17:b5:9a:7e:b2:e1:4e:8d:14:cc:58:
         d8:00:a9:3d:cf:6d:63:94:4d:7d:32:31:5d:1a:0d:d9:ed:62:
         ec:14:80:30:ed:22:f8:c0:69:87:58:98:c8:62:eb:e2:9a:77:
         a9:37:60:99:1e:3e:90:5a:7e:2d:78:d2:30:8e:db:a3:85:19:
         59:94:eb:cd:d8:c2:d2:32:10:fe:4c:a9:94:4f:44:a7:ce:5d:
         74:29:14:e9:60:2f:b2:63:47:52:b5:54:24:69:3f:01:bf:5b:
         80:91:9f:a8:8f:bf:81:50:31:c5:63:29:25:d4:06:76:24:59:
         6a:1e:03:bc:f0:06:e9:13:f9:a3:e0:d5:d1:69:08:2a:60:61:
         68:61:6f:76:f0:4b:5e:32:96:5d:27:c6:aa:1d:0f:a6:06:1b:
         e2:a1:9a:d7:49:34:8c:05:db:01:83:a8:31:d0:20:e0:12:2b:
         e0:8f:71:d5
-----BEGIN CERTIFICATE-----
MIIGPTCCBSWgAwIBAgISAYphA/e4ChQ1PuJjr23skuWgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwOTA0MTYyNjA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTI0MjM2ZTQ0NDlhMmQzYTVlM2VmMDhjYzYwMTY4NzlmMzlmZDBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3oKl65+eN8bx/n0kXo4EDl0w2y65
1ybHCkEwtqG2fBNLL+SrDTOpxsyKBsk61Zc4VsG2UJuJiImurTWVvrAZyDzj26Cv
Mw6YuQTxF8Uv2tpbvj3nysSoaGVmxqkVJhXvRYCkMpIB/tvfhIu1WVe3LJgTIaQu
84k0WZZy3mTeHufY2qfC9E4CQJ6wlPzxibvG/OrzyYdjSzmvqzTSQmAqMXOYpyYx
qLCJQKGHb/j+7EJ2D1ZEsOoHq+ykb99hwAEoqU/3IJFzbpdAf95pjjGGpjCf0QCJ
FMwAwEKw+LDNnoWyL7S8ATsT+nX5/+BEn76K+Y2rcmdveksJId3UWlSb/QIDAQAB
o4IDSTCCA0UwHQYDVR0OBBYEFKUkI25ESaLTpePvCMxgFoefOf0PMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvcFNRamJrUkpvdE9sNC04SXpHQVdoNTg1X1E4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBXQYIKwYBBQUHAQcBAf8EggFMMIIBSDCCAUQEAgABMIIB
PAMEAFEFnAMEAFGoKQMEAFGodAMEAFGodwMEAFGoewMEAFKYbwMEAVKY/AMEAFKY
/wMEAFKZAQMEAFKZSQMEAFKZTjAMAwQDUpmIAwQAUpmMAwQAUpndAwQAUpnfAwQA
UpnhAwQAUpnjAwQAUpnwMAwDBABSmfkDBABSmfoDBABZ1QUwDAMEAFnVhQMEAlnV
iAMEAFnVjQMEAFnVkTAMAwQAWdWVAwQAWdWeAwQAWdWgMAwDBAFZ1aIDBABZ1aQw
DAMEAFnVpwMEAFnVqAMEAFnVqjAMAwQCWdWsAwQAWdWuMAwDBARZ1bADBAFZ1bgD
BAFZ1bwDBAFtsNADBABtsNMDBANtsNgwDAMEAG2w9QMEAG2w9jAMAwQDbbD4AwQA
bbD6MAwDBAC5MX0DBAe5MQADBADVmCoDBADVmD0wDQYJKoZIhvcNAQELBQADggEB
AGUeb5uX26v5gk1QcWfGWfBJqwLcjNb3R5IK5lb7dbV7qT3XYh2gGggp8ueWLX6e
xtpAcHwvUnmlrA4PEu387o+CCqsUFEuvXHnViKeibNQXtZp+suFOjRTMWNgAqT3P
bWOUTX0yMV0aDdntYuwUgDDtIvjAaYdYmMhi6+Kad6k3YJkePpBafi140jCO26OF
GVmU683YwtIyEP5MqZRPRKfOXXQpFOlgL7JjR1K1VCRpPwG/W4CRn6iPv4FQMcVj
KSXUBnYkWWoeA7zwBukT+aPg1dFpCCpgYWhhb3bwS14yll0nxqodD6YGG+KhmtdJ
NIwF2wGDqDHQIOASK+CPcdU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:18 2024 by rpki-client on console-fra.rpki-client.org