Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/OQYOm8mVYWcs3pw8rikiMoOoRW0.roa
File:                     OQYOm8mVYWcs3pw8rikiMoOoRW0.roa (raw, json)
Hash identifier:          u8XDfbb9JBvsityS3oTrz19x4o+embHLlZP8zTpau4o=
Subject key identifier:   39:06:0E:9B:C9:95:61:67:2C:DE:9C:3C:AE:29:22:32:83:A8:45:6D
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018945A6E0BF51195443EB6E813DCC9FE2AB
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/OQYOm8mVYWcs3pw8rikiMoOoRW0.roa
Signing time:             Tue 11 Jul 2023 15:51:51 +0000
ROA not before:           Tue 11 Jul 2023 15:51:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     206509
IP address blocks:        81.168.0.0/17 maxlen: 17
                          109.176.0.0/16 maxlen: 16
                          81.5.128.0/18 maxlen: 18
                          82.152.0.0/15 maxlen: 15
                          213.152.32.0/19 maxlen: 19
                          109.176.253.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 12 Jul 2023 14:21:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:45:a6:e0:bf:51:19:54:43:eb:6e:81:3d:cc:9f:e2:ab
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jul 11 15:51:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=39060e9bc99561672cde9c3cae29223283a8456d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:9b:f0:52:6b:e9:99:a9:81:02:45:1c:9d:15:
                    1c:04:f3:1a:bf:6b:89:67:26:42:ec:5d:98:17:a2:
                    ec:e4:ff:56:5e:56:73:07:cc:50:34:90:5c:89:1b:
                    e4:31:f0:88:a0:b7:35:d5:1d:9b:19:45:6c:4d:c1:
                    c8:0d:3c:b2:75:0e:ac:49:47:f5:44:53:d1:eb:ac:
                    eb:9c:f7:93:77:40:94:6d:d8:69:71:50:ba:76:ec:
                    ed:b0:9a:07:9a:f0:c3:c7:55:0b:e2:41:58:d8:4a:
                    62:7e:4a:7a:b0:eb:23:f3:b9:b4:6a:3b:de:80:51:
                    84:07:25:46:5e:3d:6f:38:0c:c0:84:a6:ee:a9:4d:
                    69:58:d0:48:5a:f3:b0:20:1d:3a:bc:1f:a0:69:1e:
                    78:57:4f:de:5c:7e:54:a0:7b:2f:1c:24:78:7f:62:
                    18:d3:ac:fe:17:cc:5a:17:b7:f5:df:10:cb:9e:aa:
                    a2:1f:c2:fb:53:54:99:6f:d5:1a:a5:89:ae:8b:cd:
                    54:c1:84:b8:e7:b0:d9:9b:22:ec:4d:f0:4c:4b:4f:
                    fe:a5:8a:2b:ab:59:62:97:42:5c:1c:2a:17:19:3f:
                    17:88:b0:c2:34:5a:b3:0a:be:d2:25:f4:4c:97:15:
                    82:b6:e2:6c:67:82:b2:d8:2a:b9:bf:72:8a:a7:fd:
                    ba:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:06:0E:9B:C9:95:61:67:2C:DE:9C:3C:AE:29:22:32:83:A8:45:6D
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/OQYOm8mVYWcs3pw8rikiMoOoRW0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.5.128.0/18
                  81.168.0.0/17
                  82.152.0.0/15
                  109.176.0.0/16
                  213.152.32.0/19

    Signature Algorithm: sha256WithRSAEncryption
         ad:70:12:ae:db:23:13:66:47:dd:53:b5:33:ba:50:ee:59:77:
         fd:5a:a8:4b:59:3a:f4:0c:6f:2f:11:d5:aa:2d:4c:73:95:d5:
         34:cd:93:42:15:ec:52:ec:9f:d5:1f:dd:9e:12:29:fd:73:d3:
         e5:7a:87:e5:ca:09:fb:ad:13:5f:fa:05:ba:4c:ed:66:a6:01:
         24:30:c6:45:b0:2d:5a:95:d2:1f:3a:26:5c:4e:e7:cb:d9:f0:
         af:7b:14:86:07:fd:6f:4e:91:ad:25:33:3e:9f:ab:05:bf:c9:
         3c:7b:29:a3:c6:8c:31:20:eb:a0:0c:51:01:69:f1:64:22:44:
         8b:b3:5a:c8:08:90:f6:e8:2f:77:46:33:fb:a2:d8:7f:da:98:
         8e:ac:38:2e:88:e1:f4:be:14:f5:78:99:87:da:8b:f2:85:96:
         31:60:09:0a:05:33:07:73:92:15:10:44:ec:2c:46:b1:71:69:
         76:fc:75:e9:a7:1a:6f:0b:38:79:c4:85:a1:e2:13:fe:e2:17:
         db:5d:d3:a1:1c:56:d9:3d:c6:f2:98:8a:27:9b:80:55:25:22:
         01:ed:aa:21:5f:34:28:4d:ef:d5:6a:d7:47:78:b8:f2:56:d5:
         9c:fb:50:29:76:8f:57:f1:22:ae:70:c5:1c:4d:0d:55:26:95:
         79:72:c8:48
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYlFpuC/URlUQ+tugT3Mn+KrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNzExMTU1MTUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTA2MGU5YmM5OTU2MTY3MmNkZTljM2NhZTI5MjIzMjgzYTg0NTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkJvwUmvpmamBAkUcnRUcBPMav2uJ
ZyZC7F2YF6Ls5P9WXlZzB8xQNJBciRvkMfCIoLc11R2bGUVsTcHIDTyydQ6sSUf1
RFPR66zrnPeTd0CUbdhpcVC6duztsJoHmvDDx1UL4kFY2Epifkp6sOsj87m0ajve
gFGEByVGXj1vOAzAhKbuqU1pWNBIWvOwIB06vB+gaR54V0/eXH5UoHsvHCR4f2IY
06z+F8xaF7f13xDLnqqiH8L7U1SZb9UapYmui81UwYS457DZmyLsTfBMS0/+pYor
q1lil0JcHCoXGT8XiLDCNFqzCr7SJfRMlxWCtuJsZ4Ky2Cq5v3KKp/267wIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFDkGDpvJlWFnLN6cPK4pIjKDqEVtMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvT1FZT204bVZZV2NzM3B3OHJpa2lNb09vUlcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcAwQGUQWAAwQH
UagAAwMBUpgDAwBtsAMEBdWYIDANBgkqhkiG9w0BAQsFAAOCAQEArXASrtsjE2ZH
3VO1M7pQ7ll3/VqoS1k69AxvLxHVqi1Mc5XVNM2TQhXsUuyf1R/dnhIp/XPT5XqH
5coJ+60TX/oFukztZqYBJDDGRbAtWpXSHzomXE7ny9nwr3sUhgf9b06RrSUzPp+r
Bb/JPHspo8aMMSDroAxRAWnxZCJEi7NayAiQ9ugvd0Yz+6LYf9qYjqw4Lojh9L4U
9XiZh9qL8oWWMWAJCgUzB3OSFRBE7CxGsXFpdvx16acabws4ecSFoeIT/uIX213T
oRxW2T3G8piKJ5uAVSUiAe2qIV80KE3v1WrXR3i48lbVnPtQKXaPV/EirnDFHE0N
VSaVeXLISA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:15 2024 by rpki-client on console-fra.rpki-client.org