Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/v-bhxipDFwYLzu0iSmnTcXNxBxc.roa
File:                     v-bhxipDFwYLzu0iSmnTcXNxBxc.roa (raw, json)
Hash identifier:          OHHoIpp8tYCh8VToqqAESJbszHsGjNq5CtfmPfhsCpA=
Subject key identifier:   BF:E6:E1:C6:2A:43:17:06:0B:CE:ED:22:4A:69:D3:71:73:71:07:17
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018AFEA3C34501CA62C3084FAD9D690ECF0C
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/v-bhxipDFwYLzu0iSmnTcXNxBxc.roa
Signing time:             Thu 05 Oct 2023 07:00:59 +0000
ROA not before:           Thu 05 Oct 2023 07:00:59 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        89.213.176.0/22 maxlen: 24
                          89.213.180.0/22 maxlen: 24
                          185.49.126.0/23 maxlen: 24
                          82.153.136.0/22 maxlen: 22
                          81.168.123.0/24 maxlen: 24
                          81.168.119.0/24 maxlen: 24
                          109.176.240.0/24 maxlen: 24
                          89.213.152.0/22 maxlen: 24
                          89.213.148.0/22 maxlen: 24
                          213.152.42.0/24 maxlen: 24
                          89.213.167.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 06 Oct 2023 07:36:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:fe:a3:c3:45:01:ca:62:c3:08:4f:ad:9d:69:0e:cf:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Oct  5 07:00:59 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=bfe6e1c62a4317060bceed224a69d37173710717
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:bb:c9:66:a0:70:ae:6c:82:2e:72:e6:19:7a:
                    f7:94:72:f3:d8:47:05:b0:f2:a4:37:f9:41:a9:6b:
                    81:cf:62:47:16:47:d2:9c:38:42:c4:24:42:dd:48:
                    47:39:1c:c4:95:5d:5c:96:13:32:fd:74:5a:ac:d5:
                    2a:f9:e8:ce:b2:eb:0b:e1:77:82:16:6c:4e:48:77:
                    57:ed:fe:0a:af:6f:95:00:f9:35:77:66:27:72:33:
                    d8:42:eb:47:d6:41:91:3f:12:9e:4d:f3:f1:ae:6f:
                    4d:17:40:3f:d0:be:0f:9d:fd:4b:33:d4:47:fe:33:
                    a0:bf:9d:6a:d3:64:b0:de:dd:70:2e:ca:9f:61:27:
                    47:ed:9b:0d:0b:61:bf:fe:5a:76:13:4e:4f:46:a5:
                    c8:e4:05:47:03:00:75:17:0c:44:d3:a1:f8:f0:fd:
                    1b:29:f5:86:b2:3c:73:1f:38:9d:0b:c2:aa:bc:e9:
                    b6:de:ff:67:e2:d4:f0:75:f5:4e:9d:6c:d3:ab:95:
                    10:45:04:56:4e:ae:d5:4f:23:a0:c0:25:34:44:b4:
                    0a:d0:53:29:e8:99:e8:1c:ce:ab:65:b7:a1:e7:df:
                    25:4f:c7:35:74:99:ff:f3:97:e4:da:b4:f7:ff:05:
                    28:ae:71:a6:8f:6e:b7:27:51:0e:dc:21:ff:88:d2:
                    d4:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:E6:E1:C6:2A:43:17:06:0B:CE:ED:22:4A:69:D3:71:73:71:07:17
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/v-bhxipDFwYLzu0iSmnTcXNxBxc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.168.119.0/24
                  81.168.123.0/24
                  82.153.136.0/22
                  89.213.148.0-89.213.155.255
                  89.213.167.0/24
                  89.213.176.0/21
                  109.176.240.0/24
                  185.49.126.0/23
                  213.152.42.0/24

    Signature Algorithm: sha256WithRSAEncryption
         19:bf:ad:00:8b:7c:93:fd:a9:4b:87:69:6d:76:fb:e6:07:17:
         0c:b0:fd:7e:82:3f:a1:76:84:71:d9:38:fd:49:b2:c9:75:a2:
         bd:74:23:cf:18:fe:76:28:f5:50:0d:36:41:d5:8f:35:83:6f:
         f3:23:fb:32:24:07:8d:67:1e:c9:a0:99:14:26:60:f7:37:ea:
         77:aa:2c:cf:ed:c1:6e:a2:c7:9f:45:d6:aa:62:20:f2:20:df:
         fc:45:20:81:93:94:df:74:19:f1:38:00:91:db:33:98:0d:20:
         db:37:5f:6f:6d:da:e5:2e:de:f4:75:a7:d0:df:92:1d:35:9f:
         06:11:b4:c1:07:ad:7c:b1:4b:8f:46:3d:06:4f:d9:c8:6c:a2:
         b8:f5:e7:18:4d:62:f0:fb:6a:bc:52:07:23:bd:37:64:03:8a:
         7f:06:72:1a:bd:61:16:25:42:e0:1c:3d:e0:06:ff:30:58:4a:
         e7:56:9f:36:4a:91:60:1e:ff:3e:58:ca:20:8e:03:fd:1d:d0:
         1e:82:8f:59:a4:4e:e6:79:33:57:54:88:42:8d:34:24:a9:7b:
         30:59:65:27:da:97:05:d9:03:da:d1:50:3f:55:dd:ca:d5:8e:
         50:d1:5c:ad:c2:ee:57:90:8c:2b:7c:60:84:fe:ae:8c:ab:8d:
         10:4f:f8:6a
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYr+o8NFAcpiwwhPrZ1pDs8MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMxMDA1MDcwMDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZmU2ZTFjNjJhNDMxNzA2MGJjZWVkMjI0YTY5ZDM3MTczNzEwNzE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAobvJZqBwrmyCLnLmGXr3lHLz2EcF
sPKkN/lBqWuBz2JHFkfSnDhCxCRC3UhHORzElV1clhMy/XRarNUq+ejOsusL4XeC
FmxOSHdX7f4Kr2+VAPk1d2YncjPYQutH1kGRPxKeTfPxrm9NF0A/0L4Pnf1LM9RH
/jOgv51q02Sw3t1wLsqfYSdH7ZsNC2G//lp2E05PRqXI5AVHAwB1FwxE06H48P0b
KfWGsjxzHzidC8KqvOm23v9n4tTwdfVOnWzTq5UQRQRWTq7VTyOgwCU0RLQK0FMp
6JnoHM6rZbeh598lT8c1dJn/85fk2rT3/wUornGmj263J1EO3CH/iNLUqQIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFL/m4cYqQxcGC87tIkpp03FzcQcXMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvdi1iaHhpcERGd1lMenUwaVNtblRjWE54QnhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQAUah3AwQA
Uah7AwQCUpmIMAwDBAJZ1ZQDBAJZ1ZgDBABZ1acDBANZ1bADBABtsPADBAG5MX4D
BADVmCowDQYJKoZIhvcNAQELBQADggEBABm/rQCLfJP9qUuHaW12++YHFwyw/X6C
P6F2hHHZOP1Jssl1or10I88Y/nYo9VANNkHVjzWDb/Mj+zIkB41nHsmgmRQmYPc3
6neqLM/twW6ix59F1qpiIPIg3/xFIIGTlN90GfE4AJHbM5gNINs3X29t2uUu3vR1
p9Dfkh01nwYRtMEHrXyxS49GPQZP2chsorj15xhNYvD7arxSByO9N2QDin8Gchq9
YRYlQuAcPeAG/zBYSudWnzZKkWAe/z5YyiCOA/0d0B6Cj1mkTuZ5M1dUiEKNNCSp
ezBZZSfalwXZA9rRUD9V3crVjlDRXK3C7leQjCt8YIT+royrjRBP+Go=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:32 2024 by rpki-client on console-ams.rpki-client.org