Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/sCxm3RSnpfmBbnfRpesUbmsIjnI.roa
File:                     sCxm3RSnpfmBbnfRpesUbmsIjnI.roa (raw, json)
Hash identifier:          bCyHvE8TNK2a9ndL1Sgo5h4QPigKTVvVnJ6vIa7Mmvw=
Subject key identifier:   B0:2C:66:DD:14:A7:A5:F9:81:6E:77:D1:A5:EB:14:6E:6B:08:8E:72
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018CC60581FB8234FC8780B954478AA99515
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/sCxm3RSnpfmBbnfRpesUbmsIjnI.roa
Signing time:             Mon 01 Jan 2024 17:14:58 +0000
ROA not before:           Mon 01 Jan 2024 17:14:58 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     834
IP address blocks:        185.49.126.0/23 maxlen: 24
                          89.213.180.0/24 maxlen: 24
                          82.153.241.0/24 maxlen: 24
                          82.153.246.0/24 maxlen: 24
                          82.153.136.0/22 maxlen: 22
                          81.168.119.0/24 maxlen: 24
                          89.213.152.0/22 maxlen: 24
                          89.213.148.0/22 maxlen: 24
                          89.213.156.0/22 maxlen: 24
                          213.152.42.0/24 maxlen: 24
                          89.213.172.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Wed 03 Jan 2024 08:56:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c6:05:81:fb:82:34:fc:87:80:b9:54:47:8a:a9:95:15
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jan  1 17:14:58 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=b02c66dd14a7a5f9816e77d1a5eb146e6b088e72
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:8b:af:20:3d:f8:db:74:33:8d:32:76:cf:00:
                    af:ae:14:56:d8:1f:4e:b4:06:30:83:a3:82:44:b9:
                    18:f9:d4:80:00:62:8b:a2:6b:49:20:71:00:f6:fb:
                    ed:02:6c:e6:e6:01:f3:c5:a4:a6:3c:fc:ca:b5:03:
                    e3:53:9a:a1:95:78:eb:21:8c:24:84:1d:ee:c9:28:
                    d2:65:f9:b9:2a:2d:db:68:c2:96:7f:33:d4:48:87:
                    1a:24:f6:b1:73:d2:0a:19:77:be:ff:cd:45:2a:b7:
                    4f:9d:4c:1e:35:e5:ef:6d:7b:60:3e:3f:95:c0:c1:
                    0b:a9:9f:09:3e:fb:e9:a7:87:36:71:60:e9:74:80:
                    ab:d0:11:2b:fd:fb:ae:38:68:40:e8:a5:82:89:51:
                    5c:c4:71:cb:5b:ee:fc:e2:18:05:c5:a7:e9:f0:c3:
                    ce:83:78:79:d3:1a:f0:69:39:a0:34:7c:2e:0f:cd:
                    40:78:c2:f8:38:15:77:70:32:10:61:5f:32:c9:6e:
                    e6:86:09:6f:36:5f:fa:10:aa:2b:60:71:9e:2f:70:
                    ef:19:48:a3:5a:bf:c9:58:07:25:fb:df:22:fd:5d:
                    a3:b3:1f:fa:a2:92:4c:84:ce:2f:77:2d:d8:6c:c3:
                    06:c5:42:e0:20:53:f2:1d:af:2e:b3:3c:48:c6:33:
                    8f:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:2C:66:DD:14:A7:A5:F9:81:6E:77:D1:A5:EB:14:6E:6B:08:8E:72
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/sCxm3RSnpfmBbnfRpesUbmsIjnI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.168.119.0/24
                  82.153.136.0/22
                  82.153.241.0/24
                  82.153.246.0/24
                  89.213.148.0-89.213.159.255
                  89.213.172.0/22
                  89.213.180.0/24
                  185.49.126.0/23
                  213.152.42.0/24

    Signature Algorithm: sha256WithRSAEncryption
         07:1e:93:b1:26:56:4d:95:73:14:24:d5:f5:cd:d2:09:8d:3e:
         69:1e:c5:ef:6b:0b:8d:ce:84:8c:76:7f:a0:7b:6a:f4:ff:5b:
         17:e8:1e:73:98:5c:0f:ef:0d:94:17:18:93:ab:cb:93:fc:b3:
         ff:c4:8d:ff:c2:a5:3d:65:2a:c4:f4:bc:ae:67:41:9e:cb:d0:
         13:99:fb:1e:07:e3:af:e4:ac:49:2e:1e:20:c3:ec:12:82:7c:
         2b:ec:26:52:fa:da:58:9a:c3:a7:63:9a:1c:39:74:96:f9:c2:
         07:14:34:e3:a4:22:5c:86:d3:d2:24:94:64:06:73:9f:11:f7:
         c8:19:f3:24:6c:57:8b:f3:43:38:d7:26:92:95:fd:52:60:34:
         ad:e3:62:88:da:c4:eb:f3:26:4a:3d:0d:34:29:4a:ce:10:b3:
         b5:76:69:58:36:de:32:9b:b1:43:4c:eb:20:9e:e8:26:3a:b8:
         50:4f:a4:c5:27:a2:6e:ea:35:18:01:c7:8d:16:c9:9f:c4:1b:
         ca:e4:2e:b9:cf:69:96:b6:ba:a8:5b:b0:00:f5:eb:db:e5:3c:
         1d:f0:94:a0:5a:fb:a6:c0:50:aa:06:3e:9c:72:23:1d:ef:b0:
         ae:01:3e:d1:1e:54:52:cc:6e:e9:1c:2b:b3:d4:4c:15:77:50:
         3f:5a:6d:69
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYzGBYH7gjT8h4C5VEeKqZUVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMTAxMTcxNDU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDJjNjZkZDE0YTdhNWY5ODE2ZTc3ZDFhNWViMTQ2ZTZiMDg4ZTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsIuvID3423QzjTJ2zwCvrhRW2B9O
tAYwg6OCRLkY+dSAAGKLomtJIHEA9vvtAmzm5gHzxaSmPPzKtQPjU5qhlXjrIYwk
hB3uySjSZfm5Ki3baMKWfzPUSIcaJPaxc9IKGXe+/81FKrdPnUweNeXvbXtgPj+V
wMELqZ8JPvvpp4c2cWDpdICr0BEr/fuuOGhA6KWCiVFcxHHLW+784hgFxafp8MPO
g3h50xrwaTmgNHwuD81AeML4OBV3cDIQYV8yyW7mhglvNl/6EKorYHGeL3DvGUij
Wr/JWAcl+98i/V2jsx/6opJMhM4vdy3YbMMGxULgIFPyHa8uszxIxjOPdwIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFLAsZt0Up6X5gW530aXrFG5rCI5yMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvc0N4bTNSU25wZm1CYm5mUnBlc1VibXNJam5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQAUah3AwQC
UpmIAwQAUpnxAwQAUpn2MAwDBAJZ1ZQDBAVZ1YADBAJZ1awDBABZ1bQDBAG5MX4D
BADVmCowDQYJKoZIhvcNAQELBQADggEBAAcek7EmVk2VcxQk1fXN0gmNPmkexe9r
C43OhIx2f6B7avT/WxfoHnOYXA/vDZQXGJOry5P8s//Ejf/CpT1lKsT0vK5nQZ7L
0BOZ+x4H46/krEkuHiDD7BKCfCvsJlL62liaw6djmhw5dJb5wgcUNOOkIlyG09Ik
lGQGc58R98gZ8yRsV4vzQzjXJpKV/VJgNK3jYojaxOvzJko9DTQpSs4Qs7V2aVg2
3jKbsUNM6yCe6CY6uFBPpMUnom7qNRgBx40WyZ/EG8rkLrnPaZa2uqhbsAD169vl
PB3wlKBa+6bAUKoGPpxyIx3vsK4BPtEeVFLMbukcK7PUTBV3UD9abWk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:18 2024 by rpki-client on console-fra.rpki-client.org