Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/pvQDGS_FGuxUy7eK4_6KdmH9pSY.roa
File:                     pvQDGS_FGuxUy7eK4_6KdmH9pSY.roa (raw, json)
Hash identifier:          mjkda2alGp6Wm22oKkLEKqCRHsi04JLhk/bgRYtXZr4=
Subject key identifier:   A6:F4:03:19:2F:C5:1A:EC:54:CB:B7:8A:E3:FE:8A:76:61:FD:A5:26
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018E1E1DEE38E49CD9A25D46664F9850D230
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/pvQDGS_FGuxUy7eK4_6KdmH9pSY.roa
Signing time:             Fri 08 Mar 2024 12:51:01 +0000
ROA not before:           Fri 08 Mar 2024 12:51:01 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     61317
IP address blocks:        81.168.120.0/24 maxlen: 24
                          82.152.248.0/24 maxlen: 24
                          82.152.251.0/24 maxlen: 24
                          82.152.254.0/24 maxlen: 24
                          82.153.69.0/24 maxlen: 24
                          82.153.72.0/24 maxlen: 24
                          82.153.79.0/24 maxlen: 24
                          82.153.132.0/24 maxlen: 24
                          82.153.224.0/24 maxlen: 24
                          82.153.245.0/24 maxlen: 24
                          89.213.4.0/24 maxlen: 24
                          89.213.6.0/24 maxlen: 24
                          89.213.7.0/24 maxlen: 24
                          89.213.130.0/24 maxlen: 24
                          89.213.178.0/24 maxlen: 24
                          89.213.190.0/24 maxlen: 24
                          109.176.244.0/24 maxlen: 24
                          109.176.247.0/24 maxlen: 24
                          109.176.251.0/24 maxlen: 24
                          185.49.124.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 22 Mar 2024 11:27:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:1e:1d:ee:38:e4:9c:d9:a2:5d:46:66:4f:98:50:d2:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Mar  8 12:51:01 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=a6f403192fc51aec54cbb78ae3fe8a7661fda526
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:e8:03:4e:b2:9e:60:62:6c:b3:64:bd:c9:23:
                    98:91:4c:19:f3:df:7d:23:3d:19:62:0a:67:37:c5:
                    90:64:7a:38:66:2b:29:32:d5:92:bd:7a:d4:14:ac:
                    be:50:db:b5:f2:38:45:34:77:34:43:2e:4c:63:5e:
                    a2:5f:05:ac:74:83:75:aa:42:c7:85:36:3c:f6:24:
                    4a:64:de:cf:52:58:af:a9:4a:58:5a:59:b8:0e:5d:
                    a8:6e:43:df:3f:80:af:fc:5c:14:35:8f:19:42:49:
                    d7:89:63:d7:45:50:b5:d9:ae:b4:d9:11:13:d4:b1:
                    67:22:9c:73:92:3e:53:e9:23:6b:39:3f:17:32:32:
                    f3:0e:3f:3d:35:89:80:fa:09:b2:86:5d:12:75:df:
                    61:5f:a8:ba:77:ee:cb:a5:36:2c:6f:ed:99:eb:bf:
                    34:f0:ad:cb:2c:f0:9a:50:a9:3a:50:32:66:ee:ef:
                    c0:8d:39:82:3a:c0:9b:d8:7d:b1:b9:ba:97:8d:3f:
                    a4:2a:bc:89:5d:ba:ba:00:02:b1:af:7f:b5:86:53:
                    de:b3:49:09:52:68:78:3c:b4:9f:cc:48:90:92:0f:
                    7e:32:0d:9b:f0:5e:25:62:5f:69:f0:f7:c2:a1:39:
                    8d:ac:f2:8c:a7:3a:65:9b:87:96:d1:d1:73:c1:97:
                    bf:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:F4:03:19:2F:C5:1A:EC:54:CB:B7:8A:E3:FE:8A:76:61:FD:A5:26
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/pvQDGS_FGuxUy7eK4_6KdmH9pSY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.168.120.0/24
                  82.152.248.0/24
                  82.152.251.0/24
                  82.152.254.0/24
                  82.153.69.0/24
                  82.153.72.0/24
                  82.153.79.0/24
                  82.153.132.0/24
                  82.153.224.0/24
                  82.153.245.0/24
                  89.213.4.0/24
                  89.213.6.0/23
                  89.213.130.0/24
                  89.213.178.0/24
                  89.213.190.0/24
                  109.176.244.0/24
                  109.176.247.0/24
                  109.176.251.0/24
                  185.49.124.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2c:6e:ee:83:28:46:a8:dc:e2:dc:58:ef:fe:98:ae:7f:45:6b:
         f8:0d:76:b8:dd:f9:7a:63:91:a6:91:5e:45:90:80:31:b9:b6:
         67:a7:36:92:0b:de:a3:2c:b5:fe:a7:85:b5:3d:20:b0:e7:9f:
         60:3b:eb:a0:21:23:14:98:41:78:88:fa:8a:3f:7e:5b:3c:13:
         5b:82:c8:64:ad:c5:bc:4b:cf:04:81:1f:f6:90:01:c3:96:67:
         21:db:5d:41:14:0c:b1:81:7b:94:81:1c:a5:07:44:22:ff:2c:
         2f:44:81:9a:b4:df:eb:8f:97:f5:52:2a:d9:7d:73:0a:45:21:
         7e:63:50:4f:db:5f:6c:9e:00:15:6f:f1:88:f5:d6:be:27:76:
         64:5b:6e:e7:d7:f9:c7:03:77:4e:0b:77:91:c0:15:d4:53:db:
         8d:72:ba:65:e5:6e:b4:1e:33:eb:1e:56:8c:91:01:24:fa:35:
         f2:a4:11:91:18:47:23:2a:57:cb:ea:94:b9:82:50:ce:12:92:
         ff:8b:a4:c1:e6:cc:26:07:26:f8:a1:dc:78:b0:d4:29:ed:40:
         88:10:0c:7f:d4:e0:80:5b:12:d2:5b:fb:c3:86:e6:00:e4:4f:
         a2:6e:e8:82:58:cd:d9:d2:fd:0b:3c:c8:df:f2:4e:4d:d1:3a:
         51:b1:56:ed
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgISAY4eHe445JzZol1GZk+YUNIwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMzA4MTI1MTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmY0MDMxOTJmYzUxYWVjNTRjYmI3OGFlM2ZlOGE3NjYxZmRhNTI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuOgDTrKeYGJss2S9ySOYkUwZ8999
Iz0ZYgpnN8WQZHo4ZispMtWSvXrUFKy+UNu18jhFNHc0Qy5MY16iXwWsdIN1qkLH
hTY89iRKZN7PUlivqUpYWlm4Dl2obkPfP4Cv/FwUNY8ZQknXiWPXRVC12a602RET
1LFnIpxzkj5T6SNrOT8XMjLzDj89NYmA+gmyhl0Sdd9hX6i6d+7LpTYsb+2Z6780
8K3LLPCaUKk6UDJm7u/AjTmCOsCb2H2xubqXjT+kKryJXbq6AAKxr3+1hlPes0kJ
Umh4PLSfzEiQkg9+Mg2b8F4lYl9p8PfCoTmNrPKMpzplm4eW0dFzwZe/dwIDAQAB
o4ICdjCCAnIwHQYDVR0OBBYEFKb0AxkvxRrsVMu3iuP+inZh/aUmMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvcHZRREdTX0ZHdXhVeTdlSzRfNktkbUg5cFNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGLBggrBgEFBQcBBwEB/wR8MHoweAQCAAEwcgMEAFGoeAME
AFKY+AMEAFKY+wMEAFKY/gMEAFKZRQMEAFKZSAMEAFKZTwMEAFKZhAMEAFKZ4AME
AFKZ9QMEAFnVBAMEAVnVBgMEAFnVggMEAFnVsgMEAFnVvgMEAG2w9AMEAG2w9wME
AG2w+wMEALkxfDANBgkqhkiG9w0BAQsFAAOCAQEALG7ugyhGqNzi3Fjv/piuf0Vr
+A12uN35emORppFeRZCAMbm2Z6c2kgveoyy1/qeFtT0gsOefYDvroCEjFJhBeIj6
ij9+WzwTW4LIZK3FvEvPBIEf9pABw5ZnIdtdQRQMsYF7lIEcpQdEIv8sL0SBmrTf
64+X9VIq2X1zCkUhfmNQT9tfbJ4AFW/xiPXWvid2ZFtu59f5xwN3Tgt3kcAV1FPb
jXK6ZeVutB4z6x5WjJEBJPo18qQRkRhHIypXy+qUuYJQzhKS/4ukwebMJgcm+KHc
eLDUKe1AiBAMf9TggFsS0lv7w4bmAORPom7ogljN2dL9CzzI3/JOTdE6UbFW7Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:18 2024 by rpki-client on console-fra.rpki-client.org