Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/009074-66f6-4d4d-974a-da2ec8cfb888/1/3xJ3wPVfl3qp17Hxr-MzUvvne34.roa
File:                     3xJ3wPVfl3qp17Hxr-MzUvvne34.roa (raw, json)
Hash identifier:          FUXXjhfRbLwrDcFx/tElhVSd2yQzBMLWsJtFR8J64SU=
Subject key identifier:   DF:12:77:C0:F5:5F:97:7A:A9:D7:B1:F1:AF:E3:33:52:FB:E7:7B:7E
Certificate issuer:       /CN=81812385b82dda0fd4826abb7aefeb0df3eb8ffd
Certificate serial:       018CC6B91F255270738B7DEAA90F557FA3D2
Authority key identifier: 81:81:23:85:B8:2D:DA:0F:D4:82:6A:BB:7A:EF:EB:0D:F3:EB:8F:FD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gYEjhbgt2g_Ugmq7eu_rDfPrj_0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/009074-66f6-4d4d-974a-da2ec8cfb888/1/3xJ3wPVfl3qp17Hxr-MzUvvne34.roa
Signing time:             Mon 01 Jan 2024 20:31:10 +0000
ROA not before:           Mon 01 Jan 2024 20:31:10 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     21430
IP address blocks:        82.208.52.0/22 maxlen: 22
                          82.208.57.0/24 maxlen: 24
                          82.208.59.0/24 maxlen: 24
                          109.123.200.0/23 maxlen: 23
                          82.208.0.0/22 maxlen: 22
                          109.123.204.0/24 maxlen: 24
                          109.123.212.0/23 maxlen: 23
                          82.208.13.0/24 maxlen: 24
                          82.208.15.0/24 maxlen: 24
                          82.208.24.0/23 maxlen: 23
                          109.123.226.0/24 maxlen: 24
                          82.208.19.0/24 maxlen: 24
                          82.208.30.0/23 maxlen: 24
                          82.208.36.0/23 maxlen: 23
                          82.208.38.0/24 maxlen: 24
                          82.208.42.0/23 maxlen: 23
                          82.208.51.0/24 maxlen: 24
                          82.208.45.0/24 maxlen: 24
                          185.33.136.0/22 maxlen: 22
                          217.11.255.0/24 maxlen: 24
                          83.136.200.0/21 maxlen: 21
                          217.11.226.0/24 maxlen: 24
                          217.11.231.0/24 maxlen: 24
                          217.11.234.0/24 maxlen: 24
                          217.11.237.0/24 maxlen: 24
                          217.11.238.0/23 maxlen: 23
                          217.11.240.0/23 maxlen: 23
                          217.11.244.0/24 maxlen: 24
                          217.11.250.0/24 maxlen: 24
                          217.11.252.0/23 maxlen: 23
                          31.7.240.0/21 maxlen: 21
                          85.239.254.0/23 maxlen: 23
                          77.78.80.0/21 maxlen: 21
                          81.0.216.0/24 maxlen: 24
                          81.0.215.0/24 maxlen: 24
                          77.78.88.0/22 maxlen: 24
                          77.78.88.0/23 maxlen: 23
                          81.0.222.0/23 maxlen: 23
                          81.0.224.0/24 maxlen: 24
                          77.78.91.0/24 maxlen: 24
                          77.78.92.0/23 maxlen: 24
                          81.0.227.0/24 maxlen: 24
                          81.0.229.0/24 maxlen: 24
                          81.0.244.0/23 maxlen: 23
                          81.0.252.0/23 maxlen: 23
                          81.0.251.0/24 maxlen: 24
                          77.78.122.0/24 maxlen: 24
                          185.161.240.0/22 maxlen: 22
                          85.239.224.0/23 maxlen: 23
                          85.239.226.0/24 maxlen: 24
                          85.239.228.0/23 maxlen: 23
                          80.250.0.0/19 maxlen: 19
                          81.0.196.0/23 maxlen: 23
                          81.0.198.0/24 maxlen: 24
                          77.78.64.0/22 maxlen: 22
                          81.0.200.0/22 maxlen: 22
                          77.78.68.0/23 maxlen: 23
                          81.0.204.0/23 maxlen: 23
                          77.78.74.0/23 maxlen: 23
                          81.0.210.0/23 maxlen: 23
                          85.239.251.0/24 maxlen: 24
                          2a01:6400::/32 maxlen: 32

Validation:               Failed, certificate revoked on Wed 22 May 2024 08:29:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c6:b9:1f:25:52:70:73:8b:7d:ea:a9:0f:55:7f:a3:d2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=81812385b82dda0fd4826abb7aefeb0df3eb8ffd
        Validity
            Not Before: Jan  1 20:31:10 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=df1277c0f55f977aa9d7b1f1afe33352fbe77b7e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:6a:68:14:54:7a:ee:76:10:5a:a9:73:41:97:
                    90:1c:c5:92:4b:50:4b:bd:85:38:17:38:6e:a2:84:
                    0c:b7:11:5d:57:44:3b:68:9a:7d:7a:47:b9:de:c5:
                    f8:20:a2:75:c5:15:d4:6b:a3:f4:55:d5:87:75:59:
                    c6:88:4e:0b:b8:f6:66:c7:51:aa:85:0e:f9:c3:61:
                    c8:52:8f:ca:a4:56:f3:1d:c0:b2:be:5c:38:11:98:
                    0b:e4:9f:5b:2e:1c:39:e7:0e:8e:09:9d:20:c6:98:
                    ed:9c:4d:f2:b5:38:1d:9a:95:8f:38:4b:b0:f3:0a:
                    4d:d0:da:e1:8e:9c:34:9b:39:77:fa:82:b6:53:7a:
                    68:ad:ee:c6:10:d4:43:ef:77:28:7b:4b:d8:c0:c0:
                    1f:02:a3:28:46:2d:ba:44:84:82:1b:b6:92:2f:d3:
                    23:3f:77:f3:09:db:d9:4e:4a:8c:d6:3a:37:88:6f:
                    d6:04:7d:25:a7:58:04:f7:3f:ca:f5:99:45:ba:8d:
                    2f:a2:bd:5d:8b:e9:1a:f3:ce:68:a0:4b:f8:53:9b:
                    09:2d:f0:25:d8:b0:b0:7a:86:99:7c:d1:be:9d:53:
                    a2:bf:40:26:24:04:23:cf:27:3d:d7:61:75:d0:fb:
                    71:11:6b:b9:6b:b3:d3:b5:6a:5a:17:32:90:6c:64:
                    8a:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:12:77:C0:F5:5F:97:7A:A9:D7:B1:F1:AF:E3:33:52:FB:E7:7B:7E
            X509v3 Authority Key Identifier:
                keyid:81:81:23:85:B8:2D:DA:0F:D4:82:6A:BB:7A:EF:EB:0D:F3:EB:8F:FD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gYEjhbgt2g_Ugmq7eu_rDfPrj_0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/009074-66f6-4d4d-974a-da2ec8cfb888/1/3xJ3wPVfl3qp17Hxr-MzUvvne34.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/009074-66f6-4d4d-974a-da2ec8cfb888/1/gYEjhbgt2g_Ugmq7eu_rDfPrj_0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.7.240.0/21
                  77.78.64.0-77.78.69.255
                  77.78.74.0/23
                  77.78.80.0-77.78.93.255
                  77.78.122.0/24
                  80.250.0.0/19
                  81.0.196.0-81.0.198.255
                  81.0.200.0-81.0.205.255
                  81.0.210.0/23
                  81.0.215.0-81.0.216.255
                  81.0.222.0-81.0.224.255
                  81.0.227.0/24
                  81.0.229.0/24
                  81.0.244.0/23
                  81.0.251.0-81.0.253.255
                  82.208.0.0/22
                  82.208.13.0/24
                  82.208.15.0/24
                  82.208.19.0/24
                  82.208.24.0/23
                  82.208.30.0/23
                  82.208.36.0-82.208.38.255
                  82.208.42.0/23
                  82.208.45.0/24
                  82.208.51.0-82.208.55.255
                  82.208.57.0/24
                  82.208.59.0/24
                  83.136.200.0/21
                  85.239.224.0-85.239.226.255
                  85.239.228.0/23
                  85.239.251.0/24
                  85.239.254.0/23
                  109.123.200.0/23
                  109.123.204.0/24
                  109.123.212.0/23
                  109.123.226.0/24
                  185.33.136.0/22
                  185.161.240.0/22
                  217.11.226.0/24
                  217.11.231.0/24
                  217.11.234.0/24
                  217.11.237.0-217.11.241.255
                  217.11.244.0/24
                  217.11.250.0/24
                  217.11.252.0/23
                  217.11.255.0/24
                IPv6:
                  2a01:6400::/32

    Signature Algorithm: sha256WithRSAEncryption
         4a:5d:33:81:27:f5:df:e9:b2:0e:5f:62:d4:b5:67:c3:cc:d8:
         8c:3e:ce:b0:88:a5:e6:04:53:2d:48:d6:65:fa:fd:66:43:0e:
         ee:41:7f:2f:ca:d1:9e:96:f4:fc:88:81:21:ec:35:d3:c6:b7:
         d1:27:e2:e7:0b:85:d1:01:7b:f2:5b:73:1c:df:2b:48:88:23:
         88:90:e0:32:f0:0b:08:74:cb:ab:7a:98:50:97:2a:46:84:8c:
         29:ce:f2:61:d5:b0:20:1b:ac:f5:21:da:7a:b6:2a:a3:4f:0d:
         02:dd:ee:fb:df:86:0a:4d:8e:8d:61:46:e2:0e:c4:c4:f7:95:
         eb:3a:a7:55:0f:1d:05:2b:4c:09:38:7c:b5:ca:bc:2e:76:f7:
         8c:b8:f3:c0:a5:a1:c5:28:49:90:64:01:14:a5:f9:54:10:bb:
         02:11:72:7b:85:f5:53:5e:f8:ed:02:12:a7:d5:43:27:f4:e3:
         f9:14:fd:c1:7d:c8:c8:3f:39:c5:04:08:c1:d8:39:45:eb:b9:
         c8:0c:13:a0:1d:08:1f:f7:5a:f6:c4:f1:6a:73:62:7f:37:46:
         32:f0:83:45:1e:ed:9c:d8:3c:69:7b:31:b7:fe:be:62:83:b2:
         1b:da:91:8b:c5:d8:84:5e:72:c2:fa:d6:19:16:3d:7c:e8:38:
         f0:8e:bf:9c
-----BEGIN CERTIFICATE-----
MIIGfDCCBWSgAwIBAgISAYzGuR8lUnBzi33qqQ9Vf6PSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxODEyMzg1YjgyZGRhMGZkNDgyNmFiYjdhZWZlYjBkZjNl
YjhmZmQwHhcNMjQwMTAxMjAzMTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjEyNzdjMGY1NWY5NzdhYTlkN2IxZjFhZmUzMzM1MmZiZTc3YjdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwGpoFFR67nYQWqlzQZeQHMWSS1BL
vYU4FzhuooQMtxFdV0Q7aJp9eke53sX4IKJ1xRXUa6P0VdWHdVnGiE4LuPZmx1Gq
hQ75w2HIUo/KpFbzHcCyvlw4EZgL5J9bLhw55w6OCZ0gxpjtnE3ytTgdmpWPOEuw
8wpN0Nrhjpw0mzl3+oK2U3pore7GENRD73coe0vYwMAfAqMoRi26RISCG7aSL9Mj
P3fzCdvZTkqM1jo3iG/WBH0lp1gE9z/K9ZlFuo0vor1di+ka885ooEv4U5sJLfAl
2LCweoaZfNG+nVOiv0AmJAQjzyc912F10PtxEWu5a7PTtWpaFzKQbGSKYQIDAQAB
o4IDiDCCA4QwHQYDVR0OBBYEFN8Sd8D1X5d6qdex8a/jM1L753t+MB8GA1UdIwQY
MBaAFIGBI4W4LdoP1IJqu3rv6w3z64/9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1lFamhiZ3QyZ19VZ21xN2V1X3JEZlByal8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi8wMDkwNzQtNjZmNi00ZDRkLTk3NGEt
ZGEyZWM4Y2ZiODg4LzEvM3hKM3dQVmZsM3FwMTdIeHItTXpVdnZuZTM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi8wMDkwNzQtNjZmNi00ZDRkLTk3NGEtZGEyZWM4Y2ZiODg4
LzEvZ1lFamhiZ3QyZ19VZ21xN2V1X3JEZlByal8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBnAYIKwYBBQUHAQcBAf8EggGLMIIBhzCCAXQEAgABMIIB
bAMEAx8H8DAMAwQGTU5AAwQBTU5EAwQBTU5KMAwDBARNTlADBAFNTlwDBABNTnoD
BAVQ+gAwDAMEAlEAxAMEAFEAxjAMAwQDUQDIAwQBUQDMAwQBUQDSMAwDBABRANcD
BABRANgwDAMEAVEA3gMEAFEA4AMEAFEA4wMEAFEA5QMEAVEA9DAMAwQAUQD7AwQB
UQD8AwQCUtAAAwQAUtANAwQAUtAPAwQAUtATAwQBUtAYAwQBUtAeMAwDBAJS0CQD
BABS0CYDBAFS0CoDBABS0C0wDAMEAFLQMwMEA1LQMAMEAFLQOQMEAFLQOwMEA1OI
yDAMAwQFVe/gAwQAVe/iAwQBVe/kAwQAVe/7AwQBVe/+AwQBbXvIAwQAbXvMAwQB
bXvUAwQAbXviAwQCuSGIAwQCuaHwAwQA2QviAwQA2QvnAwQA2QvqMAwDBADZC+0D
BAHZC/ADBADZC/QDBADZC/oDBAHZC/wDBADZC/8wDQQCAAIwBwMFACoBZAAwDQYJ
KoZIhvcNAQELBQADggEBAEpdM4En9d/psg5fYtS1Z8PM2Iw+zrCIpeYEUy1I1mX6
/WZDDu5Bfy/K0Z6W9PyIgSHsNdPGt9En4ucLhdEBe/JbcxzfK0iII4iQ4DLwCwh0
y6t6mFCXKkaEjCnO8mHVsCAbrPUh2nq2KqNPDQLd7vvfhgpNjo1hRuIOxMT3les6
p1UPHQUrTAk4fLXKvC5294y488ClocUoSZBkARSl+VQQuwIRcnuF9VNe+O0CEqfV
Qyf04/kU/cF9yMg/OcUECMHYOUXrucgME6AdCB/3WvbE8WpzYn83RjLwg0Ue7ZzY
PGl7Mbf+vmKDshvakYvF2IRecsL61hkWPXzoOPCOv5w=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:30 2024 by rpki-client on console-ams.rpki-client.org