Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vgtDFSC2a2neYAdV84NjxymXJyk.roa
File:                     vgtDFSC2a2neYAdV84NjxymXJyk.roa (raw, json)
Hash identifier:          mX6Ekaoxv2ZXMI8g+Ufs2jyPAAwB2HpDDnjDjfgggmg=
Subject key identifier:   BE:0B:43:15:20:B6:6B:69:DE:60:07:55:F3:83:63:C7:29:97:27:29
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018D927574E6E14B64B530522F1060791DAF
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vgtDFSC2a2neYAdV84NjxymXJyk.roa
Signing time:             Sat 10 Feb 2024 09:59:47 +0000
ROA not before:           Sat 10 Feb 2024 09:59:47 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     61317
IP address blocks:        81.168.120.0/24 maxlen: 24
                          82.152.248.0/24 maxlen: 24
                          82.152.251.0/24 maxlen: 24
                          82.152.254.0/24 maxlen: 24
                          82.153.69.0/24 maxlen: 24
                          82.153.72.0/24 maxlen: 24
                          82.153.79.0/24 maxlen: 24
                          82.153.132.0/24 maxlen: 24
                          82.153.224.0/24 maxlen: 24
                          82.153.245.0/24 maxlen: 24
                          89.213.4.0/24 maxlen: 24
                          89.213.6.0/24 maxlen: 24
                          89.213.7.0/24 maxlen: 24
                          89.213.130.0/24 maxlen: 24
                          89.213.161.0/24 maxlen: 24
                          89.213.178.0/24 maxlen: 24
                          89.213.190.0/24 maxlen: 24
                          109.176.244.0/24 maxlen: 24
                          109.176.247.0/24 maxlen: 24
                          109.176.251.0/24 maxlen: 24
                          185.49.124.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 08 Mar 2024 12:51:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:92:75:74:e6:e1:4b:64:b5:30:52:2f:10:60:79:1d:af
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Feb 10 09:59:47 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=be0b431520b66b69de600755f38363c729972729
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:37:b2:56:a7:d1:32:db:01:17:d2:8f:fb:93:
                    1b:e8:1f:7c:f3:5d:a7:b6:b4:a5:16:1c:ae:a8:eb:
                    c0:a9:66:ff:bb:fc:bf:c6:75:cb:bd:f8:79:95:33:
                    39:3f:4e:f0:d7:38:8c:42:8f:42:c4:93:29:c7:b8:
                    81:3a:72:99:5a:55:c8:c7:3f:88:9b:e9:74:1a:a0:
                    0e:2e:3e:e9:74:6b:c7:93:40:08:4e:7d:5d:8d:a3:
                    89:9c:5e:a9:37:67:1b:39:11:17:33:c5:d4:66:94:
                    07:74:e2:d7:ed:bf:79:5d:8d:3b:2b:01:6d:51:60:
                    34:2c:2a:8e:35:d2:7b:50:0c:9b:7e:70:ee:a9:8d:
                    89:43:15:74:93:0d:64:1f:15:10:46:31:ad:f8:12:
                    e4:3b:1e:e8:1a:8d:2c:cd:2a:b5:e1:68:dd:d7:52:
                    88:f3:46:91:ba:6f:cc:47:f9:e9:3a:38:d1:5a:40:
                    8c:82:b1:49:94:b6:97:76:f7:0f:50:67:18:b5:9f:
                    15:cf:6d:02:be:1b:d2:ff:bc:7d:bb:54:bd:d4:11:
                    8f:c9:85:83:ed:77:b3:48:21:66:9d:7b:31:23:24:
                    e8:0e:23:2d:b0:d4:df:da:b8:10:39:56:e1:b2:0b:
                    65:5a:a0:c7:62:69:3b:8c:f6:f2:f2:18:dc:c6:0e:
                    a2:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:0B:43:15:20:B6:6B:69:DE:60:07:55:F3:83:63:C7:29:97:27:29
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vgtDFSC2a2neYAdV84NjxymXJyk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.168.120.0/24
                  82.152.248.0/24
                  82.152.251.0/24
                  82.152.254.0/24
                  82.153.69.0/24
                  82.153.72.0/24
                  82.153.79.0/24
                  82.153.132.0/24
                  82.153.224.0/24
                  82.153.245.0/24
                  89.213.4.0/24
                  89.213.6.0/23
                  89.213.130.0/24
                  89.213.161.0/24
                  89.213.178.0/24
                  89.213.190.0/24
                  109.176.244.0/24
                  109.176.247.0/24
                  109.176.251.0/24
                  185.49.124.0/24

    Signature Algorithm: sha256WithRSAEncryption
         81:88:19:01:0c:ba:aa:6d:be:e8:96:bf:4f:95:aa:ca:96:93:
         f1:a2:56:4b:fc:62:4a:49:92:39:ca:3e:f0:cf:1b:9e:cc:f2:
         12:66:89:6e:be:fb:76:26:cb:34:ec:bb:da:81:bd:4e:2e:c4:
         b4:ac:47:4f:9d:e2:70:d6:a3:9b:96:65:9e:c2:1e:41:a5:cb:
         37:5b:b6:d2:d9:ba:44:fe:48:58:00:e9:06:39:c1:47:ce:96:
         60:64:f5:fb:8b:1e:36:2e:4b:c9:24:23:7a:a1:69:af:d7:c5:
         9f:be:dd:cf:c9:e0:5c:ec:01:69:84:36:c2:29:e0:cb:1b:4b:
         fb:a3:2e:a0:ed:ff:67:16:48:09:42:5a:2f:f5:8a:16:e1:9d:
         40:df:4c:46:c8:9b:a1:a8:ab:91:b4:65:7f:69:39:da:77:3e:
         b7:f3:cd:41:40:26:e9:bd:18:93:a8:a8:83:f5:56:70:9c:22:
         41:d5:c7:13:27:c4:f4:50:60:8f:e6:a0:e1:ab:c6:73:ac:02:
         fb:08:4b:af:1a:db:e3:8c:b7:5b:53:17:4f:b3:40:70:d1:75:
         27:2c:43:32:19:28:89:69:39:5d:d0:5b:37:5a:be:75:03:33:
         5c:ec:45:ef:3e:56:a1:71:a7:90:e8:9e:fa:74:94:28:f6:29:
         d2:7a:a3:b1
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgISAY2SdXTm4UtktTBSLxBgeR2vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMjEwMDk1OTQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTBiNDMxNTIwYjY2YjY5ZGU2MDA3NTVmMzgzNjNjNzI5OTcyNzI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgjeyVqfRMtsBF9KP+5Mb6B98812n
trSlFhyuqOvAqWb/u/y/xnXLvfh5lTM5P07w1ziMQo9CxJMpx7iBOnKZWlXIxz+I
m+l0GqAOLj7pdGvHk0AITn1djaOJnF6pN2cbOREXM8XUZpQHdOLX7b95XY07KwFt
UWA0LCqONdJ7UAybfnDuqY2JQxV0kw1kHxUQRjGt+BLkOx7oGo0szSq14Wjd11KI
80aRum/MR/npOjjRWkCMgrFJlLaXdvcPUGcYtZ8Vz20CvhvS/7x9u1S91BGPyYWD
7XezSCFmnXsxIyToDiMtsNTf2rgQOVbhsgtlWqDHYmk7jPby8hjcxg6itQIDAQAB
o4ICfjCCAnowHQYDVR0OBBYEFL4LQxUgtmtp3mAHVfODY8cplycpMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvdmd0REZTQzJhMm5lWUFkVjg0Tmp4eW1YSnlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGTBggrBgEFBQcBBwEB/wSBgzCBgDB+BAIAATB4AwQAUah4
AwQAUpj4AwQAUpj7AwQAUpj+AwQAUplFAwQAUplIAwQAUplPAwQAUpmEAwQAUpng
AwQAUpn1AwQAWdUEAwQBWdUGAwQAWdWCAwQAWdWhAwQAWdWyAwQAWdW+AwQAbbD0
AwQAbbD3AwQAbbD7AwQAuTF8MA0GCSqGSIb3DQEBCwUAA4IBAQCBiBkBDLqqbb7o
lr9PlarKlpPxolZL/GJKSZI5yj7wzxuezPISZoluvvt2Jss07Lvagb1OLsS0rEdP
neJw1qOblmWewh5Bpcs3W7bS2bpE/khYAOkGOcFHzpZgZPX7ix42LkvJJCN6oWmv
18Wfvt3PyeBc7AFphDbCKeDLG0v7oy6g7f9nFkgJQlov9YoW4Z1A30xGyJuhqKuR
tGV/aTnadz63881BQCbpvRiTqKiD9VZwnCJB1ccTJ8T0UGCP5qDhq8ZzrAL7CEuv
GtvjjLdbUxdPs0Bw0XUnLEMyGSiJaTld0Fs3Wr51AzNc7EXvPlahcaeQ6J76dJQo
9inSeqOx
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:18 2024 by rpki-client on console-fra.rpki-client.org