Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/WHdpnPhUs23rarK2y1UkKpd-hmc.roa
File:                     WHdpnPhUs23rarK2y1UkKpd-hmc.roa (raw, json)
Hash identifier:          YD6ZwrNFZn0PuXXofuSHjSan0eYvJkqJHxHwP9s0Lhg=
Subject key identifier:   58:77:69:9C:F8:54:B3:6D:EB:6A:B2:B6:CB:55:24:2A:97:7E:86:67
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018C9C52742AAE97D95B83641B91B6E221C8
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/WHdpnPhUs23rarK2y1UkKpd-hmc.roa
Signing time:             Sun 24 Dec 2023 14:54:58 +0000
ROA not before:           Sun 24 Dec 2023 14:54:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     215813
IP address blocks:        81.168.126.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:30:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:9c:52:74:2a:ae:97:d9:5b:83:64:1b:91:b6:e2:21:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Dec 24 14:54:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5877699cf854b36deb6ab2b6cb55242a977e8667
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:70:a5:21:8d:9b:a6:90:21:63:bf:5c:26:6b:
                    f2:82:ba:a6:e0:3d:eb:c5:8b:b6:78:2c:a1:4c:ce:
                    ad:23:08:ba:83:e3:7b:16:dd:27:40:e5:7f:e3:c6:
                    02:6a:66:23:1b:3f:40:97:e4:37:b9:ce:99:c9:c7:
                    a9:cf:6f:06:40:e4:92:50:d3:c6:26:34:55:ba:df:
                    7a:e7:7b:5e:bc:51:c7:12:2e:1d:13:02:8c:2e:45:
                    c8:79:4c:64:27:e9:08:72:8e:00:5b:92:77:51:ab:
                    2f:76:34:cd:4e:b3:d9:16:de:a0:cb:62:96:d7:01:
                    7c:1b:75:e3:e4:4c:c1:4f:1e:f9:6d:9d:8a:3b:f7:
                    f4:bd:04:c7:f6:53:47:08:25:02:95:6e:27:06:5c:
                    f3:3e:ce:52:e2:a5:b6:78:8d:5f:e9:95:82:44:e2:
                    25:74:6a:56:a8:62:7a:b3:77:0e:c6:bd:5a:1c:f1:
                    ac:d1:34:d4:5d:1f:67:23:be:ba:39:5b:f6:e1:34:
                    0e:9b:a1:c1:7e:84:d8:3a:91:ef:f8:2d:7b:41:d5:
                    38:08:db:e8:47:61:16:aa:d6:ac:b6:10:b4:3b:3f:
                    af:5c:d6:f9:22:ce:bb:6c:3b:df:f5:1a:f2:eb:ca:
                    13:5f:8f:c9:94:18:0d:fb:85:56:09:74:cd:31:a7:
                    5b:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:77:69:9C:F8:54:B3:6D:EB:6A:B2:B6:CB:55:24:2A:97:7E:86:67
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/WHdpnPhUs23rarK2y1UkKpd-hmc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.168.126.0/24

    Signature Algorithm: sha256WithRSAEncryption
         51:79:d7:b2:a6:53:81:fd:e8:92:f0:41:d1:44:13:e7:e2:53:
         e5:21:a8:77:49:7f:59:b6:8a:d5:8e:6c:50:b5:77:52:52:0d:
         f0:d5:bf:68:a1:94:04:1c:9c:9d:67:f1:e6:7b:87:05:86:a6:
         47:be:74:3b:95:c2:db:89:22:64:29:ab:7a:f2:c0:26:54:06:
         d6:81:92:0b:c1:4f:d0:51:21:25:41:1a:fd:d5:81:02:ba:aa:
         94:94:0f:a0:1c:6c:df:a9:6b:0b:43:9b:0d:aa:28:d1:0b:4e:
         bd:fe:78:e3:37:6b:76:e1:34:8d:75:9e:41:ec:c3:a4:58:88:
         3b:b0:e6:8a:e1:0e:df:bd:25:12:20:bc:e2:20:d1:c8:31:84:
         1f:28:a8:bc:77:d9:81:f6:2e:fc:e3:ff:d1:c2:0f:57:1e:78:
         42:c8:e3:9f:85:f8:8f:1b:e0:f0:3e:d3:79:9a:02:f8:fe:d8:
         d5:f5:50:f7:2a:04:c1:e6:0a:34:2c:f3:92:aa:56:2c:0e:79:
         9d:eb:09:36:b4:ed:3c:0a:cb:08:8e:54:3b:2b:3c:40:6e:a0:
         11:20:e4:e8:40:82:10:36:32:05:3a:47:50:7e:b8:a1:d5:d9:
         73:b1:1e:46:b1:2f:ee:ec:6e:ec:cd:cc:ea:47:4c:5e:46:82:
         1d:69:68:fb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYycUnQqrpfZW4NkG5G24iHIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMxMjI0MTQ1NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODc3Njk5Y2Y4NTRiMzZkZWI2YWIyYjZjYjU1MjQyYTk3N2U4NjY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn3ClIY2bppAhY79cJmvygrqm4D3r
xYu2eCyhTM6tIwi6g+N7Ft0nQOV/48YCamYjGz9Al+Q3uc6Zycepz28GQOSSUNPG
JjRVut9653tevFHHEi4dEwKMLkXIeUxkJ+kIco4AW5J3UasvdjTNTrPZFt6gy2KW
1wF8G3Xj5EzBTx75bZ2KO/f0vQTH9lNHCCUClW4nBlzzPs5S4qW2eI1f6ZWCROIl
dGpWqGJ6s3cOxr1aHPGs0TTUXR9nI766OVv24TQOm6HBfoTYOpHv+C17QdU4CNvo
R2EWqtasthC0Oz+vXNb5Is67bDvf9Rry68oTX4/JlBgN+4VWCXTNMadb4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFh3aZz4VLNt62qytstVJCqXfoZnMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvV0hkcG5QaFVzMjNyYXJLMnkxVWtLcGQtaG1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUah+MA0G
CSqGSIb3DQEBCwUAA4IBAQBRedeyplOB/eiS8EHRRBPn4lPlIah3SX9ZtorVjmxQ
tXdSUg3w1b9ooZQEHJydZ/Hme4cFhqZHvnQ7lcLbiSJkKat68sAmVAbWgZILwU/Q
USElQRr91YECuqqUlA+gHGzfqWsLQ5sNqijRC069/njjN2t24TSNdZ5B7MOkWIg7
sOaK4Q7fvSUSILziINHIMYQfKKi8d9mB9i784//Rwg9XHnhCyOOfhfiPG+DwPtN5
mgL4/tjV9VD3KgTB5go0LPOSqlYsDnmd6wk2tO08CssIjlQ7KzxAbqARIOToQIIQ
NjIFOkdQfrih1dlzsR5GsS/u7G7szczqR0xeRoIdaWj7
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:23 2024 by rpki-client on console-ams.rpki-client.org