Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/DbDM29r-BhGYb3csBKMgUeE6fhM.roa
File:                     DbDM29r-BhGYb3csBKMgUeE6fhM.roa (raw, json)
Hash identifier:          1SZonmjsJCk5eCFJNMq7G3pEnwJftTUhVAeLTW3wAC4=
Subject key identifier:   0D:B0:CC:DB:DA:FE:06:11:98:6F:77:2C:04:A3:20:51:E1:3A:7E:13
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018BA39078D0ED1FCC7F0CEE9F2416BE6369
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/DbDM29r-BhGYb3csBKMgUeE6fhM.roa
Signing time:             Mon 06 Nov 2023 07:37:16 +0000
ROA not before:           Mon 06 Nov 2023 07:37:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     20473
IP address blocks:        81.5.189.0/24 maxlen: 24
                          82.153.65.0/24 maxlen: 24
                          82.152.49.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 29 Nov 2023 14:04:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:a3:90:78:d0:ed:1f:cc:7f:0c:ee:9f:24:16:be:63:69
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Nov  6 07:37:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0db0ccdbdafe0611986f772c04a32051e13a7e13
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:cd:33:92:dc:30:d6:d6:19:bd:58:20:05:68:
                    04:69:f8:b0:7a:ee:4e:8c:4f:23:3d:a6:77:35:85:
                    7d:82:a5:67:cc:3b:27:f8:50:96:96:3b:17:fa:cc:
                    71:66:e0:7d:0d:fd:49:73:df:95:9b:94:aa:3f:37:
                    01:dc:1f:c8:0a:63:09:24:25:71:b0:0d:ba:cf:ab:
                    ab:d8:35:78:6d:44:c7:26:81:6b:02:e5:b6:6d:2a:
                    53:be:d4:92:05:67:35:93:b6:c4:63:05:26:e3:73:
                    e3:85:56:a5:30:a8:12:02:20:03:51:32:f6:5a:12:
                    a7:26:03:c4:53:4e:2b:44:22:43:07:33:6e:1c:b3:
                    5c:70:fb:3c:6d:5b:95:11:4f:df:5f:99:6c:1b:03:
                    25:29:ad:e1:f0:41:be:6d:30:0d:ad:05:09:b4:9f:
                    c7:18:5f:ab:22:43:f9:33:47:ea:1c:d4:f5:93:89:
                    33:83:bd:6e:94:77:91:43:78:8c:2a:fc:1b:8f:1f:
                    49:20:fe:4d:0f:71:7f:d1:ba:aa:09:bf:f4:5b:ec:
                    b5:62:fe:25:34:1d:6d:48:7d:2f:08:96:2d:1b:ec:
                    3a:81:32:cd:eb:9c:85:a8:2e:1b:12:de:a7:37:e0:
                    fd:aa:0b:8a:47:28:48:21:d4:48:5b:3a:21:28:c1:
                    5c:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:B0:CC:DB:DA:FE:06:11:98:6F:77:2C:04:A3:20:51:E1:3A:7E:13
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/DbDM29r-BhGYb3csBKMgUeE6fhM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.5.189.0/24
                  82.152.49.0/24
                  82.153.65.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7a:12:c7:99:4e:20:2d:46:96:3c:73:95:6a:38:be:d6:68:a7:
         75:d2:bd:6a:10:03:41:7e:ef:b9:35:d7:08:86:8a:cb:c6:23:
         df:e0:34:f9:09:f9:10:5d:15:fd:52:d8:c0:0f:73:38:1b:ec:
         f1:50:ce:5b:d6:ac:4f:87:da:5b:c7:e7:2c:a5:82:29:3c:84:
         38:ed:79:22:1d:3e:fd:bb:94:98:79:e4:1c:d3:64:4c:87:41:
         d7:22:8b:7a:24:c6:b9:47:a9:40:7a:7b:f8:1e:2c:00:98:a3:
         15:bf:45:f4:a3:cf:56:1c:aa:de:c6:25:7c:76:2b:cc:41:d9:
         7a:a9:68:f2:de:a3:c2:c9:12:7c:37:2d:0c:04:59:ed:64:1b:
         37:16:fc:89:f0:bf:0c:66:10:36:af:85:fc:f8:bc:86:46:08:
         f7:27:bc:82:3f:75:c8:13:93:cc:78:b6:55:7b:9b:fa:74:a7:
         2f:6e:c1:93:05:d7:0d:f6:6d:5d:d2:5b:8c:07:26:ed:71:45:
         55:45:3d:e5:58:d1:8c:fe:2c:50:78:a2:68:c5:dd:15:a1:6a:
         3b:9f:ef:73:cb:bc:9d:fc:4a:c8:91:65:d8:48:42:e8:ee:09:
         84:11:e8:60:8e:0f:e8:83:05:e9:7e:1c:89:18:3b:8d:8b:41:
         67:50:86:87
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYujkHjQ7R/MfwzunyQWvmNpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMxMTA2MDczNzE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGIwY2NkYmRhZmUwNjExOTg2Zjc3MmMwNGEzMjA1MWUxM2E3ZTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp80zktww1tYZvVggBWgEafiweu5O
jE8jPaZ3NYV9gqVnzDsn+FCWljsX+sxxZuB9Df1Jc9+Vm5SqPzcB3B/ICmMJJCVx
sA26z6ur2DV4bUTHJoFrAuW2bSpTvtSSBWc1k7bEYwUm43PjhValMKgSAiADUTL2
WhKnJgPEU04rRCJDBzNuHLNccPs8bVuVEU/fX5lsGwMlKa3h8EG+bTANrQUJtJ/H
GF+rIkP5M0fqHNT1k4kzg71ulHeRQ3iMKvwbjx9JIP5ND3F/0bqqCb/0W+y1Yv4l
NB1tSH0vCJYtG+w6gTLN65yFqC4bEt6nN+D9qguKRyhIIdRIWzohKMFc0QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFA2wzNva/gYRmG93LASjIFHhOn4TMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvRGJETTI5ci1CaEdZYjNjc0JLTWdVZUU2ZmhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUQW9AwQA
UpgxAwQAUplBMA0GCSqGSIb3DQEBCwUAA4IBAQB6EseZTiAtRpY8c5VqOL7WaKd1
0r1qEANBfu+5NdcIhorLxiPf4DT5CfkQXRX9UtjAD3M4G+zxUM5b1qxPh9pbx+cs
pYIpPIQ47XkiHT79u5SYeeQc02RMh0HXIot6JMa5R6lAenv4HiwAmKMVv0X0o89W
HKrexiV8divMQdl6qWjy3qPCyRJ8Ny0MBFntZBs3FvyJ8L8MZhA2r4X8+LyGRgj3
J7yCP3XIE5PMeLZVe5v6dKcvbsGTBdcN9m1d0luMBybtcUVVRT3lWNGM/ixQeKJo
xd0VoWo7n+9zy7yd/ErIkWXYSELo7gmEEehgjg/ogwXpfhyJGDuNi0FnUIaH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:14 2024 by rpki-client on console-fra.rpki-client.org