Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/009074-66f6-4d4d-974a-da2ec8cfb888/1/3MDcTsNU8L7I8HikDXs5MG2sP68.roa
File:                     3MDcTsNU8L7I8HikDXs5MG2sP68.roa (raw, json)
Hash identifier:          FIfAS1b3ZY23bs/Lh3SYjo/dxIS611Z8IWfvQWghiIk=
Subject key identifier:   DC:C0:DC:4E:C3:54:F0:BE:C8:F0:78:A4:0D:7B:39:30:6D:AC:3F:AF
Certificate issuer:       /CN=81812385b82dda0fd4826abb7aefeb0df3eb8ffd
Certificate serial:       01874764B1CD7C93CB8CD4E39A0F27A85448
Authority key identifier: 81:81:23:85:B8:2D:DA:0F:D4:82:6A:BB:7A:EF:EB:0D:F3:EB:8F:FD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gYEjhbgt2g_Ugmq7eu_rDfPrj_0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/009074-66f6-4d4d-974a-da2ec8cfb888/1/3MDcTsNU8L7I8HikDXs5MG2sP68.roa
Signing time:             Mon 03 Apr 2023 13:53:14 +0000
ROA not before:           Mon 03 Apr 2023 13:53:14 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     21430
IP address blocks:        82.208.52.0/22 maxlen: 22
                          82.208.57.0/24 maxlen: 24
                          82.208.59.0/24 maxlen: 24
                          109.123.200.0/23 maxlen: 23
                          82.208.0.0/22 maxlen: 22
                          109.123.204.0/24 maxlen: 24
                          109.123.212.0/23 maxlen: 23
                          82.208.13.0/24 maxlen: 24
                          82.208.15.0/24 maxlen: 24
                          82.208.24.0/23 maxlen: 23
                          109.123.226.0/24 maxlen: 24
                          82.208.19.0/24 maxlen: 24
                          82.208.30.0/23 maxlen: 24
                          82.208.36.0/23 maxlen: 23
                          82.208.38.0/24 maxlen: 24
                          82.208.42.0/23 maxlen: 23
                          82.208.51.0/24 maxlen: 24
                          82.208.45.0/24 maxlen: 24
                          185.33.136.0/22 maxlen: 22
                          217.11.255.0/24 maxlen: 24
                          83.136.200.0/21 maxlen: 21
                          217.11.226.0/24 maxlen: 24
                          217.11.231.0/24 maxlen: 24
                          217.11.234.0/24 maxlen: 24
                          217.11.237.0/24 maxlen: 24
                          217.11.238.0/23 maxlen: 23
                          217.11.240.0/23 maxlen: 23
                          217.11.244.0/24 maxlen: 24
                          217.11.250.0/24 maxlen: 24
                          217.11.252.0/23 maxlen: 23
                          31.7.240.0/21 maxlen: 21
                          85.239.254.0/23 maxlen: 23
                          77.78.80.0/21 maxlen: 21
                          81.0.216.0/24 maxlen: 24
                          81.0.215.0/24 maxlen: 24
                          77.78.88.0/22 maxlen: 24
                          77.78.88.0/23 maxlen: 23
                          81.0.222.0/23 maxlen: 23
                          81.0.224.0/24 maxlen: 24
                          77.78.91.0/24 maxlen: 24
                          77.78.92.0/23 maxlen: 24
                          81.0.227.0/24 maxlen: 24
                          81.0.229.0/24 maxlen: 24
                          81.0.244.0/23 maxlen: 23
                          81.0.252.0/23 maxlen: 23
                          81.0.251.0/24 maxlen: 24
                          77.78.122.0/24 maxlen: 24
                          185.161.240.0/22 maxlen: 22
                          85.239.224.0/23 maxlen: 23
                          85.239.226.0/24 maxlen: 24
                          85.239.228.0/23 maxlen: 23
                          80.250.0.0/19 maxlen: 19
                          81.0.196.0/23 maxlen: 23
                          81.0.198.0/24 maxlen: 24
                          77.78.64.0/22 maxlen: 22
                          81.0.200.0/22 maxlen: 22
                          77.78.68.0/23 maxlen: 23
                          81.0.204.0/23 maxlen: 23
                          77.78.74.0/23 maxlen: 23
                          81.0.210.0/23 maxlen: 23
                          85.239.251.0/24 maxlen: 24
                          2a01:6400::/32 maxlen: 32

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:31:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:47:64:b1:cd:7c:93:cb:8c:d4:e3:9a:0f:27:a8:54:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=81812385b82dda0fd4826abb7aefeb0df3eb8ffd
        Validity
            Not Before: Apr  3 13:53:14 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=dcc0dc4ec354f0bec8f078a40d7b39306dac3faf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:c6:be:f2:f6:95:5d:72:af:cd:3b:c6:9c:02:
                    92:f5:55:fb:36:9d:eb:01:a2:2b:eb:38:be:ef:e8:
                    ff:30:63:6c:f2:47:da:4a:da:69:ef:6f:d8:7c:d7:
                    ca:ca:ad:d4:52:f1:03:1f:1f:13:f8:59:e1:ef:2a:
                    9d:37:a2:07:d4:ff:d9:d2:25:bc:ab:d6:ac:05:66:
                    81:07:93:f3:af:36:dd:5a:45:1b:bf:00:45:16:d1:
                    57:58:b9:a3:aa:ac:fb:ea:e7:7a:a9:4b:00:6a:4c:
                    70:6d:ed:dd:d0:bc:cf:31:17:9c:68:30:47:01:7b:
                    a4:8e:d7:94:6e:2b:b0:e4:83:d4:76:65:b3:23:32:
                    76:54:1c:5f:95:d2:99:6d:d2:83:1b:a5:54:78:39:
                    c5:cf:10:e1:ec:eb:c7:4c:7e:e6:17:e0:32:69:a7:
                    4b:8c:79:fe:c1:d9:01:7f:4a:5f:a4:8b:f7:7c:f6:
                    66:a4:82:4f:e3:c1:94:68:3a:d2:de:62:17:db:0e:
                    31:04:bc:f4:9a:ca:d7:46:fd:48:83:08:9f:45:fb:
                    73:71:2a:60:b0:86:35:13:d1:b9:4b:be:00:d1:9b:
                    22:2b:ce:56:ee:29:06:24:88:52:37:a3:6e:50:24:
                    26:b8:b7:03:c0:0d:65:aa:3a:b9:fd:49:3a:19:15:
                    75:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:C0:DC:4E:C3:54:F0:BE:C8:F0:78:A4:0D:7B:39:30:6D:AC:3F:AF
            X509v3 Authority Key Identifier:
                keyid:81:81:23:85:B8:2D:DA:0F:D4:82:6A:BB:7A:EF:EB:0D:F3:EB:8F:FD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gYEjhbgt2g_Ugmq7eu_rDfPrj_0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/009074-66f6-4d4d-974a-da2ec8cfb888/1/3MDcTsNU8L7I8HikDXs5MG2sP68.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/009074-66f6-4d4d-974a-da2ec8cfb888/1/gYEjhbgt2g_Ugmq7eu_rDfPrj_0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.7.240.0/21
                  77.78.64.0-77.78.69.255
                  77.78.74.0/23
                  77.78.80.0-77.78.93.255
                  77.78.122.0/24
                  80.250.0.0/19
                  81.0.196.0-81.0.198.255
                  81.0.200.0-81.0.205.255
                  81.0.210.0/23
                  81.0.215.0-81.0.216.255
                  81.0.222.0-81.0.224.255
                  81.0.227.0/24
                  81.0.229.0/24
                  81.0.244.0/23
                  81.0.251.0-81.0.253.255
                  82.208.0.0/22
                  82.208.13.0/24
                  82.208.15.0/24
                  82.208.19.0/24
                  82.208.24.0/23
                  82.208.30.0/23
                  82.208.36.0-82.208.38.255
                  82.208.42.0/23
                  82.208.45.0/24
                  82.208.51.0-82.208.55.255
                  82.208.57.0/24
                  82.208.59.0/24
                  83.136.200.0/21
                  85.239.224.0-85.239.226.255
                  85.239.228.0/23
                  85.239.251.0/24
                  85.239.254.0/23
                  109.123.200.0/23
                  109.123.204.0/24
                  109.123.212.0/23
                  109.123.226.0/24
                  185.33.136.0/22
                  185.161.240.0/22
                  217.11.226.0/24
                  217.11.231.0/24
                  217.11.234.0/24
                  217.11.237.0-217.11.241.255
                  217.11.244.0/24
                  217.11.250.0/24
                  217.11.252.0/23
                  217.11.255.0/24
                IPv6:
                  2a01:6400::/32

    Signature Algorithm: sha256WithRSAEncryption
         40:ab:c6:b4:38:8e:f0:41:d8:3c:2c:d0:0a:48:ab:60:bf:7b:
         1b:cd:eb:f2:61:dd:9f:4f:c3:41:11:8a:32:40:05:a8:c9:8a:
         cb:d1:47:d7:15:99:34:85:75:14:65:59:8d:cd:17:24:e6:f8:
         5a:21:a9:17:c2:c4:51:d3:71:34:0e:3a:3c:31:d3:d4:bc:c5:
         81:a5:d7:40:4c:6c:b5:e0:00:07:30:90:c2:0e:8a:77:54:67:
         71:df:67:49:b6:f1:d6:79:11:7b:b9:ea:96:29:82:ab:e7:cc:
         3c:71:c3:cd:cf:c2:5f:f9:80:e6:b8:de:87:9c:13:6b:94:af:
         2d:88:92:2b:f2:61:54:24:5c:d1:49:15:09:65:de:7c:1b:03:
         7f:35:72:a2:e5:f4:09:45:57:57:56:16:95:42:39:67:42:3e:
         1a:45:42:8e:91:a1:3e:e7:4b:3a:de:a8:ef:b3:c9:c7:3a:af:
         16:97:36:c2:ed:9a:48:2d:ae:9d:2b:ca:83:88:92:67:7d:4d:
         90:d4:97:03:d9:e6:2a:f2:34:c2:3c:81:7b:95:36:70:25:43:
         ea:18:6a:92:60:31:db:e4:38:63:df:f5:a9:0f:50:45:02:1b:
         35:52:60:6c:53:fa:f4:74:3c:36:06:7a:79:ff:50:2e:cf:8f:
         0d:1e:0c:ad
-----BEGIN CERTIFICATE-----
MIIGfDCCBWSgAwIBAgISAYdHZLHNfJPLjNTjmg8nqFRIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxODEyMzg1YjgyZGRhMGZkNDgyNmFiYjdhZWZlYjBkZjNl
YjhmZmQwHhcNMjMwNDAzMTM1MzE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2MwZGM0ZWMzNTRmMGJlYzhmMDc4YTQwZDdiMzkzMDZkYWMzZmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj8a+8vaVXXKvzTvGnAKS9VX7Np3r
AaIr6zi+7+j/MGNs8kfaStpp72/YfNfKyq3UUvEDHx8T+Fnh7yqdN6IH1P/Z0iW8
q9asBWaBB5PzrzbdWkUbvwBFFtFXWLmjqqz76ud6qUsAakxwbe3d0LzPMRecaDBH
AXukjteUbiuw5IPUdmWzIzJ2VBxfldKZbdKDG6VUeDnFzxDh7OvHTH7mF+AyaadL
jHn+wdkBf0pfpIv3fPZmpIJP48GUaDrS3mIX2w4xBLz0msrXRv1IgwifRftzcSpg
sIY1E9G5S74A0ZsiK85W7ikGJIhSN6NuUCQmuLcDwA1lqjq5/Uk6GRV1PQIDAQAB
o4IDiDCCA4QwHQYDVR0OBBYEFNzA3E7DVPC+yPB4pA17OTBtrD+vMB8GA1UdIwQY
MBaAFIGBI4W4LdoP1IJqu3rv6w3z64/9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1lFamhiZ3QyZ19VZ21xN2V1X3JEZlByal8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi8wMDkwNzQtNjZmNi00ZDRkLTk3NGEt
ZGEyZWM4Y2ZiODg4LzEvM01EY1RzTlU4TDdJOEhpa0RYczVNRzJzUDY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi8wMDkwNzQtNjZmNi00ZDRkLTk3NGEtZGEyZWM4Y2ZiODg4
LzEvZ1lFamhiZ3QyZ19VZ21xN2V1X3JEZlByal8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBnAYIKwYBBQUHAQcBAf8EggGLMIIBhzCCAXQEAgABMIIB
bAMEAx8H8DAMAwQGTU5AAwQBTU5EAwQBTU5KMAwDBARNTlADBAFNTlwDBABNTnoD
BAVQ+gAwDAMEAlEAxAMEAFEAxjAMAwQDUQDIAwQBUQDMAwQBUQDSMAwDBABRANcD
BABRANgwDAMEAVEA3gMEAFEA4AMEAFEA4wMEAFEA5QMEAVEA9DAMAwQAUQD7AwQB
UQD8AwQCUtAAAwQAUtANAwQAUtAPAwQAUtATAwQBUtAYAwQBUtAeMAwDBAJS0CQD
BABS0CYDBAFS0CoDBABS0C0wDAMEAFLQMwMEA1LQMAMEAFLQOQMEAFLQOwMEA1OI
yDAMAwQFVe/gAwQAVe/iAwQBVe/kAwQAVe/7AwQBVe/+AwQBbXvIAwQAbXvMAwQB
bXvUAwQAbXviAwQCuSGIAwQCuaHwAwQA2QviAwQA2QvnAwQA2QvqMAwDBADZC+0D
BAHZC/ADBADZC/QDBADZC/oDBAHZC/wDBADZC/8wDQQCAAIwBwMFACoBZAAwDQYJ
KoZIhvcNAQELBQADggEBAECrxrQ4jvBB2Dws0ApIq2C/exvN6/Jh3Z9Pw0ERijJA
BajJisvRR9cVmTSFdRRlWY3NFyTm+FohqRfCxFHTcTQOOjwx09S8xYGl10BMbLXg
AAcwkMIOindUZ3HfZ0m28dZ5EXu56pYpgqvnzDxxw83Pwl/5gOa43oecE2uUry2I
kivyYVQkXNFJFQll3nwbA381cqLl9AlFV1dWFpVCOWdCPhpFQo6RoT7nSzreqO+z
ycc6rxaXNsLtmkgtrp0ryoOIkmd9TZDUlwPZ5iryNMI8gXuVNnAlQ+oYapJgMdvk
OGPf9akPUEUCGzVSYGxT+vR0PDYGenn/UC7Pjw0eDK0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:07 2024 by rpki-client on console-fra.rpki-client.org