Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/xemF58jwNBCUUhdUMtkDxlrzCc4.roa
File:                     xemF58jwNBCUUhdUMtkDxlrzCc4.roa (raw, json)
Hash identifier:          /xxVq8W5QysKhL5iWdwdf0iecEt1W0gAvCL24LVlOdg=
Subject key identifier:   C5:E9:85:E7:C8:F0:34:10:94:52:17:54:32:D9:03:C6:5A:F3:09:CE
Certificate issuer:       /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial:       018E9E573619D1EFB828513FC0B9A4C0040E
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/xemF58jwNBCUUhdUMtkDxlrzCc4.roa
Signing time:             Tue 02 Apr 2024 10:24:59 +0000
ROA not before:           Tue 02 Apr 2024 10:24:59 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     215622
IP address blocks:        81.22.131.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 01 May 2024 11:03:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:9e:57:36:19:d1:ef:b8:28:51:3f:c0:b9:a4:c0:04:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
        Validity
            Not Before: Apr  2 10:24:59 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=c5e985e7c8f034109452175432d903c65af309ce
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:2c:db:5a:e8:76:70:e9:ef:37:8a:a3:14:ac:
                    53:18:d4:41:34:94:99:de:8e:27:62:60:6a:4e:1f:
                    7e:3f:80:a9:62:b3:64:86:ed:54:cb:47:85:f8:05:
                    8e:4c:81:10:af:b7:4b:80:31:64:64:d5:56:fd:dc:
                    46:9f:3c:c2:a9:73:d3:e2:40:51:60:8f:b5:f8:7d:
                    b3:e3:4f:db:1c:b6:67:29:f3:78:51:f5:a4:65:4c:
                    51:61:68:71:de:92:60:9e:82:47:b6:8f:c6:ee:6d:
                    db:89:06:87:24:13:b9:e1:62:77:b5:e6:62:32:90:
                    1b:e6:b2:05:ca:d3:f9:e2:6e:3d:7d:4c:fa:13:9d:
                    94:05:64:e6:8c:a1:c1:a0:25:54:b5:7c:7a:37:a2:
                    71:24:ec:a0:4c:80:c1:0f:40:b3:6d:25:9d:94:31:
                    35:32:5e:68:0e:c3:9f:d6:07:c3:6b:f3:c2:c5:cf:
                    54:6b:ad:8d:a8:24:0d:0c:07:d7:79:99:5f:e7:72:
                    61:ac:06:10:3b:36:d4:5d:af:ae:0c:62:fb:ad:10:
                    b0:d5:98:ec:5b:4a:3e:4f:13:95:ca:df:d7:55:5a:
                    54:d6:cf:81:bf:ec:4e:c7:50:62:0a:f0:65:c2:d9:
                    23:84:7f:83:e8:27:7e:e1:6b:27:ae:0b:0e:e3:cc:
                    c5:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:E9:85:E7:C8:F0:34:10:94:52:17:54:32:D9:03:C6:5A:F3:09:CE
            X509v3 Authority Key Identifier:
                keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/xemF58jwNBCUUhdUMtkDxlrzCc4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.22.131.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5e:9a:92:86:79:51:9f:43:4c:47:b2:70:60:f7:40:44:35:19:
         74:79:d4:85:60:03:1c:e1:e7:f4:16:85:55:dd:60:9b:84:58:
         12:7d:98:25:98:1b:8f:a1:aa:ac:a0:af:38:56:ac:92:ca:ed:
         0f:4e:bf:5f:b3:d5:81:a8:03:23:f9:a8:0f:dc:93:b0:bd:7e:
         bb:da:46:19:d3:a0:a4:f3:f0:1d:2f:a8:ce:4e:25:4f:b8:9b:
         46:89:fc:a3:72:8c:ec:7d:c6:65:47:3b:38:9a:43:a1:2c:6f:
         c9:61:22:05:4e:4e:d0:ba:22:b2:6a:d5:5b:8c:65:c9:91:7e:
         ec:78:cf:65:cd:86:a0:e6:96:9d:97:e0:eb:b4:ee:b1:08:f7:
         66:b9:bc:5c:3e:3f:31:18:17:21:71:50:f8:ca:d1:bb:12:c3:
         ac:ef:ed:21:d5:2f:75:70:87:cc:48:ff:55:79:76:4a:5a:bd:
         8a:7b:4b:8f:9b:1c:8e:0a:9b:b6:cf:fa:e8:24:68:81:fa:7e:
         37:1b:57:a7:73:e9:5c:9c:22:6e:53:e4:ec:06:03:a1:29:62:
         07:c0:ed:d8:23:ee:96:cd:1d:d6:e2:86:5f:23:4b:27:8f:7f:
         1b:12:34:43:68:50:4d:bf:5c:ab:aa:8c:dc:bd:5a:bc:33:9f:
         75:1b:37:73
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY6eVzYZ0e+4KFE/wLmkwAQOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjQwNDAyMTAyNDU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWU5ODVlN2M4ZjAzNDEwOTQ1MjE3NTQzMmQ5MDNjNjVhZjMwOWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoizbWuh2cOnvN4qjFKxTGNRBNJSZ
3o4nYmBqTh9+P4CpYrNkhu1Uy0eF+AWOTIEQr7dLgDFkZNVW/dxGnzzCqXPT4kBR
YI+1+H2z40/bHLZnKfN4UfWkZUxRYWhx3pJgnoJHto/G7m3biQaHJBO54WJ3teZi
MpAb5rIFytP54m49fUz6E52UBWTmjKHBoCVUtXx6N6JxJOygTIDBD0CzbSWdlDE1
Ml5oDsOf1gfDa/PCxc9Ua62NqCQNDAfXeZlf53JhrAYQOzbUXa+uDGL7rRCw1Zjs
W0o+TxOVyt/XVVpU1s+Bv+xOx1BiCvBlwtkjhH+D6Cd+4WsnrgsO48zFcwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMXphefI8DQQlFIXVDLZA8Za8wnOMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEveGVtRjU4andOQkNVVWhkVU10a0R4bHJ6Q2M0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAURaDMA0G
CSqGSIb3DQEBCwUAA4IBAQBempKGeVGfQ0xHsnBg90BENRl0edSFYAMc4ef0FoVV
3WCbhFgSfZglmBuPoaqsoK84VqySyu0PTr9fs9WBqAMj+agP3JOwvX672kYZ06Ck
8/AdL6jOTiVPuJtGifyjcozsfcZlRzs4mkOhLG/JYSIFTk7QuiKyatVbjGXJkX7s
eM9lzYag5padl+DrtO6xCPdmubxcPj8xGBchcVD4ytG7EsOs7+0h1S91cIfMSP9V
eXZKWr2Ke0uPmxyOCpu2z/roJGiB+n43G1enc+lcnCJuU+TsBgOhKWIHwO3YI+6W
zR3W4oZfI0snj38bEjRDaFBNv1yrqozcvVq8M591Gzdz
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:46 2024 by rpki-client on console-ams.rpki-client.org