Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/la9G6HSddzny2K6P4qL-g93jhAk.roa
File:                     la9G6HSddzny2K6P4qL-g93jhAk.roa (raw, json)
Hash identifier:          GIa8Zq7434XgSs3ct1c8N3twLLihQ2zoprEWtx6Md2Y=
Subject key identifier:   95:AF:46:E8:74:9D:77:39:F2:D8:AE:8F:E2:A2:FE:83:DD:E3:84:09
Certificate issuer:       /CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Certificate serial:       018D3E97CB0C29EC63B5068BE1C5980495F6
Authority key identifier: 49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/la9G6HSddzny2K6P4qL-g93jhAk.roa
Signing time:             Thu 25 Jan 2024 03:09:11 +0000
ROA not before:           Thu 25 Jan 2024 03:09:11 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     211014
IP address blocks:        81.29.158.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 25 Mar 2024 13:12:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:3e:97:cb:0c:29:ec:63:b5:06:8b:e1:c5:98:04:95:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
        Validity
            Not Before: Jan 25 03:09:11 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=95af46e8749d7739f2d8ae8fe2a2fe83dde38409
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:66:3e:d9:0f:a8:96:a7:13:33:54:b4:c7:87:
                    90:3e:c4:6a:4d:52:7c:f5:7d:d4:c7:c0:1c:6b:93:
                    01:4b:b8:cd:55:62:e1:3b:e5:a2:79:e0:13:63:86:
                    84:c5:f3:a6:5c:d7:50:b6:3f:c5:da:30:83:fa:ce:
                    52:1a:38:a3:11:f3:45:e4:00:1d:51:75:1f:85:e6:
                    9c:0b:41:11:3b:e6:92:6e:02:f5:db:eb:d9:49:7b:
                    d9:29:dc:14:87:32:59:27:96:43:0c:78:35:82:7f:
                    c3:2d:c5:6c:2e:6b:3e:35:b0:30:6a:f6:00:ab:f2:
                    49:6f:4f:cd:e0:38:e9:e9:3e:b7:e7:0c:a7:55:b1:
                    e9:96:1f:90:90:c3:b1:47:bf:c6:a4:54:31:1c:f2:
                    85:29:42:ce:24:d5:04:98:f7:66:a1:d4:d3:a6:6c:
                    1a:7f:40:1b:aa:48:26:40:21:0b:7a:30:c3:8e:f3:
                    b7:02:ed:98:d5:4f:26:18:0f:89:21:d0:c6:25:ab:
                    f9:0c:3e:04:58:45:36:35:5b:2f:c4:8b:6d:7f:11:
                    23:fd:30:1c:d0:55:38:e6:72:b4:94:f2:57:29:64:
                    ed:08:32:0b:1b:57:97:38:8c:17:2f:37:85:bc:4f:
                    6f:3c:53:5c:8b:12:ee:2c:55:0d:2b:3d:23:2a:8e:
                    7e:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:AF:46:E8:74:9D:77:39:F2:D8:AE:8F:E2:A2:FE:83:DD:E3:84:09
            X509v3 Authority Key Identifier:
                keyid:49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/la9G6HSddzny2K6P4qL-g93jhAk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.29.158.0/24

    Signature Algorithm: sha256WithRSAEncryption
         67:64:0b:e5:00:ff:e8:72:f5:ae:2d:fc:77:21:8b:ba:03:18:
         2a:39:8d:ed:b1:3b:aa:95:18:92:cb:61:9b:08:85:22:4c:f9:
         32:62:eb:ff:a3:17:b2:ac:6f:ff:11:2b:30:cf:5e:8c:e2:af:
         3f:8e:8c:2d:47:cc:3c:87:61:35:ee:b8:c6:b9:d5:7a:b1:36:
         cb:68:1a:76:4d:71:7e:cb:12:63:ed:6b:03:5b:5d:0b:fd:25:
         3f:03:c7:8a:e2:98:8d:0d:a5:4d:ee:6f:b1:f7:c0:62:8a:e9:
         a7:cf:9b:3f:79:15:1e:78:be:ad:4a:3e:9a:78:c2:40:01:c0:
         55:52:48:56:c1:e6:f4:71:b5:d5:ea:d4:7b:3d:6e:e3:65:4e:
         8d:ca:e0:b9:12:11:1d:1d:a1:f4:06:cf:20:86:53:cb:f6:a4:
         17:70:d3:df:f1:2e:94:a9:b7:3c:6d:dd:f0:29:11:02:a1:d1:
         01:76:67:07:6c:f9:bd:12:6b:1b:87:d1:f6:02:55:54:c7:a4:
         08:71:bb:47:60:3d:4b:93:3a:a0:74:7e:01:ca:77:03:1d:d5:
         f9:7e:3c:c8:5e:4c:4b:9a:95:26:8f:45:be:df:cf:fd:45:b0:
         fd:8f:51:57:27:99:96:69:5a:37:0b:2e:75:52:10:76:a2:06:
         ee:63:3e:8b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY0+l8sMKexjtQaL4cWYBJX2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTUxNjk0YzRkNDZiNGZjYzAyZmFlNzFlNWRiOTQyYTcx
MDhlNDcwHhcNMjQwMTI1MDMwOTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWFmNDZlODc0OWQ3NzM5ZjJkOGFlOGZlMmEyZmU4M2RkZTM4NDA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0mY+2Q+olqcTM1S0x4eQPsRqTVJ8
9X3Ux8Aca5MBS7jNVWLhO+WieeATY4aExfOmXNdQtj/F2jCD+s5SGjijEfNF5AAd
UXUfheacC0ERO+aSbgL12+vZSXvZKdwUhzJZJ5ZDDHg1gn/DLcVsLms+NbAwavYA
q/JJb0/N4Djp6T635wynVbHplh+QkMOxR7/GpFQxHPKFKULOJNUEmPdmodTTpmwa
f0AbqkgmQCELejDDjvO3Au2Y1U8mGA+JIdDGJav5DD4EWEU2NVsvxIttfxEj/TAc
0FU45nK0lPJXKWTtCDILG1eXOIwXLzeFvE9vPFNcixLuLFUNKz0jKo5+YQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJWvRuh0nXc58tiuj+Ki/oPd44QJMB8GA1UdIwQY
MBaAFEnlFpTE1GtPzAL65x5duUKnEI5HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQt
MTkxODliM2M5YzdkLzEvbGE5RzZIU2Rkem55Mks2UDRxTC1nOTNqaEFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQtMTkxODliM2M5Yzdk
LzEvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUR2eMA0G
CSqGSIb3DQEBCwUAA4IBAQBnZAvlAP/ocvWuLfx3IYu6AxgqOY3tsTuqlRiSy2Gb
CIUiTPkyYuv/oxeyrG//ESswz16M4q8/jowtR8w8h2E17rjGudV6sTbLaBp2TXF+
yxJj7WsDW10L/SU/A8eK4piNDaVN7m+x98Biiumnz5s/eRUeeL6tSj6aeMJAAcBV
UkhWweb0cbXV6tR7PW7jZU6NyuC5EhEdHaH0Bs8ghlPL9qQXcNPf8S6Uqbc8bd3w
KRECodEBdmcHbPm9Emsbh9H2AlVUx6QIcbtHYD1LkzqgdH4ByncDHdX5fjzIXkxL
mpUmj0W+38/9RbD9j1FXJ5mWaVo3Cy51UhB2ogbuYz6L
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:40 2024 by rpki-client on console-fra.rpki-client.org