Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/b8e940-2201-406e-8aaf-4060e9eeeb9e/1/l0TaLau1mh07i0KSwO3Btua50v0.roa
File:                     l0TaLau1mh07i0KSwO3Btua50v0.roa (raw, json)
Hash identifier:          y7cPAYIfL7HQIaf7pihW8fdE3lchSiXGT2w0R+sZ37I=
Subject key identifier:   97:44:DA:2D:AB:B5:9A:1D:3B:8B:42:92:C0:ED:C1:B6:E6:B9:D2:FD
Certificate issuer:       /CN=68383ffa9f20bf021c090262994212d71667ed02
Certificate serial:       01856CCAFD0872A6A6406379D6F279B14EF8
Authority key identifier: 68:38:3F:FA:9F:20:BF:02:1C:09:02:62:99:42:12:D7:16:67:ED:02
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aDg_-p8gvwIcCQJimUIS1xZn7QI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4f/b8e940-2201-406e-8aaf-4060e9eeeb9e/1/l0TaLau1mh07i0KSwO3Btua50v0.roa
Signing time:             Sun 01 Jan 2023 10:05:20 +0000
ROA not before:           Sun 01 Jan 2023 10:05:20 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     48901
IP address blocks:        81.90.128.0/20 maxlen: 24
                          81.90.131.0/28 maxlen: 28
                          81.90.134.0/24 maxlen: 24
                          81.90.136.0/23 maxlen: 24
                          2a00:e27::/32 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:29:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:ca:fd:08:72:a6:a6:40:63:79:d6:f2:79:b1:4e:f8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=68383ffa9f20bf021c090262994212d71667ed02
        Validity
            Not Before: Jan  1 10:05:20 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9744da2dabb59a1d3b8b4292c0edc1b6e6b9d2fd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:63:e0:8b:db:3b:f8:11:7b:cf:5c:1f:c0:68:
                    69:3b:36:8d:fc:07:a7:75:1f:b6:5c:c0:de:b6:40:
                    e2:05:04:6c:f4:bd:cd:8d:b6:a6:a8:0c:be:fa:21:
                    a7:38:4d:8b:03:2c:88:d2:f2:3b:88:a4:b6:df:60:
                    7d:c6:fd:f7:14:57:65:72:55:15:25:e1:b4:07:d4:
                    35:de:a1:bb:86:ff:1e:a8:9c:ec:b5:7d:d3:59:96:
                    8c:de:c1:84:89:2e:96:bb:ed:f9:1d:17:63:57:29:
                    4d:76:7d:3f:2f:59:6d:c4:17:e2:67:ce:5e:c4:72:
                    50:b9:6f:1a:81:51:9d:89:9f:be:46:96:4b:11:c2:
                    7e:59:57:76:16:e3:81:d2:9e:ec:09:b3:da:7c:67:
                    63:6c:aa:47:bd:8c:b1:93:d2:54:96:fb:17:2a:19:
                    3d:10:75:59:83:2e:06:7a:1b:5e:8c:82:5b:40:e1:
                    45:09:65:42:8f:74:1d:ce:d1:56:5a:ee:c2:0e:cc:
                    7f:56:62:25:87:b0:7b:eb:64:b8:80:46:f1:3b:d3:
                    b1:91:c0:4e:11:79:62:04:07:9f:a8:40:03:48:8a:
                    ac:9a:2e:98:91:a1:a5:ba:06:2c:ba:dc:88:87:3c:
                    f6:5e:5b:41:70:bb:20:75:56:1f:0b:54:bb:05:70:
                    d2:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:44:DA:2D:AB:B5:9A:1D:3B:8B:42:92:C0:ED:C1:B6:E6:B9:D2:FD
            X509v3 Authority Key Identifier:
                keyid:68:38:3F:FA:9F:20:BF:02:1C:09:02:62:99:42:12:D7:16:67:ED:02

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aDg_-p8gvwIcCQJimUIS1xZn7QI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/b8e940-2201-406e-8aaf-4060e9eeeb9e/1/l0TaLau1mh07i0KSwO3Btua50v0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/b8e940-2201-406e-8aaf-4060e9eeeb9e/1/aDg_-p8gvwIcCQJimUIS1xZn7QI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.90.128.0/20
                IPv6:
                  2a00:e27::/32

    Signature Algorithm: sha256WithRSAEncryption
         29:25:f2:45:2f:a7:3e:7e:98:10:65:c1:3b:84:a9:97:62:e0:
         bd:41:c4:32:de:18:e4:46:54:02:3d:0d:be:9c:1e:ef:46:26:
         aa:80:b7:f8:6c:f4:ac:ef:e0:0b:cb:ba:06:f6:99:5a:15:84:
         bd:82:d4:76:ca:a0:61:a4:09:7b:01:0e:98:72:e6:6b:e8:3c:
         93:ca:d1:1a:20:4d:5b:4d:c9:cc:36:cc:72:59:06:c5:9a:f0:
         28:e1:b3:6c:33:68:15:18:ca:e4:9c:26:37:37:c0:37:b3:a5:
         d6:71:ad:a8:be:31:52:1d:6f:3a:2f:9c:24:c1:4c:35:74:6b:
         6f:0e:89:fc:12:52:c7:6e:c1:f2:e9:fa:e2:da:c1:55:33:80:
         69:2a:2a:ba:82:d0:d7:90:15:e4:d0:8b:11:f5:bd:ef:b1:79:
         ef:46:56:4b:69:76:1e:bd:73:ed:54:90:90:9a:ab:25:2d:d8:
         58:e1:2a:b9:a2:2c:18:4d:c2:90:7d:bc:6c:09:18:7b:cb:2f:
         32:7a:f1:8e:ca:7c:41:d1:c1:b9:3d:c0:7f:3d:55:98:58:79:
         aa:e2:24:2f:18:01:22:5c:90:65:42:25:d5:d2:a0:05:3d:7f:
         2a:e9:0d:f2:2f:69:64:6a:57:93:bf:34:78:a4:d4:59:08:b8:
         60:f9:8b:95
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVsyv0IcqamQGN51vJ5sU74MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MzgzZmZhOWYyMGJmMDIxYzA5MDI2Mjk5NDIxMmQ3MTY2
N2VkMDIwHhcNMjMwMTAxMTAwNTIwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzQ0ZGEyZGFiYjU5YTFkM2I4YjQyOTJjMGVkYzFiNmU2YjlkMmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqGPgi9s7+BF7z1wfwGhpOzaN/Aen
dR+2XMDetkDiBQRs9L3NjbamqAy++iGnOE2LAyyI0vI7iKS232B9xv33FFdlclUV
JeG0B9Q13qG7hv8eqJzstX3TWZaM3sGEiS6Wu+35HRdjVylNdn0/L1ltxBfiZ85e
xHJQuW8agVGdiZ++RpZLEcJ+WVd2FuOB0p7sCbPafGdjbKpHvYyxk9JUlvsXKhk9
EHVZgy4GehtejIJbQOFFCWVCj3QdztFWWu7CDsx/VmIlh7B762S4gEbxO9OxkcBO
EXliBAefqEADSIqsmi6YkaGlugYsutyIhzz2XltBcLsgdVYfC1S7BXDSnQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJdE2i2rtZodO4tCksDtwbbmudL9MB8GA1UdIwQY
MBaAFGg4P/qfIL8CHAkCYplCEtcWZ+0CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYURnXy1wOGd2d0ljQ1FKaW1VSVMxeFpuN1FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9iOGU5NDAtMjIwMS00MDZlLThhYWYt
NDA2MGU5ZWVlYjllLzEvbDBUYUxhdTFtaDA3aTBLU3dPM0J0dWE1MHYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi9iOGU5NDAtMjIwMS00MDZlLThhYWYtNDA2MGU5ZWVlYjll
LzEvYURnXy1wOGd2d0ljQ1FKaW1VSVMxeFpuN1FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQEUVqAMA0E
AgACMAcDBQAqAA4nMA0GCSqGSIb3DQEBCwUAA4IBAQApJfJFL6c+fpgQZcE7hKmX
YuC9QcQy3hjkRlQCPQ2+nB7vRiaqgLf4bPSs7+ALy7oG9plaFYS9gtR2yqBhpAl7
AQ6YcuZr6DyTytEaIE1bTcnMNsxyWQbFmvAo4bNsM2gVGMrknCY3N8A3s6XWca2o
vjFSHW86L5wkwUw1dGtvDon8ElLHbsHy6fri2sFVM4BpKiq6gtDXkBXk0IsR9b3v
sXnvRlZLaXYevXPtVJCQmqslLdhY4Sq5oiwYTcKQfbxsCRh7yy8yevGOynxB0cG5
PcB/PVWYWHmq4iQvGAEiXJBlQiXV0qAFPX8q6Q3yL2lkaleTvzR4pNRZCLhg+YuV
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:28 2024 by rpki-client on console-ams.rpki-client.org