Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/LDkpRuNuzCdNMC6ivMDpF--8KG4.roa
File:                     LDkpRuNuzCdNMC6ivMDpF--8KG4.roa (raw, json)
Hash identifier:          pGkKQus/u/cEXvn7X8HJl8EJpGAJ7IX3mAAhz7Bw/Z4=
Subject key identifier:   2C:39:29:46:E3:6E:CC:27:4D:30:2E:A2:BC:C0:E9:17:EF:BC:28:6E
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       01864F37ED91696BC23250A080A027AB5F4D
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/LDkpRuNuzCdNMC6ivMDpF--8KG4.roa
Signing time:             Tue 14 Feb 2023 09:18:30 +0000
ROA not before:           Tue 14 Feb 2023 09:18:30 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204843
IP address blocks:        81.5.191.0/24 maxlen: 24
                          82.153.242.0/24 maxlen: 24
                          82.153.65.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 24 Feb 2023 11:18:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:4f:37:ed:91:69:6b:c2:32:50:a0:80:a0:27:ab:5f:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Feb 14 09:18:30 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2c392946e36ecc274d302ea2bcc0e917efbc286e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:0d:ab:04:83:63:ca:be:2d:4b:b6:13:9a:66:
                    3b:f3:10:e8:78:d7:a5:ff:64:49:80:89:3e:8a:e7:
                    3f:59:2e:f5:03:3c:16:5a:47:68:4d:2b:42:7b:68:
                    b7:f9:46:ba:ca:a1:2a:01:84:51:80:31:38:a3:04:
                    2a:d5:84:9a:92:47:59:5f:55:66:42:f7:0f:97:8d:
                    70:d8:04:cb:2f:42:19:ed:9b:37:52:c6:9a:a4:f1:
                    a7:6d:c5:0c:b9:34:d9:01:54:71:e0:49:42:ec:3b:
                    0f:04:12:92:89:b6:46:e4:d2:ef:de:94:88:1f:cf:
                    b5:4b:1e:bf:33:86:0a:90:ff:b2:b2:16:d0:cc:fd:
                    f2:90:4b:92:91:76:f6:ab:90:ee:a6:56:e9:a3:cf:
                    33:74:e1:da:0e:f6:e2:0f:e7:1c:bf:8b:1a:f5:66:
                    ea:f6:41:0d:67:09:97:06:64:0d:3e:4d:73:87:34:
                    1b:a0:22:19:6b:09:26:e9:41:5d:22:02:62:65:8d:
                    2c:86:9d:ac:5f:8b:7e:2c:fb:78:a7:42:88:79:32:
                    f1:40:58:8d:89:8c:9a:f2:2e:b9:8d:1c:10:51:8c:
                    95:e2:3f:d4:98:59:0f:41:8e:75:36:81:e1:bf:1b:
                    61:a0:32:26:87:1e:61:99:cc:b6:32:bd:be:91:16:
                    9e:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:39:29:46:E3:6E:CC:27:4D:30:2E:A2:BC:C0:E9:17:EF:BC:28:6E
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/LDkpRuNuzCdNMC6ivMDpF--8KG4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.5.191.0/24
                  82.153.65.0/24
                  82.153.242.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5e:d7:4c:9a:22:bf:7c:9a:c2:d9:b8:7e:05:95:30:a0:c8:af:
         8b:19:47:46:15:68:22:88:c1:5b:b0:7a:89:ef:0d:e9:cf:b5:
         16:f5:a3:6f:27:60:74:0e:16:7e:c8:ee:1a:c2:96:33:a7:a9:
         1b:ad:38:52:e7:10:aa:9c:ff:50:a1:34:a4:be:13:75:dc:61:
         eb:c2:7f:97:23:c0:3a:fd:6f:50:92:bc:c5:7a:4a:d4:74:50:
         61:92:e4:93:59:de:20:00:ca:85:7e:a3:59:a0:7f:dd:ec:c2:
         49:1c:44:5b:19:57:47:1f:ed:ab:2a:59:f5:df:9a:13:05:21:
         9a:3c:f9:5e:10:4f:7d:f5:64:39:9f:d4:ea:fd:38:65:9c:cd:
         75:06:9c:b5:bd:57:8d:8e:2e:0f:43:f1:6b:2d:b9:c2:cf:1d:
         14:41:30:71:4e:c0:02:ed:46:9d:30:87:6e:7c:a1:6a:36:0c:
         aa:53:e7:5e:9c:05:ae:3a:5d:4c:a6:96:ce:be:a1:21:b8:c2:
         2d:bc:13:9c:8b:ce:d6:e7:da:66:30:78:86:5a:9e:8c:aa:a2:
         4d:2a:15:a1:4c:aa:97:ea:da:0c:39:43:b5:29:bc:9f:ae:ca:
         2e:da:09:50:6f:72:95:13:d0:14:63:98:2f:5c:e8:d1:95:d3:
         a4:c0:25:d0
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYZPN+2RaWvCMlCggKAnq19NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwMjE0MDkxODMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzM5Mjk0NmUzNmVjYzI3NGQzMDJlYTJiY2MwZTkxN2VmYmMyODZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjg2rBINjyr4tS7YTmmY78xDoeNel
/2RJgIk+iuc/WS71AzwWWkdoTStCe2i3+Ua6yqEqAYRRgDE4owQq1YSakkdZX1Vm
QvcPl41w2ATLL0IZ7Zs3UsaapPGnbcUMuTTZAVRx4ElC7DsPBBKSibZG5NLv3pSI
H8+1Sx6/M4YKkP+yshbQzP3ykEuSkXb2q5Duplbpo88zdOHaDvbiD+ccv4sa9Wbq
9kENZwmXBmQNPk1zhzQboCIZawkm6UFdIgJiZY0shp2sX4t+LPt4p0KIeTLxQFiN
iYya8i65jRwQUYyV4j/UmFkPQY51NoHhvxthoDImhx5hmcy2Mr2+kRae0wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCw5KUbjbswnTTAuorzA6RfvvChuMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvTERrcFJ1TnV6Q2ROTUM2aXZNRHBGLS04S0c0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUQW/AwQA
UplBAwQAUpnyMA0GCSqGSIb3DQEBCwUAA4IBAQBe10yaIr98msLZuH4FlTCgyK+L
GUdGFWgiiMFbsHqJ7w3pz7UW9aNvJ2B0DhZ+yO4awpYzp6kbrThS5xCqnP9QoTSk
vhN13GHrwn+XI8A6/W9QkrzFekrUdFBhkuSTWd4gAMqFfqNZoH/d7MJJHERbGVdH
H+2rKln135oTBSGaPPleEE999WQ5n9Tq/ThlnM11Bpy1vVeNji4PQ/FrLbnCzx0U
QTBxTsAC7UadMIdufKFqNgyqU+denAWuOl1MppbOvqEhuMItvBOci87W59pmMHiG
Wp6MqqJNKhWhTKqX6toMOUO1Kbyfrsou2glQb3KVE9AUY5gvXOjRldOkwCXQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:15 2024 by rpki-client on console-fra.rpki-client.org