Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/CTzSX4RBwl7MbOX3MzFL5qzGOBs.roa
File:                     CTzSX4RBwl7MbOX3MzFL5qzGOBs.roa (raw, json)
Hash identifier:          REoqqpTKldjqkRJ2pmzNxsUvYTaBJfCVm0yelvvrhNo=
Subject key identifier:   09:3C:D2:5F:84:41:C2:5E:CC:6C:E5:F7:33:31:4B:E6:AC:C6:38:1B
Certificate issuer:       /CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Certificate serial:       018B23E95354A564890E86E90FE231FDE8FF
Authority key identifier: 49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/CTzSX4RBwl7MbOX3MzFL5qzGOBs.roa
Signing time:             Thu 12 Oct 2023 12:42:55 +0000
ROA not before:           Thu 12 Oct 2023 12:42:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     398343
IP address blocks:        81.29.154.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 08 Nov 2023 18:24:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:23:e9:53:54:a5:64:89:0e:86:e9:0f:e2:31:fd:e8:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
        Validity
            Not Before: Oct 12 12:42:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=093cd25f8441c25ecc6ce5f733314be6acc6381b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:c8:9e:e6:3e:97:5f:5e:62:0c:4a:6c:db:fc:
                    7b:6e:7c:ef:8c:8a:9e:16:33:77:3c:0c:21:52:58:
                    64:90:7d:23:be:3a:f8:78:8c:8d:a9:d1:81:c1:57:
                    d5:d5:b9:35:11:09:7a:22:f3:bb:c7:9f:e2:3e:8d:
                    3c:e8:7b:32:a8:d1:96:52:71:95:cb:87:d5:34:2e:
                    a3:d7:3d:62:94:0a:cb:b9:c5:ae:65:89:8d:03:5f:
                    4a:0b:73:a5:60:72:36:c2:bc:a7:53:61:01:b2:f3:
                    2b:9d:33:f4:b4:97:69:13:2c:d8:54:73:1c:46:d9:
                    3c:c6:9e:af:9b:a3:22:21:eb:47:b7:e3:9e:0d:be:
                    19:95:ce:08:4a:97:ef:07:98:32:51:33:20:8b:0f:
                    c1:36:9e:7f:30:67:4d:a7:7f:e1:09:ac:ad:b7:7c:
                    a3:e5:a6:3f:d0:28:5e:ec:50:e4:1e:14:0e:3c:24:
                    29:7a:12:d7:61:1d:db:31:84:af:71:0e:ad:30:d6:
                    40:79:b9:dc:9e:9d:23:6f:29:d4:ac:e6:15:4a:2e:
                    10:67:c0:6a:de:0c:28:61:94:de:9a:88:a4:f3:18:
                    15:14:07:14:f7:98:a8:56:f4:64:48:06:30:27:cb:
                    cb:71:e1:16:9b:39:b7:33:ef:d3:27:9f:76:71:19:
                    69:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:3C:D2:5F:84:41:C2:5E:CC:6C:E5:F7:33:31:4B:E6:AC:C6:38:1B
            X509v3 Authority Key Identifier:
                keyid:49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/CTzSX4RBwl7MbOX3MzFL5qzGOBs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.29.154.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a5:63:cb:e1:f2:d9:9a:71:08:af:b2:e3:2e:4b:6a:6a:07:96:
         bf:11:11:9a:7c:ec:7c:3c:97:bf:fb:f8:e3:f9:f3:ad:ab:ca:
         34:9d:d0:58:98:41:5e:c5:c2:52:eb:b3:7e:a1:e6:6a:82:0a:
         01:fc:6b:c9:c8:d1:05:5d:b8:1c:eb:b2:e6:0a:22:46:72:01:
         0b:3e:7a:41:80:56:ab:30:df:41:f5:a7:68:93:45:03:73:0e:
         04:fe:76:54:cb:79:33:09:0b:ad:84:95:c5:89:82:33:c8:8e:
         6d:39:01:83:99:c6:7f:79:61:da:80:20:15:2f:ef:f2:2d:27:
         05:e8:a8:35:3b:0e:6d:81:18:6a:92:c1:0f:4a:c1:c6:a2:d5:
         97:cf:5d:79:1e:86:97:d2:37:94:d4:62:8d:0e:ec:3c:e9:57:
         09:0e:22:9c:7c:d7:e8:13:e5:1e:ae:fe:e3:1e:39:b2:e1:d6:
         2f:0f:e4:bd:6a:21:42:a0:e4:99:e8:61:ee:df:25:11:8e:18:
         72:78:26:15:16:f7:66:95:e3:60:7a:b9:b0:48:7a:12:e0:04:
         72:35:9c:b1:a9:9f:48:78:3f:78:6b:55:c6:c5:b9:ae:53:a8:
         c1:13:0e:c7:49:24:87:08:88:77:04:3c:ee:1d:26:eb:3c:38:
         15:b6:1d:b1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYsj6VNUpWSJDobpD+Ix/ej/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTUxNjk0YzRkNDZiNGZjYzAyZmFlNzFlNWRiOTQyYTcx
MDhlNDcwHhcNMjMxMDEyMTI0MjU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTNjZDI1Zjg0NDFjMjVlY2M2Y2U1ZjczMzMxNGJlNmFjYzYzODFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnsie5j6XX15iDEps2/x7bnzvjIqe
FjN3PAwhUlhkkH0jvjr4eIyNqdGBwVfV1bk1EQl6IvO7x5/iPo086HsyqNGWUnGV
y4fVNC6j1z1ilArLucWuZYmNA19KC3OlYHI2wrynU2EBsvMrnTP0tJdpEyzYVHMc
Rtk8xp6vm6MiIetHt+OeDb4Zlc4ISpfvB5gyUTMgiw/BNp5/MGdNp3/hCaytt3yj
5aY/0Che7FDkHhQOPCQpehLXYR3bMYSvcQ6tMNZAebncnp0jbynUrOYVSi4QZ8Bq
3gwoYZTemoik8xgVFAcU95ioVvRkSAYwJ8vLceEWmzm3M+/TJ592cRlpBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAk80l+EQcJezGzl9zMxS+asxjgbMB8GA1UdIwQY
MBaAFEnlFpTE1GtPzAL65x5duUKnEI5HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQt
MTkxODliM2M5YzdkLzEvQ1R6U1g0UkJ3bDdNYk9YM016Rkw1cXpHT0JzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQtMTkxODliM2M5Yzdk
LzEvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUR2aMA0G
CSqGSIb3DQEBCwUAA4IBAQClY8vh8tmacQivsuMuS2pqB5a/ERGafOx8PJe/+/jj
+fOtq8o0ndBYmEFexcJS67N+oeZqggoB/GvJyNEFXbgc67LmCiJGcgELPnpBgFar
MN9B9adok0UDcw4E/nZUy3kzCQuthJXFiYIzyI5tOQGDmcZ/eWHagCAVL+/yLScF
6Kg1Ow5tgRhqksEPSsHGotWXz115HoaX0jeU1GKNDuw86VcJDiKcfNfoE+Uerv7j
Hjmy4dYvD+S9aiFCoOSZ6GHu3yURjhhyeCYVFvdmleNgermwSHoS4ARyNZyxqZ9I
eD94a1XGxbmuU6jBEw7HSSSHCIh3BDzuHSbrPDgVth2x
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:39 2024 by rpki-client on console-fra.rpki-client.org