Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/w48cWCFE-TBbMA0noETEfsyuwaQ.roa
File:                     w48cWCFE-TBbMA0noETEfsyuwaQ.roa (raw, json)
Hash identifier:          /RnIubNUG4IFCTDRh0glHNWaDp1K1ivioTC4ee5qNFs=
Subject key identifier:   C3:8F:1C:58:21:44:F9:30:5B:30:0D:27:A0:44:C4:7E:CC:AE:C1:A4
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018F5C4B69300A785AE212A7A3D7F185AB3D
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/w48cWCFE-TBbMA0noETEfsyuwaQ.roa
Signing time:             Thu 09 May 2024 07:39:56 +0000
ROA not before:           Thu 09 May 2024 07:39:56 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     834
IP address blocks:        81.168.126.0/24 maxlen: 24
                          82.152.54.0/24 maxlen: 24
                          82.152.176.0/23 maxlen: 23
                          82.153.50.0/24 maxlen: 24
                          82.153.136.0/22 maxlen: 22
                          89.213.98.0/24 maxlen: 24
                          89.213.148.0/22 maxlen: 24
                          89.213.152.0/22 maxlen: 24
                          89.213.156.0/22 maxlen: 24
                          89.213.172.0/22 maxlen: 24
                          89.213.180.0/24 maxlen: 24
                          109.176.16.0/21 maxlen: 24
                          109.176.201.0/24 maxlen: 24
                          185.49.126.0/23 maxlen: 24
                          194.105.80.0/20 maxlen: 20
                          213.130.130.0/24 maxlen: 24
                          213.130.149.0/24 maxlen: 24
                          213.130.156.0/24 maxlen: 24
                          213.210.59.0/24 maxlen: 24
                          213.218.210.0/24 maxlen: 24
                          213.218.211.0/24 maxlen: 24
                          213.218.213.0/24 maxlen: 24
                          213.218.227.0/24 maxlen: 24
                          213.218.231.0/24 maxlen: 24
                          217.144.158.0/24 maxlen: 24
                          217.145.66.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 09 May 2024 10:12:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:5c:4b:69:30:0a:78:5a:e2:12:a7:a3:d7:f1:85:ab:3d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: May  9 07:39:56 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=c38f1c582144f9305b300d27a044c47eccaec1a4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:a2:84:60:37:a5:f2:15:4b:a1:40:2f:1a:9d:
                    2a:bb:65:ec:56:c5:80:d7:51:f9:a0:7a:99:f8:a6:
                    e5:10:45:88:12:cc:b4:c3:88:28:1e:9f:46:b0:3f:
                    5e:34:eb:d2:13:48:18:ce:35:13:07:48:18:ae:ea:
                    64:3f:98:f3:fa:18:7e:ed:3a:d5:cf:fc:a8:49:e6:
                    50:01:fc:d0:d1:81:c8:48:06:21:18:ba:ee:0d:71:
                    8c:1b:2f:98:8b:80:4f:08:6c:8b:f6:3e:70:96:23:
                    df:e3:33:d5:1f:b4:87:8e:51:c0:b6:c5:f9:9d:7e:
                    33:70:63:14:0e:0d:ea:3d:4c:1d:0e:47:66:47:18:
                    cf:17:9d:3b:4d:b7:60:50:9c:69:ab:3c:5e:82:b3:
                    54:49:a9:57:b4:34:f2:bb:18:aa:6e:e2:54:a6:63:
                    9d:02:c7:64:ab:00:84:bd:ab:1b:cf:a7:72:db:a4:
                    87:22:5d:2e:33:db:64:2e:0c:78:33:59:ad:23:d5:
                    be:6a:2b:94:39:8b:d8:9a:cd:43:aa:0b:34:81:dc:
                    08:32:a2:5b:d8:0b:6e:12:f7:05:29:b2:12:4c:18:
                    b9:c8:a3:64:e0:30:37:84:87:0c:e9:27:c2:3d:47:
                    e3:d9:22:b7:61:b4:4f:80:da:94:7f:91:b5:d1:17:
                    59:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:8F:1C:58:21:44:F9:30:5B:30:0D:27:A0:44:C4:7E:CC:AE:C1:A4
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/w48cWCFE-TBbMA0noETEfsyuwaQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.168.126.0/24
                  82.152.54.0/24
                  82.152.176.0/23
                  82.153.50.0/24
                  82.153.136.0/22
                  89.213.98.0/24
                  89.213.148.0-89.213.159.255
                  89.213.172.0/22
                  89.213.180.0/24
                  109.176.16.0/21
                  109.176.201.0/24
                  185.49.126.0/23
                  194.105.80.0/20
                  213.130.130.0/24
                  213.130.149.0/24
                  213.130.156.0/24
                  213.210.59.0/24
                  213.218.210.0/23
                  213.218.213.0/24
                  213.218.227.0/24
                  213.218.231.0/24
                  217.144.158.0/24
                  217.145.66.0/24

    Signature Algorithm: sha256WithRSAEncryption
         80:c4:29:d7:ed:d5:a5:98:fd:63:14:cd:3d:64:dd:48:c4:f6:
         a7:e3:0c:c6:16:13:22:b8:cf:6e:b8:79:c1:6c:2e:6d:eb:44:
         e0:9d:0b:25:dc:1b:f8:3c:3d:27:70:9d:6b:75:26:66:52:94:
         93:29:0b:d2:56:cf:52:a0:4c:da:39:33:e6:ea:57:0b:dc:b1:
         c1:24:f5:3c:ab:2a:2d:73:6c:fd:ae:52:c1:87:36:7d:ef:44:
         46:69:b0:67:1e:b0:b6:7b:df:61:22:20:97:31:ef:5c:9b:84:
         37:cb:d9:31:38:b2:a2:b3:de:66:c8:10:06:0b:b8:73:be:64:
         9b:27:cf:ed:f6:e3:53:f2:90:28:f7:0f:56:c5:ad:be:bb:85:
         97:cd:e5:4f:23:0e:7c:a3:42:ad:e6:c4:57:32:c4:32:f1:5b:
         3e:14:0a:99:1a:3a:b5:89:33:82:45:0e:62:5d:d9:b9:37:09:
         3d:7b:27:ca:4e:37:e1:1d:29:29:ee:4f:ea:3e:e1:3b:40:d5:
         4e:04:20:4a:87:9a:1a:34:45:7c:2e:5a:65:89:93:5b:51:53:
         a7:04:d0:ff:41:9d:1f:84:bf:5a:22:ee:ec:58:b1:61:2d:0a:
         63:d6:b6:7d:08:0f:dc:84:2d:30:9d:dd:d5:c1:0d:72:b3:fc:
         24:e1:85:fb
-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgISAY9cS2kwCnha4hKno9fxhas9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNTA5MDczOTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzhmMWM1ODIxNDRmOTMwNWIzMDBkMjdhMDQ0YzQ3ZWNjYWVjMWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsKKEYDel8hVLoUAvGp0qu2XsVsWA
11H5oHqZ+KblEEWIEsy0w4goHp9GsD9eNOvSE0gYzjUTB0gYrupkP5jz+hh+7TrV
z/yoSeZQAfzQ0YHISAYhGLruDXGMGy+Yi4BPCGyL9j5wliPf4zPVH7SHjlHAtsX5
nX4zcGMUDg3qPUwdDkdmRxjPF507TbdgUJxpqzxegrNUSalXtDTyuxiqbuJUpmOd
AsdkqwCEvasbz6dy26SHIl0uM9tkLgx4M1mtI9W+aiuUOYvYms1Dqgs0gdwIMqJb
2AtuEvcFKbISTBi5yKNk4DA3hIcM6SfCPUfj2SK3YbRPgNqUf5G10RdZFQIDAQAB
o4ICmjCCApYwHQYDVR0OBBYEFMOPHFghRPkwWzANJ6BExH7MrsGkMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvdzQ4Y1dDRkUtVEJiTUEwbm9FVEVmc3l1d2FRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGvBggrBgEFBQcBBwEB/wSBnzCBnDCBmQQCAAEwgZIDBABR
qH4DBABSmDYDBAFSmLADBABSmTIDBAJSmYgDBABZ1WIwDAMEAlnVlAMEBVnVgAME
AlnVrAMEAFnVtAMEA22wEAMEAG2wyQMEAbkxfgMEBMJpUAMEANWCggMEANWClQME
ANWCnAMEANXSOwMEAdXa0gMEANXa1QMEANXa4wMEANXa5wMEANmQngMEANmRQjAN
BgkqhkiG9w0BAQsFAAOCAQEAgMQp1+3VpZj9YxTNPWTdSMT2p+MMxhYTIrjPbrh5
wWwubetE4J0LJdwb+Dw9J3Cda3UmZlKUkykL0lbPUqBM2jkz5upXC9yxwST1PKsq
LXNs/a5SwYc2fe9ERmmwZx6wtnvfYSIglzHvXJuEN8vZMTiyorPeZsgQBgu4c75k
myfP7fbjU/KQKPcPVsWtvruFl83lTyMOfKNCrebEVzLEMvFbPhQKmRo6tYkzgkUO
Yl3ZuTcJPXsnyk434R0pKe5P6j7hO0DVTgQgSoeaGjRFfC5aZYmTW1FTpwTQ/0Gd
H4S/WiLu7FixYS0KY9a2fQgP3IQtMJ3d1cENcrP8JOGF+w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:18 2024 by rpki-client on console-fra.rpki-client.org