Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/AAN_ziuv7xrBo_QFWk_EVs0JQhs.roa
File:                     AAN_ziuv7xrBo_QFWk_EVs0JQhs.roa (raw, json)
Hash identifier:          11KLRpGHjR5si7n74pUHaQTSlZY/A/kFVrQryLyChPQ=
Subject key identifier:   00:03:7F:CE:2B:AF:EF:1A:C1:A3:F4:05:5A:4F:C4:56:CD:09:42:1B
Certificate issuer:       /CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Certificate serial:       018AF40CC402C1544A1641FF10E367FA0561
Authority key identifier: 49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/AAN_ziuv7xrBo_QFWk_EVs0JQhs.roa
Signing time:             Tue 03 Oct 2023 05:39:51 +0000
ROA not before:           Tue 03 Oct 2023 05:39:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     398343
IP address blocks:        81.29.154.0/24 maxlen: 24
                          81.29.155.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 12 Oct 2023 12:42:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:f4:0c:c4:02:c1:54:4a:16:41:ff:10:e3:67:fa:05:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
        Validity
            Not Before: Oct  3 05:39:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=00037fce2bafef1ac1a3f4055a4fc456cd09421b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:ab:f8:55:21:05:4f:a7:09:fc:83:81:88:be:
                    de:cd:98:f7:46:aa:68:a7:1c:50:41:03:dd:64:1e:
                    62:79:21:7a:a4:6d:70:83:ec:29:f6:2f:28:fd:40:
                    3a:62:5b:e9:33:b9:af:f6:0e:34:78:da:d2:25:8d:
                    6e:2f:a6:0d:8b:64:8c:d1:60:60:0e:d6:ca:95:aa:
                    f3:f1:07:a0:c1:38:ef:68:be:60:de:34:aa:2f:7e:
                    d7:8f:b9:14:82:c9:62:58:8e:48:ab:7a:5d:d4:8f:
                    e0:03:4d:98:dc:99:bb:7d:5a:92:bb:f1:63:8c:36:
                    be:d7:f0:06:a6:9b:c6:aa:cd:4c:1e:4a:c7:d7:80:
                    06:8c:14:95:81:a7:07:81:0b:11:4c:7d:63:df:f8:
                    b0:4a:4e:15:c3:5b:bb:4d:21:23:9a:b1:80:75:a4:
                    b4:0b:aa:ba:99:85:2d:be:2e:18:1f:10:a2:d9:cd:
                    02:c0:e0:67:27:52:38:5a:0f:a2:3a:5a:61:aa:7c:
                    d3:c6:b9:62:fd:7f:2f:1b:7f:10:c5:fe:8e:a3:c7:
                    d1:a8:93:70:64:c7:a5:ca:f6:aa:22:33:cc:ba:67:
                    14:12:9c:82:2e:07:68:1f:47:5d:00:88:ce:eb:6b:
                    b3:1b:1b:9e:34:cf:3e:ce:f3:fc:80:57:a6:eb:7e:
                    a1:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:03:7F:CE:2B:AF:EF:1A:C1:A3:F4:05:5A:4F:C4:56:CD:09:42:1B
            X509v3 Authority Key Identifier:
                keyid:49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/AAN_ziuv7xrBo_QFWk_EVs0JQhs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.29.154.0/23

    Signature Algorithm: sha256WithRSAEncryption
         18:b5:e7:3c:91:3c:55:0c:94:71:59:25:7d:31:3d:2c:21:c1:
         c0:28:21:91:74:06:33:5a:a3:f1:04:da:f3:9a:15:33:04:33:
         55:36:fb:8e:0d:4a:41:4d:5a:0b:c8:58:40:8e:2c:6f:5a:7e:
         f2:fe:fb:b7:f2:34:80:53:aa:a9:38:4a:b6:1f:66:69:f0:2b:
         96:5a:95:4b:d6:7e:e9:c9:f7:ee:8f:bc:03:74:44:ee:7b:bd:
         39:e4:3f:f2:f1:ba:34:97:ce:11:88:e5:78:9c:57:d8:cd:ef:
         1f:e7:33:a7:e5:5a:67:7d:d8:3f:70:3c:55:8d:22:28:6b:0c:
         92:44:1a:7f:b0:83:54:2e:e1:c5:e9:6b:c1:b7:3f:9c:a1:ed:
         5b:8c:d2:c2:7f:b0:d2:c2:ca:7d:9a:d0:61:8d:a3:b0:2f:2b:
         11:fc:dd:d5:e7:5c:97:e0:48:e4:b6:72:84:68:b7:00:b1:fb:
         bb:a6:8f:cf:5b:03:17:fe:68:ec:05:30:e0:cc:95:72:71:81:
         f8:fe:d0:8a:28:6d:15:c4:75:4d:5a:7b:a1:6b:97:df:4f:ca:
         33:be:4b:38:34:e9:65:1f:c6:10:97:cb:49:21:bc:ad:97:b8:
         83:30:37:99:5e:04:b1:c2:fc:8a:63:70:8f:c7:74:22:76:9c:
         5c:cf:39:38
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYr0DMQCwVRKFkH/EONn+gVhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTUxNjk0YzRkNDZiNGZjYzAyZmFlNzFlNWRiOTQyYTcx
MDhlNDcwHhcNMjMxMDAzMDUzOTUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDAzN2ZjZTJiYWZlZjFhYzFhM2Y0MDU1YTRmYzQ1NmNkMDk0MjFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyqv4VSEFT6cJ/IOBiL7ezZj3Rqpo
pxxQQQPdZB5ieSF6pG1wg+wp9i8o/UA6YlvpM7mv9g40eNrSJY1uL6YNi2SM0WBg
DtbKlarz8QegwTjvaL5g3jSqL37Xj7kUgsliWI5Iq3pd1I/gA02Y3Jm7fVqSu/Fj
jDa+1/AGppvGqs1MHkrH14AGjBSVgacHgQsRTH1j3/iwSk4Vw1u7TSEjmrGAdaS0
C6q6mYUtvi4YHxCi2c0CwOBnJ1I4Wg+iOlphqnzTxrli/X8vG38Qxf6Oo8fRqJNw
ZMelyvaqIjPMumcUEpyCLgdoH0ddAIjO62uzGxueNM8+zvP8gFem636hmQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAADf84rr+8awaP0BVpPxFbNCUIbMB8GA1UdIwQY
MBaAFEnlFpTE1GtPzAL65x5duUKnEI5HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQt
MTkxODliM2M5YzdkLzEvQUFOX3ppdXY3eHJCb19RRldrX0VWczBKUWhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQtMTkxODliM2M5Yzdk
LzEvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBUR2aMA0G
CSqGSIb3DQEBCwUAA4IBAQAYtec8kTxVDJRxWSV9MT0sIcHAKCGRdAYzWqPxBNrz
mhUzBDNVNvuODUpBTVoLyFhAjixvWn7y/vu38jSAU6qpOEq2H2Zp8CuWWpVL1n7p
yffuj7wDdETue7055D/y8bo0l84RiOV4nFfYze8f5zOn5Vpnfdg/cDxVjSIoawyS
RBp/sINULuHF6WvBtz+coe1bjNLCf7DSwsp9mtBhjaOwLysR/N3V51yX4EjktnKE
aLcAsfu7po/PWwMX/mjsBTDgzJVycYH4/tCKKG0VxHVNWnuha5ffT8ozvks4NOll
H8YQl8tJIbytl7iDMDeZXgSxwvyKY3CPx3Qidpxczzk4
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:39 2024 by rpki-client on console-fra.rpki-client.org