Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/uDvspPJpiu9sAJkw2qjmI5Krl48.roa
File:                     uDvspPJpiu9sAJkw2qjmI5Krl48.roa (raw, json)
Hash identifier:          gGJUQlp1s+b7VMxVDaDphiGtIbuCmhZuPFfL19tnDlI=
Subject key identifier:   B8:3B:EC:A4:F2:69:8A:EF:6C:00:99:30:DA:A8:E6:23:92:AB:97:8F
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018AFA3E8DB07CDAF861A04B9504022BEAE4
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/uDvspPJpiu9sAJkw2qjmI5Krl48.roa
Signing time:             Wed 04 Oct 2023 10:31:58 +0000
ROA not before:           Wed 04 Oct 2023 10:31:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     396356
IP address blocks:        82.153.137.0/24 maxlen: 24
                          82.153.139.0/24 maxlen: 24
                          82.153.140.0/24 maxlen: 24
                          82.153.240.0/24 maxlen: 24
                          82.153.249.0/24 maxlen: 24
                          82.153.250.0/24 maxlen: 24
                          89.213.136.0/24 maxlen: 24
                          81.5.156.0/24 maxlen: 24
                          82.152.252.0/24 maxlen: 24
                          82.152.253.0/24 maxlen: 24
                          82.152.255.0/24 maxlen: 24
                          81.168.41.0/24 maxlen: 24
                          82.153.221.0/24 maxlen: 24
                          82.153.223.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:30:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:fa:3e:8d:b0:7c:da:f8:61:a0:4b:95:04:02:2b:ea:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Oct  4 10:31:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b83beca4f2698aef6c009930daa8e62392ab978f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:7a:bc:88:c4:4f:2b:5c:23:b9:45:19:91:28:
                    d2:57:ad:ed:d4:fe:fe:bd:03:5c:3a:db:82:db:05:
                    5f:9c:55:02:e2:fd:33:5a:3e:36:d4:65:c0:cf:9e:
                    8e:56:e8:ed:29:51:47:d2:e2:26:82:5e:57:ba:71:
                    6d:af:ee:d6:ac:a1:00:1d:43:c2:bf:0a:70:d1:80:
                    96:05:ed:37:7f:4b:b5:63:0c:cd:da:ce:a6:53:b5:
                    1e:19:f2:78:50:4a:03:48:72:c5:29:f9:6c:90:a0:
                    7f:c6:7e:2f:51:12:bd:68:78:4f:0e:c6:de:c3:14:
                    4d:cc:c4:d7:03:15:40:de:ea:42:f3:55:51:d0:e5:
                    91:95:07:fe:2a:5a:77:b9:54:d1:37:97:b7:30:71:
                    fa:e8:34:88:5e:9d:67:b9:6f:0e:fa:c9:78:3a:0c:
                    1e:38:e1:76:26:28:bc:97:a6:28:f3:86:8b:5e:f8:
                    85:0f:90:88:63:b6:78:58:45:62:e5:88:c1:de:09:
                    57:02:ca:0d:a1:df:7b:07:2b:2d:26:33:6b:88:5b:
                    96:b1:fa:63:25:ef:18:0b:40:0f:da:b2:f2:12:1d:
                    eb:96:20:c1:b7:fb:1e:cb:1b:86:fd:17:c3:96:fa:
                    b4:c9:12:fa:c2:39:0a:0f:12:fc:1d:ec:08:ec:90:
                    52:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:3B:EC:A4:F2:69:8A:EF:6C:00:99:30:DA:A8:E6:23:92:AB:97:8F
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/uDvspPJpiu9sAJkw2qjmI5Krl48.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.5.156.0/24
                  81.168.41.0/24
                  82.152.252.0/23
                  82.152.255.0/24
                  82.153.137.0/24
                  82.153.139.0-82.153.140.255
                  82.153.221.0/24
                  82.153.223.0/24
                  82.153.240.0/24
                  82.153.249.0-82.153.250.255
                  89.213.136.0/24

    Signature Algorithm: sha256WithRSAEncryption
         84:d5:b2:c0:21:f3:68:7a:d8:65:04:4a:80:12:61:a0:46:67:
         18:cf:5d:dd:ee:26:80:fd:2a:38:04:ea:5b:49:69:cf:9b:15:
         53:ed:a3:96:d4:25:e1:9f:8b:a9:58:ca:14:c5:9e:80:e5:44:
         68:d9:e1:5e:d4:d9:86:ea:87:fe:ad:4c:53:01:3e:09:8f:b1:
         7d:e1:d4:37:67:8e:54:12:7b:4f:c4:55:91:cf:94:a2:c2:fd:
         97:59:09:f2:8a:2e:cc:54:82:70:49:c8:07:73:d6:94:68:97:
         15:26:44:11:c5:34:55:99:91:ed:21:3e:d3:71:64:1d:1a:1f:
         06:ac:02:2d:cd:1f:dc:e7:2f:af:5b:e2:25:d5:a4:d9:5c:27:
         a2:f8:d3:f7:30:4e:d7:35:84:c6:89:35:99:f7:f6:9b:f3:7e:
         71:68:39:e3:af:19:ac:39:d4:c9:24:d7:7e:28:24:1f:16:f4:
         d6:a6:97:b4:f2:86:d7:38:98:3e:2b:0e:4a:02:ae:5a:8e:69:
         6d:bc:97:34:f7:17:0a:91:35:d7:e9:18:0a:f5:38:95:46:42:
         09:f3:a8:b2:66:97:74:c9:5c:2f:ad:01:c7:55:d4:92:72:71:
         30:7b:fa:89:b6:ea:2d:01:c0:59:38:d5:af:22:1e:8a:8a:13:
         3e:00:e6:7a
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAYr6Po2wfNr4YaBLlQQCK+rkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMxMDA0MTAzMTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODNiZWNhNGYyNjk4YWVmNmMwMDk5MzBkYWE4ZTYyMzkyYWI5NzhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgXq8iMRPK1wjuUUZkSjSV63t1P7+
vQNcOtuC2wVfnFUC4v0zWj421GXAz56OVujtKVFH0uImgl5XunFtr+7WrKEAHUPC
vwpw0YCWBe03f0u1YwzN2s6mU7UeGfJ4UEoDSHLFKflskKB/xn4vURK9aHhPDsbe
wxRNzMTXAxVA3upC81VR0OWRlQf+Klp3uVTRN5e3MHH66DSIXp1nuW8O+sl4Ogwe
OOF2Jii8l6Yo84aLXviFD5CIY7Z4WEVi5YjB3glXAsoNod97BystJjNriFuWsfpj
Je8YC0AP2rLyEh3rliDBt/seyxuG/RfDlvq0yRL6wjkKDxL8HewI7JBSewIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFLg77KTyaYrvbACZMNqo5iOSq5ePMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvdUR2c3BQSnBpdTlzQUprdzJxam1JNUtybDQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBYBAIAATBSAwQAUQWcAwQA
UagpAwQBUpj8AwQAUpj/AwQAUpmJMAwDBABSmYsDBABSmYwDBABSmd0DBABSmd8D
BABSmfAwDAMEAFKZ+QMEAFKZ+gMEAFnViDANBgkqhkiG9w0BAQsFAAOCAQEAhNWy
wCHzaHrYZQRKgBJhoEZnGM9d3e4mgP0qOATqW0lpz5sVU+2jltQl4Z+LqVjKFMWe
gOVEaNnhXtTZhuqH/q1MUwE+CY+xfeHUN2eOVBJ7T8RVkc+UosL9l1kJ8oouzFSC
cEnIB3PWlGiXFSZEEcU0VZmR7SE+03FkHRofBqwCLc0f3Ocvr1viJdWk2VwnovjT
9zBO1zWExok1mff2m/N+cWg5468ZrDnUySTXfigkHxb01qaXtPKG1ziYPisOSgKu
Wo5pbbyXNPcXCpE11+kYCvU4lUZCCfOosmaXdMlcL60Bx1XUknJxMHv6ibbqLQHA
WTjVryIeiooTPgDmeg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:18 2024 by rpki-client on console-fra.rpki-client.org