Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/OANIypjNAtnHoXgUJNQMDHmXtAE.roa
File:                     OANIypjNAtnHoXgUJNQMDHmXtAE.roa (raw, json)
Hash identifier:          FgUieKZDK02Tzffw8/O1vnxscqXwWXBwVHGsUIFGPH4=
Subject key identifier:   38:03:48:CA:98:CD:02:D9:C7:A1:78:14:24:D4:0C:0C:79:97:B4:01
Certificate issuer:       /CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Certificate serial:       0189F48256EB579FC9562F875FBD8AA9CAB0
Authority key identifier: 49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/OANIypjNAtnHoXgUJNQMDHmXtAE.roa
Signing time:             Mon 14 Aug 2023 14:45:29 +0000
ROA not before:           Mon 14 Aug 2023 14:45:29 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212219
IP address blocks:        80.71.225.0/24 maxlen: 24
                          80.71.228.0/24 maxlen: 24
                          81.29.151.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 25 Aug 2023 14:16:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:f4:82:56:eb:57:9f:c9:56:2f:87:5f:bd:8a:a9:ca:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
        Validity
            Not Before: Aug 14 14:45:29 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=380348ca98cd02d9c7a1781424d40c0c7997b401
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:a9:23:6b:f2:1f:10:4d:c4:9c:45:1f:38:ea:
                    53:46:be:41:d2:8f:d7:b4:16:f7:e5:2c:10:6b:53:
                    d9:6b:33:1c:b4:11:a9:de:ef:f1:19:47:09:75:c9:
                    89:c2:56:4e:83:c6:1d:e3:41:f5:fa:27:15:7d:a8:
                    d4:e1:02:5a:f2:62:79:c9:d8:51:a8:e1:63:ed:fc:
                    ed:30:3e:a5:c1:c1:8c:2e:90:e6:e6:09:f1:0c:e6:
                    21:9f:42:94:7d:a4:bb:04:08:22:94:12:35:30:6d:
                    41:db:cf:a4:e9:3f:90:74:c9:4e:a1:a1:01:11:fd:
                    fb:a5:15:6e:94:03:fa:b6:e9:9e:f4:1c:f9:5e:62:
                    ef:4f:83:0f:4a:4a:b5:d4:37:37:2f:56:c4:a0:55:
                    11:94:32:a6:8c:a1:81:97:6d:27:02:5f:b2:46:31:
                    63:be:f2:50:9f:72:56:b2:02:f3:24:5a:ed:d3:11:
                    8c:ad:bb:94:df:31:e0:fe:bf:79:9e:48:00:2a:0f:
                    d2:cf:9d:c6:67:56:e2:6c:37:24:a6:95:92:33:8a:
                    80:3b:51:f0:69:df:f7:3b:c6:fd:af:69:99:73:fa:
                    e0:ef:9a:e5:4d:ce:5a:43:d7:b2:35:b5:cc:7f:8e:
                    f4:f7:e6:3f:81:9c:a6:a6:f1:49:b6:0e:2d:24:a7:
                    b6:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:03:48:CA:98:CD:02:D9:C7:A1:78:14:24:D4:0C:0C:79:97:B4:01
            X509v3 Authority Key Identifier:
                keyid:49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/OANIypjNAtnHoXgUJNQMDHmXtAE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.71.225.0/24
                  80.71.228.0/24
                  81.29.151.0/24

    Signature Algorithm: sha256WithRSAEncryption
         47:de:e8:9d:aa:e7:ff:82:c8:82:1e:c8:b7:38:c5:b8:53:cc:
         9b:33:52:88:93:f9:c6:42:14:a7:2c:3b:47:c8:b4:d0:49:49:
         d7:d7:de:99:19:a7:b8:49:b3:ba:b5:33:e9:34:bd:3d:04:17:
         a8:36:ab:be:de:1d:17:37:d3:25:12:30:d1:54:0f:48:2d:a5:
         02:77:e5:25:cd:d5:d9:a7:f4:1a:f2:97:dc:32:68:22:73:20:
         a0:3d:a8:22:81:a6:e0:30:0a:f4:2f:3c:44:43:19:ed:4a:10:
         4f:71:c9:74:a2:f7:a6:b2:c5:48:2b:53:95:98:97:58:44:3d:
         5d:43:a0:05:81:76:54:36:d6:51:96:c8:a5:f5:f4:95:b2:ed:
         5b:01:7c:d3:f1:d7:c4:19:eb:f5:85:d9:25:a0:a7:97:71:89:
         15:64:da:eb:90:95:06:b5:f9:39:56:1b:38:23:1c:01:6d:f2:
         30:92:d7:1f:1d:a4:cf:8c:01:1d:f7:aa:37:7a:c4:ec:60:29:
         2b:76:92:86:48:26:20:34:cc:eb:e8:50:28:0d:76:39:58:28:
         a8:42:6d:a4:a7:2a:04:f5:aa:a8:0c:8b:1c:3b:ed:78:5c:d9:
         1c:83:50:71:15:41:b9:d9:4b:56:6a:13:3b:b6:cc:f6:ea:33:
         4d:da:fd:23
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYn0glbrV5/JVi+HX72KqcqwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTUxNjk0YzRkNDZiNGZjYzAyZmFlNzFlNWRiOTQyYTcx
MDhlNDcwHhcNMjMwODE0MTQ0NTI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODAzNDhjYTk4Y2QwMmQ5YzdhMTc4MTQyNGQ0MGMwYzc5OTdiNDAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl6kja/IfEE3EnEUfOOpTRr5B0o/X
tBb35SwQa1PZazMctBGp3u/xGUcJdcmJwlZOg8Yd40H1+icVfajU4QJa8mJ5ydhR
qOFj7fztMD6lwcGMLpDm5gnxDOYhn0KUfaS7BAgilBI1MG1B28+k6T+QdMlOoaEB
Ef37pRVulAP6tume9Bz5XmLvT4MPSkq11Dc3L1bEoFURlDKmjKGBl20nAl+yRjFj
vvJQn3JWsgLzJFrt0xGMrbuU3zHg/r95nkgAKg/Sz53GZ1bibDckppWSM4qAO1Hw
ad/3O8b9r2mZc/rg75rlTc5aQ9eyNbXMf4709+Y/gZympvFJtg4tJKe2QQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDgDSMqYzQLZx6F4FCTUDAx5l7QBMB8GA1UdIwQY
MBaAFEnlFpTE1GtPzAL65x5duUKnEI5HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQt
MTkxODliM2M5YzdkLzEvT0FOSXlwak5BdG5Ib1hnVUpOUU1ESG1YdEFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQtMTkxODliM2M5Yzdk
LzEvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUEfhAwQA
UEfkAwQAUR2XMA0GCSqGSIb3DQEBCwUAA4IBAQBH3uidquf/gsiCHsi3OMW4U8yb
M1KIk/nGQhSnLDtHyLTQSUnX196ZGae4SbO6tTPpNL09BBeoNqu+3h0XN9MlEjDR
VA9ILaUCd+UlzdXZp/Qa8pfcMmgicyCgPagigabgMAr0LzxEQxntShBPccl0ovem
ssVIK1OVmJdYRD1dQ6AFgXZUNtZRlsil9fSVsu1bAXzT8dfEGev1hdkloKeXcYkV
ZNrrkJUGtfk5Vhs4IxwBbfIwktcfHaTPjAEd96o3esTsYCkrdpKGSCYgNMzr6FAo
DXY5WCioQm2kpyoE9aqoDIscO+14XNkcg1BxFUG52UtWahM7tsz26jNN2v0j
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:39 2024 by rpki-client on console-fra.rpki-client.org