Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/A7_CihrViUp49aFY7OuBjjbxhX4.roa
File:                     A7_CihrViUp49aFY7OuBjjbxhX4.roa (raw, json)
Hash identifier:          132wfgZQBkSn+YKIJsCIe6I3hJ1IXQj91j8T41E4tj0=
Subject key identifier:   03:BF:C2:8A:1A:D5:89:4A:78:F5:A1:58:EC:EB:81:8E:36:F1:85:7E
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018CC3496445C2F8F43C1E885A9143F317D5
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/A7_CihrViUp49aFY7OuBjjbxhX4.roa
Signing time:             Mon 01 Jan 2024 04:30:16 +0000
ROA not before:           Mon 01 Jan 2024 04:30:16 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     215813
IP address blocks:        81.168.126.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 18 Mar 2024 10:06:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:49:64:45:c2:f8:f4:3c:1e:88:5a:91:43:f3:17:d5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jan  1 04:30:16 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=03bfc28a1ad5894a78f5a158eceb818e36f1857e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:b0:33:4c:93:ee:78:bc:fb:5d:5e:13:3c:8a:
                    e1:ae:35:c5:65:e9:a4:29:4f:97:3f:de:07:86:72:
                    58:af:4e:56:79:22:fb:71:47:b6:8d:88:86:85:4b:
                    ec:46:21:a2:79:66:f7:ed:90:d9:3a:8f:06:ec:69:
                    20:42:2b:9d:86:d8:4c:4a:13:81:8e:1d:9e:54:5e:
                    c8:cd:ba:2c:86:50:63:50:fd:f6:0a:0a:fb:b9:37:
                    c1:60:5a:75:97:64:f1:47:3d:a0:de:6f:27:68:da:
                    1c:e7:a2:2d:98:ba:79:fa:c3:53:b2:10:b4:a9:81:
                    18:ee:98:11:0d:b5:8e:ad:2a:6e:15:bf:05:a4:3f:
                    70:46:44:05:04:a2:31:e4:11:74:c3:8e:94:01:90:
                    e5:11:cb:10:f8:83:73:69:30:e0:b0:96:77:94:9b:
                    e6:37:5f:ac:08:fe:a8:93:d6:4e:59:2d:4f:ec:66:
                    27:fb:e4:35:11:d8:d4:9f:a5:8e:4e:7c:c0:c8:29:
                    c6:c2:1e:76:cf:6c:3b:17:65:38:e4:56:e9:20:dd:
                    a2:8f:88:06:fa:b4:2b:d0:07:c9:19:c5:39:1e:58:
                    4e:bf:dd:31:45:30:fa:2a:5f:23:b6:6b:04:2f:cf:
                    90:a8:ac:0e:8d:6c:77:ee:af:dc:eb:f0:96:dd:1d:
                    89:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:BF:C2:8A:1A:D5:89:4A:78:F5:A1:58:EC:EB:81:8E:36:F1:85:7E
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/A7_CihrViUp49aFY7OuBjjbxhX4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.168.126.0/24

    Signature Algorithm: sha256WithRSAEncryption
         67:74:30:67:00:2e:f3:0c:7e:a1:6a:71:bd:26:08:69:bd:ef:
         4b:68:87:70:03:d9:13:70:3b:9a:1b:88:51:d2:06:80:f0:96:
         42:b0:68:59:48:6f:74:f6:15:b1:09:38:8e:70:85:cb:8a:61:
         9f:24:fa:01:86:0c:d0:b5:da:43:00:a8:da:90:3b:fc:d6:df:
         c8:0c:7a:cc:71:e0:8b:12:a3:3e:38:3d:2f:77:ca:5f:44:bc:
         61:37:67:44:ec:74:2d:9c:c2:ae:82:dc:fe:5a:d1:6e:ad:a1:
         66:24:f0:f1:ff:48:12:32:41:2a:2e:7b:72:2d:0a:75:9d:e7:
         c8:c4:fb:64:bb:5e:4e:64:48:96:a3:86:fa:87:27:ba:d3:04:
         38:c2:97:f4:5a:af:67:3e:d2:af:74:df:64:fe:45:e3:c2:72:
         d4:b0:b3:ec:0e:b6:54:85:86:fe:ec:79:1d:c9:1f:41:76:2e:
         64:6c:d4:ad:d5:c6:06:d2:f0:7c:00:d2:5d:82:d5:9f:b5:7c:
         7a:47:87:1e:4e:d3:1f:1f:56:a4:9c:58:df:2b:11:38:d3:ff:
         88:ba:01:40:cf:2a:7a:9e:e9:f9:36:f9:ea:93:48:9c:00:30:
         2a:58:59:a0:73:aa:a5:fb:89:65:7b:18:9a:7f:86:e4:57:47:
         71:8d:2a:bf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSWRFwvj0PB6IWpFD8xfVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMTAxMDQzMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2JmYzI4YTFhZDU4OTRhNzhmNWExNThlY2ViODE4ZTM2ZjE4NTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwbAzTJPueLz7XV4TPIrhrjXFZemk
KU+XP94HhnJYr05WeSL7cUe2jYiGhUvsRiGieWb37ZDZOo8G7GkgQiudhthMShOB
jh2eVF7IzboshlBjUP32Cgr7uTfBYFp1l2TxRz2g3m8naNoc56ItmLp5+sNTshC0
qYEY7pgRDbWOrSpuFb8FpD9wRkQFBKIx5BF0w46UAZDlEcsQ+INzaTDgsJZ3lJvm
N1+sCP6ok9ZOWS1P7GYn++Q1EdjUn6WOTnzAyCnGwh52z2w7F2U45FbpIN2ij4gG
+rQr0AfJGcU5HlhOv90xRTD6Kl8jtmsEL8+QqKwOjWx37q/c6/CW3R2J3wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAO/wooa1YlKePWhWOzrgY428YV+MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvQTdfQ2loclZpVXA0OWFGWTdPdUJqamJ4aFg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUah+MA0G
CSqGSIb3DQEBCwUAA4IBAQBndDBnAC7zDH6hanG9Jghpve9LaIdwA9kTcDuaG4hR
0gaA8JZCsGhZSG909hWxCTiOcIXLimGfJPoBhgzQtdpDAKjakDv81t/IDHrMceCL
EqM+OD0vd8pfRLxhN2dE7HQtnMKugtz+WtFuraFmJPDx/0gSMkEqLntyLQp1nefI
xPtku15OZEiWo4b6hye60wQ4wpf0Wq9nPtKvdN9k/kXjwnLUsLPsDrZUhYb+7Hkd
yR9Bdi5kbNSt1cYG0vB8ANJdgtWftXx6R4ceTtMfH1aknFjfKxE40/+IugFAzyp6
nun5Nvnqk0icADAqWFmgc6ql+4llexiaf4bkV0dxjSq/
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:20 2024 by rpki-client on console-ams.rpki-client.org