Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/ug_4sCIzW1uSzsppZ57Hr3BmK9A.roa
File:                     ug_4sCIzW1uSzsppZ57Hr3BmK9A.roa (raw, json)
Hash identifier:          AlFrlxT0TV9k7nfmT1RKlpOwRo4pSpzVZWIc/NBodNM=
Subject key identifier:   BA:0F:F8:B0:22:33:5B:5B:92:CE:CA:69:67:9E:C7:AF:70:66:2B:D0
Certificate issuer:       /CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Certificate serial:       01878DC6B15F323790E1B241582B5A9F3026
Authority key identifier: 49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/ug_4sCIzW1uSzsppZ57Hr3BmK9A.roa
Signing time:             Mon 17 Apr 2023 05:53:41 +0000
ROA not before:           Mon 17 Apr 2023 05:53:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     207633
IP address blocks:        81.29.151.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 19 Jun 2023 08:39:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:8d:c6:b1:5f:32:37:90:e1:b2:41:58:2b:5a:9f:30:26
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
        Validity
            Not Before: Apr 17 05:53:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ba0ff8b022335b5b92ceca69679ec7af70662bd0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:cd:19:69:85:2e:a9:37:06:c6:2d:32:12:61:
                    b2:d1:59:5f:e6:5b:f9:59:a3:2f:6d:bc:b8:0a:0c:
                    24:0e:25:17:83:df:0b:75:55:3b:f2:1c:fb:5e:6d:
                    73:2b:10:13:6c:39:e2:dc:00:87:45:43:7e:e1:24:
                    0e:21:00:a7:18:14:fb:08:43:1a:70:46:a2:8e:67:
                    db:0b:5d:2e:c2:66:37:38:f0:90:25:dc:86:e2:62:
                    d5:dc:d6:61:ea:30:46:b6:f1:af:24:da:ee:4d:27:
                    af:79:63:cf:4e:cf:01:b1:44:d7:b4:34:51:52:3c:
                    b7:81:2b:67:5d:c2:15:54:d6:b7:27:6f:56:df:21:
                    22:33:75:9b:bd:5c:1a:7e:91:2a:52:5d:ad:0f:2e:
                    0b:20:02:da:44:0f:f9:bb:7f:55:4f:5f:fa:d4:9c:
                    fe:cc:34:d1:0b:1a:98:01:6e:bc:f9:66:d7:06:f0:
                    c9:90:ed:cf:75:88:90:0c:50:a7:50:bd:56:98:63:
                    a4:6e:58:53:5f:05:ac:6b:aa:91:6d:9a:41:5b:36:
                    11:04:02:7a:0c:a2:44:11:1f:e7:1e:51:ff:53:52:
                    40:04:77:a3:8b:89:6c:54:7f:1b:da:20:9f:14:42:
                    c1:8f:33:42:b3:df:4d:71:7e:44:fc:aa:6e:04:83:
                    05:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:0F:F8:B0:22:33:5B:5B:92:CE:CA:69:67:9E:C7:AF:70:66:2B:D0
            X509v3 Authority Key Identifier:
                keyid:49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/ug_4sCIzW1uSzsppZ57Hr3BmK9A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.29.151.0/24

    Signature Algorithm: sha256WithRSAEncryption
         21:d0:7c:46:59:ab:38:97:a9:40:0b:a9:96:ea:98:48:8b:77:
         ef:43:8e:da:bb:61:e7:ed:37:90:d4:30:bb:f7:f1:d8:aa:ae:
         62:8c:2b:0e:a3:e0:56:95:cf:4d:0e:17:ac:b0:72:f3:17:ae:
         00:ea:6a:d1:1f:65:1c:53:8d:bc:b7:b6:a1:e5:f8:86:eb:db:
         a0:ac:74:ce:0d:69:d0:6c:49:ef:0f:60:7a:ba:16:50:d7:95:
         3e:d7:b1:7c:7e:67:f4:38:f1:84:c1:91:d3:74:8a:87:67:4a:
         40:7c:b8:e3:22:ca:92:67:86:aa:6a:c9:d1:94:23:47:00:39:
         11:da:47:a1:84:9e:b8:df:09:54:a5:16:7f:b6:fe:61:04:44:
         fb:12:4c:76:a8:5a:7c:4f:8e:6c:97:91:f0:8f:76:19:5b:17:
         5f:9d:1e:3c:14:29:00:7f:36:92:56:6f:52:28:23:38:e3:6f:
         99:55:8d:f2:c3:47:1e:7f:e8:1e:37:f5:95:c6:ce:61:b5:d9:
         60:7b:76:d6:fc:03:15:48:67:d4:84:ab:ea:4d:fa:a0:44:52:
         68:3d:18:39:d4:d2:9e:9f:58:42:6a:3f:95:dd:ef:d7:ba:a7:
         45:36:f4:eb:48:9a:fc:5d:90:dd:a9:6a:78:23:30:bc:60:65:
         be:4a:b7:7a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYeNxrFfMjeQ4bJBWCtanzAmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTUxNjk0YzRkNDZiNGZjYzAyZmFlNzFlNWRiOTQyYTcx
MDhlNDcwHhcNMjMwNDE3MDU1MzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTBmZjhiMDIyMzM1YjViOTJjZWNhNjk2NzllYzdhZjcwNjYyYmQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh80ZaYUuqTcGxi0yEmGy0Vlf5lv5
WaMvbby4CgwkDiUXg98LdVU78hz7Xm1zKxATbDni3ACHRUN+4SQOIQCnGBT7CEMa
cEaijmfbC10uwmY3OPCQJdyG4mLV3NZh6jBGtvGvJNruTSeveWPPTs8BsUTXtDRR
Ujy3gStnXcIVVNa3J29W3yEiM3WbvVwafpEqUl2tDy4LIALaRA/5u39VT1/61Jz+
zDTRCxqYAW68+WbXBvDJkO3PdYiQDFCnUL1WmGOkblhTXwWsa6qRbZpBWzYRBAJ6
DKJEER/nHlH/U1JABHeji4lsVH8b2iCfFELBjzNCs99NcX5E/KpuBIMFwwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLoP+LAiM1tbks7KaWeex69wZivQMB8GA1UdIwQY
MBaAFEnlFpTE1GtPzAL65x5duUKnEI5HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQt
MTkxODliM2M5YzdkLzEvdWdfNHNDSXpXMXVTenNwcFo1N0hyM0JtSzlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQtMTkxODliM2M5Yzdk
LzEvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUR2XMA0G
CSqGSIb3DQEBCwUAA4IBAQAh0HxGWas4l6lAC6mW6phIi3fvQ47au2Hn7TeQ1DC7
9/HYqq5ijCsOo+BWlc9NDhessHLzF64A6mrRH2UcU428t7ah5fiG69ugrHTODWnQ
bEnvD2B6uhZQ15U+17F8fmf0OPGEwZHTdIqHZ0pAfLjjIsqSZ4aqasnRlCNHADkR
2kehhJ643wlUpRZ/tv5hBET7Ekx2qFp8T45sl5Hwj3YZWxdfnR48FCkAfzaSVm9S
KCM442+ZVY3yw0cef+geN/WVxs5htdlge3bW/AMVSGfUhKvqTfqgRFJoPRg51NKe
n1hCaj+V3e/XuqdFNvTrSJr8XZDdqWp4IzC8YGW+Srd6
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:36 2024 by rpki-client on console-ams.rpki-client.org