Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/oDntP-rvTiGqONLMgSIG1GaKhTk.roa
File:                     oDntP-rvTiGqONLMgSIG1GaKhTk.roa (raw, json)
Hash identifier:          2rvxYqURrwlD3TwQwxtKJ1IGwlpBvRWpIBA6L3XzkSQ=
Subject key identifier:   A0:39:ED:3F:EA:EF:4E:21:AA:38:D2:CC:81:22:06:D4:66:8A:85:39
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       0191BC2194E50E4A9F5635D26F33AE091604
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/oDntP-rvTiGqONLMgSIG1GaKhTk.roa
Signing time:             Wed 04 Sep 2024 08:23:23 +0000
ROA not before:           Wed 04 Sep 2024 08:23:23 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     401120
IP address blocks:        81.161.238.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 19 Sep 2024 09:07:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:91:bc:21:94:e5:0e:4a:9f:56:35:d2:6f:33:ae:09:16:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: Sep  4 08:23:23 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=a039ed3feaef4e21aa38d2cc812206d4668a8539
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:4b:e7:73:23:22:1b:83:ad:c8:d0:6e:81:6a:
                    24:b0:ab:5f:0d:b2:b0:03:c2:4c:2c:6a:4b:43:75:
                    cd:44:d5:40:45:40:d3:28:2e:4b:e4:93:3e:3e:0d:
                    50:d3:8c:8a:97:e9:45:fc:78:66:16:8d:b9:77:c9:
                    81:9e:c9:77:7a:b6:86:a0:19:c9:3d:60:20:fb:09:
                    ce:c9:37:cc:14:72:37:4a:4e:b7:58:de:a3:e3:10:
                    c4:dc:c9:94:f5:f0:16:cc:1e:f1:fe:07:15:b1:e7:
                    ab:c4:19:f3:25:1e:f0:38:37:8c:31:d1:38:ca:e6:
                    76:38:29:c3:72:75:89:43:b9:30:0f:f1:a9:89:aa:
                    9a:0d:a2:f7:20:13:e7:c7:e0:44:84:08:e9:5f:07:
                    06:15:65:a1:06:3e:3c:e7:30:7b:98:46:63:8f:f9:
                    a8:ef:9c:87:7c:e5:8d:92:63:6e:e3:17:e5:7a:f8:
                    10:67:f8:cc:1c:0c:86:57:6b:64:18:27:4c:c7:a2:
                    72:90:75:a1:8a:c0:10:de:92:d8:64:f9:de:a5:20:
                    26:b8:e5:22:a7:b8:28:71:40:c9:1f:4d:51:b5:a7:
                    3c:64:0c:4e:0d:e9:7c:fe:36:99:51:eb:8c:fa:28:
                    ef:a1:b3:8c:85:8e:e0:b2:64:9d:b4:27:f5:a8:8a:
                    d4:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:39:ED:3F:EA:EF:4E:21:AA:38:D2:CC:81:22:06:D4:66:8A:85:39
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/oDntP-rvTiGqONLMgSIG1GaKhTk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.161.238.0/24

    Signature Algorithm: sha256WithRSAEncryption
         71:00:3e:18:85:0e:b8:7d:1d:19:32:ca:1a:92:1c:eb:63:7d:
         bb:93:ff:d4:52:7f:00:88:ec:72:2e:31:19:fa:35:78:4f:91:
         4c:86:a0:6d:b5:b2:69:9c:ff:f0:eb:82:b5:e4:47:b4:e6:43:
         7f:a9:06:b9:22:a4:56:66:70:a7:d7:1b:09:b8:a9:fb:0d:32:
         01:06:09:8c:d1:00:71:f2:4d:25:8e:1d:e6:fb:29:3f:5c:18:
         5a:4f:dd:82:52:79:ff:7c:92:6b:fa:92:d5:f1:62:3c:74:27:
         fc:93:43:86:26:13:25:29:63:0b:13:e0:ad:ce:2b:49:e8:d8:
         75:01:79:cd:1e:99:85:ed:5a:ff:35:0d:98:51:50:64:4f:86:
         9d:e7:41:3b:3b:9c:ca:b0:da:4a:96:3a:5f:43:99:33:5d:8b:
         21:ae:41:01:25:be:e6:8a:a3:8a:d2:ac:af:dd:18:ca:80:48:
         fb:c0:99:86:9b:d6:77:82:56:99:0d:7b:ba:94:35:78:31:c3:
         95:0d:48:80:b4:0b:8f:cc:49:f9:ff:1e:38:f2:42:ef:2c:1c:
         5b:5f:7c:5f:3f:fb:32:4d:aa:07:63:8a:36:c8:bd:11:33:8e:
         78:b2:55:aa:98:a5:e9:5a:99:06:8b:d7:06:70:2b:1f:4d:bc:
         74:09:5c:c6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZG8IZTlDkqfVjXSbzOuCRYEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwOTA0MDgyMzIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDM5ZWQzZmVhZWY0ZTIxYWEzOGQyY2M4MTIyMDZkNDY2OGE4NTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAskvncyMiG4OtyNBugWoksKtfDbKw
A8JMLGpLQ3XNRNVARUDTKC5L5JM+Pg1Q04yKl+lF/HhmFo25d8mBnsl3eraGoBnJ
PWAg+wnOyTfMFHI3Sk63WN6j4xDE3MmU9fAWzB7x/gcVseerxBnzJR7wODeMMdE4
yuZ2OCnDcnWJQ7kwD/GpiaqaDaL3IBPnx+BEhAjpXwcGFWWhBj485zB7mEZjj/mo
75yHfOWNkmNu4xflevgQZ/jMHAyGV2tkGCdMx6JykHWhisAQ3pLYZPnepSAmuOUi
p7gocUDJH01Rtac8ZAxODel8/jaZUeuM+ijvobOMhY7gsmSdtCf1qIrUOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKA57T/q704hqjjSzIEiBtRmioU5MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvb0RudFAtcnZUaUdxT05MTWdTSUcxR2FLaFRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUaHuMA0G
CSqGSIb3DQEBCwUAA4IBAQBxAD4YhQ64fR0ZMsoakhzrY327k//UUn8AiOxyLjEZ
+jV4T5FMhqBttbJpnP/w64K15Ee05kN/qQa5IqRWZnCn1xsJuKn7DTIBBgmM0QBx
8k0ljh3m+yk/XBhaT92CUnn/fJJr+pLV8WI8dCf8k0OGJhMlKWMLE+CtzitJ6Nh1
AXnNHpmF7Vr/NQ2YUVBkT4ad50E7O5zKsNpKljpfQ5kzXYshrkEBJb7miqOK0qyv
3RjKgEj7wJmGm9Z3glaZDXu6lDV4McOVDUiAtAuPzEn5/x448kLvLBxbX3xfP/sy
TaoHY4o2yL0RM454slWqmKXpWpkGi9cGcCsfTbx0CVzG
-----END CERTIFICATE-----
Generated at Thu Sep 19 10:53:27 2024 by rpki-client on console-fra.rpki-client.org