Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/rLqT9zp3s3WqK586Re_1STjHbFI.roa
File:                     rLqT9zp3s3WqK586Re_1STjHbFI.roa (raw, json)
Hash identifier:          pdYembeLDji/P3rPxvVhXbUqpe77kMcQAjOOy7Kx/x0=
Subject key identifier:   AC:BA:93:F7:3A:77:B3:75:AA:2B:9F:3A:45:EF:F5:49:38:C7:6C:52
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018A6007498E3C22981F38CC7ADE79908252
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/rLqT9zp3s3WqK586Re_1STjHbFI.roa
Signing time:             Mon 04 Sep 2023 11:50:04 +0000
ROA not before:           Mon 04 Sep 2023 11:50:04 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61317
IP address blocks:        89.213.190.0/24 maxlen: 24
                          89.213.130.0/24 maxlen: 24
                          82.152.251.0/24 maxlen: 24
                          82.152.248.0/24 maxlen: 24
                          81.168.35.0/24 maxlen: 24
                          82.152.254.0/24 maxlen: 24
                          89.213.161.0/24 maxlen: 24
                          82.153.132.0/24 maxlen: 24
                          82.153.69.0/24 maxlen: 24
                          82.153.68.0/24 maxlen: 24
                          82.153.71.0/24 maxlen: 24
                          82.153.72.0/24 maxlen: 24
                          82.153.79.0/24 maxlen: 24
                          81.168.123.0/24 maxlen: 24
                          81.168.120.0/24 maxlen: 24
                          81.168.119.0/24 maxlen: 24
                          109.176.240.0/24 maxlen: 24
                          81.168.126.0/24 maxlen: 24
                          109.176.247.0/24 maxlen: 24
                          109.176.251.0/24 maxlen: 24
                          185.49.124.0/24 maxlen: 24
                          81.5.189.0/24 maxlen: 24
                          89.213.7.0/24 maxlen: 24
                          89.213.6.0/24 maxlen: 24
                          82.153.224.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 19 Sep 2023 08:10:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:60:07:49:8e:3c:22:98:1f:38:cc:7a:de:79:90:82:52
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Sep  4 11:50:04 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=acba93f73a77b375aa2b9f3a45eff54938c76c52
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:c5:d2:5d:59:9b:59:c0:42:43:56:6e:1a:0a:
                    b1:8b:c2:42:12:f9:8a:d1:f7:10:b8:a8:4b:a4:97:
                    20:ea:26:72:2d:c9:cd:d3:2e:ba:8d:36:1c:78:a3:
                    e3:c2:97:23:ba:3a:e3:7d:8a:47:31:d8:ef:cf:12:
                    92:2b:58:a6:c1:4f:b7:b3:a0:63:78:66:d0:21:84:
                    02:04:59:c8:a0:4c:bc:f6:91:4b:f3:a1:0f:4b:ac:
                    56:28:ed:53:fb:4e:a6:58:33:fa:b5:7e:ab:49:13:
                    d3:33:c4:a2:44:6f:4f:da:18:92:50:7b:2b:14:ae:
                    9f:5b:e1:9b:56:0b:d8:0a:f2:ed:fb:ee:7a:64:6e:
                    8c:ab:af:d2:b4:27:5a:88:21:55:b7:9e:e8:48:ac:
                    5d:b6:41:23:9c:09:48:50:7f:11:a0:95:eb:23:dc:
                    60:37:68:f6:a8:62:a2:d4:16:73:c3:cc:c9:05:23:
                    1a:22:c6:0e:f6:b9:61:69:d8:b0:a7:8d:76:bc:f2:
                    41:ba:20:fa:cd:30:be:75:c4:2e:51:03:62:c6:2f:
                    61:05:86:75:ca:a8:9c:61:5b:c6:40:26:be:c0:9c:
                    d2:4e:d4:ae:2d:8a:3b:03:0d:06:60:21:59:68:b4:
                    dc:ea:b2:a0:1f:58:84:f5:e3:0e:ae:21:27:da:a6:
                    c9:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:BA:93:F7:3A:77:B3:75:AA:2B:9F:3A:45:EF:F5:49:38:C7:6C:52
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/rLqT9zp3s3WqK586Re_1STjHbFI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.5.189.0/24
                  81.168.35.0/24
                  81.168.119.0-81.168.120.255
                  81.168.123.0/24
                  81.168.126.0/24
                  82.152.248.0/24
                  82.152.251.0/24
                  82.152.254.0/24
                  82.153.68.0/23
                  82.153.71.0-82.153.72.255
                  82.153.79.0/24
                  82.153.132.0/24
                  82.153.224.0/24
                  89.213.6.0/23
                  89.213.130.0/24
                  89.213.161.0/24
                  89.213.190.0/24
                  109.176.240.0/24
                  109.176.247.0/24
                  109.176.251.0/24
                  185.49.124.0/24

    Signature Algorithm: sha256WithRSAEncryption
         16:00:f9:ff:37:12:b8:41:38:7b:c4:d6:27:9b:4a:1d:cc:60:
         22:42:d7:36:29:f1:f8:75:89:f7:2a:ec:b2:0d:83:3a:4a:e1:
         82:7f:df:65:bf:43:ba:3a:98:64:07:99:d1:3f:5c:93:4e:66:
         64:0c:1b:9d:64:14:d7:bb:7e:e6:21:58:95:b5:d4:6b:45:47:
         8d:e4:77:60:7b:b9:24:99:8a:dc:e6:3f:c7:d2:1a:fc:8d:4a:
         b4:e2:cd:80:24:31:48:0a:40:58:93:fb:57:6c:a3:70:55:7b:
         e6:f7:c7:3f:94:77:22:67:9b:96:98:76:ca:74:b7:2c:4a:f4:
         e5:d4:27:d3:27:5c:bc:77:8e:84:67:f7:33:70:14:7f:13:ae:
         b6:17:45:5d:46:7b:49:4e:ce:ee:80:88:72:df:da:90:ba:60:
         0c:03:c1:87:16:da:ff:05:7e:44:91:f4:20:00:0f:cf:2d:d8:
         dd:b6:f8:75:58:e4:58:6a:01:f3:ef:f4:58:7e:b2:94:c7:e3:
         4b:57:0c:6b:0e:19:c8:bc:e5:a0:88:69:94:e2:ee:32:d5:81:
         c2:5b:aa:84:27:ce:a9:6f:e2:24:86:19:37:56:fa:04:4c:73:
         81:e3:17:94:4c:0b:bc:4d:02:27:ee:2f:d0:1c:b0:f6:d4:05:
         92:76:1d:e2
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgISAYpgB0mOPCKYHzjMet55kIJSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwOTA0MTE1MDA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2JhOTNmNzNhNzdiMzc1YWEyYjlmM2E0NWVmZjU0OTM4Yzc2YzUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAisXSXVmbWcBCQ1ZuGgqxi8JCEvmK
0fcQuKhLpJcg6iZyLcnN0y66jTYceKPjwpcjujrjfYpHMdjvzxKSK1imwU+3s6Bj
eGbQIYQCBFnIoEy89pFL86EPS6xWKO1T+06mWDP6tX6rSRPTM8SiRG9P2hiSUHsr
FK6fW+GbVgvYCvLt++56ZG6Mq6/StCdaiCFVt57oSKxdtkEjnAlIUH8RoJXrI9xg
N2j2qGKi1BZzw8zJBSMaIsYO9rlhadiwp412vPJBuiD6zTC+dcQuUQNixi9hBYZ1
yqicYVvGQCa+wJzSTtSuLYo7Aw0GYCFZaLTc6rKgH1iE9eMOriEn2qbJaQIDAQAB
o4ICljCCApIwHQYDVR0OBBYEFKy6k/c6d7N1qiufOkXv9Uk4x2xSMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvckxxVDl6cDNzM1dxSzU4NlJlXzFTVGpIYkZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGrBggrBgEFBQcBBwEB/wSBmzCBmDCBlQQCAAEwgY4DBABR
Bb0DBABRqCMwDAMEAFGodwMEAFGoeAMEAFGoewMEAFGofgMEAFKY+AMEAFKY+wME
AFKY/gMEAVKZRDAMAwQAUplHAwQAUplIAwQAUplPAwQAUpmEAwQAUpngAwQBWdUG
AwQAWdWCAwQAWdWhAwQAWdW+AwQAbbDwAwQAbbD3AwQAbbD7AwQAuTF8MA0GCSqG
SIb3DQEBCwUAA4IBAQAWAPn/NxK4QTh7xNYnm0odzGAiQtc2KfH4dYn3KuyyDYM6
SuGCf99lv0O6OphkB5nRP1yTTmZkDBudZBTXu37mIViVtdRrRUeN5Hdge7kkmYrc
5j/H0hr8jUq04s2AJDFICkBYk/tXbKNwVXvm98c/lHciZ5uWmHbKdLcsSvTl1CfT
J1y8d46EZ/czcBR/E662F0VdRntJTs7ugIhy39qQumAMA8GHFtr/BX5EkfQgAA/P
Ldjdtvh1WORYagHz7/RYfrKUx+NLVwxrDhnIvOWgiGmU4u4y1YHCW6qEJ86pb+Ik
hhk3VvoETHOB4xeUTAu8TQIn7i/QHLD21AWSdh3i
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:18 2024 by rpki-client on console-fra.rpki-client.org