Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/VYATCkvFYX_lMUXMDE2Hsmd-OCg.roa
File:                     VYATCkvFYX_lMUXMDE2Hsmd-OCg.roa (raw, json)
Hash identifier:          hMby4QYzgyLcx4UnVZvUMYAnehWCyX5XhQLJAoSl7YU=
Subject key identifier:   55:80:13:0A:4B:C5:61:7F:E5:31:45:CC:0C:4D:87:B2:67:7E:38:28
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       0185E838C9059A18397069BED587548BC1E3
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/VYATCkvFYX_lMUXMDE2Hsmd-OCg.roa
Signing time:             Wed 25 Jan 2023 09:18:33 +0000
ROA not before:           Wed 25 Jan 2023 09:18:33 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     3320
IP address blocks:        81.168.35.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 02 Feb 2023 09:57:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:e8:38:c9:05:9a:18:39:70:69:be:d5:87:54:8b:c1:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jan 25 09:18:33 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5580130a4bc5617fe53145cc0c4d87b2677e3828
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:81:50:4c:45:d3:b6:2c:74:b3:f0:c8:4d:72:
                    eb:cf:83:10:c1:f7:09:a6:01:66:c9:c7:57:86:65:
                    98:3d:5c:b3:22:e7:8e:85:79:b5:d3:5d:a3:ef:9c:
                    1e:4a:f7:37:9f:4b:3a:a8:33:72:f3:6a:7b:0d:5e:
                    be:d8:99:39:8f:c4:91:7a:46:4f:69:58:69:a2:43:
                    46:93:0e:e2:c7:3a:fa:59:53:03:47:9b:22:4d:31:
                    92:11:f2:1d:87:0c:21:7b:93:ab:10:c9:84:75:e2:
                    f1:e4:b9:82:db:2f:e0:45:96:bf:d3:f7:ba:b7:e5:
                    65:39:5b:b0:2e:b5:82:2b:81:7f:ea:85:62:d3:39:
                    ff:94:75:31:f5:ab:44:e9:26:07:d0:e8:a4:00:74:
                    86:7b:d8:63:ab:77:7f:06:0f:37:1d:1b:eb:cc:bc:
                    34:6f:d8:bb:89:d4:a3:4a:d2:ac:d0:fd:42:f8:31:
                    50:0e:8d:65:8a:82:a5:95:b3:49:ed:e9:35:5e:da:
                    4f:a9:b0:7a:85:25:19:f1:2c:ba:aa:b6:55:8f:b3:
                    8b:48:16:c3:87:af:f9:3b:47:35:ab:49:de:c3:49:
                    ce:10:40:c8:f2:58:9a:fd:21:c7:d5:29:31:d9:f1:
                    14:5f:4e:94:30:cc:f9:ca:03:57:88:19:92:1c:88:
                    eb:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:80:13:0A:4B:C5:61:7F:E5:31:45:CC:0C:4D:87:B2:67:7E:38:28
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/VYATCkvFYX_lMUXMDE2Hsmd-OCg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.168.35.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3e:68:ef:51:b3:b8:88:2b:e5:7e:7f:4b:8d:7b:af:dc:62:2e:
         5a:94:e0:83:c2:c6:a2:2b:41:03:43:12:0f:a8:4e:c9:42:c3:
         af:0d:ba:83:dd:f7:1b:c5:9a:c7:43:5f:89:c2:81:4e:82:cc:
         ac:94:c3:01:48:78:7e:f4:ec:bb:f6:ed:5f:8c:e5:44:13:5a:
         df:01:85:37:dd:29:37:f8:a1:3f:80:b9:55:b2:19:09:03:ac:
         4c:1b:d7:96:78:8e:1b:4a:4f:07:75:82:c5:19:8f:3a:ba:de:
         d5:41:58:b7:a7:00:3b:57:a2:48:11:44:77:1c:9a:58:fd:fb:
         14:70:44:91:84:77:1f:e0:01:9b:63:72:bc:70:a7:a0:97:c4:
         57:67:75:30:c1:f2:72:65:05:d8:6c:59:cd:03:59:ed:34:61:
         09:22:dd:20:d8:b9:04:1a:7c:49:d4:0d:b6:0a:b6:85:5e:2d:
         4f:d2:f5:fa:73:91:b6:bd:67:53:97:f0:61:55:d7:e1:c9:5d:
         a3:ef:86:66:f2:14:c0:e7:33:c1:d1:56:a1:fb:c9:cb:23:be:
         3f:3c:5a:1a:63:39:86:d6:c2:54:d3:ab:2c:9b:25:da:0d:97:
         23:23:fa:5a:94:21:a9:49:67:94:47:d7:8c:70:ce:51:c2:37:
         32:e2:57:b2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYXoOMkFmhg5cGm+1YdUi8HjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwMTI1MDkxODMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTgwMTMwYTRiYzU2MTdmZTUzMTQ1Y2MwYzRkODdiMjY3N2UzODI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoIFQTEXTtix0s/DITXLrz4MQwfcJ
pgFmycdXhmWYPVyzIueOhXm1012j75weSvc3n0s6qDNy82p7DV6+2Jk5j8SRekZP
aVhpokNGkw7ixzr6WVMDR5siTTGSEfIdhwwhe5OrEMmEdeLx5LmC2y/gRZa/0/e6
t+VlOVuwLrWCK4F/6oVi0zn/lHUx9atE6SYH0OikAHSGe9hjq3d/Bg83HRvrzLw0
b9i7idSjStKs0P1C+DFQDo1lioKllbNJ7ek1XtpPqbB6hSUZ8Sy6qrZVj7OLSBbD
h6/5O0c1q0new0nOEEDI8lia/SHH1Skx2fEUX06UMMz5ygNXiBmSHIjrLQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFWAEwpLxWF/5TFFzAxNh7JnfjgoMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvVllBVENrdkZZWF9sTVVYTURFMkhzbWQtT0NnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUagjMA0G
CSqGSIb3DQEBCwUAA4IBAQA+aO9Rs7iIK+V+f0uNe6/cYi5alOCDwsaiK0EDQxIP
qE7JQsOvDbqD3fcbxZrHQ1+JwoFOgsyslMMBSHh+9Oy79u1fjOVEE1rfAYU33Sk3
+KE/gLlVshkJA6xMG9eWeI4bSk8HdYLFGY86ut7VQVi3pwA7V6JIEUR3HJpY/fsU
cESRhHcf4AGbY3K8cKegl8RXZ3UwwfJyZQXYbFnNA1ntNGEJIt0g2LkEGnxJ1A22
CraFXi1P0vX6c5G2vWdTl/BhVdfhyV2j74Zm8hTA5zPB0Vah+8nLI74/PFoaYzmG
1sJU06ssmyXaDZcjI/palCGpSWeUR9eMcM5Rwjcy4ley
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:23 2024 by rpki-client on console-ams.rpki-client.org