Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/PM16Gb29Y2BkBoBtDuveLfzElZc.roa
File:                     PM16Gb29Y2BkBoBtDuveLfzElZc.roa (raw, json)
Hash identifier:          AWRuZjwun3TOaJ89SfRWa9r/I2jaEZLxHHiwLUaPwJA=
Subject key identifier:   3C:CD:7A:19:BD:BD:63:60:64:06:80:6D:0E:EB:DE:2D:FC:C4:95:97
Certificate issuer:       /CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Certificate serial:       018D59ABAD08F1E177AE93C257D125A03E13
Authority key identifier: 49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/PM16Gb29Y2BkBoBtDuveLfzElZc.roa
Signing time:             Tue 30 Jan 2024 09:20:39 +0000
ROA not before:           Tue 30 Jan 2024 09:20:39 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     212027
IP address blocks:        81.29.149.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 31 Jan 2024 06:27:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:59:ab:ad:08:f1:e1:77:ae:93:c2:57:d1:25:a0:3e:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
        Validity
            Not Before: Jan 30 09:20:39 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=3ccd7a19bdbd63606406806d0eebde2dfcc49597
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:12:ff:dd:cd:57:d2:5c:cb:48:96:ec:6b:65:
                    d6:07:92:56:b0:95:86:45:f8:66:df:aa:48:bd:26:
                    1d:bf:cd:fc:dc:0f:63:b4:78:62:0a:bc:40:a7:29:
                    35:c0:01:9d:16:44:65:22:fb:fa:25:79:a8:36:1f:
                    60:c8:12:8c:0f:16:87:85:7e:ea:93:2e:84:44:55:
                    ab:2d:7b:1c:a0:fe:fb:64:8b:24:02:9d:d8:05:d1:
                    32:f8:f8:40:45:96:93:84:64:20:f5:8f:ae:2d:09:
                    dd:f3:9e:d1:11:fb:db:89:2a:8b:53:e6:c2:45:3c:
                    03:a5:bf:53:17:e1:02:40:2f:1a:6e:db:15:0b:dc:
                    42:55:29:4d:bf:fc:71:07:ae:2f:37:ca:8b:95:8b:
                    70:70:64:4c:1a:01:ee:6c:20:b4:ef:99:5e:81:98:
                    ed:6d:f9:4c:42:13:14:82:d0:a6:24:14:72:d3:bf:
                    d0:ae:fe:7a:5c:5d:f1:61:69:3a:c2:58:f8:50:20:
                    0b:5f:4e:f4:c1:4f:8a:a1:62:e5:1f:11:88:dd:2d:
                    ea:1a:76:aa:f9:82:89:d2:ee:92:c3:cf:84:cd:eb:
                    db:dc:8b:57:0b:79:03:dd:52:67:23:db:1f:f7:62:
                    e6:3a:57:6b:29:39:4f:30:55:f3:bc:97:78:ed:75:
                    ed:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:CD:7A:19:BD:BD:63:60:64:06:80:6D:0E:EB:DE:2D:FC:C4:95:97
            X509v3 Authority Key Identifier:
                keyid:49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/PM16Gb29Y2BkBoBtDuveLfzElZc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.29.149.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9d:5b:d2:d5:9d:fd:d7:11:3d:a9:70:8f:51:80:38:0b:a3:6a:
         63:43:89:ab:49:ba:c6:77:47:02:d6:a6:9d:cc:23:e7:fe:45:
         9a:c6:71:52:bd:a9:fc:c3:06:e3:38:cd:1a:83:50:24:d4:ea:
         fa:c1:30:9d:d5:8d:2a:52:f2:7a:86:8f:05:b3:7c:c9:71:88:
         ca:15:07:ad:43:dc:ec:19:40:e3:5d:ed:80:ae:65:f7:e6:5d:
         b4:a9:bb:c8:4b:ab:17:e7:b1:f0:d2:67:9c:58:4c:41:c0:ec:
         4f:42:f7:20:c7:04:44:1a:10:9c:16:82:64:7b:51:ad:d5:b0:
         ff:d9:f5:17:cf:01:69:b5:f4:70:0b:df:57:37:e2:c7:f0:7f:
         ce:44:5d:86:ad:18:05:9c:6a:4a:c0:2e:42:d1:8d:6b:32:ca:
         78:bb:d7:ae:9b:4b:1e:61:8a:28:15:d5:04:96:71:db:02:b6:
         0d:79:21:90:91:f7:5c:88:00:7c:54:ec:5f:ad:10:fe:cf:ea:
         c6:53:a2:10:d0:79:d3:3a:23:6c:bf:87:f3:a2:23:10:8e:d7:
         1b:5b:bb:ed:90:cc:bf:9f:dc:1f:45:c8:44:64:96:c5:81:b3:
         c1:d3:db:f2:9e:d1:bc:59:c2:60:a9:84:f2:04:c0:95:ce:5e:
         bd:e8:22:16
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY1Zq60I8eF3rpPCV9EloD4TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTUxNjk0YzRkNDZiNGZjYzAyZmFlNzFlNWRiOTQyYTcx
MDhlNDcwHhcNMjQwMTMwMDkyMDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2NkN2ExOWJkYmQ2MzYwNjQwNjgwNmQwZWViZGUyZGZjYzQ5NTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgBL/3c1X0lzLSJbsa2XWB5JWsJWG
Rfhm36pIvSYdv8383A9jtHhiCrxApyk1wAGdFkRlIvv6JXmoNh9gyBKMDxaHhX7q
ky6ERFWrLXscoP77ZIskAp3YBdEy+PhARZaThGQg9Y+uLQnd857REfvbiSqLU+bC
RTwDpb9TF+ECQC8abtsVC9xCVSlNv/xxB64vN8qLlYtwcGRMGgHubCC075legZjt
bflMQhMUgtCmJBRy07/Qrv56XF3xYWk6wlj4UCALX070wU+KoWLlHxGI3S3qGnaq
+YKJ0u6Sw8+Ezevb3ItXC3kD3VJnI9sf92LmOldrKTlPMFXzvJd47XXthQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDzNehm9vWNgZAaAbQ7r3i38xJWXMB8GA1UdIwQY
MBaAFEnlFpTE1GtPzAL65x5duUKnEI5HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQt
MTkxODliM2M5YzdkLzEvUE0xNkdiMjlZMkJrQm9CdER1dmVMZnpFbFpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQtMTkxODliM2M5Yzdk
LzEvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUR2VMA0G
CSqGSIb3DQEBCwUAA4IBAQCdW9LVnf3XET2pcI9RgDgLo2pjQ4mrSbrGd0cC1qad
zCPn/kWaxnFSvan8wwbjOM0ag1Ak1Or6wTCd1Y0qUvJ6ho8Fs3zJcYjKFQetQ9zs
GUDjXe2ArmX35l20qbvIS6sX57Hw0mecWExBwOxPQvcgxwREGhCcFoJke1Gt1bD/
2fUXzwFptfRwC99XN+LH8H/ORF2GrRgFnGpKwC5C0Y1rMsp4u9eum0seYYooFdUE
lnHbArYNeSGQkfdciAB8VOxfrRD+z+rGU6IQ0HnTOiNsv4fzoiMQjtcbW7vtkMy/
n9wfRchEZJbFgbPB09vyntG8WcJgqYTyBMCVzl696CIW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:39 2024 by rpki-client on console-fra.rpki-client.org