Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/o4k5XpQoBvGrRYjNeTfOLt-STnI.roa
File:                     o4k5XpQoBvGrRYjNeTfOLt-STnI.roa (raw, json)
Hash identifier:          ySUHGe+Js/7w/4W4KWQt1j3XyUCl3kMiRINHhjCG0EY=
Subject key identifier:   A3:89:39:5E:94:28:06:F1:AB:45:88:CD:79:37:CE:2E:DF:92:4E:72
Certificate issuer:       /CN=1056bcd426fd87cd6f4147e133216d03112b181b
Certificate serial:       01856D1CCEEE30879E450282FBFFF685A27F
Authority key identifier: 10:56:BC:D4:26:FD:87:CD:6F:41:47:E1:33:21:6D:03:11:2B:18:1B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EFa81Cb9h81vQUfhMyFtAxErGBs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/o4k5XpQoBvGrRYjNeTfOLt-STnI.roa
Signing time:             Sun 01 Jan 2023 11:34:42 +0000
ROA not before:           Sun 01 Jan 2023 11:34:42 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     44400
IP address blocks:        81.31.252.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 06:29:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:1c:ce:ee:30:87:9e:45:02:82:fb:ff:f6:85:a2:7f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1056bcd426fd87cd6f4147e133216d03112b181b
        Validity
            Not Before: Jan  1 11:34:42 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a389395e942806f1ab4588cd7937ce2edf924e72
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:0a:6a:12:8d:ad:18:09:8a:5b:04:3f:42:f2:
                    28:7c:fb:bb:dd:f2:6d:83:91:ac:1c:c9:f8:5e:6a:
                    60:c3:e5:4a:e9:94:17:ab:69:f6:d6:86:32:77:a4:
                    5b:31:86:3a:7f:c2:eb:3b:46:13:0f:e6:19:79:e0:
                    8d:ba:09:4d:a0:c4:09:70:ad:c0:67:1b:67:d3:54:
                    d6:5e:46:3a:21:92:e6:97:aa:0f:d7:35:9d:5a:e4:
                    a4:bd:2c:dd:09:33:ae:d6:58:ac:01:19:f6:11:d3:
                    20:d6:80:06:96:74:1b:c3:10:41:2c:c1:32:c0:e8:
                    a6:13:ad:47:c0:75:70:80:d5:d0:91:e7:37:34:44:
                    e1:d0:5c:b3:2f:fa:7b:74:4f:bf:12:b5:e9:16:de:
                    af:92:3a:ea:fb:3a:1a:7e:39:cf:50:34:d9:57:06:
                    ec:66:92:67:1d:eb:1a:42:f3:a9:99:b6:ea:c9:30:
                    6d:03:7c:5e:12:eb:93:1a:d3:41:55:97:fb:83:80:
                    84:f4:91:c6:93:3c:3e:0f:49:ad:f2:a4:62:cb:58:
                    4d:07:5b:74:54:ff:2e:4d:55:6a:ec:65:0c:b5:bd:
                    16:a1:d5:bf:32:53:e3:6b:3e:98:76:16:3e:62:b7:
                    d8:b7:e3:bf:2e:b8:3d:07:07:0f:2d:17:fb:15:ee:
                    20:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:89:39:5E:94:28:06:F1:AB:45:88:CD:79:37:CE:2E:DF:92:4E:72
            X509v3 Authority Key Identifier:
                keyid:10:56:BC:D4:26:FD:87:CD:6F:41:47:E1:33:21:6D:03:11:2B:18:1B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EFa81Cb9h81vQUfhMyFtAxErGBs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/o4k5XpQoBvGrRYjNeTfOLt-STnI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/EFa81Cb9h81vQUfhMyFtAxErGBs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.31.252.0/22

    Signature Algorithm: sha256WithRSAEncryption
         4e:b0:9a:b0:7b:37:9b:e7:e5:01:ac:40:29:0b:95:30:34:77:
         8f:a7:24:66:9b:bd:d7:34:41:8f:34:2b:9b:3c:a0:67:b5:44:
         81:2f:71:d6:12:f3:3c:bc:94:c7:74:fd:6f:9d:3b:fb:f9:74:
         14:28:ff:69:fa:f7:71:83:6c:3f:f2:a6:0d:01:64:23:e0:b7:
         31:fe:17:98:33:e8:6f:3c:cc:a0:bd:47:e7:84:61:26:c7:19:
         d1:c6:6e:85:2c:31:a3:44:82:13:e1:9d:63:0f:13:6f:bb:39:
         81:c9:1c:12:15:1f:11:df:0c:e1:91:e7:88:da:fa:b5:f0:01:
         98:7b:ac:28:50:36:84:e8:90:88:19:38:fa:68:89:e3:04:21:
         54:67:b9:56:92:11:39:f5:46:47:b3:45:ac:18:e2:ac:89:2c:
         b1:13:c7:d7:d9:69:7e:9f:37:6f:27:30:ab:38:8e:d2:0f:d9:
         cb:33:8c:01:3d:23:88:82:2d:93:a8:0e:92:5d:38:da:96:01:
         08:66:01:6a:bc:35:2a:30:6c:bc:b6:4f:38:c8:16:2a:5c:85:
         18:ce:c2:68:3c:50:38:4a:b6:34:78:b7:b3:4c:5b:81:02:a6:
         7a:f4:2c:00:17:32:23:d6:5d:bd:c0:32:c9:d6:c3:bc:17:25:
         29:2b:30:e2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtHM7uMIeeRQKC+//2haJ/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwNTZiY2Q0MjZmZDg3Y2Q2ZjQxNDdlMTMzMjE2ZDAzMTEy
YjE4MWIwHhcNMjMwMTAxMTEzNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzg5Mzk1ZTk0MjgwNmYxYWI0NTg4Y2Q3OTM3Y2UyZWRmOTI0ZTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqApqEo2tGAmKWwQ/QvIofPu73fJt
g5GsHMn4Xmpgw+VK6ZQXq2n21oYyd6RbMYY6f8LrO0YTD+YZeeCNuglNoMQJcK3A
Zxtn01TWXkY6IZLml6oP1zWdWuSkvSzdCTOu1lisARn2EdMg1oAGlnQbwxBBLMEy
wOimE61HwHVwgNXQkec3NETh0FyzL/p7dE+/ErXpFt6vkjrq+zoafjnPUDTZVwbs
ZpJnHesaQvOpmbbqyTBtA3xeEuuTGtNBVZf7g4CE9JHGkzw+D0mt8qRiy1hNB1t0
VP8uTVVq7GUMtb0WodW/MlPjaz6YdhY+YrfYt+O/Lrg9BwcPLRf7Fe4g1QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKOJOV6UKAbxq0WIzXk3zi7fkk5yMB8GA1UdIwQY
MBaAFBBWvNQm/YfNb0FH4TMhbQMRKxgbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUZhODFDYjloODF2UVVmaE15RnRBeEVyR0JzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNmY0ZTQtNjhiYi00NDk2LTkwYzct
YWE4NTllMTkyYjE2LzEvbzRrNVhwUW9CdkdyUllqTmVUZk9MdC1TVG5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9lNmY0ZTQtNjhiYi00NDk2LTkwYzctYWE4NTllMTkyYjE2
LzEvRUZhODFDYjloODF2UVVmaE15RnRBeEVyR0JzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCUR/8MA0G
CSqGSIb3DQEBCwUAA4IBAQBOsJqwezeb5+UBrEApC5UwNHePpyRmm73XNEGPNCub
PKBntUSBL3HWEvM8vJTHdP1vnTv7+XQUKP9p+vdxg2w/8qYNAWQj4Lcx/heYM+hv
PMygvUfnhGEmxxnRxm6FLDGjRIIT4Z1jDxNvuzmByRwSFR8R3wzhkeeI2vq18AGY
e6woUDaE6JCIGTj6aInjBCFUZ7lWkhE59UZHs0WsGOKsiSyxE8fX2Wl+nzdvJzCr
OI7SD9nLM4wBPSOIgi2TqA6SXTjalgEIZgFqvDUqMGy8tk84yBYqXIUYzsJoPFA4
SrY0eLezTFuBAqZ69CwAFzIj1l29wDLJ1sO8FyUpKzDi
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:53 2024 by rpki-client on console-fra.rpki-client.org