Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/3arNnS2IT0pNThoCnzeVfnUXalw.roa
File:                     3arNnS2IT0pNThoCnzeVfnUXalw.roa (raw, json)
Hash identifier:          YHiisShGQ8IRztKDUORbx98121Jf7mKmIHLn58pz6+w=
Subject key identifier:   DD:AA:CD:9D:2D:88:4F:4A:4D:4E:1A:02:9F:37:95:7E:75:17:6A:5C
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       01887B23A04CADCF9FFB31E163C5794484D1
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/3arNnS2IT0pNThoCnzeVfnUXalw.roa
Signing time:             Fri 02 Jun 2023 08:05:12 +0000
ROA not before:           Fri 02 Jun 2023 08:05:12 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     44547
IP address blocks:        81.168.116.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 27 Jul 2023 08:13:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:7b:23:a0:4c:ad:cf:9f:fb:31:e1:63:c5:79:44:84:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jun  2 08:05:12 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ddaacd9d2d884f4a4d4e1a029f37957e75176a5c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:27:a9:ff:61:68:51:c8:10:9e:93:19:e1:7b:
                    47:36:98:f5:04:6d:ce:a5:48:61:e3:24:d5:d1:57:
                    ca:58:6f:d6:dd:5e:91:d2:4d:af:07:86:46:38:9a:
                    f2:ab:e3:15:2d:fa:5e:9f:46:2c:37:a7:27:09:06:
                    4d:e9:12:43:ac:a5:b0:f7:17:ca:58:dd:3a:10:ea:
                    d0:1a:7f:fb:3b:55:87:ff:7f:4d:0b:bd:d9:54:2a:
                    3e:a2:57:4e:65:cc:bd:c6:79:28:eb:8e:0f:3c:0f:
                    3c:04:15:85:8e:3e:ce:e2:7f:ce:36:02:33:95:7a:
                    a3:aa:fc:c4:4c:01:05:31:c9:f0:3d:92:f7:73:cd:
                    53:b0:26:13:dc:67:6d:93:fb:c3:a7:b7:cd:90:00:
                    d5:66:46:1e:96:02:e7:7f:92:e6:5c:e9:e7:d3:a4:
                    2b:e4:17:ca:34:68:d7:0c:db:8b:d8:05:71:51:c1:
                    c5:6e:9d:b1:48:a5:c0:cf:10:93:3a:3f:3b:b4:3f:
                    2f:c1:74:8f:c9:56:57:2d:fd:fb:5e:48:b3:71:a2:
                    b7:ed:7e:9b:56:d1:a1:68:7d:2d:ce:12:c4:71:67:
                    7a:8b:bc:17:6d:7b:e3:e4:38:3c:49:6d:87:97:7f:
                    4d:5a:db:93:c8:8c:4c:71:93:95:42:6e:45:64:87:
                    d1:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:AA:CD:9D:2D:88:4F:4A:4D:4E:1A:02:9F:37:95:7E:75:17:6A:5C
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/3arNnS2IT0pNThoCnzeVfnUXalw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.168.116.0/24

    Signature Algorithm: sha256WithRSAEncryption
         64:3a:fd:e0:21:f1:63:ef:1c:c9:d6:e5:5c:21:1b:9c:d7:23:
         87:9e:12:41:c9:a6:b8:df:c7:4d:7a:bf:c9:2d:1f:8f:91:be:
         26:69:35:b3:77:41:23:e6:e1:2a:a2:73:8c:97:dd:c2:17:1e:
         04:12:9a:61:f8:96:3d:73:d7:91:ba:03:82:bf:28:b1:71:61:
         68:74:43:96:69:2e:fc:57:5b:70:e2:3e:da:d6:0f:b8:95:16:
         8d:45:48:6b:79:b4:40:59:44:e6:c1:33:4d:a5:29:f8:56:a8:
         d6:bc:66:22:13:55:13:bb:ac:09:26:a8:6a:4d:ba:b8:eb:7f:
         77:e4:8c:10:bc:0e:55:fb:b1:76:11:77:4a:79:3c:91:1f:62:
         2f:1f:82:f3:7b:e6:1c:2e:92:ca:89:37:50:0f:7a:4d:42:e0:
         58:6d:89:14:2d:f6:22:05:9e:fd:1f:67:e2:61:00:37:e7:e3:
         8b:ff:10:27:0b:fd:04:c2:96:f8:aa:08:5d:ed:62:e5:51:4e:
         20:ed:54:98:3f:08:56:15:3b:c1:bb:13:83:e7:c9:f2:f1:17:
         5e:e2:af:98:9e:60:ba:96:44:fb:9b:53:dc:49:62:0e:df:e7:
         3e:66:86:f5:20:d9:71:a6:34:07:60:6a:96:6f:9c:72:9e:fd:
         bc:ff:b1:25
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYh7I6BMrc+f+zHhY8V5RITRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNjAyMDgwNTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGFhY2Q5ZDJkODg0ZjRhNGQ0ZTFhMDI5ZjM3OTU3ZTc1MTc2YTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgiep/2FoUcgQnpMZ4XtHNpj1BG3O
pUhh4yTV0VfKWG/W3V6R0k2vB4ZGOJryq+MVLfpen0YsN6cnCQZN6RJDrKWw9xfK
WN06EOrQGn/7O1WH/39NC73ZVCo+oldOZcy9xnko644PPA88BBWFjj7O4n/ONgIz
lXqjqvzETAEFMcnwPZL3c81TsCYT3Gdtk/vDp7fNkADVZkYelgLnf5LmXOnn06Qr
5BfKNGjXDNuL2AVxUcHFbp2xSKXAzxCTOj87tD8vwXSPyVZXLf37XkizcaK37X6b
VtGhaH0tzhLEcWd6i7wXbXvj5Dg8SW2Hl39NWtuTyIxMcZOVQm5FZIfRFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN2qzZ0tiE9KTU4aAp83lX51F2pcMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvM2FyTm5TMklUMHBOVGhvQ256ZVZmblVYYWx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUah0MA0G
CSqGSIb3DQEBCwUAA4IBAQBkOv3gIfFj7xzJ1uVcIRuc1yOHnhJByaa438dNer/J
LR+Pkb4maTWzd0Ej5uEqonOMl93CFx4EEpph+JY9c9eRugOCvyixcWFodEOWaS78
V1tw4j7a1g+4lRaNRUhrebRAWUTmwTNNpSn4VqjWvGYiE1UTu6wJJqhqTbq46393
5IwQvA5V+7F2EXdKeTyRH2IvH4Lze+YcLpLKiTdQD3pNQuBYbYkULfYiBZ79H2fi
YQA35+OL/xAnC/0Ewpb4qghd7WLlUU4g7VSYPwhWFTvBuxOD58ny8Rde4q+YnmC6
lkT7m1PcSWIO3+c+Zob1INlxpjQHYGqWb5xynv28/7El
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:19 2024 by rpki-client on console-ams.rpki-client.org