Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/4yVj_3KB5KTZCuFP0ol2MFO3AG4.roa
File:                     4yVj_3KB5KTZCuFP0ol2MFO3AG4.roa (raw, json)
Hash identifier:          NUcR75AQx3oucEbv/qaITSZH64Ac0x2OQ+5n98E+DXo=
Subject key identifier:   E3:25:63:FF:72:81:E4:A4:D9:0A:E1:4F:D2:89:76:30:53:B7:00:6E
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018C34DE067BE0118D6496C0BFA3CCB52B22
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/4yVj_3KB5KTZCuFP0ol2MFO3AG4.roa
Signing time:             Mon 04 Dec 2023 12:46:55 +0000
ROA not before:           Mon 04 Dec 2023 12:46:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     206509
IP address blocks:        81.168.0.0/17 maxlen: 17
                          109.176.0.0/16 maxlen: 16
                          81.5.128.0/18 maxlen: 18
                          82.152.0.0/15 maxlen: 15
                          213.152.32.0/19 maxlen: 19

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:30:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:34:de:06:7b:e0:11:8d:64:96:c0:bf:a3:cc:b5:2b:22
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Dec  4 12:46:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e32563ff7281e4a4d90ae14fd289763053b7006e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:27:bf:4b:64:7b:80:9e:6c:3b:28:64:c1:d4:
                    64:97:66:76:93:47:4e:ce:6b:02:da:f0:e5:4b:8c:
                    47:e6:43:55:7c:17:b9:c9:c4:d2:0d:47:6d:9f:c3:
                    10:4a:4d:09:b2:8d:89:f5:9f:9b:fa:86:89:15:87:
                    8b:4d:a5:51:54:db:c8:52:51:5c:e3:c3:2a:0f:00:
                    7d:1f:68:db:f8:05:c9:40:93:d8:2c:0c:a5:6d:15:
                    49:ea:e6:cb:7b:65:35:39:d3:1c:cc:d4:51:27:a7:
                    39:a0:89:a6:73:ae:b3:80:06:bb:48:7c:c0:1c:f7:
                    bb:b0:bd:c2:08:3c:5b:b2:91:8f:aa:17:4c:0f:06:
                    91:9e:70:85:15:24:d9:4b:68:86:22:dd:80:f3:64:
                    ed:bc:d2:5c:fa:db:7f:ca:b6:89:e5:6a:52:f8:9a:
                    cb:ef:d5:4d:01:7c:0d:7b:73:83:c7:90:9b:ef:34:
                    37:f0:8d:be:51:c5:7f:ca:12:e6:6b:c4:43:a9:e7:
                    28:e0:b1:a9:22:85:7e:78:f8:fd:b9:bc:70:f7:0b:
                    46:09:32:e9:8b:b7:96:2a:e1:37:1b:90:ce:bb:64:
                    d2:8a:67:61:c8:db:29:06:a8:be:d0:06:37:b7:1e:
                    05:05:5b:fe:90:0d:5f:5d:c1:d5:5c:8c:99:7b:18:
                    3d:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:25:63:FF:72:81:E4:A4:D9:0A:E1:4F:D2:89:76:30:53:B7:00:6E
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/4yVj_3KB5KTZCuFP0ol2MFO3AG4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.5.128.0/18
                  81.168.0.0/17
                  82.152.0.0/15
                  109.176.0.0/16
                  213.152.32.0/19

    Signature Algorithm: sha256WithRSAEncryption
         52:09:b4:e8:e7:9b:ac:f4:4f:72:c2:a3:4f:29:b2:76:99:32:
         1b:98:c0:6b:a2:82:0b:e9:5c:ed:55:54:c7:de:ac:3b:12:6c:
         4e:96:87:ad:25:9f:29:94:e3:fa:7f:e4:64:df:54:5a:89:39:
         3f:e9:0d:c6:15:80:08:b4:11:bc:47:b6:a4:93:91:f6:90:16:
         cf:10:84:0e:2d:c2:05:55:42:e0:1f:3a:b4:47:63:a5:35:5c:
         bc:71:a7:7c:3f:1c:e9:c6:37:ce:d1:5b:40:d9:3b:eb:60:d9:
         98:2c:5b:f9:ca:4b:90:7a:e8:85:33:6e:2f:c9:ce:54:f1:7f:
         4e:73:43:64:d3:25:d5:fe:f0:a8:c8:3c:70:b2:02:e2:11:5a:
         8c:da:f9:e3:8d:18:ce:d5:0a:9c:72:43:65:3e:4c:33:7f:11:
         68:0a:57:ee:af:7b:63:7d:de:51:c4:e1:78:d9:8b:6a:6c:ea:
         1d:63:09:a8:d0:3e:27:9d:47:20:1b:8a:b1:3a:77:76:47:0a:
         a6:bb:90:1e:72:c7:67:e3:67:bf:e6:0c:6f:a4:f8:d9:23:72:
         5d:a6:d2:7d:ea:7a:46:60:e9:3c:66:f6:cd:c5:a0:bd:b7:dc:
         4e:4e:60:26:67:84:37:34:be:bb:77:6d:ab:fd:34:9f:af:ef:
         66:18:55:84
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYw03gZ74BGNZJbAv6PMtSsiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMxMjA0MTI0NjU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzI1NjNmZjcyODFlNGE0ZDkwYWUxNGZkMjg5NzYzMDUzYjcwMDZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjSe/S2R7gJ5sOyhkwdRkl2Z2k0dO
zmsC2vDlS4xH5kNVfBe5ycTSDUdtn8MQSk0Jso2J9Z+b+oaJFYeLTaVRVNvIUlFc
48MqDwB9H2jb+AXJQJPYLAylbRVJ6ubLe2U1OdMczNRRJ6c5oImmc66zgAa7SHzA
HPe7sL3CCDxbspGPqhdMDwaRnnCFFSTZS2iGIt2A82TtvNJc+tt/yraJ5WpS+JrL
79VNAXwNe3ODx5Cb7zQ38I2+UcV/yhLma8RDqeco4LGpIoV+ePj9ubxw9wtGCTLp
i7eWKuE3G5DOu2TSimdhyNspBqi+0AY3tx4FBVv+kA1fXcHVXIyZexg9UwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFOMlY/9ygeSk2QrhT9KJdjBTtwBuMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvNHlWal8zS0I1S1RaQ3VGUDBvbDJNRk8zQUc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcAwQGUQWAAwQH
UagAAwMBUpgDAwBtsAMEBdWYIDANBgkqhkiG9w0BAQsFAAOCAQEAUgm06OebrPRP
csKjTymydpkyG5jAa6KCC+lc7VVUx96sOxJsTpaHrSWfKZTj+n/kZN9UWok5P+kN
xhWACLQRvEe2pJOR9pAWzxCEDi3CBVVC4B86tEdjpTVcvHGnfD8c6cY3ztFbQNk7
62DZmCxb+cpLkHrohTNuL8nOVPF/TnNDZNMl1f7wqMg8cLIC4hFajNr5440YztUK
nHJDZT5MM38RaApX7q97Y33eUcTheNmLamzqHWMJqNA+J51HIBuKsTp3dkcKpruQ
HnLHZ+Nnv+YMb6T42SNyXabSfep6RmDpPGb2zcWgvbfcTk5gJmeENzS+u3dtq/00
n6/vZhhVhA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:20 2024 by rpki-client on console-ams.rpki-client.org