Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/6Q-0PJWVyn-4xIHyRbeCxCivG2Y.roa
File:                     6Q-0PJWVyn-4xIHyRbeCxCivG2Y.roa (raw, json)
Hash identifier:          FQhrU0FnOqPaTKYaAvs3xN/XA4OX+DS3n0+LXY4jEBM=
Subject key identifier:   E9:0F:B4:3C:95:95:CA:7F:B8:C4:81:F2:45:B7:82:C4:28:AF:1B:66
Certificate issuer:       /CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Certificate serial:       0186A2FE229E78C457ED599C6BCD92C6D795
Authority key identifier: 49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/6Q-0PJWVyn-4xIHyRbeCxCivG2Y.roa
Signing time:             Thu 02 Mar 2023 15:43:29 +0000
ROA not before:           Thu 02 Mar 2023 15:43:29 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     43260
IP address blocks:        81.29.145.0/24 maxlen: 24
                          81.29.148.0/24 maxlen: 24
                          81.29.158.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 07 Mar 2023 12:19:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:a2:fe:22:9e:78:c4:57:ed:59:9c:6b:cd:92:c6:d7:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
        Validity
            Not Before: Mar  2 15:43:29 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e90fb43c9595ca7fb8c481f245b782c428af1b66
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:b5:eb:2d:9f:f8:5d:3e:d5:39:88:7c:ea:fc:
                    12:58:66:b8:12:f7:66:1f:40:52:3d:63:d6:de:6c:
                    53:85:6f:a5:33:98:95:3e:d4:dd:69:5b:7d:d4:87:
                    d0:d1:a1:9e:3b:d0:fa:31:71:f0:5d:99:d5:e7:e9:
                    f5:32:22:87:6b:a9:f1:b0:f9:45:e2:f5:e6:dc:fc:
                    91:d8:04:a8:6c:16:fa:98:34:ee:3b:63:68:d4:cc:
                    3c:1f:3e:e6:55:d9:1f:7d:9e:50:55:d8:ac:e5:14:
                    bb:5d:d2:fb:7c:72:e0:84:c0:c6:5f:02:d5:8a:14:
                    a5:58:6a:3c:96:67:3f:b9:0d:dc:2c:60:74:c7:4c:
                    f5:e6:df:bf:32:7a:b1:02:65:c2:f4:91:fd:ea:c7:
                    c8:25:e6:20:af:08:be:01:2f:54:3e:5e:42:7c:46:
                    e2:f9:2a:30:19:34:cf:05:6d:8d:ef:38:10:fb:82:
                    03:43:ef:29:d9:4e:3c:c8:cc:fa:91:c3:91:b4:bb:
                    bb:92:c2:d7:1b:48:1e:5b:11:a0:46:be:6e:b2:50:
                    ba:96:db:3e:ca:c1:31:a2:3e:2b:a0:b1:71:e5:a4:
                    77:fd:02:e6:d3:c1:c4:94:5b:4d:20:26:4b:08:1c:
                    21:f0:99:50:ac:90:1e:c1:96:00:a8:9f:c6:ee:b0:
                    35:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:0F:B4:3C:95:95:CA:7F:B8:C4:81:F2:45:B7:82:C4:28:AF:1B:66
            X509v3 Authority Key Identifier:
                keyid:49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/6Q-0PJWVyn-4xIHyRbeCxCivG2Y.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.29.145.0/24
                  81.29.148.0/24
                  81.29.158.0/24

    Signature Algorithm: sha256WithRSAEncryption
         12:14:db:0d:2c:7d:3d:c8:10:7e:93:11:0d:79:df:d4:bd:d1:
         cb:de:d7:25:29:7d:f0:47:f9:20:2b:ff:e6:20:be:d5:a6:c8:
         ae:6d:73:8f:4f:47:5b:39:4c:dd:ba:23:b1:48:90:52:ae:84:
         ba:f3:8f:8b:d4:8e:90:50:4e:93:a9:c0:50:f2:e8:d6:8a:6c:
         a1:5d:7d:f3:ce:70:da:cb:a2:7e:45:a9:f7:01:c6:c8:d3:f1:
         43:f6:2d:ca:9d:80:6a:d8:4e:d9:17:c1:b5:76:7c:8a:44:07:
         ac:16:c0:1f:34:bc:b6:e9:dd:95:53:8d:cb:a7:3c:3f:c2:3d:
         d0:b1:16:fa:7c:b7:f5:00:b3:09:22:72:17:e0:2f:0e:a1:fc:
         cf:8f:5c:e7:8b:a3:06:87:d5:9b:ec:f8:c6:09:45:17:da:3a:
         c3:24:77:62:08:29:83:6c:28:51:77:bb:43:2c:a2:fa:3a:89:
         31:c2:77:94:d3:52:00:86:86:2b:47:31:e8:81:19:2a:a8:97:
         e3:8d:bd:7a:4b:ef:29:64:d2:6a:eb:08:5f:ea:bf:5f:13:81:
         c4:01:8c:d2:35:42:5a:4b:9b:68:73:85:0d:a6:31:36:9f:aa:
         09:fb:ef:e5:95:d4:ee:0d:5e:6b:85:44:03:15:9c:bc:cb:0f:
         22:9d:34:5c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYai/iKeeMRX7Vmca82SxteVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTUxNjk0YzRkNDZiNGZjYzAyZmFlNzFlNWRiOTQyYTcx
MDhlNDcwHhcNMjMwMzAyMTU0MzI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOTBmYjQzYzk1OTVjYTdmYjhjNDgxZjI0NWI3ODJjNDI4YWYxYjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhbXrLZ/4XT7VOYh86vwSWGa4Evdm
H0BSPWPW3mxThW+lM5iVPtTdaVt91IfQ0aGeO9D6MXHwXZnV5+n1MiKHa6nxsPlF
4vXm3PyR2ASobBb6mDTuO2No1Mw8Hz7mVdkffZ5QVdis5RS7XdL7fHLghMDGXwLV
ihSlWGo8lmc/uQ3cLGB0x0z15t+/MnqxAmXC9JH96sfIJeYgrwi+AS9UPl5CfEbi
+SowGTTPBW2N7zgQ+4IDQ+8p2U48yMz6kcORtLu7ksLXG0geWxGgRr5uslC6lts+
ysExoj4roLFx5aR3/QLm08HElFtNICZLCBwh8JlQrJAewZYAqJ/G7rA1JwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOkPtDyVlcp/uMSB8kW3gsQorxtmMB8GA1UdIwQY
MBaAFEnlFpTE1GtPzAL65x5duUKnEI5HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQt
MTkxODliM2M5YzdkLzEvNlEtMFBKV1Z5bi00eElIeVJiZUN4Q2l2RzJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQtMTkxODliM2M5Yzdk
LzEvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUR2RAwQA
UR2UAwQAUR2eMA0GCSqGSIb3DQEBCwUAA4IBAQASFNsNLH09yBB+kxENed/UvdHL
3tclKX3wR/kgK//mIL7VpsiubXOPT0dbOUzduiOxSJBSroS684+L1I6QUE6TqcBQ
8ujWimyhXX3zznDay6J+Ran3AcbI0/FD9i3KnYBq2E7ZF8G1dnyKRAesFsAfNLy2
6d2VU43Lpzw/wj3QsRb6fLf1ALMJInIX4C8OofzPj1zni6MGh9Wb7PjGCUUX2jrD
JHdiCCmDbChRd7tDLKL6OokxwneU01IAhoYrRzHogRkqqJfjjb16S+8pZNJq6whf
6r9fE4HEAYzSNUJaS5toc4UNpjE2n6oJ++/lldTuDV5rhUQDFZy8yw8inTRc
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:35 2024 by rpki-client on console-ams.rpki-client.org