Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/q0f6SbXd0uuSCD5la921lCTqnQU.roa
File:                     q0f6SbXd0uuSCD5la921lCTqnQU.roa (raw, json)
Hash identifier:          nE6SnO7+IFuICrkrLQOZ3QgHhYCobHXAy8xI4ietGDU=
Subject key identifier:   AB:47:FA:49:B5:DD:D2:EB:92:08:3E:65:6B:DD:B5:94:24:EA:9D:05
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018AF468514BA8422D965EC871061CF90C71
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/q0f6SbXd0uuSCD5la921lCTqnQU.roa
Signing time:             Tue 03 Oct 2023 07:19:51 +0000
ROA not before:           Tue 03 Oct 2023 07:19:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        89.213.176.0/22 maxlen: 24
                          89.213.180.0/22 maxlen: 24
                          185.49.126.0/23 maxlen: 24
                          81.5.189.0/24 maxlen: 24
                          82.153.136.0/22 maxlen: 22
                          82.153.65.0/24 maxlen: 24
                          81.168.123.0/24 maxlen: 24
                          81.168.119.0/24 maxlen: 24
                          109.176.240.0/24 maxlen: 24
                          89.213.152.0/22 maxlen: 24
                          89.213.148.0/22 maxlen: 24
                          213.152.42.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 04 Oct 2023 16:06:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:f4:68:51:4b:a8:42:2d:96:5e:c8:71:06:1c:f9:0c:71
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Oct  3 07:19:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ab47fa49b5ddd2eb92083e656bddb59424ea9d05
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:ad:94:f1:a0:96:19:7a:bb:51:8f:f4:2d:bc:
                    0e:f0:6b:d2:57:3c:cc:d2:45:46:1e:68:f6:23:72:
                    0c:cc:ee:d6:d0:35:7a:e3:3a:2b:af:ec:3d:3c:a0:
                    ad:0b:9e:7f:83:d4:cb:34:e4:5f:81:d1:1f:f7:93:
                    58:a5:33:f1:a6:4f:55:fe:61:9f:80:e5:d6:ee:49:
                    18:7e:d4:4f:77:83:db:83:01:67:91:af:75:69:2b:
                    c0:64:10:f6:96:91:2a:1e:46:34:f2:de:a7:98:7e:
                    e9:e5:1b:9c:53:19:aa:d0:36:71:8a:7c:c9:3c:d0:
                    b7:50:ee:68:8e:ec:23:92:5d:22:17:1f:cf:1a:92:
                    aa:89:fb:9a:21:d6:36:f2:63:9a:8d:41:2b:7f:d1:
                    46:8c:00:5a:34:5e:24:e7:f1:5f:29:4f:5b:db:e3:
                    c4:4b:ef:2c:a0:e2:13:0a:5f:69:7d:38:a9:11:62:
                    44:11:7b:0b:26:33:61:2b:ae:2d:76:e4:d5:01:a1:
                    a7:a7:e0:91:f7:cb:31:ee:ac:15:bb:51:0a:2b:2f:
                    af:bd:c2:10:43:3e:bf:00:64:cc:27:8e:ee:d3:14:
                    d3:61:33:66:41:4e:e4:47:0e:50:3d:71:85:f3:81:
                    0d:ea:30:24:e2:08:27:d1:0e:d2:b8:fb:c4:98:ad:
                    08:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:47:FA:49:B5:DD:D2:EB:92:08:3E:65:6B:DD:B5:94:24:EA:9D:05
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/q0f6SbXd0uuSCD5la921lCTqnQU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.5.189.0/24
                  81.168.119.0/24
                  81.168.123.0/24
                  82.153.65.0/24
                  82.153.136.0/22
                  89.213.148.0-89.213.155.255
                  89.213.176.0/21
                  109.176.240.0/24
                  185.49.126.0/23
                  213.152.42.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6c:c6:11:0c:62:0d:44:ea:cd:04:a1:23:89:3e:b5:1c:4e:a5:
         56:e8:17:04:74:e1:78:a1:0e:8f:75:29:28:d6:66:65:25:0f:
         2e:ed:c7:77:31:4c:35:59:bd:e3:67:15:78:b0:34:a8:c5:08:
         fc:e0:f7:a2:88:eb:bf:27:4f:25:02:2b:af:a1:b0:a3:71:e6:
         9a:5f:77:5b:86:4d:83:bc:7a:7f:61:0e:4a:e1:aa:e9:b8:2a:
         ed:52:c1:a4:98:ac:51:39:b9:b3:8e:01:d3:59:35:b2:fd:cf:
         44:55:bc:b0:48:73:17:08:cb:58:3a:56:31:2a:4f:31:da:ce:
         b3:9f:41:30:b6:6c:d9:e5:f6:40:e3:7b:df:48:d1:09:90:c2:
         47:8c:ff:7b:ab:bb:02:9c:2b:ac:b9:1c:55:86:6a:6d:e3:c3:
         ff:5f:15:e0:a9:d8:4c:3a:63:28:7c:f9:22:5f:30:30:97:84:
         0a:84:a5:ac:20:94:db:b1:82:5a:b1:e6:4d:07:94:76:72:30:
         0f:ab:ca:e1:de:6c:7e:68:6d:f8:56:cc:17:b1:a0:74:6f:28:
         f9:d1:ea:c4:f1:e6:92:e9:36:51:38:92:01:26:60:4b:57:dc:
         fd:67:fd:15:0a:f0:72:0e:64:ea:af:78:ef:30:a1:f8:4f:0a:
         43:f2:f0:50
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAYr0aFFLqEItll7IcQYc+QxxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMxMDAzMDcxOTUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjQ3ZmE0OWI1ZGRkMmViOTIwODNlNjU2YmRkYjU5NDI0ZWE5ZDA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmq2U8aCWGXq7UY/0LbwO8GvSVzzM
0kVGHmj2I3IMzO7W0DV64zorr+w9PKCtC55/g9TLNORfgdEf95NYpTPxpk9V/mGf
gOXW7kkYftRPd4PbgwFnka91aSvAZBD2lpEqHkY08t6nmH7p5RucUxmq0DZxinzJ
PNC3UO5ojuwjkl0iFx/PGpKqifuaIdY28mOajUErf9FGjABaNF4k5/FfKU9b2+PE
S+8soOITCl9pfTipEWJEEXsLJjNhK64tduTVAaGnp+CR98sx7qwVu1EKKy+vvcIQ
Qz6/AGTMJ47u0xTTYTNmQU7kRw5QPXGF84EN6jAk4ggn0Q7SuPvEmK0IVQIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFKtH+km13dLrkgg+ZWvdtZQk6p0FMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvcTBmNlNiWGQwdXVTQ0Q1bGE5MjFsQ1RxblFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQAUQW9AwQA
Uah3AwQAUah7AwQAUplBAwQCUpmIMAwDBAJZ1ZQDBAJZ1ZgDBANZ1bADBABtsPAD
BAG5MX4DBADVmCowDQYJKoZIhvcNAQELBQADggEBAGzGEQxiDUTqzQShI4k+tRxO
pVboFwR04XihDo91KSjWZmUlDy7tx3cxTDVZveNnFXiwNKjFCPzg96KI678nTyUC
K6+hsKNx5ppfd1uGTYO8en9hDkrhqum4Ku1SwaSYrFE5ubOOAdNZNbL9z0RVvLBI
cxcIy1g6VjEqTzHazrOfQTC2bNnl9kDje99I0QmQwkeM/3uruwKcK6y5HFWGam3j
w/9fFeCp2Ew6Yyh8+SJfMDCXhAqEpawglNuxglqx5k0HlHZyMA+ryuHebH5obfhW
zBexoHRvKPnR6sTx5pLpNlE4kgEmYEtX3P1n/RUK8HIOZOqveO8wofhPCkPy8FA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:31 2024 by rpki-client on console-ams.rpki-client.org