Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/IKFJHORFRZFTFTK6rkq37VoZyms.roa
File:                     IKFJHORFRZFTFTK6rkq37VoZyms.roa (raw, json)
Hash identifier:          7lBdCTI0+zIrK2DzMVC15Z5XdESsPHNMRJmScCEdfgw=
Subject key identifier:   20:A1:49:1C:E4:45:45:91:53:15:32:BA:AE:4A:B7:ED:5A:19:CA:6B
Certificate issuer:       /CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Certificate serial:       018BD19E5865BB0FCB38F436CF8C28023725
Authority key identifier: 49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/IKFJHORFRZFTFTK6rkq37VoZyms.roa
Signing time:             Wed 15 Nov 2023 06:14:57 +0000
ROA not before:           Wed 15 Nov 2023 06:14:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     21769
IP address blocks:        81.29.159.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 27 Nov 2023 16:38:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:d1:9e:58:65:bb:0f:cb:38:f4:36:cf:8c:28:02:37:25
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
        Validity
            Not Before: Nov 15 06:14:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=20a1491ce4454591531532baae4ab7ed5a19ca6b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:1e:18:20:e6:5d:6d:2b:2a:52:5b:bb:50:7a:
                    f1:49:bf:35:b0:03:ce:2c:0d:61:08:28:d0:df:c3:
                    93:5c:7a:ec:06:43:21:bf:57:64:76:69:2b:40:6c:
                    00:13:17:51:23:fc:c4:54:2d:f0:5d:2b:e5:ff:86:
                    ff:72:d8:04:15:5d:2e:5b:90:30:88:1a:4b:b5:ea:
                    ca:16:44:cc:c3:ac:b5:65:94:11:6a:47:00:3f:99:
                    c5:b9:49:04:13:94:29:10:4c:2f:f0:57:af:db:b0:
                    72:69:e5:17:f1:79:4b:56:ec:04:2a:14:87:86:a9:
                    7a:59:64:92:c1:98:b0:9c:23:33:1c:c4:3c:b8:26:
                    fc:46:20:39:15:18:f1:54:bc:c6:1d:2d:11:3c:b4:
                    c9:65:21:9b:a8:00:5f:80:6c:ff:2e:83:b8:85:31:
                    30:37:19:ab:98:ed:8d:ae:ef:3e:a5:05:c0:09:aa:
                    1c:82:a4:80:79:8e:1e:1d:da:46:2a:ef:da:87:80:
                    03:9f:f3:18:dd:c5:70:0e:53:74:e7:a0:6a:1e:41:
                    f2:d7:d2:57:6c:39:50:75:94:21:f7:77:e1:0d:1f:
                    4c:5a:35:e2:4b:9a:c5:e7:27:c8:e6:49:98:29:0a:
                    35:c9:f9:38:1d:1d:4d:46:f3:eb:23:69:ab:a6:78:
                    8e:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:A1:49:1C:E4:45:45:91:53:15:32:BA:AE:4A:B7:ED:5A:19:CA:6B
            X509v3 Authority Key Identifier:
                keyid:49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/IKFJHORFRZFTFTK6rkq37VoZyms.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.29.159.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a2:76:b3:be:0c:b2:2b:fb:78:0c:21:01:c6:62:4a:00:37:80:
         c5:d2:12:d6:06:09:5f:be:ef:38:d9:94:1a:0e:bf:fc:ed:60:
         94:df:9f:fa:41:62:cd:4b:fe:89:96:eb:46:d5:f3:93:16:a6:
         c7:4e:7c:3a:5c:71:43:b3:39:d1:45:d4:ce:a5:f7:fe:63:c8:
         69:18:a3:8f:76:d1:aa:fd:88:ed:44:1a:07:56:2d:f5:08:95:
         90:e1:7a:39:c6:8e:a8:9e:b1:7e:d1:25:6e:c8:8a:eb:0d:40:
         8a:5b:32:fe:27:63:77:50:92:56:c9:17:c2:8d:83:76:a3:af:
         d3:03:20:49:d5:3d:5c:83:59:ef:f0:b8:4a:dc:f7:52:b4:0b:
         ce:7f:7d:08:6b:51:45:99:8a:9b:7f:1c:a9:58:02:ba:3e:f8:
         1c:90:8f:7b:91:cb:5c:64:63:81:29:a6:9d:09:cd:0c:de:76:
         08:d0:79:06:71:49:ac:48:18:41:6a:b9:bb:b4:cd:ab:f4:b9:
         41:c7:c8:8e:fb:84:61:aa:e9:ed:a0:b0:77:74:5e:8a:74:9e:
         99:df:ae:ea:1f:3e:dd:a3:5c:29:d2:75:95:f3:ef:7f:1b:3c:
         62:dc:cb:0a:8d:0a:db:f4:1b:43:65:48:9f:c0:77:3c:a1:28:
         02:89:87:50
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYvRnlhluw/LOPQ2z4woAjclMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTUxNjk0YzRkNDZiNGZjYzAyZmFlNzFlNWRiOTQyYTcx
MDhlNDcwHhcNMjMxMTE1MDYxNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGExNDkxY2U0NDU0NTkxNTMxNTMyYmFhZTRhYjdlZDVhMTljYTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgR4YIOZdbSsqUlu7UHrxSb81sAPO
LA1hCCjQ38OTXHrsBkMhv1dkdmkrQGwAExdRI/zEVC3wXSvl/4b/ctgEFV0uW5Aw
iBpLterKFkTMw6y1ZZQRakcAP5nFuUkEE5QpEEwv8Fev27ByaeUX8XlLVuwEKhSH
hql6WWSSwZiwnCMzHMQ8uCb8RiA5FRjxVLzGHS0RPLTJZSGbqABfgGz/LoO4hTEw
NxmrmO2Nru8+pQXACaocgqSAeY4eHdpGKu/ah4ADn/MY3cVwDlN056BqHkHy19JX
bDlQdZQh93fhDR9MWjXiS5rF5yfI5kmYKQo1yfk4HR1NRvPrI2mrpniOJwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCChSRzkRUWRUxUyuq5Kt+1aGcprMB8GA1UdIwQY
MBaAFEnlFpTE1GtPzAL65x5duUKnEI5HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQt
MTkxODliM2M5YzdkLzEvSUtGSkhPUkZSWkZURlRLNnJrcTM3Vm9aeW1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQtMTkxODliM2M5Yzdk
LzEvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUR2fMA0G
CSqGSIb3DQEBCwUAA4IBAQCidrO+DLIr+3gMIQHGYkoAN4DF0hLWBglfvu842ZQa
Dr/87WCU35/6QWLNS/6JlutG1fOTFqbHTnw6XHFDsznRRdTOpff+Y8hpGKOPdtGq
/YjtRBoHVi31CJWQ4Xo5xo6onrF+0SVuyIrrDUCKWzL+J2N3UJJWyRfCjYN2o6/T
AyBJ1T1cg1nv8LhK3PdStAvOf30Ia1FFmYqbfxypWAK6PvgckI97kctcZGOBKaad
Cc0M3nYI0HkGcUmsSBhBarm7tM2r9LlBx8iO+4RhquntoLB3dF6KdJ6Z367qHz7d
o1wp0nWV8+9/Gzxi3MsKjQrb9BtDZUifwHc8oSgCiYdQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:35 2024 by rpki-client on console-ams.rpki-client.org