Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/PCJGuvFWIrOI4mLUzYtiK3gvIFA.roa
File:                     PCJGuvFWIrOI4mLUzYtiK3gvIFA.roa (raw, json)
Hash identifier:          4mGq3F2J5VFWCz0Syqk87rzzZdd11erz6iT4QRtY5m4=
Subject key identifier:   3C:22:46:BA:F1:56:22:B3:88:E2:62:D4:CD:8B:62:2B:78:2F:20:50
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       0186118EFFFE3C04854B7001ACEFF0398A60
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/PCJGuvFWIrOI4mLUzYtiK3gvIFA.roa
Signing time:             Thu 02 Feb 2023 09:57:09 +0000
ROA not before:           Thu 02 Feb 2023 09:57:09 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     3320
IP address blocks:        81.168.35.0/24 maxlen: 24
                          82.153.220.0/24 maxlen: 24
                          82.153.223.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 13 Feb 2023 11:21:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:11:8e:ff:fe:3c:04:85:4b:70:01:ac:ef:f0:39:8a:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Feb  2 09:57:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3c2246baf15622b388e262d4cd8b622b782f2050
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:44:53:02:30:98:07:84:d7:5e:c1:2a:63:b8:
                    c5:9e:2f:3d:a7:35:02:6c:3c:86:0c:aa:d8:90:a6:
                    2a:44:d8:4b:99:3c:91:1b:c7:85:34:71:a3:c8:35:
                    b2:4d:e3:61:dd:e6:0f:1d:db:0f:95:6d:2c:f5:d9:
                    95:4a:23:46:3c:0c:1d:5c:dc:3a:39:eb:48:b5:07:
                    53:1a:58:67:f1:b4:db:f3:84:ea:4f:eb:b2:6a:48:
                    56:e9:8d:05:52:23:92:3a:41:b7:1f:58:e3:b8:28:
                    ab:07:b6:04:30:77:8a:d9:20:99:b9:55:77:87:93:
                    7c:0b:dd:10:b1:e3:fc:6d:f7:91:2f:b8:ba:62:1a:
                    f9:cc:65:1a:28:14:ae:01:23:f2:c9:58:fd:64:3b:
                    13:93:a6:c7:c2:b1:d1:0f:83:36:e5:92:85:8f:66:
                    22:de:59:f5:05:03:37:94:6a:bc:53:e2:6d:9b:5e:
                    03:e6:30:19:86:3e:02:9b:dc:43:89:55:1d:52:d9:
                    cb:1c:08:1c:c4:c9:d4:29:21:dc:94:be:32:56:11:
                    87:a0:a8:cc:85:21:0c:27:36:ab:37:e5:c1:3e:fe:
                    f4:65:a4:e7:27:85:61:61:c0:ae:63:4d:c9:fe:5b:
                    8b:e7:29:2c:31:24:86:58:c0:18:27:cc:65:5b:e2:
                    7e:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:22:46:BA:F1:56:22:B3:88:E2:62:D4:CD:8B:62:2B:78:2F:20:50
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/PCJGuvFWIrOI4mLUzYtiK3gvIFA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.168.35.0/24
                  82.153.220.0/24
                  82.153.223.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ac:61:38:fe:9b:fc:0e:c9:63:9f:02:35:c4:d4:d1:42:23:89:
         41:06:cd:aa:14:ff:9d:77:c7:4f:8d:b1:be:3a:93:53:37:01:
         fc:fb:29:fc:aa:e3:dc:1d:d6:80:78:e5:63:12:d3:ec:62:76:
         db:a1:f6:cd:5d:7a:e6:54:55:9b:3f:de:e3:b5:28:9e:2b:a0:
         e3:ad:01:49:ec:f1:c4:c1:fb:9e:d2:15:29:e9:af:a9:97:3c:
         83:f2:9a:e6:fc:b7:e4:4a:c5:a6:f8:87:a5:40:e4:73:f3:26:
         09:23:6c:ba:a5:de:c1:4a:a0:a0:4b:21:fb:35:0d:b4:06:fa:
         30:30:fb:9d:2b:72:a2:d5:28:46:f6:b0:22:37:d3:b0:73:a1:
         61:0b:82:65:99:0b:86:c5:1c:8b:2d:cc:e3:4d:4b:36:83:16:
         43:2c:2a:33:bd:d5:c5:cb:3a:cf:4a:e6:d8:a0:a3:06:e4:fc:
         82:1a:19:a7:bc:db:71:7b:a5:4a:e0:a8:61:34:21:24:18:bb:
         f6:d2:f2:06:bf:47:30:3d:bc:0b:5f:47:c8:fa:b9:f2:52:b5:
         14:6b:60:7b:95:48:86:bc:90:2a:43:f2:0e:bf:a5:55:7a:84:
         bf:6b:5c:14:87:4d:d8:74:ea:2c:39:84:c4:2e:7d:b4:e3:e5:
         5f:86:c7:b6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYYRjv/+PASFS3ABrO/wOYpgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwMjAyMDk1NzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzIyNDZiYWYxNTYyMmIzODhlMjYyZDRjZDhiNjIyYjc4MmYyMDUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh0RTAjCYB4TXXsEqY7jFni89pzUC
bDyGDKrYkKYqRNhLmTyRG8eFNHGjyDWyTeNh3eYPHdsPlW0s9dmVSiNGPAwdXNw6
OetItQdTGlhn8bTb84TqT+uyakhW6Y0FUiOSOkG3H1jjuCirB7YEMHeK2SCZuVV3
h5N8C90QseP8bfeRL7i6Yhr5zGUaKBSuASPyyVj9ZDsTk6bHwrHRD4M25ZKFj2Yi
3ln1BQM3lGq8U+Jtm14D5jAZhj4Cm9xDiVUdUtnLHAgcxMnUKSHclL4yVhGHoKjM
hSEMJzarN+XBPv70ZaTnJ4VhYcCuY03J/luL5yksMSSGWMAYJ8xlW+J+rQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDwiRrrxViKziOJi1M2LYit4LyBQMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvUENKR3V2RldJck9JNG1MVXpZdGlLM2d2SUZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUagjAwQA
UpncAwQAUpnfMA0GCSqGSIb3DQEBCwUAA4IBAQCsYTj+m/wOyWOfAjXE1NFCI4lB
Bs2qFP+dd8dPjbG+OpNTNwH8+yn8quPcHdaAeOVjEtPsYnbbofbNXXrmVFWbP97j
tSieK6DjrQFJ7PHEwfue0hUp6a+plzyD8prm/LfkSsWm+IelQORz8yYJI2y6pd7B
SqCgSyH7NQ20BvowMPudK3Ki1ShG9rAiN9Owc6FhC4JlmQuGxRyLLczjTUs2gxZD
LCozvdXFyzrPSubYoKMG5PyCGhmnvNtxe6VK4KhhNCEkGLv20vIGv0cwPbwLX0fI
+rnyUrUUa2B7lUiGvJAqQ/IOv6VVeoS/a1wUh03YdOosOYTELn204+Vfhse2
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:23 2024 by rpki-client on console-ams.rpki-client.org