Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/t6CDp69oZ3vM2q4WDkiqT5Y337c.roa
File:                     t6CDp69oZ3vM2q4WDkiqT5Y337c.roa (raw, json)
Hash identifier:          Us6VqMJ7bJkeOyR72s+6imKJT2DroCsvO3HNCS2BOpM=
Subject key identifier:   B7:A0:83:A7:AF:68:67:7B:CC:DA:AE:16:0E:48:AA:4F:96:37:DF:B7
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018F304215DA980694D81BFD66422D62CC2F
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/t6CDp69oZ3vM2q4WDkiqT5Y337c.roa
Signing time:             Tue 30 Apr 2024 18:26:28 +0000
ROA not before:           Tue 30 Apr 2024 18:26:28 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     834
IP address blocks:        82.152.176.0/23 maxlen: 23
                          82.153.136.0/22 maxlen: 22
                          82.153.245.0/24 maxlen: 24
                          89.213.133.0/24 maxlen: 24
                          89.213.148.0/22 maxlen: 24
                          89.213.152.0/22 maxlen: 24
                          89.213.156.0/22 maxlen: 24
                          89.213.172.0/22 maxlen: 24
                          89.213.180.0/24 maxlen: 24
                          109.176.16.0/21 maxlen: 24
                          185.49.126.0/23 maxlen: 24
                          194.105.80.0/20 maxlen: 20
                          213.130.149.0/24 maxlen: 24
                          213.218.209.0/24 maxlen: 24
                          213.218.210.0/24 maxlen: 24
                          213.218.211.0/24 maxlen: 24
                          213.218.213.0/24 maxlen: 24
                          213.218.234.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 01 May 2024 07:34:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:30:42:15:da:98:06:94:d8:1b:fd:66:42:2d:62:cc:2f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Apr 30 18:26:28 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=b7a083a7af68677bccdaae160e48aa4f9637dfb7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:ad:73:55:50:b9:17:4d:31:84:37:95:f7:d8:
                    73:62:9e:6f:1c:94:78:7d:84:ac:85:1c:54:3d:8f:
                    c0:e3:88:98:06:f4:a6:b1:a5:8d:40:1a:38:0e:40:
                    99:a5:4a:b6:50:39:ff:b3:7e:7c:f6:ba:0a:26:96:
                    ce:8a:85:73:36:2d:9c:fb:a8:eb:eb:b7:a2:16:5f:
                    e4:46:b1:c4:13:1e:23:64:4f:dd:10:d9:99:d5:04:
                    8b:7d:84:3b:b4:85:a3:d0:3a:c1:e2:5c:45:7a:14:
                    a7:2e:2d:80:45:b7:68:19:b3:23:c0:d0:0e:fb:2b:
                    cb:cb:98:e6:aa:8b:1f:8a:1c:38:ac:19:14:56:4f:
                    fa:84:3d:0d:5c:40:03:a0:d6:7a:c5:f0:40:54:b7:
                    38:7e:0d:3c:ed:59:45:2b:8f:1a:02:8b:0c:70:0e:
                    e6:78:d6:6e:d2:c9:80:03:eb:7b:ff:b7:6b:f9:0d:
                    6d:d8:5d:27:0e:37:a5:34:e2:80:5b:28:75:3a:c1:
                    fb:c9:02:5a:14:f8:e9:96:89:4a:58:3e:14:91:80:
                    b0:53:4f:07:9d:37:26:e5:5a:2f:d6:b7:61:cc:aa:
                    27:c8:c6:9a:f1:7d:6e:f4:1d:17:a4:6f:f1:0b:1f:
                    71:33:8d:79:26:c1:54:2c:ce:9e:56:50:5a:2f:85:
                    0c:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:A0:83:A7:AF:68:67:7B:CC:DA:AE:16:0E:48:AA:4F:96:37:DF:B7
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/t6CDp69oZ3vM2q4WDkiqT5Y337c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.152.176.0/23
                  82.153.136.0/22
                  82.153.245.0/24
                  89.213.133.0/24
                  89.213.148.0-89.213.159.255
                  89.213.172.0/22
                  89.213.180.0/24
                  109.176.16.0/21
                  185.49.126.0/23
                  194.105.80.0/20
                  213.130.149.0/24
                  213.218.209.0-213.218.211.255
                  213.218.213.0/24
                  213.218.234.0/24

    Signature Algorithm: sha256WithRSAEncryption
         87:59:16:5d:2b:55:d5:d8:cb:6d:fb:92:87:27:72:fa:b4:be:
         0b:56:cc:20:57:f0:f5:45:15:fa:ad:1d:d2:c7:f0:da:82:77:
         ee:fa:05:51:11:9f:31:f3:ed:8b:c7:8d:64:2c:39:96:52:19:
         7b:2b:a7:26:1a:22:43:4d:ab:74:2e:19:d9:8a:02:8c:c4:94:
         1c:1a:5e:9f:7d:e6:94:c8:18:85:9f:6a:9b:08:a8:86:31:99:
         91:08:00:16:0b:ed:4a:ef:73:e0:6c:3a:fd:c8:f1:2d:fa:ce:
         97:50:e3:22:2e:39:0d:0f:05:a7:e9:10:41:b8:2d:16:c0:59:
         5b:00:2e:dd:6a:2f:2c:93:83:6f:6e:b2:e6:c6:03:37:f5:f3:
         07:bd:b3:94:5b:0a:e1:77:f0:13:14:b9:c8:2c:e7:76:aa:6f:
         40:91:bd:10:7a:4e:cf:86:03:d1:99:42:52:03:48:f5:05:85:
         71:f1:a8:ab:98:d4:a2:e7:48:08:24:49:6f:d1:d9:3e:68:ff:
         f7:7d:38:0a:6c:18:e0:7f:04:3e:2a:6f:98:16:fb:b4:ee:3d:
         59:57:50:f0:50:d3:e4:6b:b5:65:97:6c:99:7b:b6:e2:fb:aa:
         6a:3b:6d:18:34:11:29:cf:08:c9:21:85:3d:01:ab:64:d9:74:
         f2:da:cb:71
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgISAY8wQhXamAaU2Bv9ZkItYswvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNDMwMTgyNjI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2EwODNhN2FmNjg2NzdiY2NkYWFlMTYwZTQ4YWE0Zjk2MzdkZmI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyK1zVVC5F00xhDeV99hzYp5vHJR4
fYSshRxUPY/A44iYBvSmsaWNQBo4DkCZpUq2UDn/s3589roKJpbOioVzNi2c+6jr
67eiFl/kRrHEEx4jZE/dENmZ1QSLfYQ7tIWj0DrB4lxFehSnLi2ARbdoGbMjwNAO
+yvLy5jmqosfihw4rBkUVk/6hD0NXEADoNZ6xfBAVLc4fg087VlFK48aAosMcA7m
eNZu0smAA+t7/7dr+Q1t2F0nDjelNOKAWyh1OsH7yQJaFPjplolKWD4UkYCwU08H
nTcm5Vov1rdhzKonyMaa8X1u9B0XpG/xCx9xM415JsFULM6eVlBaL4UMUwIDAQAB
o4ICZzCCAmMwHQYDVR0OBBYEFLegg6evaGd7zNquFg5Iqk+WN9+3MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvdDZDRHA2OW9aM3ZNMnE0V0RraXFUNVkzMzdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH0GCCsGAQUFBwEHAQH/BG4wbDBqBAIAATBkAwQBUpiwAwQC
UpmIAwQAUpn1AwQAWdWFMAwDBAJZ1ZQDBAVZ1YADBAJZ1awDBABZ1bQDBANtsBAD
BAG5MX4DBATCaVADBADVgpUwDAMEANXa0QMEAtXa0AMEANXa1QMEANXa6jANBgkq
hkiG9w0BAQsFAAOCAQEAh1kWXStV1djLbfuShydy+rS+C1bMIFfw9UUV+q0d0sfw
2oJ37voFURGfMfPti8eNZCw5llIZeyunJhoiQ02rdC4Z2YoCjMSUHBpen33mlMgY
hZ9qmwiohjGZkQgAFgvtSu9z4Gw6/cjxLfrOl1DjIi45DQ8Fp+kQQbgtFsBZWwAu
3WovLJODb26y5sYDN/XzB72zlFsK4XfwExS5yCzndqpvQJG9EHpOz4YD0ZlCUgNI
9QWFcfGoq5jUoudICCRJb9HZPmj/9304CmwY4H8EPipvmBb7tO49WVdQ8FDT5Gu1
ZZdsmXu24vuqajttGDQRKc8IySGFPQGrZNl08trLcQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:18 2024 by rpki-client on console-fra.rpki-client.org