Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/BvP5ECXmBNShZOgS4ljy4qgrPto.roa
File:                     BvP5ECXmBNShZOgS4ljy4qgrPto.roa (raw, json)
Hash identifier:          NTrFtEZDX1O6aHA5qzV2tNxHtwa245wBm1U23DU0K+E=
Subject key identifier:   06:F3:F9:10:25:E6:04:D4:A1:64:E8:12:E2:58:F2:E2:A8:2B:3E:DA
Certificate issuer:       /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial:       018B3868607894AA3316791A5B04F4838A66
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/BvP5ECXmBNShZOgS4ljy4qgrPto.roa
Signing time:             Mon 16 Oct 2023 12:14:06 +0000
ROA not before:           Mon 16 Oct 2023 12:14:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     216281
IP address blocks:        81.180.225.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 18:30:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:38:68:60:78:94:aa:33:16:79:1a:5b:04:f4:83:8a:66
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
        Validity
            Not Before: Oct 16 12:14:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=06f3f91025e604d4a164e812e258f2e2a82b3eda
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:45:b5:00:a8:49:0f:e8:98:c3:44:8d:69:fe:
                    72:6f:7c:13:d9:00:22:7e:a0:19:1f:39:8d:d9:6f:
                    58:cf:8c:35:bc:94:b4:c7:00:7b:13:47:f3:d5:7e:
                    2b:f4:cb:a2:9f:39:49:13:36:ed:40:73:f3:35:ff:
                    b6:2c:23:a3:0e:fb:6e:67:7a:1d:b9:43:ad:58:fc:
                    89:dc:a4:e1:30:aa:63:9a:ca:2e:42:b5:88:1b:7c:
                    fd:e1:26:95:3e:a6:f3:37:c9:ce:64:79:a1:d8:d3:
                    2b:31:a7:6f:ae:0e:59:92:3d:74:12:46:a5:04:aa:
                    bf:d1:03:14:97:9d:cb:a1:ba:af:9c:6a:43:e5:c8:
                    90:7b:4f:a8:ec:84:24:48:8f:78:71:a6:a4:f1:a1:
                    43:cd:32:46:64:92:94:ea:f5:3d:a5:34:ef:1f:7f:
                    28:63:90:85:c0:67:e9:a1:0f:3e:9c:f6:70:bf:80:
                    e0:c6:6e:e3:d0:59:94:f3:0b:78:3b:52:50:f7:ff:
                    9e:ce:bc:03:21:3b:6c:58:b5:bd:95:16:1f:30:07:
                    5d:ea:d4:5c:ca:35:60:c0:b4:82:01:6e:59:6d:84:
                    e2:b7:12:13:26:c5:cf:2e:6e:d5:51:f9:25:e1:3f:
                    f9:b4:d4:1e:6f:1a:5b:a2:53:71:97:3e:03:4f:bc:
                    47:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                06:F3:F9:10:25:E6:04:D4:A1:64:E8:12:E2:58:F2:E2:A8:2B:3E:DA
            X509v3 Authority Key Identifier:
                keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/BvP5ECXmBNShZOgS4ljy4qgrPto.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.180.225.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2a:bf:f0:98:27:59:9e:08:94:7a:5e:cf:c3:ff:96:f6:02:0e:
         88:17:c9:90:e6:85:58:3c:ed:ad:12:95:84:23:10:e4:68:df:
         6b:c8:6c:fb:cf:2c:7f:23:1c:e7:c6:bc:77:82:47:56:25:04:
         38:5e:af:26:0e:26:01:9e:44:ad:f3:f8:c2:1c:4d:b8:0c:1d:
         60:3e:68:dd:3a:ac:f9:78:a7:e3:ac:33:ea:f7:72:8d:77:4f:
         b1:0e:b0:cb:f7:0e:de:84:d1:d0:62:93:af:33:dd:e4:fa:4f:
         85:61:6d:15:1b:7d:b8:4b:ef:f6:8d:8a:07:cd:9d:f3:e9:4c:
         75:1f:ae:59:f5:1a:73:f6:cc:45:a1:5f:88:2a:00:4d:34:63:
         c7:7d:a6:28:78:cf:9f:4d:06:d0:3e:ed:82:11:4a:b9:d9:91:
         11:af:b8:2d:f7:0c:8b:c2:97:de:81:79:eb:f5:eb:72:aa:46:
         cf:c7:b0:c5:aa:be:05:87:a6:85:85:43:e1:48:8d:63:d3:bd:
         0b:19:d4:67:1f:5a:e2:24:6a:0f:e5:b7:04:7b:dd:ed:ca:52:
         56:cf:89:f0:27:e1:37:7b:bd:6c:3d:40:4c:cd:d0:2b:42:13:
         c9:8c:90:01:12:85:41:a3:32:67:8a:e1:73:eb:c5:d2:18:2e:
         0a:8a:4f:8f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYs4aGB4lKozFnkaWwT0g4pmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjMxMDE2MTIxNDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmYzZjkxMDI1ZTYwNGQ0YTE2NGU4MTJlMjU4ZjJlMmE4MmIzZWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo0W1AKhJD+iYw0SNaf5yb3wT2QAi
fqAZHzmN2W9Yz4w1vJS0xwB7E0fz1X4r9MuinzlJEzbtQHPzNf+2LCOjDvtuZ3od
uUOtWPyJ3KThMKpjmsouQrWIG3z94SaVPqbzN8nOZHmh2NMrMadvrg5Zkj10Ekal
BKq/0QMUl53LobqvnGpD5ciQe0+o7IQkSI94caak8aFDzTJGZJKU6vU9pTTvH38o
Y5CFwGfpoQ8+nPZwv4Dgxm7j0FmU8wt4O1JQ9/+ezrwDITtsWLW9lRYfMAdd6tRc
yjVgwLSCAW5ZbYTitxITJsXPLm7VUfkl4T/5tNQebxpbolNxlz4DT7xHMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAbz+RAl5gTUoWToEuJY8uKoKz7aMB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvQnZQNUVDWG1CTlNoWk9nUzRsank0cWdyUHRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUbThMA0G
CSqGSIb3DQEBCwUAA4IBAQAqv/CYJ1meCJR6Xs/D/5b2Ag6IF8mQ5oVYPO2tEpWE
IxDkaN9ryGz7zyx/Ixznxrx3gkdWJQQ4Xq8mDiYBnkSt8/jCHE24DB1gPmjdOqz5
eKfjrDPq93KNd0+xDrDL9w7ehNHQYpOvM93k+k+FYW0VG324S+/2jYoHzZ3z6Ux1
H65Z9Rpz9sxFoV+IKgBNNGPHfaYoeM+fTQbQPu2CEUq52ZERr7gt9wyLwpfegXnr
9etyqkbPx7DFqr4Fh6aFhUPhSI1j070LGdRnH1riJGoP5bcEe93tylJWz4nwJ+E3
e71sPUBMzdArQhPJjJABEoVBozJniuFz68XSGC4Kik+P
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:21 2024 by rpki-client on console-fra.rpki-client.org