Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/YVGVjF17mhIBgWqmFn_hTONl-kc.roa
File:                     YVGVjF17mhIBgWqmFn_hTONl-kc.roa (raw, json)
Hash identifier:          ZcNvkijVqr4CV3G1qyiOBi9hBKieVQ7uw/CAkoRA0fA=
Subject key identifier:   61:51:95:8C:5D:7B:9A:12:01:81:6A:A6:16:7F:E1:4C:E3:65:FA:47
Certificate issuer:       /CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Certificate serial:       0189FCCD07E4CAF4D79EB1F652A53B695A1C
Authority key identifier: 49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/YVGVjF17mhIBgWqmFn_hTONl-kc.roa
Signing time:             Wed 16 Aug 2023 05:24:02 +0000
ROA not before:           Wed 16 Aug 2023 05:24:02 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     21082
IP address blocks:        81.29.149.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 04 Sep 2023 04:59:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:fc:cd:07:e4:ca:f4:d7:9e:b1:f6:52:a5:3b:69:5a:1c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
        Validity
            Not Before: Aug 16 05:24:02 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6151958c5d7b9a1201816aa6167fe14ce365fa47
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:80:42:8b:2e:f7:48:18:7a:65:dd:88:fe:d8:
                    22:a4:95:9c:d7:72:4e:7a:54:67:a2:9a:2c:b6:01:
                    7e:80:9d:83:5c:ca:67:fe:0c:b6:da:79:86:99:37:
                    50:dc:5f:2c:5b:41:8b:5c:2e:b3:eb:6e:98:d7:55:
                    90:5b:7c:23:d2:bd:4b:5f:34:ac:ac:8f:55:77:4b:
                    ab:18:e3:b1:a8:c1:0a:40:81:16:e3:20:68:c1:fb:
                    fe:0e:51:7f:1c:28:ec:ef:93:3c:82:08:3b:b6:8d:
                    b7:86:13:5a:d3:e0:de:35:0e:b9:18:23:ae:8d:cb:
                    f5:73:22:e3:a3:b3:3b:90:c3:0a:bc:26:c9:b4:6a:
                    6c:80:83:9e:2b:2d:4b:e9:c1:99:02:61:27:a5:3e:
                    a1:7b:73:9c:ec:5a:33:71:cb:8a:19:30:bc:40:8f:
                    8b:72:56:74:0c:b4:7f:89:2f:19:ba:72:ba:23:6c:
                    9b:d3:91:97:62:17:e9:2c:96:5a:b5:35:c5:07:e3:
                    c6:98:6d:ea:04:9a:7e:b6:df:4b:77:37:1d:97:01:
                    f2:74:a1:47:8a:6a:a9:7a:fc:4b:91:22:bd:36:6a:
                    26:91:5d:86:5e:18:ba:29:62:39:8c:da:a0:b4:98:
                    97:9b:ad:f5:d1:ae:cb:33:79:94:2f:89:ef:56:d1:
                    2b:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:51:95:8C:5D:7B:9A:12:01:81:6A:A6:16:7F:E1:4C:E3:65:FA:47
            X509v3 Authority Key Identifier:
                keyid:49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/YVGVjF17mhIBgWqmFn_hTONl-kc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.29.149.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3e:e3:5c:81:02:a1:f3:1f:44:4f:26:6f:cc:82:ae:b9:91:6b:
         5c:cc:61:ef:04:23:81:c0:57:e9:cc:e6:c0:a3:b2:11:94:83:
         e8:03:5c:c3:3e:a8:c1:23:30:e1:37:a7:f0:b9:78:bc:eb:63:
         f1:67:90:90:80:22:d6:c5:49:dd:74:f8:a6:5e:ff:fa:ec:4b:
         d2:f1:17:5a:9c:b8:4b:6b:69:52:9f:bc:55:29:61:e3:e0:17:
         40:6b:4a:54:37:93:3d:28:a1:80:31:72:ac:04:0b:da:9e:25:
         bd:8c:2a:60:b7:51:d3:71:91:d0:ad:73:a8:16:5c:56:d4:fb:
         3e:93:90:d4:04:29:c6:ad:94:4a:cf:08:9c:86:59:77:8a:d2:
         ea:87:71:ae:f9:e0:5e:68:bc:4b:ff:ce:e7:6d:ab:75:40:e3:
         3e:13:8a:09:8e:04:60:66:00:d8:e5:6e:d0:28:f3:a1:a6:8f:
         c0:65:02:f5:52:a1:27:22:be:08:b5:c3:85:dd:d6:fe:aa:8e:
         42:23:cc:17:5b:07:2e:56:c4:ae:bd:30:dd:37:0f:60:5c:0a:
         f9:9b:7a:8e:59:be:79:e0:e1:f5:9d:23:a3:e7:e0:fe:cc:82:
         16:37:ff:60:a8:d0:3e:28:53:b2:9a:8f:21:e0:8c:c1:72:5c:
         71:47:76:e4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYn8zQfkyvTXnrH2UqU7aVocMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTUxNjk0YzRkNDZiNGZjYzAyZmFlNzFlNWRiOTQyYTcx
MDhlNDcwHhcNMjMwODE2MDUyNDAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTUxOTU4YzVkN2I5YTEyMDE4MTZhYTYxNjdmZTE0Y2UzNjVmYTQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAloBCiy73SBh6Zd2I/tgipJWc13JO
elRnopostgF+gJ2DXMpn/gy22nmGmTdQ3F8sW0GLXC6z626Y11WQW3wj0r1LXzSs
rI9Vd0urGOOxqMEKQIEW4yBowfv+DlF/HCjs75M8ggg7to23hhNa0+DeNQ65GCOu
jcv1cyLjo7M7kMMKvCbJtGpsgIOeKy1L6cGZAmEnpT6he3Oc7FozccuKGTC8QI+L
clZ0DLR/iS8ZunK6I2yb05GXYhfpLJZatTXFB+PGmG3qBJp+tt9LdzcdlwHydKFH
imqpevxLkSK9NmomkV2GXhi6KWI5jNqgtJiXm6310a7LM3mUL4nvVtErZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGFRlYxde5oSAYFqphZ/4UzjZfpHMB8GA1UdIwQY
MBaAFEnlFpTE1GtPzAL65x5duUKnEI5HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQt
MTkxODliM2M5YzdkLzEvWVZHVmpGMTdtaElCZ1dxbUZuX2hUT05sLWtjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQtMTkxODliM2M5Yzdk
LzEvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUR2VMA0G
CSqGSIb3DQEBCwUAA4IBAQA+41yBAqHzH0RPJm/Mgq65kWtczGHvBCOBwFfpzObA
o7IRlIPoA1zDPqjBIzDhN6fwuXi862PxZ5CQgCLWxUnddPimXv/67EvS8RdanLhL
a2lSn7xVKWHj4BdAa0pUN5M9KKGAMXKsBAvaniW9jCpgt1HTcZHQrXOoFlxW1Ps+
k5DUBCnGrZRKzwichll3itLqh3Gu+eBeaLxL/87nbat1QOM+E4oJjgRgZgDY5W7Q
KPOhpo/AZQL1UqEnIr4ItcOF3db+qo5CI8wXWwcuVsSuvTDdNw9gXAr5m3qOWb55
4OH1nSOj5+D+zIIWN/9gqNA+KFOymo8h4IzBclxxR3bk
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:40 2024 by rpki-client on console-fra.rpki-client.org