Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/O4_5-5r_BD-94jkC8sxC_5Gnva0.roa
File:                     O4_5-5r_BD-94jkC8sxC_5Gnva0.roa (raw, json)
Hash identifier:          YFm0ct5PIxLMJEphSKMdyrXrqpV736dE7C2O7ct03jg=
Subject key identifier:   3B:8F:F9:FB:9A:FF:04:3F:BD:E2:39:02:F2:CC:42:FF:91:A7:BD:AD
Certificate issuer:       /CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Certificate serial:       018CF3CFA4D01A2618D6A7AB0A7EB51E486B
Authority key identifier: 49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/O4_5-5r_BD-94jkC8sxC_5Gnva0.roa
Signing time:             Wed 10 Jan 2024 14:38:40 +0000
ROA not before:           Wed 10 Jan 2024 14:38:40 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     9009
IP address blocks:        80.71.225.0/24 maxlen: 24
                          80.71.232.0/24 maxlen: 24
                          81.29.145.0/24 maxlen: 24
                          81.29.149.0/24 maxlen: 24
                          81.29.154.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 30 Jan 2024 07:37:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:f3:cf:a4:d0:1a:26:18:d6:a7:ab:0a:7e:b5:1e:48:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
        Validity
            Not Before: Jan 10 14:38:40 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=3b8ff9fb9aff043fbde23902f2cc42ff91a7bdad
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:64:94:ca:2d:d4:43:ad:5b:de:cb:ed:32:ad:
                    25:17:32:94:84:0b:1c:6f:d0:59:6b:4b:b6:63:f0:
                    22:33:7b:40:47:c6:c8:53:a6:54:40:4d:56:55:09:
                    41:dd:03:12:c1:73:80:77:9e:91:1e:a0:4a:10:8f:
                    4b:80:33:f8:26:b5:fd:1b:e1:2c:28:ac:33:ca:35:
                    32:6a:ea:16:01:be:15:33:59:08:79:89:2f:4d:65:
                    a6:7a:b6:ce:60:88:0a:30:1c:16:2c:ec:68:f9:05:
                    76:9f:ae:1f:9e:5b:79:51:bc:6d:45:47:98:ee:aa:
                    9d:9c:78:39:76:bd:41:04:9e:fa:7b:d7:35:75:bf:
                    14:19:b9:8d:85:fb:55:62:18:92:44:8f:ee:4b:ce:
                    dc:12:cc:c6:4b:c2:a5:4e:3b:82:b2:9d:48:99:60:
                    33:1a:f3:37:bd:6d:9d:ce:5c:bb:22:81:6e:63:83:
                    34:7e:86:f8:61:a1:80:ac:07:78:ea:35:65:9a:51:
                    eb:32:5f:f2:f7:68:4b:08:d3:60:36:16:29:09:a2:
                    2e:9a:97:58:a3:3b:2b:66:97:33:42:f9:4b:10:7e:
                    39:ca:36:29:d5:c6:75:d1:a2:90:6e:69:09:ba:fa:
                    b6:4a:7f:c8:c9:ff:16:59:5a:25:69:3a:da:9f:d4:
                    ae:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:8F:F9:FB:9A:FF:04:3F:BD:E2:39:02:F2:CC:42:FF:91:A7:BD:AD
            X509v3 Authority Key Identifier:
                keyid:49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/O4_5-5r_BD-94jkC8sxC_5Gnva0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.71.225.0/24
                  80.71.232.0/24
                  81.29.145.0/24
                  81.29.149.0/24
                  81.29.154.0/24

    Signature Algorithm: sha256WithRSAEncryption
         36:d8:8d:c5:58:25:09:92:e5:c4:89:46:49:49:25:21:7e:0d:
         ea:55:ae:04:46:f7:7b:c9:da:bb:ef:87:b8:b5:a6:29:74:78:
         7f:7d:34:63:49:9b:34:1f:bc:1e:90:05:ab:00:3f:19:72:a7:
         a1:1c:f0:26:7d:5f:76:38:9f:1b:b5:ec:15:38:ac:79:be:75:
         14:32:44:df:4d:39:59:5f:ec:5b:a5:4a:41:5b:bb:d4:2d:ae:
         b6:68:46:68:82:e7:10:d9:9a:af:29:6e:50:36:37:d6:ca:23:
         bb:5b:1f:5e:8d:87:2c:05:22:70:de:47:19:3f:6f:76:bc:bc:
         c4:1e:ee:14:d6:94:88:75:f8:6e:15:ab:34:e9:83:6f:96:27:
         d2:81:40:26:e7:6a:ec:54:1f:59:cf:29:27:3a:21:28:de:c3:
         b2:4c:05:66:8e:ba:7c:d8:74:3a:9c:af:7e:d0:b0:cc:a4:86:
         cd:86:fc:e0:29:fb:cc:e0:08:f6:93:07:17:9c:f6:67:e1:d6:
         4f:4a:a4:ac:33:d2:d7:b0:19:f0:33:59:0c:b7:22:30:0a:65:
         1c:14:60:61:fb:93:50:48:b7:dc:ab:80:b5:92:b9:7a:66:d4:
         a0:6e:28:ec:9d:f7:72:c6:72:8d:9a:13:29:2f:d8:94:5b:cf:
         cd:e5:79:75
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzzz6TQGiYY1qerCn61HkhrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTUxNjk0YzRkNDZiNGZjYzAyZmFlNzFlNWRiOTQyYTcx
MDhlNDcwHhcNMjQwMTEwMTQzODQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjhmZjlmYjlhZmYwNDNmYmRlMjM5MDJmMmNjNDJmZjkxYTdiZGFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvWSUyi3UQ61b3svtMq0lFzKUhAsc
b9BZa0u2Y/AiM3tAR8bIU6ZUQE1WVQlB3QMSwXOAd56RHqBKEI9LgDP4JrX9G+Es
KKwzyjUyauoWAb4VM1kIeYkvTWWmerbOYIgKMBwWLOxo+QV2n64fnlt5UbxtRUeY
7qqdnHg5dr1BBJ76e9c1db8UGbmNhftVYhiSRI/uS87cEszGS8KlTjuCsp1ImWAz
GvM3vW2dzly7IoFuY4M0fob4YaGArAd46jVlmlHrMl/y92hLCNNgNhYpCaIumpdY
ozsrZpczQvlLEH45yjYp1cZ10aKQbmkJuvq2Sn/Iyf8WWVolaTran9Su9wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFDuP+fua/wQ/veI5AvLMQv+Rp72tMB8GA1UdIwQY
MBaAFEnlFpTE1GtPzAL65x5duUKnEI5HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQt
MTkxODliM2M5YzdkLzEvTzRfNS01cl9CRC05NGprQzhzeENfNUdudmEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQtMTkxODliM2M5Yzdk
LzEvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAUEfhAwQA
UEfoAwQAUR2RAwQAUR2VAwQAUR2aMA0GCSqGSIb3DQEBCwUAA4IBAQA22I3FWCUJ
kuXEiUZJSSUhfg3qVa4ERvd7ydq774e4taYpdHh/fTRjSZs0H7wekAWrAD8Zcqeh
HPAmfV92OJ8btewVOKx5vnUUMkTfTTlZX+xbpUpBW7vULa62aEZogucQ2ZqvKW5Q
NjfWyiO7Wx9ejYcsBSJw3kcZP292vLzEHu4U1pSIdfhuFas06YNvlifSgUAm52rs
VB9ZzyknOiEo3sOyTAVmjrp82HQ6nK9+0LDMpIbNhvzgKfvM4Aj2kwcXnPZn4dZP
SqSsM9LXsBnwM1kMtyIwCmUcFGBh+5NQSLfcq4C1krl6ZtSgbijsnfdyxnKNmhMp
L9iUW8/N5Xl1
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:35 2024 by rpki-client on console-ams.rpki-client.org