Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/t_W3tVyPouHnZiw8bFFDOxFm2eo.roa
File:                     t_W3tVyPouHnZiw8bFFDOxFm2eo.roa (raw, json)
Hash identifier:          uS/P4klLticTqUxjF21Z5lWotgCH2nXWYDhtjCRav7Q=
Subject key identifier:   B7:F5:B7:B5:5C:8F:A2:E1:E7:66:2C:3C:6C:51:43:3B:11:66:D9:EA
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018EE0C71620A1A652411274CB376B5939A8
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/t_W3tVyPouHnZiw8bFFDOxFm2eo.roa
Signing time:             Mon 15 Apr 2024 08:02:07 +0000
ROA not before:           Mon 15 Apr 2024 08:02:07 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     834
IP address blocks:        82.152.49.0/24 maxlen: 24
                          82.152.176.0/23 maxlen: 23
                          82.152.177.0/24 maxlen: 24
                          82.153.65.0/24 maxlen: 24
                          82.153.136.0/22 maxlen: 22
                          82.153.245.0/24 maxlen: 24
                          89.213.133.0/24 maxlen: 24
                          89.213.148.0/22 maxlen: 24
                          89.213.152.0/22 maxlen: 24
                          89.213.156.0/22 maxlen: 24
                          89.213.172.0/22 maxlen: 24
                          89.213.180.0/24 maxlen: 24
                          185.49.126.0/23 maxlen: 24
                          213.130.149.0/24 maxlen: 24
                          213.152.42.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 16 Apr 2024 07:02:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:e0:c7:16:20:a1:a6:52:41:12:74:cb:37:6b:59:39:a8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Apr 15 08:02:07 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=b7f5b7b55c8fa2e1e7662c3c6c51433b1166d9ea
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:55:6a:dc:05:2e:c5:7d:74:df:a0:29:f6:38:
                    02:1e:f5:f9:8c:8c:76:48:59:3e:2f:10:a0:40:e4:
                    9f:2f:e4:39:0a:be:31:a0:0a:1d:b4:9a:cb:df:00:
                    54:23:a4:24:21:9d:de:0a:87:f9:cb:64:2b:d3:09:
                    d2:eb:10:89:57:53:bc:0f:86:2a:3b:6a:ec:43:79:
                    38:b9:d7:58:99:2c:6d:d8:40:9d:8d:be:7b:9b:3f:
                    d2:79:58:dc:ce:61:12:61:fb:56:a4:37:ef:73:14:
                    8e:59:17:92:2b:94:54:d0:f7:3c:17:68:e5:13:16:
                    a8:af:63:3c:b5:cb:85:14:08:9d:31:22:c6:75:e2:
                    84:2b:30:ec:1f:9d:ff:55:0b:19:35:51:45:31:03:
                    59:46:a2:51:b7:44:70:2b:7e:5a:0b:8e:00:00:85:
                    2d:be:44:2c:b1:96:79:46:eb:7b:dc:32:5d:52:e6:
                    d2:1a:9f:05:b9:21:f2:ba:c9:92:c6:bf:4e:22:ec:
                    f6:01:72:ed:71:07:5b:84:49:42:89:81:55:8e:72:
                    e6:1a:cc:0a:16:c5:c8:60:5c:0f:06:a9:9f:d6:af:
                    b2:75:32:88:f0:3c:eb:dd:b7:b7:a3:74:08:8b:e2:
                    30:b9:5d:07:3c:39:01:ba:e5:1c:8a:34:09:fd:54:
                    f5:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:F5:B7:B5:5C:8F:A2:E1:E7:66:2C:3C:6C:51:43:3B:11:66:D9:EA
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/t_W3tVyPouHnZiw8bFFDOxFm2eo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.152.49.0/24
                  82.152.176.0/23
                  82.153.65.0/24
                  82.153.136.0/22
                  82.153.245.0/24
                  89.213.133.0/24
                  89.213.148.0-89.213.159.255
                  89.213.172.0/22
                  89.213.180.0/24
                  185.49.126.0/23
                  213.130.149.0/24
                  213.152.42.0/24

    Signature Algorithm: sha256WithRSAEncryption
         54:64:c1:47:bf:b6:db:6e:36:3d:da:a2:e1:17:5c:95:c1:e3:
         9e:02:3c:df:32:b5:f3:55:a2:6a:c4:4b:8d:fb:67:ba:dc:ab:
         a4:62:cd:3c:b0:53:dd:2a:b4:9b:d8:f1:5d:70:84:2d:21:c7:
         fb:3c:5a:20:f9:40:cb:67:2f:97:a4:65:fb:4d:a3:64:ac:16:
         37:00:54:ba:8a:7d:78:b0:0c:c4:c0:7a:ea:21:46:ad:26:38:
         77:b1:f0:c4:e7:ba:df:e4:ce:c4:76:ef:42:0b:3d:52:eb:91:
         eb:ee:75:c0:2b:62:2e:e6:f7:da:f1:36:09:81:25:31:c5:8a:
         cd:29:e6:67:96:67:db:9f:e3:dc:02:7b:cc:f1:48:ce:35:a7:
         de:1f:22:69:d1:07:f5:59:5f:f3:34:9e:69:8d:76:f9:ea:64:
         64:d5:e0:9c:20:66:7f:5c:82:c6:4f:c0:7f:ff:a1:06:a2:ee:
         2e:90:dc:b9:27:ac:51:0b:5f:79:ed:cb:c3:c3:b0:71:ba:09:
         7f:c8:19:c2:77:aa:cc:10:8f:e3:1c:be:e3:31:93:e0:fc:96:
         5f:38:b5:49:da:e0:b5:c9:a5:be:61:02:45:73:f6:e8:b5:4a:
         08:9a:17:85:2a:dc:a1:c5:ca:e6:f6:d3:7f:4c:88:dc:7b:39:
         e3:ac:01:de
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAY7gxxYgoaZSQRJ0yzdrWTmoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNDE1MDgwMjA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2Y1YjdiNTVjOGZhMmUxZTc2NjJjM2M2YzUxNDMzYjExNjZkOWVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7VVq3AUuxX1036Ap9jgCHvX5jIx2
SFk+LxCgQOSfL+Q5Cr4xoAodtJrL3wBUI6QkIZ3eCof5y2Qr0wnS6xCJV1O8D4Yq
O2rsQ3k4uddYmSxt2ECdjb57mz/SeVjczmESYftWpDfvcxSOWReSK5RU0Pc8F2jl
Exaor2M8tcuFFAidMSLGdeKEKzDsH53/VQsZNVFFMQNZRqJRt0RwK35aC44AAIUt
vkQssZZ5Rut73DJdUubSGp8FuSHyusmSxr9OIuz2AXLtcQdbhElCiYFVjnLmGswK
FsXIYFwPBqmf1q+ydTKI8Dzr3be3o3QIi+IwuV0HPDkBuuUcijQJ/VT1hQIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFLf1t7Vcj6Lh52YsPGxRQzsRZtnqMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvdF9XM3RWeVBvdUhuWml3OGJGRkRPeEZtMmVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQAwQAUpgxAwQB
UpiwAwQAUplBAwQCUpmIAwQAUpn1AwQAWdWFMAwDBAJZ1ZQDBAVZ1YADBAJZ1awD
BABZ1bQDBAG5MX4DBADVgpUDBADVmCowDQYJKoZIhvcNAQELBQADggEBAFRkwUe/
tttuNj3aouEXXJXB454CPN8ytfNVomrES437Z7rcq6RizTywU90qtJvY8V1whC0h
x/s8WiD5QMtnL5ekZftNo2SsFjcAVLqKfXiwDMTAeuohRq0mOHex8MTnut/kzsR2
70ILPVLrkevudcArYi7m99rxNgmBJTHFis0p5meWZ9uf49wCe8zxSM41p94fImnR
B/VZX/M0nmmNdvnqZGTV4JwgZn9cgsZPwH//oQai7i6Q3LknrFELX3nty8PDsHG6
CX/IGcJ3qswQj+McvuMxk+D8ll84tUna4LXJpb5hAkVz9ui1SgiaF4Uq3KHFyub2
039MiNx7OeOsAd4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:31 2024 by rpki-client on console-ams.rpki-client.org