Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/AOTclR1aabGodLmofwvoXa9kWj8.roa
File:                     AOTclR1aabGodLmofwvoXa9kWj8.roa (raw, json)
Hash identifier:          UGNYXLXuNzPJJchy5JYiaFvWlh0XDPvfurzeqaZsVHw=
Subject key identifier:   00:E4:DC:95:1D:5A:69:B1:A8:74:B9:A8:7F:0B:E8:5D:AF:64:5A:3F
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       01860C25A947A827C10E63FF4A2AA2830BD6
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/AOTclR1aabGodLmofwvoXa9kWj8.roa
Signing time:             Wed 01 Feb 2023 08:44:00 +0000
ROA not before:           Wed 01 Feb 2023 08:44:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     49981
IP address blocks:        81.168.41.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 05 Jun 2023 08:04:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:0c:25:a9:47:a8:27:c1:0e:63:ff:4a:2a:a2:83:0b:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Feb  1 08:44:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=00e4dc951d5a69b1a874b9a87f0be85daf645a3f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:15:9f:aa:a2:db:f6:c6:90:52:d9:6d:24:ea:
                    83:f4:c8:74:e8:48:b8:57:82:16:61:ed:62:35:f6:
                    63:09:c7:a8:64:2b:81:02:83:5f:df:7a:15:9c:48:
                    ec:6b:8c:0b:d8:5a:95:12:1f:30:bb:9d:85:ba:f4:
                    6f:2f:fa:19:ac:66:6e:7b:27:17:be:30:17:b6:39:
                    ef:3e:f4:f1:09:c0:af:6e:06:7e:7e:9b:b6:0b:32:
                    59:3e:97:c0:95:73:e1:cc:41:a5:ca:7b:62:60:5a:
                    85:f0:fd:0d:a2:a6:bb:91:49:fd:c9:5e:da:8b:9d:
                    71:98:1e:64:95:70:58:4a:41:6d:ac:a3:07:66:92:
                    44:07:6f:c9:7c:77:a5:c4:ce:a3:23:59:35:aa:a0:
                    e1:98:54:ab:22:f5:55:77:9b:53:77:91:b3:ec:95:
                    87:e2:da:b0:7e:22:4a:4b:c8:46:26:bc:3a:a6:f9:
                    ad:0f:df:82:21:e9:63:8c:23:c9:02:9c:f0:f1:02:
                    a5:08:06:a5:17:03:fb:58:9e:fb:b7:7f:cb:5f:d2:
                    1b:9e:c1:1b:e7:6d:70:0a:98:0c:37:e5:07:ef:87:
                    5a:4e:3a:69:13:89:7c:54:97:6c:31:24:cb:be:43:
                    20:eb:92:b9:3f:04:50:be:e0:f8:c4:7a:a6:8c:61:
                    53:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:E4:DC:95:1D:5A:69:B1:A8:74:B9:A8:7F:0B:E8:5D:AF:64:5A:3F
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/AOTclR1aabGodLmofwvoXa9kWj8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.168.41.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6b:e8:c1:7b:33:9b:da:46:e2:63:5c:54:fe:43:7a:e6:53:be:
         d6:82:65:7f:e5:a8:79:5a:9f:86:94:d0:88:ba:6d:ad:75:d9:
         32:7e:d7:b6:a1:98:77:43:df:26:88:b2:47:e5:80:cb:92:b7:
         e0:67:a0:ee:dc:72:04:39:5d:16:e5:61:47:f0:76:d2:ac:34:
         bd:48:94:c4:69:10:c4:69:24:81:58:70:52:cf:5d:4e:49:ee:
         a9:ef:d9:82:b0:23:c5:90:65:f5:71:9e:72:c3:05:19:2a:57:
         92:09:0c:e0:09:27:9a:34:68:54:58:60:cc:75:3c:31:6b:a7:
         35:c6:3b:53:f7:15:48:b7:8e:fc:cf:fd:6d:48:6a:c5:96:81:
         9e:3b:93:ef:bb:63:40:f5:34:d5:04:f8:78:94:b0:7b:2a:77:
         8f:8f:ed:1a:7d:8a:3e:25:6c:99:0a:05:31:ef:c2:62:e8:39:
         5f:4b:6b:4b:cc:be:42:d7:55:cc:41:39:d9:d5:64:22:1e:86:
         e1:bc:ac:45:c6:73:11:94:2d:06:87:12:80:2f:17:a0:17:7f:
         6b:8c:77:36:06:52:2d:2b:55:f8:1d:e9:43:1c:d8:da:f1:5d:
         2e:48:63:c5:b8:ff:70:5d:d4:7b:19:ab:62:92:9f:a3:1c:b2:
         bc:aa:39:23
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYYMJalHqCfBDmP/SiqigwvWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwMjAxMDg0NDAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGU0ZGM5NTFkNWE2OWIxYTg3NGI5YTg3ZjBiZTg1ZGFmNjQ1YTNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwRWfqqLb9saQUtltJOqD9Mh06Ei4
V4IWYe1iNfZjCceoZCuBAoNf33oVnEjsa4wL2FqVEh8wu52FuvRvL/oZrGZueycX
vjAXtjnvPvTxCcCvbgZ+fpu2CzJZPpfAlXPhzEGlyntiYFqF8P0Noqa7kUn9yV7a
i51xmB5klXBYSkFtrKMHZpJEB2/JfHelxM6jI1k1qqDhmFSrIvVVd5tTd5Gz7JWH
4tqwfiJKS8hGJrw6pvmtD9+CIeljjCPJApzw8QKlCAalFwP7WJ77t3/LX9IbnsEb
521wCpgMN+UH74daTjppE4l8VJdsMSTLvkMg65K5PwRQvuD4xHqmjGFTFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFADk3JUdWmmxqHS5qH8L6F2vZFo/MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvQU9UY2xSMWFhYkdvZExtb2Z3dm9YYTlrV2o4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUagpMA0G
CSqGSIb3DQEBCwUAA4IBAQBr6MF7M5vaRuJjXFT+Q3rmU77WgmV/5ah5Wp+GlNCI
um2tddkyfte2oZh3Q98miLJH5YDLkrfgZ6Du3HIEOV0W5WFH8HbSrDS9SJTEaRDE
aSSBWHBSz11OSe6p79mCsCPFkGX1cZ5ywwUZKleSCQzgCSeaNGhUWGDMdTwxa6c1
xjtT9xVIt478z/1tSGrFloGeO5Pvu2NA9TTVBPh4lLB7KnePj+0afYo+JWyZCgUx
78Ji6DlfS2tLzL5C11XMQTnZ1WQiHobhvKxFxnMRlC0GhxKALxegF39rjHc2BlIt
K1X4HelDHNja8V0uSGPFuP9wXdR7Gatikp+jHLK8qjkj
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:14 2024 by rpki-client on console-fra.rpki-client.org