Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/wH0tmp1yG9-vMRXE8ODjPvOWHcM.roa
File:                     wH0tmp1yG9-vMRXE8ODjPvOWHcM.roa (raw, json)
Hash identifier:          jdpshiEWLRNC/F3nfBCuE6S0jntItUpy9tQ40znRaxU=
Subject key identifier:   C0:7D:2D:9A:9D:72:1B:DF:AF:31:15:C4:F0:E0:E3:3E:F3:96:1D:C3
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018AADE4D7194A061A0B7F01B34A94E9729C
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/wH0tmp1yG9-vMRXE8ODjPvOWHcM.roa
Signing time:             Tue 19 Sep 2023 14:42:50 +0000
ROA not before:           Tue 19 Sep 2023 14:42:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        81.168.41.0/24 maxlen: 24
                          82.153.137.0/24 maxlen: 24
                          82.153.139.0/24 maxlen: 24
                          82.153.136.0/22 maxlen: 22
                          82.153.140.0/24 maxlen: 24
                          82.153.67.0/24 maxlen: 24
                          109.176.216.0/24 maxlen: 24
                          109.176.217.0/24 maxlen: 24
                          109.176.218.0/24 maxlen: 24
                          109.176.219.0/24 maxlen: 24
                          82.153.73.0/24 maxlen: 24
                          109.176.221.0/24 maxlen: 24
                          109.176.222.0/24 maxlen: 24
                          109.176.223.0/24 maxlen: 24
                          109.176.220.0/24 maxlen: 24
                          82.153.78.0/24 maxlen: 24
                          109.176.249.0/24 maxlen: 24
                          109.176.250.0/24 maxlen: 24
                          82.153.227.0/24 maxlen: 24
                          185.49.125.0/24 maxlen: 24
                          82.153.240.0/24 maxlen: 24
                          185.49.126.0/23 maxlen: 24
                          82.153.248.0/24 maxlen: 24
                          82.153.250.0/24 maxlen: 24
                          81.5.156.0/24 maxlen: 24
                          82.153.221.0/24 maxlen: 24
                          82.153.223.0/24 maxlen: 24
                          82.152.111.0/24 maxlen: 24
                          89.213.40.0/22 maxlen: 24
                          89.213.173.0/24 maxlen: 24
                          89.213.174.0/24 maxlen: 24
                          89.213.184.0/24 maxlen: 24
                          89.213.185.0/24 maxlen: 24
                          89.213.188.0/24 maxlen: 24
                          89.213.189.0/24 maxlen: 24
                          109.176.211.0/24 maxlen: 24
                          109.176.209.0/24 maxlen: 24
                          89.213.133.0/24 maxlen: 24
                          89.213.137.0/24 maxlen: 24
                          89.213.138.0/24 maxlen: 24
                          89.213.134.0/24 maxlen: 24
                          89.213.135.0/24 maxlen: 24
                          89.213.136.0/24 maxlen: 24
                          89.213.145.0/24 maxlen: 24
                          89.213.141.0/24 maxlen: 24
                          89.213.146.0/24 maxlen: 24
                          82.152.253.0/24 maxlen: 24
                          82.152.250.0/24 maxlen: 24
                          82.152.252.0/24 maxlen: 24
                          82.152.255.0/24 maxlen: 24
                          89.213.160.0/24 maxlen: 24
                          89.213.163.0/24 maxlen: 24
                          89.213.164.0/24 maxlen: 24
                          89.213.172.0/24 maxlen: 24
                          89.213.170.0/24 maxlen: 24
                          89.213.168.0/24 maxlen: 24
                          81.168.123.0/24 maxlen: 24
                          81.168.119.0/24 maxlen: 24
                          213.152.61.0/24 maxlen: 24
                          213.152.62.0/24 maxlen: 24
                          213.152.42.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 21 Sep 2023 10:24:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:ad:e4:d7:19:4a:06:1a:0b:7f:01:b3:4a:94:e9:72:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Sep 19 14:42:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c07d2d9a9d721bdfaf3115c4f0e0e33ef3961dc3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:f2:e7:32:d9:73:a4:9f:fc:3f:ce:38:dc:a8:
                    60:e3:a3:1f:8a:36:28:0f:b4:21:af:ca:ac:1c:c8:
                    dc:5e:fb:aa:61:10:e7:91:ac:e6:19:58:b9:e6:65:
                    d5:be:43:ca:b4:20:61:5c:7b:2a:d2:d8:da:b5:80:
                    ac:bb:a8:9d:49:4c:f3:ef:af:e8:0d:a4:1a:a1:ee:
                    3a:c1:ee:74:b4:d5:f5:2b:68:f3:0b:b0:be:6a:bb:
                    b8:92:1e:c2:e3:e7:be:ca:0b:ff:4a:89:6a:65:3a:
                    b2:dc:8e:2e:85:74:9b:c4:43:02:11:d6:db:db:76:
                    ad:7d:49:6f:1b:a7:76:63:29:f0:93:5a:86:da:c3:
                    1b:49:f3:0e:3b:09:53:60:65:f4:45:34:ff:8c:ed:
                    74:41:e4:e6:dd:7b:9e:48:4a:4d:a8:d1:e2:c6:ba:
                    de:92:71:e8:e2:69:7d:52:08:c9:e8:6f:be:21:ab:
                    33:0f:24:14:f6:f2:0f:8a:64:dd:22:88:97:6e:9c:
                    4e:47:a3:86:b7:29:9e:1c:34:fa:14:be:bd:b8:d4:
                    08:5c:c0:24:0b:ad:35:cd:93:4e:55:62:6d:b3:15:
                    99:c2:c8:05:81:db:90:c8:62:bc:97:1b:47:ea:23:
                    9d:d4:8d:54:b0:dd:5b:e6:ce:60:fa:3e:45:4e:75:
                    ac:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:7D:2D:9A:9D:72:1B:DF:AF:31:15:C4:F0:E0:E3:3E:F3:96:1D:C3
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/wH0tmp1yG9-vMRXE8ODjPvOWHcM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.5.156.0/24
                  81.168.41.0/24
                  81.168.119.0/24
                  81.168.123.0/24
                  82.152.111.0/24
                  82.152.250.0/24
                  82.152.252.0/23
                  82.152.255.0/24
                  82.153.67.0/24
                  82.153.73.0/24
                  82.153.78.0/24
                  82.153.136.0-82.153.140.255
                  82.153.221.0/24
                  82.153.223.0/24
                  82.153.227.0/24
                  82.153.240.0/24
                  82.153.248.0/24
                  82.153.250.0/24
                  89.213.40.0/22
                  89.213.133.0-89.213.138.255
                  89.213.141.0/24
                  89.213.145.0-89.213.146.255
                  89.213.160.0/24
                  89.213.163.0-89.213.164.255
                  89.213.168.0/24
                  89.213.170.0/24
                  89.213.172.0-89.213.174.255
                  89.213.184.0/23
                  89.213.188.0/23
                  109.176.209.0/24
                  109.176.211.0/24
                  109.176.216.0/21
                  109.176.249.0-109.176.250.255
                  185.49.125.0-185.49.127.255
                  213.152.42.0/24
                  213.152.61.0-213.152.62.255

    Signature Algorithm: sha256WithRSAEncryption
         4d:c1:b0:1f:02:83:c2:79:b5:6a:66:b6:22:ad:3f:ab:2b:33:
         67:82:83:13:75:ac:c2:b4:ea:a3:53:0e:bf:47:be:e3:56:89:
         20:e4:ce:5b:68:a4:40:c4:34:f7:0f:63:a1:27:44:b9:43:b9:
         a4:dd:af:33:f4:b7:d3:33:78:fc:77:10:8a:a5:8a:2b:3e:7a:
         6f:65:91:03:e3:e2:a9:8c:7f:b3:62:66:35:72:56:d8:21:e5:
         35:cf:be:0c:ea:d1:95:1b:5f:9b:a6:7e:81:29:cb:76:9f:93:
         a5:fc:28:08:b5:28:ef:25:b7:e2:d1:db:4d:aa:8c:54:05:fc:
         51:d1:5f:ef:77:3e:86:03:4d:9d:5f:3a:e3:4b:11:4c:6d:6d:
         03:0d:6c:0c:7c:c9:28:7b:75:12:8a:5a:83:ce:52:ac:a0:44:
         0d:78:88:2e:82:c8:a7:e6:e0:c7:d6:9d:52:fc:7a:65:c1:ce:
         b9:f5:b0:d8:32:fe:9f:21:01:52:37:32:12:01:61:48:34:02:
         11:bd:24:fe:fb:47:60:a6:3c:a0:b3:37:f9:7d:ca:cd:75:80:
         da:33:78:ff:6e:b1:ef:a3:8e:43:23:0c:bb:59:90:36:13:24:
         2a:f3:ee:8f:0d:ee:32:c5:10:df:f2:8f:a6:b2:aa:0d:d3:13:
         23:8e:33:d8
-----BEGIN CERTIFICATE-----
MIIGGTCCBQGgAwIBAgISAYqt5NcZSgYaC38Bs0qU6XKcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwOTE5MTQ0MjUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDdkMmQ5YTlkNzIxYmRmYWYzMTE1YzRmMGUwZTMzZWYzOTYxZGMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjfLnMtlzpJ/8P8443Khg46MfijYo
D7Qhr8qsHMjcXvuqYRDnkazmGVi55mXVvkPKtCBhXHsq0tjatYCsu6idSUzz76/o
DaQaoe46we50tNX1K2jzC7C+aru4kh7C4+e+ygv/SolqZTqy3I4uhXSbxEMCEdbb
23atfUlvG6d2Yynwk1qG2sMbSfMOOwlTYGX0RTT/jO10QeTm3XueSEpNqNHixrre
knHo4ml9UgjJ6G++IaszDyQU9vIPimTdIoiXbpxOR6OGtymeHDT6FL69uNQIXMAk
C601zZNOVWJtsxWZwsgFgduQyGK8lxtH6iOd1I1UsN1b5s5g+j5FTnWstQIDAQAB
o4IDJTCCAyEwHQYDVR0OBBYEFMB9LZqdchvfrzEVxPDg4z7zlh3DMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvd0gwdG1wMXlHOS12TVJYRThPRGpQdk9XSGNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBOQYIKwYBBQUHAQcBAf8EggEoMIIBJDCCASAEAgABMIIB
GAMEAFEFnAMEAFGoKQMEAFGodwMEAFGoewMEAFKYbwMEAFKY+gMEAVKY/AMEAFKY
/wMEAFKZQwMEAFKZSQMEAFKZTjAMAwQDUpmIAwQAUpmMAwQAUpndAwQAUpnfAwQA
UpnjAwQAUpnwAwQAUpn4AwQAUpn6AwQCWdUoMAwDBABZ1YUDBABZ1YoDBABZ1Y0w
DAMEAFnVkQMEAFnVkgMEAFnVoDAMAwQAWdWjAwQAWdWkAwQAWdWoAwQAWdWqMAwD
BAJZ1awDBABZ1a4DBAFZ1bgDBAFZ1bwDBABtsNEDBABtsNMDBANtsNgwDAMEAG2w
+QMEAG2w+jAMAwQAuTF9AwQHuTEAAwQA1ZgqMAwDBADVmD0DBADVmD4wDQYJKoZI
hvcNAQELBQADggEBAE3BsB8Cg8J5tWpmtiKtP6srM2eCgxN1rMK06qNTDr9HvuNW
iSDkzltopEDENPcPY6EnRLlDuaTdrzP0t9MzePx3EIqliis+em9lkQPj4qmMf7Ni
ZjVyVtgh5TXPvgzq0ZUbX5umfoEpy3afk6X8KAi1KO8lt+LR202qjFQF/FHRX+93
PoYDTZ1fOuNLEUxtbQMNbAx8ySh7dRKKWoPOUqygRA14iC6CyKfm4MfWnVL8emXB
zrn1sNgy/p8hAVI3MhIBYUg0AhG9JP77R2CmPKCzN/l9ys11gNozeP9use+jjkMj
DLtZkDYTJCrz7o8N7jLFEN/yj6ayqg3TEyOOM9g=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:32 2024 by rpki-client on console-ams.rpki-client.org