Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/8kwMGcCzcGXxd76qS78palKIIjo.roa
File:                     8kwMGcCzcGXxd76qS78palKIIjo.roa (raw, json)
Hash identifier:          faF2SEkqk+qFJkTj/CMNjHbg62rnWtig+iFMa/6P3ck=
Subject key identifier:   F2:4C:0C:19:C0:B3:70:65:F1:77:BE:AA:4B:BF:29:6A:52:88:22:3A
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       0185B9BAD8D3C2C9DCE604C1155F550BB281
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/8kwMGcCzcGXxd76qS78palKIIjo.roa
Signing time:             Mon 16 Jan 2023 08:38:28 +0000
ROA not before:           Mon 16 Jan 2023 08:38:28 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     1299
IP address blocks:        81.5.156.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 10 Jul 2023 14:49:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:b9:ba:d8:d3:c2:c9:dc:e6:04:c1:15:5f:55:0b:b2:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jan 16 08:38:28 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f24c0c19c0b37065f177beaa4bbf296a5288223a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:bf:a0:bf:94:41:aa:fc:ac:8f:75:44:47:99:
                    64:2c:63:f1:a0:78:95:6b:af:01:22:6b:9f:99:46:
                    86:eb:7b:d7:8c:6b:7a:d5:50:e0:22:cd:57:36:3f:
                    36:5a:d2:ec:3b:89:28:42:9d:95:c4:6b:39:83:ca:
                    2b:a8:65:c1:b8:db:1b:83:e7:c2:24:b1:03:a5:05:
                    5c:22:6b:3c:a4:da:d3:06:19:fb:be:f4:14:8a:ac:
                    08:d9:a6:51:cb:b7:79:4a:7e:26:01:dd:cb:a6:20:
                    e8:fd:0c:b9:d1:9f:1f:ca:0d:ce:a4:62:eb:c9:db:
                    82:3d:35:76:45:53:31:0f:8e:f8:ce:a3:d9:19:26:
                    2a:6d:de:04:53:08:b7:d3:f4:85:c7:32:f5:d9:d2:
                    f0:82:ab:50:d4:a3:cd:a7:3c:a8:84:13:af:b4:e8:
                    95:6d:04:40:37:a0:e1:58:de:ac:ca:f9:f3:3d:6a:
                    1e:d0:4f:5f:00:bb:e7:35:29:7f:ef:0c:3d:7e:46:
                    68:e2:10:7c:61:94:d0:0d:a7:5b:cd:2e:f7:4c:e7:
                    2c:44:6b:31:4a:39:cc:9d:8e:da:72:63:11:a9:b6:
                    9c:06:14:3b:a8:7a:cd:6e:42:bc:b6:02:47:1b:bc:
                    85:e8:fb:ad:d2:df:20:bf:a7:de:f3:fd:85:21:0d:
                    dd:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:4C:0C:19:C0:B3:70:65:F1:77:BE:AA:4B:BF:29:6A:52:88:22:3A
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/8kwMGcCzcGXxd76qS78palKIIjo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.5.156.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8b:4b:ce:83:6f:41:54:06:f3:b7:bd:0e:90:97:49:c7:9c:ef:
         5b:91:77:9c:4c:84:b3:31:21:35:1a:5e:46:93:d7:ba:c7:2b:
         cb:aa:ad:92:26:1b:6b:44:b6:30:ae:b1:65:e3:4e:46:81:e8:
         1d:15:f9:2e:8a:65:e8:c5:16:ba:de:74:a0:01:82:b8:1d:43:
         b1:84:d1:f9:fa:c4:b2:65:35:bb:6c:71:96:01:f5:e7:5b:f8:
         5e:9e:6d:e9:e7:11:a4:2e:05:9a:d7:6f:5b:5f:74:08:9c:4c:
         8d:82:42:72:3e:fc:8a:18:2a:ea:da:8a:7d:ed:56:48:f4:d3:
         fc:d0:0b:4d:c1:aa:66:13:52:1d:0c:5b:dc:80:28:10:c1:42:
         4e:7b:81:7e:81:88:c4:33:65:95:06:5d:0e:8a:33:bb:f7:c5:
         7f:4d:fd:45:11:cc:cd:ea:dc:b0:f6:77:3d:59:a2:0f:d1:13:
         45:08:75:5e:be:4c:58:83:5f:42:04:4f:48:67:15:bb:75:26:
         38:bb:7e:f3:e6:79:69:4d:ec:7b:ee:75:22:2e:8a:aa:b5:ac:
         99:cb:60:b9:b8:19:27:50:a1:a8:58:b2:e6:af:e7:97:d5:e2:
         8e:da:df:c1:79:b4:57:7d:65:b1:50:d2:73:a2:3f:83:1e:8f:
         19:fe:55:ac
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYW5utjTwsnc5gTBFV9VC7KBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwMTE2MDgzODI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjRjMGMxOWMwYjM3MDY1ZjE3N2JlYWE0YmJmMjk2YTUyODgyMjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi7+gv5RBqvysj3VER5lkLGPxoHiV
a68BImufmUaG63vXjGt61VDgIs1XNj82WtLsO4koQp2VxGs5g8orqGXBuNsbg+fC
JLEDpQVcIms8pNrTBhn7vvQUiqwI2aZRy7d5Sn4mAd3LpiDo/Qy50Z8fyg3OpGLr
yduCPTV2RVMxD474zqPZGSYqbd4EUwi30/SFxzL12dLwgqtQ1KPNpzyohBOvtOiV
bQRAN6DhWN6syvnzPWoe0E9fALvnNSl/7ww9fkZo4hB8YZTQDadbzS73TOcsRGsx
SjnMnY7acmMRqbacBhQ7qHrNbkK8tgJHG7yF6Put0t8gv6fe8/2FIQ3d6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPJMDBnAs3Bl8Xe+qku/KWpSiCI6MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvOGt3TUdjQ3pjR1h4ZDc2cVM3OHBhbEtJSWpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUQWcMA0G
CSqGSIb3DQEBCwUAA4IBAQCLS86Db0FUBvO3vQ6Ql0nHnO9bkXecTISzMSE1Gl5G
k9e6xyvLqq2SJhtrRLYwrrFl405GgegdFfkuimXoxRa63nSgAYK4HUOxhNH5+sSy
ZTW7bHGWAfXnW/henm3p5xGkLgWa129bX3QInEyNgkJyPvyKGCrq2op97VZI9NP8
0AtNwapmE1IdDFvcgCgQwUJOe4F+gYjEM2WVBl0OijO798V/Tf1FEczN6tyw9nc9
WaIP0RNFCHVevkxYg19CBE9IZxW7dSY4u37z5nlpTex77nUiLoqqtayZy2C5uBkn
UKGoWLLmr+eX1eKO2t/BebRXfWWxUNJzoj+DHo8Z/lWs
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:20 2024 by rpki-client on console-ams.rpki-client.org