Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/xLAPoj_8BD0PZZrkkFvHlFLAno0.roa
File:                     xLAPoj_8BD0PZZrkkFvHlFLAno0.roa (raw, json)
Hash identifier:          j1e3+ZggPQ3uR6PDIfqHhnC5uhzqYf9A5WluLQtaBZ4=
Subject key identifier:   C4:B0:0F:A2:3F:FC:04:3D:0F:65:9A:E4:90:5B:C7:94:52:C0:9E:8D
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       018D2CEE85418039B33D464FFBB97DEB6DAE
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/xLAPoj_8BD0PZZrkkFvHlFLAno0.roa
Signing time:             Sun 21 Jan 2024 16:50:45 +0000
ROA not before:           Sun 21 Jan 2024 16:50:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     49981
IP address blocks:        81.161.229.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 21 Feb 2024 14:17:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:2c:ee:85:41:80:39:b3:3d:46:4f:fb:b9:7d:eb:6d:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: Jan 21 16:50:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=c4b00fa23ffc043d0f659ae4905bc79452c09e8d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:1a:29:c0:6d:9a:9d:c4:3b:e7:57:fc:69:4b:
                    3a:49:e9:69:11:15:6c:fe:11:b5:3e:42:db:6c:ca:
                    3f:50:99:d4:19:1a:70:44:4f:3a:e3:3e:b1:ba:1f:
                    ad:69:e7:c8:e6:48:a0:63:ae:d8:2a:7a:83:57:e0:
                    ed:b1:42:8a:69:ea:db:01:8f:89:33:0a:8d:22:89:
                    c0:c1:60:ac:19:63:27:9e:4e:e2:5e:a7:d5:23:23:
                    3e:51:fd:cc:2a:b2:f1:3b:33:e6:17:d2:5b:69:ff:
                    c7:98:5a:6f:34:aa:d8:3c:ae:2d:58:c1:f4:91:7d:
                    7c:1b:8c:80:7c:b2:1a:76:f4:81:f6:c1:32:2e:4c:
                    a7:1b:25:d7:28:3e:92:7b:ac:37:65:30:a0:84:50:
                    61:9e:f8:58:5f:28:42:67:a2:2a:85:ca:a9:09:92:
                    23:ee:f7:c1:9a:46:b0:7e:d6:35:4d:ef:58:bc:1e:
                    87:67:1d:13:10:9a:70:29:8c:eb:94:ad:08:3a:4c:
                    67:0a:a6:a6:9b:be:3f:bb:cd:31:af:ed:c9:df:39:
                    97:3d:f1:a3:a5:3d:f8:92:cc:c8:0b:db:69:0d:b1:
                    0c:d9:8c:e1:77:d7:a8:76:f7:6b:86:5a:c4:88:ff:
                    aa:c7:f7:02:63:ac:2a:97:03:28:9b:85:f3:22:eb:
                    21:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:B0:0F:A2:3F:FC:04:3D:0F:65:9A:E4:90:5B:C7:94:52:C0:9E:8D
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/xLAPoj_8BD0PZZrkkFvHlFLAno0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.161.229.0/24

    Signature Algorithm: sha256WithRSAEncryption
         89:c7:29:5c:ce:0d:75:1a:2a:52:26:94:18:65:09:73:ad:3f:
         c2:45:73:d3:56:de:e8:09:d0:a1:2b:84:41:a0:d0:d8:7f:3e:
         77:cf:d8:cd:19:d6:bd:65:5d:80:07:64:5e:86:4f:e4:ab:e4:
         70:a6:fe:02:95:26:22:1b:d5:ea:18:b1:69:d3:54:36:c3:aa:
         03:c9:63:5c:2f:d3:66:cf:07:8c:ca:51:2a:f8:ce:ce:87:a0:
         76:b7:99:c1:74:a4:7c:d7:50:51:0b:26:92:2c:4a:8b:a9:cb:
         3f:0f:21:67:2a:92:9f:ec:3c:b0:4f:d8:21:c8:94:59:3d:8e:
         fc:21:49:0f:27:37:eb:fe:aa:76:78:1f:27:e8:68:4d:65:8e:
         69:d5:49:27:62:4b:b7:25:0f:d3:c1:6e:6b:c6:c4:30:e5:ab:
         97:2a:60:92:7e:4f:c9:86:da:fe:12:d3:91:27:54:75:b1:6c:
         55:85:35:de:f8:42:a1:82:06:c3:37:a9:5c:81:da:32:01:0e:
         d6:b9:e4:8b:9f:bf:80:2f:ac:22:b8:c0:56:6d:73:7f:7d:47:
         f2:6a:70:ca:73:42:56:47:a4:0f:b0:1d:24:40:bc:b6:5b:35:
         23:b0:f6:9f:d1:59:72:fe:1e:8f:8c:58:46:65:72:90:f2:28:
         49:43:a3:49
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY0s7oVBgDmzPUZP+7l9622uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMTIxMTY1MDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGIwMGZhMjNmZmMwNDNkMGY2NTlhZTQ5MDViYzc5NDUyYzA5ZThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoBopwG2ancQ751f8aUs6SelpERVs
/hG1PkLbbMo/UJnUGRpwRE864z6xuh+taefI5kigY67YKnqDV+DtsUKKaerbAY+J
MwqNIonAwWCsGWMnnk7iXqfVIyM+Uf3MKrLxOzPmF9Jbaf/HmFpvNKrYPK4tWMH0
kX18G4yAfLIadvSB9sEyLkynGyXXKD6Se6w3ZTCghFBhnvhYXyhCZ6IqhcqpCZIj
7vfBmkawftY1Te9YvB6HZx0TEJpwKYzrlK0IOkxnCqamm74/u80xr+3J3zmXPfGj
pT34kszIC9tpDbEM2Yzhd9eodvdrhlrEiP+qx/cCY6wqlwMom4XzIushkwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMSwD6I//AQ9D2Wa5JBbx5RSwJ6NMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEveExBUG9qXzhCRDBQWlpya2tGdkhsRkxBbm8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUaHlMA0G
CSqGSIb3DQEBCwUAA4IBAQCJxylczg11GipSJpQYZQlzrT/CRXPTVt7oCdChK4RB
oNDYfz53z9jNGda9ZV2AB2Rehk/kq+Rwpv4ClSYiG9XqGLFp01Q2w6oDyWNcL9Nm
zweMylEq+M7Oh6B2t5nBdKR811BRCyaSLEqLqcs/DyFnKpKf7DywT9ghyJRZPY78
IUkPJzfr/qp2eB8n6GhNZY5p1UknYku3JQ/TwW5rxsQw5auXKmCSfk/Jhtr+EtOR
J1R1sWxVhTXe+EKhggbDN6lcgdoyAQ7WueSLn7+AL6wiuMBWbXN/fUfyanDKc0JW
R6QPsB0kQLy2WzUjsPaf0Vly/h6PjFhGZXKQ8ihJQ6NJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:21 2024 by rpki-client on console-fra.rpki-client.org