Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/UO6O8sSMkOnZjVqDOOnWstxiwh8.roa
File:                     UO6O8sSMkOnZjVqDOOnWstxiwh8.roa (raw, json)
Hash identifier:          c3Ono+GBm/QL4ZM/CMIGCWFyNlNpmMkGy0scqlPf78o=
Subject key identifier:   50:EE:8E:F2:C4:8C:90:E9:D9:8D:5A:83:38:E9:D6:B2:DC:62:C2:1F
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       018CB471AFB33D4368F3794AC53828B7B83E
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/UO6O8sSMkOnZjVqDOOnWstxiwh8.roa
Signing time:             Fri 29 Dec 2023 07:19:58 +0000
ROA not before:           Fri 29 Dec 2023 07:19:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     197715
IP address blocks:        81.161.236.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:29:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:b4:71:af:b3:3d:43:68:f3:79:4a:c5:38:28:b7:b8:3e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: Dec 29 07:19:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=50ee8ef2c48c90e9d98d5a8338e9d6b2dc62c21f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:27:70:25:85:85:06:84:36:7a:08:a9:c6:6e:
                    a9:59:ef:fa:ec:5b:1d:41:27:14:df:09:b0:f8:c3:
                    d6:7d:71:54:ae:a9:ca:99:f3:ce:0c:e6:55:33:16:
                    f3:b3:06:07:5f:60:4d:50:00:27:8c:a3:20:a4:5f:
                    0f:98:1b:d9:7d:e9:bf:b3:e0:36:d2:0a:de:fd:4f:
                    b9:9d:96:d1:cf:52:59:cd:9d:60:32:32:2f:ca:e2:
                    23:f1:0b:ba:a1:40:26:4e:44:8c:3c:c8:4c:ea:ec:
                    6c:ac:ab:8d:ec:f0:30:cd:09:b0:f8:e8:07:0a:e1:
                    69:7f:f2:7f:96:5a:0b:28:c0:7b:67:da:e0:fa:7a:
                    c7:33:9f:35:12:36:09:2f:3b:cc:99:12:e9:a0:37:
                    89:0f:0b:b0:cf:d8:d4:54:05:1a:f8:20:57:c5:e3:
                    5e:5e:4e:f4:c0:f4:1c:eb:ae:0e:4d:6e:b7:45:17:
                    f9:b1:49:d4:18:de:fd:05:1f:d4:0f:fb:24:b1:df:
                    5a:eb:23:ba:fd:7d:9b:b7:47:dd:39:b2:10:aa:4b:
                    67:08:c9:61:95:ae:ad:dd:c7:29:a3:61:80:13:19:
                    24:99:9d:7e:ff:5e:8c:17:ab:5b:c1:ef:f4:ab:34:
                    db:90:b5:d9:3c:ff:be:ad:5e:f9:7f:3b:27:a5:89:
                    a3:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:EE:8E:F2:C4:8C:90:E9:D9:8D:5A:83:38:E9:D6:B2:DC:62:C2:1F
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/UO6O8sSMkOnZjVqDOOnWstxiwh8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.161.236.0/24

    Signature Algorithm: sha256WithRSAEncryption
         00:77:f7:ba:e7:71:77:f0:f0:b7:20:a3:7a:4b:42:b1:36:dc:
         f0:aa:32:74:b2:3c:67:ca:71:f0:d4:47:0d:88:5c:31:7d:55:
         1a:6a:60:98:2c:a4:29:a6:6f:10:63:b1:73:2b:0f:22:5e:f4:
         6f:c9:af:8a:af:54:d5:3a:fb:73:c8:1e:41:53:7d:b0:21:06:
         c3:ef:eb:09:ac:45:18:81:4b:6e:9f:19:8c:12:a6:54:01:c5:
         3f:5e:88:59:fa:59:da:15:61:07:9b:2d:52:d5:c6:88:27:0c:
         19:f5:7a:14:83:4f:b4:5a:8b:66:c1:42:d4:49:16:71:5e:8f:
         76:f1:71:8f:ef:7a:ca:2b:cf:05:d6:80:2a:5e:81:8a:5f:f7:
         84:db:e0:1e:9c:58:75:25:94:2e:9d:ee:60:30:42:20:b1:5d:
         ed:8b:15:73:cf:41:48:51:5d:d4:62:66:3d:28:36:e2:2e:70:
         ab:4f:9d:df:82:a5:bb:86:21:28:db:a0:9e:df:a9:6e:c5:51:
         13:fb:b3:f0:b3:4e:43:71:b9:34:56:0b:49:f8:4e:d3:f5:9f:
         47:9d:ff:57:da:a1:40:47:84:3a:9a:d5:97:1d:54:48:f6:bd:
         9b:b4:6d:ca:e3:e9:ad:2d:4c:58:f1:1a:12:cc:b0:c0:56:82:
         97:08:ee:20
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYy0ca+zPUNo83lKxTgot7g+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMjI5MDcxOTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGVlOGVmMmM0OGM5MGU5ZDk4ZDVhODMzOGU5ZDZiMmRjNjJjMjFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjidwJYWFBoQ2egipxm6pWe/67Fsd
QScU3wmw+MPWfXFUrqnKmfPODOZVMxbzswYHX2BNUAAnjKMgpF8PmBvZfem/s+A2
0gre/U+5nZbRz1JZzZ1gMjIvyuIj8Qu6oUAmTkSMPMhM6uxsrKuN7PAwzQmw+OgH
CuFpf/J/lloLKMB7Z9rg+nrHM581EjYJLzvMmRLpoDeJDwuwz9jUVAUa+CBXxeNe
Xk70wPQc664OTW63RRf5sUnUGN79BR/UD/sksd9a6yO6/X2bt0fdObIQqktnCMlh
la6t3ccpo2GAExkkmZ1+/16MF6tbwe/0qzTbkLXZPP++rV75fzsnpYmj3wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFDujvLEjJDp2Y1agzjp1rLcYsIfMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvVU82TzhzU01rT25aalZxRE9PbldzdHhpd2g4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUaHsMA0G
CSqGSIb3DQEBCwUAA4IBAQAAd/e653F38PC3IKN6S0KxNtzwqjJ0sjxnynHw1EcN
iFwxfVUaamCYLKQppm8QY7FzKw8iXvRvya+Kr1TVOvtzyB5BU32wIQbD7+sJrEUY
gUtunxmMEqZUAcU/XohZ+lnaFWEHmy1S1caIJwwZ9XoUg0+0WotmwULUSRZxXo92
8XGP73rKK88F1oAqXoGKX/eE2+AenFh1JZQune5gMEIgsV3tixVzz0FIUV3UYmY9
KDbiLnCrT53fgqW7hiEo26Ce36luxVET+7Pws05Dcbk0VgtJ+E7T9Z9Hnf9X2qFA
R4Q6mtWXHVRI9r2btG3K4+mtLUxY8RoSzLDAVoKXCO4g
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:34 2024 by rpki-client on console-ams.rpki-client.org