Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/zwLpCNuTePVwuKzVm6E97dDF1iw.roa
File:                     zwLpCNuTePVwuKzVm6E97dDF1iw.roa (raw, json)
Hash identifier:          YZ9rEWx/ZCwe6SUYwdGJ5rpkhhicduAZme2x8J16tD8=
Subject key identifier:   CF:02:E9:08:DB:93:78:F5:70:B8:AC:D5:9B:A1:3D:ED:D0:C5:D6:2C
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018C7C42DED5290E8D5A46ADEEE041B19533
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/zwLpCNuTePVwuKzVm6E97dDF1iw.roa
Signing time:             Mon 18 Dec 2023 09:30:06 +0000
ROA not before:           Mon 18 Dec 2023 09:30:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61317
IP address blocks:        82.153.132.0/24 maxlen: 24
                          82.153.69.0/24 maxlen: 24
                          82.153.72.0/24 maxlen: 24
                          82.153.79.0/24 maxlen: 24
                          81.168.120.0/24 maxlen: 24
                          81.168.119.0/24 maxlen: 24
                          109.176.247.0/24 maxlen: 24
                          109.176.251.0/24 maxlen: 24
                          185.49.124.0/24 maxlen: 24
                          89.213.190.0/24 maxlen: 24
                          89.213.4.0/24 maxlen: 24
                          89.213.7.0/24 maxlen: 24
                          89.213.6.0/24 maxlen: 24
                          89.213.130.0/24 maxlen: 24
                          82.152.251.0/24 maxlen: 24
                          82.152.248.0/24 maxlen: 24
                          82.152.254.0/24 maxlen: 24
                          89.213.161.0/24 maxlen: 24
                          82.153.224.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 22 Dec 2023 08:24:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:7c:42:de:d5:29:0e:8d:5a:46:ad:ee:e0:41:b1:95:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Dec 18 09:30:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=cf02e908db9378f570b8acd59ba13dedd0c5d62c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:67:1b:28:f1:49:84:e6:b0:82:3d:e3:89:84:
                    72:85:94:ce:7e:59:28:c5:1b:e1:22:ba:55:c6:7b:
                    7a:9c:3c:55:89:b3:04:f6:83:ec:d0:32:c8:d4:3f:
                    4b:f9:b6:14:e2:2c:04:6d:fc:55:7f:b0:ae:e8:c0:
                    dd:d0:12:4e:89:38:31:82:a1:c7:c3:88:7b:50:32:
                    2d:b9:9e:60:50:48:9a:5e:7a:8f:f4:ce:84:85:dd:
                    9a:db:d1:fb:e9:50:8e:81:16:28:da:3d:14:19:19:
                    19:f2:b1:2b:30:22:00:67:1e:f4:3c:9c:97:04:ae:
                    f8:8b:cf:a8:d0:2d:8a:1c:a8:cc:a0:1e:76:8f:d0:
                    2a:5b:42:55:10:15:8f:4f:6e:56:c0:43:0b:4f:a3:
                    51:58:a6:ab:07:4c:13:bb:d7:db:5f:d4:41:47:03:
                    a2:83:e0:a9:37:f0:5c:12:71:78:e4:6e:19:06:0d:
                    05:16:71:bf:7b:a7:74:98:e1:df:5f:6a:7d:df:c5:
                    8e:99:b8:db:75:0a:f4:06:5a:23:07:d5:b8:22:74:
                    4f:34:27:c1:5a:13:83:74:cc:a4:a8:e5:d6:6f:8c:
                    e1:d7:29:f0:6c:5d:8b:f0:16:e4:9e:8f:d4:93:5e:
                    51:54:fc:3f:26:5c:c7:46:cb:57:3d:83:5d:97:62:
                    0f:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:02:E9:08:DB:93:78:F5:70:B8:AC:D5:9B:A1:3D:ED:D0:C5:D6:2C
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/zwLpCNuTePVwuKzVm6E97dDF1iw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.168.119.0-81.168.120.255
                  82.152.248.0/24
                  82.152.251.0/24
                  82.152.254.0/24
                  82.153.69.0/24
                  82.153.72.0/24
                  82.153.79.0/24
                  82.153.132.0/24
                  82.153.224.0/24
                  89.213.4.0/24
                  89.213.6.0/23
                  89.213.130.0/24
                  89.213.161.0/24
                  89.213.190.0/24
                  109.176.247.0/24
                  109.176.251.0/24
                  185.49.124.0/24

    Signature Algorithm: sha256WithRSAEncryption
         89:df:c3:16:8e:54:29:37:7c:d6:a3:fd:37:1c:93:9c:a3:dd:
         cb:3b:7e:7d:41:e5:92:65:6e:fe:8c:fc:3a:ba:90:67:97:d6:
         5e:87:1f:7c:43:7e:48:1f:f1:37:24:18:da:17:65:7b:c0:40:
         7e:52:21:05:de:c0:dd:6f:bb:8f:e5:18:c2:db:c3:51:80:28:
         e6:fc:bf:cd:45:17:6a:05:e9:97:06:88:fb:60:c7:7d:76:62:
         bd:f1:a4:86:48:a2:99:2d:4a:ad:56:cc:5b:85:2e:f5:96:ab:
         64:cb:0f:ac:1f:5f:91:40:31:04:d6:11:db:df:ee:09:5e:fd:
         fe:7e:38:f9:a6:c4:53:8d:91:0c:e9:f1:51:32:d1:c4:32:f3:
         d4:35:3d:26:65:9f:aa:14:e7:58:ca:01:35:dc:aa:ae:58:a9:
         99:21:c3:50:ac:ad:0e:c2:33:ad:96:d4:cf:cc:33:dd:53:70:
         ca:5b:b5:f9:af:3b:67:2e:29:40:70:11:0b:3a:66:e0:61:cb:
         be:24:1a:d5:69:1e:24:15:55:2d:29:53:ff:aa:53:80:8c:c8:
         20:da:2b:ba:05:73:e0:69:61:68:e6:a8:06:8e:33:b8:f7:ed:
         20:cf:e9:df:7b:fa:56:70:15:e5:8f:ba:39:78:ad:61:33:11:
         f2:43:31:45
-----BEGIN CERTIFICATE-----
MIIFZjCCBE6gAwIBAgISAYx8Qt7VKQ6NWkat7uBBsZUzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMxMjE4MDkzMDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjAyZTkwOGRiOTM3OGY1NzBiOGFjZDU5YmExM2RlZGQwYzVkNjJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArWcbKPFJhOawgj3jiYRyhZTOflko
xRvhIrpVxnt6nDxVibME9oPs0DLI1D9L+bYU4iwEbfxVf7Cu6MDd0BJOiTgxgqHH
w4h7UDItuZ5gUEiaXnqP9M6Ehd2a29H76VCOgRYo2j0UGRkZ8rErMCIAZx70PJyX
BK74i8+o0C2KHKjMoB52j9AqW0JVEBWPT25WwEMLT6NRWKarB0wTu9fbX9RBRwOi
g+CpN/BcEnF45G4ZBg0FFnG/e6d0mOHfX2p938WOmbjbdQr0BlojB9W4InRPNCfB
WhODdMykqOXWb4zh1ynwbF2L8Bbkno/Uk15RVPw/JlzHRstXPYNdl2IPGQIDAQAB
o4ICcjCCAm4wHQYDVR0OBBYEFM8C6Qjbk3j1cLis1ZuhPe3QxdYsMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvendMcENOdVRlUFZ3dUt6Vm02RTk3ZERGMWl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGHBggrBgEFBQcBBwEB/wR4MHYwdAQCAAEwbjAMAwQAUah3
AwQAUah4AwQAUpj4AwQAUpj7AwQAUpj+AwQAUplFAwQAUplIAwQAUplPAwQAUpmE
AwQAUpngAwQAWdUEAwQBWdUGAwQAWdWCAwQAWdWhAwQAWdW+AwQAbbD3AwQAbbD7
AwQAuTF8MA0GCSqGSIb3DQEBCwUAA4IBAQCJ38MWjlQpN3zWo/03HJOco93LO359
QeWSZW7+jPw6upBnl9Zehx98Q35IH/E3JBjaF2V7wEB+UiEF3sDdb7uP5RjC28NR
gCjm/L/NRRdqBemXBoj7YMd9dmK98aSGSKKZLUqtVsxbhS71lqtkyw+sH1+RQDEE
1hHb3+4JXv3+fjj5psRTjZEM6fFRMtHEMvPUNT0mZZ+qFOdYygE13KquWKmZIcNQ
rK0OwjOtltTPzDPdU3DKW7X5rztnLilAcBELOmbgYcu+JBrVaR4kFVUtKVP/qlOA
jMgg2iu6BXPgaWFo5qgGjjO49+0gz+nfe/pWcBXlj7o5eK1hMxHyQzFF
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:32 2024 by rpki-client on console-ams.rpki-client.org