Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/ntOLcwenrR-ndZ0CJFdTiXbyLkk.roa
File:                     ntOLcwenrR-ndZ0CJFdTiXbyLkk.roa (raw, json)
Hash identifier:          D20ulTtvnrgLmUdR42YQAfdN3/E5A45a63t412igpYI=
Subject key identifier:   9E:D3:8B:73:07:A7:AD:1F:A7:75:9D:02:24:57:53:89:76:F2:2E:49
Certificate issuer:       /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial:       0185706726B9A403001B392A71EC80B52B69
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/ntOLcwenrR-ndZ0CJFdTiXbyLkk.roa
Signing time:             Mon 02 Jan 2023 02:54:46 +0000
ROA not before:           Mon 02 Jan 2023 02:54:46 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     1239
IP address blocks:        81.22.136.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Mon 12 Jun 2023 10:56:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:67:26:b9:a4:03:00:1b:39:2a:71:ec:80:b5:2b:69
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
        Validity
            Not Before: Jan  2 02:54:46 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9ed38b7307a7ad1fa7759d022457538976f22e49
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:16:43:28:54:f6:0b:ae:ad:d7:3f:6d:42:9b:
                    eb:4c:31:f5:d1:76:03:b3:7c:9e:f4:4c:82:69:39:
                    8e:24:ce:7e:7b:4e:ff:06:54:25:aa:f7:5e:cc:eb:
                    b9:9c:7c:97:f3:f7:fd:57:a0:d7:70:b6:af:bc:e7:
                    ce:e5:e6:b7:76:08:c5:38:b5:eb:c9:0d:0d:1a:4e:
                    31:43:2b:d3:88:76:83:97:88:30:31:f4:9a:00:ff:
                    5b:75:cd:8e:28:ed:e9:9d:da:04:40:70:77:e4:b4:
                    b6:70:38:44:c6:e4:8d:1f:e9:74:ec:05:e2:54:02:
                    2c:b4:30:3a:d1:78:d3:e1:9b:b5:d1:b5:5f:bb:7b:
                    b5:f1:5d:16:e6:ff:cf:87:16:b0:ce:c1:23:43:b6:
                    d5:86:4f:96:a1:cb:6f:24:8a:12:76:2d:8c:67:ea:
                    14:ba:0c:25:7e:58:ff:1e:59:50:a4:c4:4e:89:52:
                    11:6c:34:f9:2f:93:52:0b:bd:9a:82:33:17:20:36:
                    29:38:19:d8:1a:f3:1f:5f:79:a9:ee:0c:2d:b2:5c:
                    e3:8d:e4:d9:38:81:08:69:6e:b8:0a:38:39:21:89:
                    2b:19:bb:1b:82:a4:a6:64:d2:b2:23:f1:ca:fd:aa:
                    37:09:46:36:0d:60:ab:be:ad:96:36:f0:67:5e:52:
                    17:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:D3:8B:73:07:A7:AD:1F:A7:75:9D:02:24:57:53:89:76:F2:2E:49
            X509v3 Authority Key Identifier:
                keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/ntOLcwenrR-ndZ0CJFdTiXbyLkk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.22.136.0/22

    Signature Algorithm: sha256WithRSAEncryption
         2b:e7:c9:ff:37:fe:7f:3f:63:81:f3:2c:a8:5f:10:19:ae:9c:
         a6:21:b7:b3:7e:24:86:c8:25:1c:4d:10:ad:a2:9f:ed:03:27:
         ca:4d:09:30:ad:98:88:6d:40:8a:74:c0:85:44:4f:8c:cc:db:
         7e:4c:82:e5:16:e0:86:fd:d8:ac:ab:3e:b1:69:de:4d:05:e2:
         29:a9:84:14:59:d2:68:c6:55:99:3b:ca:42:63:94:92:86:90:
         87:29:61:e6:ce:bb:96:89:31:f9:2a:4f:4d:cb:1d:72:75:d6:
         1b:9d:cb:20:28:7b:fe:f2:2d:7d:d3:fe:d7:a0:d0:cc:bf:9d:
         d7:d7:64:48:d7:f6:ac:57:0e:fb:e8:77:a2:fa:1b:d3:a8:8f:
         b7:11:c4:05:b4:84:b4:46:ab:4b:15:12:bc:a8:66:d6:09:2b:
         81:ed:0d:a7:08:73:9b:f4:fa:dc:a8:00:26:25:3f:11:75:f3:
         72:ba:13:49:8b:ac:36:30:43:a3:51:a4:5b:33:eb:d2:5d:a2:
         09:18:cc:d3:cf:0b:0e:ff:a1:a1:af:84:2b:b2:74:34:cf:db:
         05:fd:fe:8b:79:85:77:f1:4f:ad:d6:07:f4:73:4e:d3:ed:64:
         03:66:b4:2b:1b:01:fb:18:1e:f1:d2:a7:ce:1b:a5:85:7d:5b:
         3c:87:38:90
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwZya5pAMAGzkqceyAtStpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMwMTAyMDI1NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWQzOGI3MzA3YTdhZDFmYTc3NTlkMDIyNDU3NTM4OTc2ZjIyZTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuRZDKFT2C66t1z9tQpvrTDH10XYD
s3ye9EyCaTmOJM5+e07/BlQlqvdezOu5nHyX8/f9V6DXcLavvOfO5ea3dgjFOLXr
yQ0NGk4xQyvTiHaDl4gwMfSaAP9bdc2OKO3pndoEQHB35LS2cDhExuSNH+l07AXi
VAIstDA60XjT4Zu10bVfu3u18V0W5v/PhxawzsEjQ7bVhk+WoctvJIoSdi2MZ+oU
ugwlflj/HllQpMROiVIRbDT5L5NSC72agjMXIDYpOBnYGvMfX3mp7gwtslzjjeTZ
OIEIaW64Cjg5IYkrGbsbgqSmZNKyI/HK/ao3CUY2DWCrvq2WNvBnXlIXTwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ7Ti3MHp60fp3WdAiRXU4l28i5JMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvbnRPTGN3ZW5yUi1uZFowQ0pGZFRpWGJ5TGtrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCURaIMA0G
CSqGSIb3DQEBCwUAA4IBAQAr58n/N/5/P2OB8yyoXxAZrpymIbezfiSGyCUcTRCt
op/tAyfKTQkwrZiIbUCKdMCFRE+MzNt+TILlFuCG/disqz6xad5NBeIpqYQUWdJo
xlWZO8pCY5SShpCHKWHmzruWiTH5Kk9Nyx1yddYbncsgKHv+8i190/7XoNDMv53X
12RI1/asVw776Hei+hvTqI+3EcQFtIS0RqtLFRK8qGbWCSuB7Q2nCHOb9PrcqAAm
JT8RdfNyuhNJi6w2MEOjUaRbM+vSXaIJGMzTzwsO/6Ghr4QrsnQ0z9sF/f6LeYV3
8U+t1gf0c07T7WQDZrQrGwH7GB7x0qfOG6WFfVs8hziQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:46 2024 by rpki-client on console-ams.rpki-client.org