Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/2LBpOOSHwu_Zb14NVVF2UhmFkOQ.roa
File:                     2LBpOOSHwu_Zb14NVVF2UhmFkOQ.roa (raw, json)
Hash identifier:          7qYnlrxsqDiT/XqsATLJNlw1bsZKpZNrv2k+Ikd8Lsw=
Subject key identifier:   D8:B0:69:38:E4:87:C2:EF:D9:6F:5E:0D:55:51:76:52:19:85:90:E4
Certificate issuer:       /CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Certificate serial:       0186B636A81F55FE3A2A7F374B02C95BE409
Authority key identifier: 49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/2LBpOOSHwu_Zb14NVVF2UhmFkOQ.roa
Signing time:             Mon 06 Mar 2023 09:18:00 +0000
ROA not before:           Mon 06 Mar 2023 09:18:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     16509
IP address blocks:        81.29.152.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:33:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:b6:36:a8:1f:55:fe:3a:2a:7f:37:4b:02:c9:5b:e4:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
        Validity
            Not Before: Mar  6 09:18:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d8b06938e487c2efd96f5e0d55517652198590e4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:ee:6c:5c:23:5a:87:67:15:bd:bd:72:fb:86:
                    24:a5:fa:d0:62:4f:ce:f0:9b:03:b9:cd:89:21:b3:
                    20:d1:e5:6f:3e:34:04:b6:fc:88:30:93:36:e0:b6:
                    cf:86:54:5f:cc:d4:52:94:a6:97:c3:4b:c9:1b:d3:
                    d0:4b:cb:8d:ad:dd:31:8b:d7:5a:2c:eb:9d:a7:7a:
                    52:6a:9b:c9:e3:b0:91:78:81:81:0b:00:26:5c:35:
                    bb:da:78:0f:5b:ec:24:ac:e1:53:07:a3:8a:78:13:
                    41:e2:17:b6:85:92:90:2b:ae:b1:cf:30:fa:d7:f6:
                    88:02:6e:01:af:2f:57:0e:53:35:74:f0:68:cc:63:
                    bb:52:fe:a3:96:b6:de:c5:ac:ca:e0:45:26:d9:a6:
                    26:f3:88:d5:b5:e2:9b:3e:ef:e7:95:95:29:6e:87:
                    0c:02:65:b6:6e:b5:88:df:ef:e3:df:ee:8d:3f:3e:
                    b6:f4:9d:98:24:ba:12:3c:73:93:85:c4:50:2c:99:
                    ad:72:68:e3:44:f3:01:a0:b3:5a:9e:b3:8b:e2:97:
                    e6:f6:c2:47:58:67:bd:37:f9:ad:8f:9c:e8:e9:79:
                    2b:52:62:00:3e:27:5f:97:10:f6:b8:95:22:64:15:
                    fa:ce:67:4c:46:7b:5c:e8:bb:d9:bc:cc:33:02:cf:
                    47:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:B0:69:38:E4:87:C2:EF:D9:6F:5E:0D:55:51:76:52:19:85:90:E4
            X509v3 Authority Key Identifier:
                keyid:49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/2LBpOOSHwu_Zb14NVVF2UhmFkOQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.29.152.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6c:51:c6:1e:b0:b6:be:3d:1e:9e:5b:9c:25:48:06:5d:95:75:
         a3:d3:f0:c8:46:01:14:9c:85:0f:67:0f:c8:86:df:1f:ba:95:
         47:fc:b1:f1:ce:60:07:71:8d:83:3d:b6:cc:d0:fc:68:ab:d6:
         d9:96:17:c3:7b:03:8c:48:c8:dc:45:1a:83:35:bc:90:db:61:
         9c:9b:a8:3f:e6:49:c1:8c:c8:4b:37:06:e3:c2:37:69:05:c9:
         36:4e:29:18:8f:7d:a1:99:2e:97:97:17:71:13:7e:a4:a0:4c:
         a8:1b:02:49:28:df:91:f7:e7:12:02:60:7d:fb:30:f0:79:65:
         75:c7:10:31:22:18:06:bf:4b:ac:cd:f3:8d:87:8a:94:2b:b5:
         c6:f3:34:fc:bd:bb:79:9d:3a:d4:b3:60:06:80:51:e1:a3:9e:
         cf:a0:87:d0:fe:4c:9f:07:b9:62:eb:bd:e5:43:b5:46:33:27:
         15:aa:1d:c3:b9:90:a5:26:60:e1:8a:ef:9c:e8:3b:59:70:05:
         6e:92:4c:e6:b5:92:50:9a:c6:e0:74:f2:bc:d4:6c:22:c8:24:
         45:d2:1b:06:cc:24:21:4c:56:8f:85:04:10:7a:5f:47:66:f9:
         03:58:6c:5c:dd:fe:33:80:de:13:0c:80:32:f7:3a:82:91:54:
         44:24:02:7a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYa2NqgfVf46Kn83SwLJW+QJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTUxNjk0YzRkNDZiNGZjYzAyZmFlNzFlNWRiOTQyYTcx
MDhlNDcwHhcNMjMwMzA2MDkxODAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGIwNjkzOGU0ODdjMmVmZDk2ZjVlMGQ1NTUxNzY1MjE5ODU5MGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl+5sXCNah2cVvb1y+4YkpfrQYk/O
8JsDuc2JIbMg0eVvPjQEtvyIMJM24LbPhlRfzNRSlKaXw0vJG9PQS8uNrd0xi9da
LOudp3pSapvJ47CReIGBCwAmXDW72ngPW+wkrOFTB6OKeBNB4he2hZKQK66xzzD6
1/aIAm4Bry9XDlM1dPBozGO7Uv6jlrbexazK4EUm2aYm84jVteKbPu/nlZUpbocM
AmW2brWI3+/j3+6NPz629J2YJLoSPHOThcRQLJmtcmjjRPMBoLNanrOL4pfm9sJH
WGe9N/mtj5zo6XkrUmIAPidflxD2uJUiZBX6zmdMRntc6LvZvMwzAs9H/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNiwaTjkh8Lv2W9eDVVRdlIZhZDkMB8GA1UdIwQY
MBaAFEnlFpTE1GtPzAL65x5duUKnEI5HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQt
MTkxODliM2M5YzdkLzEvMkxCcE9PU0h3dV9aYjE0TlZWRjJVaG1Ga09RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQtMTkxODliM2M5Yzdk
LzEvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUR2YMA0G
CSqGSIb3DQEBCwUAA4IBAQBsUcYesLa+PR6eW5wlSAZdlXWj0/DIRgEUnIUPZw/I
ht8fupVH/LHxzmAHcY2DPbbM0Pxoq9bZlhfDewOMSMjcRRqDNbyQ22Gcm6g/5knB
jMhLNwbjwjdpBck2TikYj32hmS6XlxdxE36koEyoGwJJKN+R9+cSAmB9+zDweWV1
xxAxIhgGv0uszfONh4qUK7XG8zT8vbt5nTrUs2AGgFHho57PoIfQ/kyfB7li673l
Q7VGMycVqh3DuZClJmDhiu+c6DtZcAVukkzmtZJQmsbgdPK81GwiyCRF0hsGzCQh
TFaPhQQQel9HZvkDWGxc3f4zgN4TDIAy9zqCkVREJAJ6
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:35 2024 by rpki-client on console-ams.rpki-client.org