Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/ufhAj6oJOwFFZGzsGD-nuZgvW-U.roa
File:                     ufhAj6oJOwFFZGzsGD-nuZgvW-U.roa (raw, json)
Hash identifier:          Huuy7/nCLuL8mZVCr2ss2X7zR/ISl127IAK4HePkAiY=
Subject key identifier:   B9:F8:40:8F:AA:09:3B:01:45:64:6C:EC:18:3F:A7:B9:98:2F:5B:E5
Certificate issuer:       /CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Certificate serial:       01856F54BB1D740D9BDEB96F391327D8A36F
Authority key identifier: 49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/ufhAj6oJOwFFZGzsGD-nuZgvW-U.roa
Signing time:             Sun 01 Jan 2023 21:55:01 +0000
ROA not before:           Sun 01 Jan 2023 21:55:01 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     213035
IP address blocks:        80.71.232.0/24 maxlen: 24
                          81.29.154.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 25 Jan 2023 16:29:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:54:bb:1d:74:0d:9b:de:b9:6f:39:13:27:d8:a3:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
        Validity
            Not Before: Jan  1 21:55:01 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b9f8408faa093b0145646cec183fa7b9982f5be5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:c8:71:28:0a:ab:bb:bb:43:9d:d1:16:25:14:
                    3a:15:70:a1:87:42:5d:d7:7d:3e:50:61:af:e3:10:
                    69:ac:49:38:59:9b:2a:5b:d7:ca:94:b2:e0:29:48:
                    87:62:b4:8d:8c:6e:43:24:89:cc:f7:51:7c:e0:53:
                    ca:12:16:62:7c:61:06:d7:a6:d0:a6:c9:ec:8a:bb:
                    f4:4e:17:f0:70:7e:60:bb:f4:33:08:55:e9:27:c5:
                    34:66:a4:17:b7:49:39:6b:8e:11:7a:58:3d:2c:73:
                    0b:4e:9a:fe:55:8f:fd:1f:be:1b:da:32:f6:70:6b:
                    5a:62:e3:ea:00:b5:6f:f7:22:62:f4:35:9e:fd:cd:
                    f9:0e:5a:f0:9a:63:96:89:f8:14:bf:05:d9:ed:e2:
                    31:e5:ba:da:82:2a:5b:90:9e:0d:43:c3:4a:e5:a9:
                    65:5e:ea:37:42:c9:13:c1:55:4f:1f:95:e3:b7:33:
                    3c:2b:01:96:72:e8:94:aa:67:2e:a3:05:0a:49:72:
                    cd:1d:0c:34:e7:58:70:0c:7e:ad:0e:5a:e2:7a:9a:
                    2b:50:ec:87:e0:30:fe:ef:58:93:21:06:f6:ae:b3:
                    f3:4f:66:08:bb:dd:49:85:18:b3:45:1b:e2:ab:15:
                    89:bd:b7:e7:8f:8d:bf:ae:47:f3:6c:67:a9:1e:1c:
                    b3:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:F8:40:8F:AA:09:3B:01:45:64:6C:EC:18:3F:A7:B9:98:2F:5B:E5
            X509v3 Authority Key Identifier:
                keyid:49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/ufhAj6oJOwFFZGzsGD-nuZgvW-U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.71.232.0/24
                  81.29.154.0/24

    Signature Algorithm: sha256WithRSAEncryption
         88:0e:e8:a4:6d:6f:b4:b5:63:13:e5:24:0b:f9:b2:cc:70:6c:
         40:92:40:d1:68:fa:61:5c:05:f6:d4:68:4e:9a:e5:ff:a6:12:
         2b:dc:eb:85:9f:e6:e1:ee:5f:e7:be:2c:40:1c:82:94:f1:42:
         b7:8b:12:53:9f:b9:75:b5:14:7a:94:db:31:67:40:2d:9c:21:
         11:fa:18:d2:75:d4:b8:38:43:64:36:67:29:dc:34:a9:3b:bb:
         6a:b2:c9:f1:7a:77:e6:de:a3:67:61:3a:c2:09:23:d2:b8:ec:
         8d:8e:ca:1b:60:9c:11:a9:2f:81:55:cf:17:f7:d7:d3:03:a3:
         24:9b:da:fb:2f:85:7f:73:42:c2:0a:bc:ae:38:ec:9c:13:76:
         e8:c7:2f:de:64:d2:f4:fa:72:0c:fb:43:cb:8a:47:6b:54:a9:
         f5:9a:dc:4f:50:2e:9d:56:da:26:a2:23:64:8c:eb:25:bc:72:
         ad:17:69:c9:0b:99:50:d3:ca:c2:7d:84:52:55:85:87:81:71:
         0b:c2:44:8c:34:bf:ad:3d:4e:02:d7:61:cb:11:7a:00:a4:19:
         1f:75:12:d3:a6:ed:02:c9:d6:ec:97:97:88:46:be:7d:f3:c5:
         39:26:e9:24:44:fb:5a:97:d7:73:e1:49:f2:d1:a8:32:87:a8:
         49:ee:25:ea
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvVLsddA2b3rlvORMn2KNvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTUxNjk0YzRkNDZiNGZjYzAyZmFlNzFlNWRiOTQyYTcx
MDhlNDcwHhcNMjMwMTAxMjE1NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOWY4NDA4ZmFhMDkzYjAxNDU2NDZjZWMxODNmYTdiOTk4MmY1YmU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApshxKAqru7tDndEWJRQ6FXChh0Jd
130+UGGv4xBprEk4WZsqW9fKlLLgKUiHYrSNjG5DJInM91F84FPKEhZifGEG16bQ
psnsirv0ThfwcH5gu/QzCFXpJ8U0ZqQXt0k5a44Relg9LHMLTpr+VY/9H74b2jL2
cGtaYuPqALVv9yJi9DWe/c35DlrwmmOWifgUvwXZ7eIx5bragipbkJ4NQ8NK5all
Xuo3QskTwVVPH5XjtzM8KwGWcuiUqmcuowUKSXLNHQw051hwDH6tDlrieporUOyH
4DD+71iTIQb2rrPzT2YIu91JhRizRRviqxWJvbfnj42/rkfzbGepHhyzewIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLn4QI+qCTsBRWRs7Bg/p7mYL1vlMB8GA1UdIwQY
MBaAFEnlFpTE1GtPzAL65x5duUKnEI5HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQt
MTkxODliM2M5YzdkLzEvdWZoQWo2b0pPd0ZGWkd6c0dELW51Wmd2Vy1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQtMTkxODliM2M5Yzdk
LzEvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUEfoAwQA
UR2aMA0GCSqGSIb3DQEBCwUAA4IBAQCIDuikbW+0tWMT5SQL+bLMcGxAkkDRaPph
XAX21GhOmuX/phIr3OuFn+bh7l/nvixAHIKU8UK3ixJTn7l1tRR6lNsxZ0AtnCER
+hjSddS4OENkNmcp3DSpO7tqssnxenfm3qNnYTrCCSPSuOyNjsobYJwRqS+BVc8X
99fTA6Mkm9r7L4V/c0LCCryuOOycE3boxy/eZNL0+nIM+0PLikdrVKn1mtxPUC6d
VtomoiNkjOslvHKtF2nJC5lQ08rCfYRSVYWHgXELwkSMNL+tPU4C12HLEXoApBkf
dRLTpu0Cydbsl5eIRr5988U5JukkRPtal9dz4Uny0agyh6hJ7iXq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:40 2024 by rpki-client on console-fra.rpki-client.org