Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vV3HVOWO-zvHiPEAVeO7h3k4cEY.roa
File:                     vV3HVOWO-zvHiPEAVeO7h3k4cEY.roa (raw, json)
Hash identifier:          Y05t8asAlxJNxA4cFiyyZAvpo1yiy3Z5cekxlzhW1KQ=
Subject key identifier:   BD:5D:C7:54:E5:8E:FB:3B:C7:88:F1:00:55:E3:BB:87:79:38:70:46
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018A60283DFDC9C294BC2BDF3CF2D743CC0D
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vV3HVOWO-zvHiPEAVeO7h3k4cEY.roa
Signing time:             Mon 04 Sep 2023 12:26:04 +0000
ROA not before:           Mon 04 Sep 2023 12:26:04 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        81.168.41.0/24 maxlen: 24
                          82.153.137.0/24 maxlen: 24
                          82.153.139.0/24 maxlen: 24
                          82.153.136.0/22 maxlen: 22
                          82.153.140.0/24 maxlen: 24
                          109.176.216.0/24 maxlen: 24
                          109.176.217.0/24 maxlen: 24
                          109.176.218.0/24 maxlen: 24
                          109.176.219.0/24 maxlen: 24
                          82.153.73.0/24 maxlen: 24
                          109.176.221.0/24 maxlen: 24
                          109.176.222.0/24 maxlen: 24
                          109.176.223.0/24 maxlen: 24
                          109.176.220.0/24 maxlen: 24
                          82.153.78.0/24 maxlen: 24
                          109.176.245.0/24 maxlen: 24
                          109.176.246.0/24 maxlen: 24
                          109.176.249.0/24 maxlen: 24
                          109.176.250.0/24 maxlen: 24
                          109.176.248.0/24 maxlen: 24
                          82.153.227.0/24 maxlen: 24
                          185.49.125.0/24 maxlen: 24
                          82.153.240.0/24 maxlen: 24
                          185.49.126.0/23 maxlen: 24
                          82.153.249.0/24 maxlen: 24
                          82.153.250.0/24 maxlen: 24
                          81.5.156.0/24 maxlen: 24
                          82.153.221.0/24 maxlen: 24
                          82.153.223.0/24 maxlen: 24
                          82.153.225.0/24 maxlen: 24
                          82.152.111.0/24 maxlen: 24
                          89.213.173.0/24 maxlen: 24
                          89.213.174.0/24 maxlen: 24
                          89.213.179.0/24 maxlen: 24
                          89.213.176.0/24 maxlen: 24
                          89.213.177.0/24 maxlen: 24
                          89.213.178.0/24 maxlen: 24
                          89.213.180.0/24 maxlen: 24
                          89.213.181.0/24 maxlen: 24
                          89.213.182.0/24 maxlen: 24
                          89.213.183.0/24 maxlen: 24
                          89.213.184.0/24 maxlen: 24
                          89.213.185.0/24 maxlen: 24
                          89.213.188.0/24 maxlen: 24
                          89.213.189.0/24 maxlen: 24
                          109.176.211.0/24 maxlen: 24
                          109.176.208.0/24 maxlen: 24
                          109.176.209.0/24 maxlen: 24
                          89.213.133.0/24 maxlen: 24
                          89.213.137.0/24 maxlen: 24
                          89.213.138.0/24 maxlen: 24
                          89.213.139.0/24 maxlen: 24
                          89.213.134.0/24 maxlen: 24
                          89.213.135.0/24 maxlen: 24
                          89.213.136.0/24 maxlen: 24
                          89.213.145.0/24 maxlen: 24
                          89.213.141.0/24 maxlen: 24
                          89.213.151.0/24 maxlen: 24
                          89.213.152.0/24 maxlen: 24
                          89.213.148.0/24 maxlen: 24
                          89.213.149.0/24 maxlen: 24
                          89.213.150.0/24 maxlen: 24
                          82.152.253.0/24 maxlen: 24
                          82.152.252.0/24 maxlen: 24
                          89.213.153.0/24 maxlen: 24
                          89.213.154.0/24 maxlen: 24
                          89.213.158.0/24 maxlen: 24
                          89.213.155.0/24 maxlen: 24
                          89.213.156.0/24 maxlen: 24
                          89.213.157.0/24 maxlen: 24
                          82.152.255.0/24 maxlen: 24
                          82.153.1.0/24 maxlen: 24
                          89.213.160.0/24 maxlen: 24
                          89.213.162.0/24 maxlen: 24
                          89.213.163.0/24 maxlen: 24
                          89.213.164.0/24 maxlen: 24
                          89.213.172.0/24 maxlen: 24
                          89.213.170.0/24 maxlen: 24
                          89.213.167.0/24 maxlen: 24
                          89.213.168.0/24 maxlen: 24
                          81.168.116.0/24 maxlen: 24
                          81.168.123.0/24 maxlen: 24
                          81.168.119.0/24 maxlen: 24
                          213.152.61.0/24 maxlen: 24
                          89.213.5.0/24 maxlen: 24
                          213.152.42.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 04 Sep 2023 16:26:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:60:28:3d:fd:c9:c2:94:bc:2b:df:3c:f2:d7:43:cc:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Sep  4 12:26:04 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=bd5dc754e58efb3bc788f10055e3bb8779387046
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:c2:e3:85:c7:fd:83:69:f3:73:20:a5:85:88:
                    d7:2b:f4:c9:ac:a3:26:a0:d6:7c:91:3b:bc:2c:22:
                    63:da:b9:ac:c7:0c:02:45:aa:6e:98:10:27:02:80:
                    b1:33:7b:9c:64:c5:39:5e:b5:cb:1c:ac:85:08:66:
                    f8:ef:99:01:c7:4b:ff:7d:8a:d0:ac:d7:18:1e:47:
                    4a:25:31:69:2e:38:51:0f:60:09:8d:0c:ed:d3:08:
                    b4:9c:dc:c0:88:5d:7e:e9:6b:56:f0:b9:5b:9c:e8:
                    cb:18:df:94:cc:8f:56:88:ee:59:28:88:7f:ba:dc:
                    f1:e3:9d:c4:ca:04:31:8a:c8:a7:6f:78:27:d6:f5:
                    b6:04:1a:fb:ba:67:35:ed:31:84:09:c5:dd:cc:33:
                    b4:d2:4e:f1:d0:52:9e:85:4d:ec:f6:24:dd:d9:da:
                    e8:6d:9e:9a:de:e5:c9:3a:5a:8d:fb:1d:a4:4e:09:
                    c6:0e:f0:d4:e8:5c:0a:a1:d1:38:46:0a:72:42:e9:
                    36:9c:20:ea:b9:9f:13:92:6e:9d:eb:12:69:da:3f:
                    3e:85:52:c8:f0:39:19:01:3d:15:d5:b3:a9:f6:4f:
                    87:6f:93:34:36:87:7d:40:9b:0c:d4:e4:8b:c5:f0:
                    2a:ac:b6:a9:98:90:9c:fc:9d:92:0c:1d:d8:4f:ef:
                    89:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:5D:C7:54:E5:8E:FB:3B:C7:88:F1:00:55:E3:BB:87:79:38:70:46
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vV3HVOWO-zvHiPEAVeO7h3k4cEY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.5.156.0/24
                  81.168.41.0/24
                  81.168.116.0/24
                  81.168.119.0/24
                  81.168.123.0/24
                  82.152.111.0/24
                  82.152.252.0/23
                  82.152.255.0/24
                  82.153.1.0/24
                  82.153.73.0/24
                  82.153.78.0/24
                  82.153.136.0-82.153.140.255
                  82.153.221.0/24
                  82.153.223.0/24
                  82.153.225.0/24
                  82.153.227.0/24
                  82.153.240.0/24
                  82.153.249.0-82.153.250.255
                  89.213.5.0/24
                  89.213.133.0-89.213.139.255
                  89.213.141.0/24
                  89.213.145.0/24
                  89.213.148.0-89.213.158.255
                  89.213.160.0/24
                  89.213.162.0-89.213.164.255
                  89.213.167.0-89.213.168.255
                  89.213.170.0/24
                  89.213.172.0-89.213.174.255
                  89.213.176.0-89.213.185.255
                  89.213.188.0/23
                  109.176.208.0/23
                  109.176.211.0/24
                  109.176.216.0/21
                  109.176.245.0-109.176.246.255
                  109.176.248.0-109.176.250.255
                  185.49.125.0-185.49.127.255
                  213.152.42.0/24
                  213.152.61.0/24

    Signature Algorithm: sha256WithRSAEncryption
         58:be:2e:44:2e:e1:94:b4:d2:05:c2:60:1b:34:f4:48:83:4d:
         d7:95:4f:5e:05:12:13:55:b3:f5:c7:7c:c1:9c:76:73:9f:c0:
         86:57:6a:89:96:fd:7a:9d:ce:e2:c6:09:46:b6:fc:85:f2:2a:
         10:03:bc:ce:8e:e4:1a:0c:17:cf:7f:59:b5:2c:8f:55:ff:18:
         7a:b1:e5:20:e4:e4:90:13:d2:77:e1:35:b0:f6:27:bd:18:79:
         6c:5d:f5:a3:d6:8d:ff:ec:1e:99:6f:97:17:58:0c:e3:0f:c5:
         ec:39:7d:e8:cc:96:a9:b7:a6:c2:44:26:05:12:f6:c7:12:20:
         60:d2:2d:83:12:01:03:0c:7e:6d:9c:96:cf:c3:83:66:77:a4:
         a6:fb:60:22:47:7f:61:d1:4a:79:f3:1f:6e:09:0f:ec:70:9b:
         b6:1d:1e:2f:e1:f8:61:d8:9b:a8:50:2b:44:46:31:ad:93:f9:
         1a:1f:12:c5:39:15:78:e6:70:8b:c1:31:43:3c:1f:2c:c7:03:
         f3:fe:51:7a:19:df:b8:3f:71:66:9e:72:88:09:4e:82:c3:6a:
         aa:1b:4f:1f:9a:b1:c1:e4:92:b4:a0:a4:51:13:ed:63:a9:d0:
         75:49:3f:cb:49:82:99:2c:10:6b:31:bb:3d:8b:fc:e7:3d:4b:
         ad:46:b2:1b
-----BEGIN CERTIFICATE-----
MIIGPTCCBSWgAwIBAgISAYpgKD39ycKUvCvfPPLXQ8wNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwOTA0MTIyNjA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDVkYzc1NGU1OGVmYjNiYzc4OGYxMDA1NWUzYmI4Nzc5Mzg3MDQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlcLjhcf9g2nzcyClhYjXK/TJrKMm
oNZ8kTu8LCJj2rmsxwwCRapumBAnAoCxM3ucZMU5XrXLHKyFCGb475kBx0v/fYrQ
rNcYHkdKJTFpLjhRD2AJjQzt0wi0nNzAiF1+6WtW8LlbnOjLGN+UzI9WiO5ZKIh/
utzx453EygQxisinb3gn1vW2BBr7umc17TGECcXdzDO00k7x0FKehU3s9iTd2dro
bZ6a3uXJOlqN+x2kTgnGDvDU6FwKodE4RgpyQuk2nCDquZ8Tkm6d6xJp2j8+hVLI
8DkZAT0V1bOp9k+Hb5M0Nod9QJsM1OSLxfAqrLapmJCc/J2SDB3YT++JvQIDAQAB
o4IDSTCCA0UwHQYDVR0OBBYEFL1dx1Tljvs7x4jxAFXju4d5OHBGMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvdlYzSFZPV08tenZIaVBFQVZlTzdoM2s0Y0VZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBXQYIKwYBBQUHAQcBAf8EggFMMIIBSDCCAUQEAgABMIIB
PAMEAFEFnAMEAFGoKQMEAFGodAMEAFGodwMEAFGoewMEAFKYbwMEAVKY/AMEAFKY
/wMEAFKZAQMEAFKZSQMEAFKZTjAMAwQDUpmIAwQAUpmMAwQAUpndAwQAUpnfAwQA
UpnhAwQAUpnjAwQAUpnwMAwDBABSmfkDBABSmfoDBABZ1QUwDAMEAFnVhQMEAlnV
iAMEAFnVjQMEAFnVkTAMAwQCWdWUAwQAWdWeAwQAWdWgMAwDBAFZ1aIDBABZ1aQw
DAMEAFnVpwMEAFnVqAMEAFnVqjAMAwQCWdWsAwQAWdWuMAwDBARZ1bADBAFZ1bgD
BAFZ1bwDBAFtsNADBABtsNMDBANtsNgwDAMEAG2w9QMEAG2w9jAMAwQDbbD4AwQA
bbD6MAwDBAC5MX0DBAe5MQADBADVmCoDBADVmD0wDQYJKoZIhvcNAQELBQADggEB
AFi+LkQu4ZS00gXCYBs09EiDTdeVT14FEhNVs/XHfMGcdnOfwIZXaomW/XqdzuLG
CUa2/IXyKhADvM6O5BoMF89/WbUsj1X/GHqx5SDk5JAT0nfhNbD2J70YeWxd9aPW
jf/sHplvlxdYDOMPxew5fejMlqm3psJEJgUS9scSIGDSLYMSAQMMfm2cls/Dg2Z3
pKb7YCJHf2HRSnnzH24JD+xwm7YdHi/h+GHYm6hQK0RGMa2T+RofEsU5FXjmcIvB
MUM8HyzHA/P+UXoZ37g/cWaecogJToLDaqobTx+ascHkkrSgpFET7WOp0HVJP8tJ
gpksEGsxuz2L/Oc9S61Gshs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:18 2024 by rpki-client on console-fra.rpki-client.org