Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/1BawLskLG8gTuGibP1IphMkSJ28.roa
File:                     1BawLskLG8gTuGibP1IphMkSJ28.roa (raw, json)
Hash identifier:          kNdbPaTXjBiKEaRtD/mnGcfotoOLP33WTwWozGVf8v8=
Subject key identifier:   D4:16:B0:2E:C9:0B:1B:C8:13:B8:68:9B:3F:52:29:84:C9:12:27:6F
Certificate issuer:       /CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Certificate serial:       0185E9C35FE62461B543B0D93D920167CA3A
Authority key identifier: 49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/1BawLskLG8gTuGibP1IphMkSJ28.roa
Signing time:             Wed 25 Jan 2023 16:29:33 +0000
ROA not before:           Wed 25 Jan 2023 16:29:33 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     213035
IP address blocks:        81.29.154.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 18 Apr 2023 16:52:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:e9:c3:5f:e6:24:61:b5:43:b0:d9:3d:92:01:67:ca:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
        Validity
            Not Before: Jan 25 16:29:33 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d416b02ec90b1bc813b8689b3f522984c912276f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:16:7d:27:3d:0d:f0:2f:4d:0e:59:73:24:ee:
                    95:f9:ad:f3:e2:b7:85:52:56:29:67:ee:96:dd:d2:
                    ad:ba:26:8a:ee:ca:7c:4c:c1:93:9d:0b:40:7a:ea:
                    41:83:83:23:1f:9d:5a:2d:a0:52:41:14:5c:8a:e3:
                    77:90:2e:65:02:ef:f1:a7:b8:eb:3d:d6:7b:81:8f:
                    ac:c5:9d:a8:b8:11:ed:4a:f1:35:ef:80:49:fa:f7:
                    21:55:bd:8a:84:a2:a9:e8:48:fe:d2:c4:5b:b4:8b:
                    50:a1:fc:25:24:8f:63:82:1e:08:39:89:43:99:d2:
                    6c:50:6c:0c:77:9b:88:f1:87:5a:bc:25:94:cf:ce:
                    a3:dd:9c:27:19:72:88:ce:a7:f7:a4:70:fd:91:e3:
                    59:a2:c4:db:af:ee:c8:03:c6:58:c0:15:f7:de:00:
                    24:71:0d:1b:03:01:e6:c7:9a:b7:d1:62:6b:27:98:
                    38:1b:12:62:ff:d7:07:55:ba:f3:4d:0d:0f:5c:dd:
                    90:ca:82:9f:30:b5:2d:e1:35:3f:68:e7:30:e5:94:
                    1c:8e:9a:c1:69:99:90:cb:cb:16:c9:a5:eb:2d:7d:
                    4f:85:dc:57:8e:cb:ca:61:f9:84:c0:5a:4e:4c:6c:
                    5e:67:22:5f:62:8d:55:fb:c4:da:91:8e:7c:f1:d7:
                    01:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:16:B0:2E:C9:0B:1B:C8:13:B8:68:9B:3F:52:29:84:C9:12:27:6F
            X509v3 Authority Key Identifier:
                keyid:49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/1BawLskLG8gTuGibP1IphMkSJ28.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.29.154.0/24

    Signature Algorithm: sha256WithRSAEncryption
         91:51:c6:29:f4:79:cf:e5:80:87:04:6d:7e:bc:02:72:5f:ff:
         6e:af:d8:61:10:f3:36:ad:ed:ae:97:32:33:9b:64:df:48:d9:
         51:6e:a6:c0:cd:08:b1:a0:41:4b:d0:da:18:ba:11:03:ca:09:
         53:a2:8b:80:ab:57:56:e5:63:4c:a8:ea:98:61:bf:ce:28:9e:
         3d:3f:f4:91:4a:a9:5c:12:de:5f:6e:61:69:db:02:22:aa:a2:
         24:30:19:aa:76:5b:96:d3:94:d1:df:2d:e4:8d:93:48:7d:05:
         06:e0:0d:3f:9d:46:c5:33:88:00:b6:bb:a2:9e:5b:03:24:cc:
         85:b8:aa:37:80:48:0a:da:f2:f2:a1:99:c6:91:ea:8e:f9:92:
         a6:b0:d7:c5:b8:63:24:ea:f6:08:fa:d5:a1:f6:a7:d9:23:66:
         00:cd:e6:21:2b:c8:53:84:d3:af:4f:06:db:0b:4f:b6:33:08:
         d4:b8:89:e6:12:19:2f:5b:8c:c0:90:db:72:db:23:4a:3a:ba:
         d3:f7:15:b1:f1:98:57:d4:7c:a5:b7:3c:41:15:fb:77:2e:ea:
         e4:9f:de:a2:a4:26:d9:17:95:d9:fc:39:ce:d3:dc:95:2d:fc:
         94:1f:ee:6f:8e:9a:78:6b:89:53:f8:c0:64:d7:23:fc:69:b9:
         71:a2:47:7e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYXpw1/mJGG1Q7DZPZIBZ8o6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTUxNjk0YzRkNDZiNGZjYzAyZmFlNzFlNWRiOTQyYTcx
MDhlNDcwHhcNMjMwMTI1MTYyOTMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDE2YjAyZWM5MGIxYmM4MTNiODY4OWIzZjUyMjk4NGM5MTIyNzZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyBZ9Jz0N8C9NDllzJO6V+a3z4reF
UlYpZ+6W3dKtuiaK7sp8TMGTnQtAeupBg4MjH51aLaBSQRRciuN3kC5lAu/xp7jr
PdZ7gY+sxZ2ouBHtSvE174BJ+vchVb2KhKKp6Ej+0sRbtItQofwlJI9jgh4IOYlD
mdJsUGwMd5uI8YdavCWUz86j3ZwnGXKIzqf3pHD9keNZosTbr+7IA8ZYwBX33gAk
cQ0bAwHmx5q30WJrJ5g4GxJi/9cHVbrzTQ0PXN2QyoKfMLUt4TU/aOcw5ZQcjprB
aZmQy8sWyaXrLX1PhdxXjsvKYfmEwFpOTGxeZyJfYo1V+8TakY588dcBoQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNQWsC7JCxvIE7homz9SKYTJEidvMB8GA1UdIwQY
MBaAFEnlFpTE1GtPzAL65x5duUKnEI5HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQt
MTkxODliM2M5YzdkLzEvMUJhd0xza0xHOGdUdUdpYlAxSXBoTWtTSjI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQtMTkxODliM2M5Yzdk
LzEvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUR2aMA0G
CSqGSIb3DQEBCwUAA4IBAQCRUcYp9HnP5YCHBG1+vAJyX/9ur9hhEPM2re2ulzIz
m2TfSNlRbqbAzQixoEFL0NoYuhEDyglToouAq1dW5WNMqOqYYb/OKJ49P/SRSqlc
Et5fbmFp2wIiqqIkMBmqdluW05TR3y3kjZNIfQUG4A0/nUbFM4gAtruinlsDJMyF
uKo3gEgK2vLyoZnGkeqO+ZKmsNfFuGMk6vYI+tWh9qfZI2YAzeYhK8hThNOvTwbb
C0+2MwjUuInmEhkvW4zAkNty2yNKOrrT9xWx8ZhX1HyltzxBFft3Lurkn96ipCbZ
F5XZ/DnO09yVLfyUH+5vjpp4a4lT+MBk1yP8ablxokd+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:39 2024 by rpki-client on console-fra.rpki-client.org