Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/XLEHjSHoD3m92XHqWoI0B07kHZA.roa
File:                     XLEHjSHoD3m92XHqWoI0B07kHZA.roa (raw, json)
Hash identifier:          iWp6691U850hr6IcluWelZbiB+ELrGz5z/jFWDAQddM=
Subject key identifier:   5C:B1:07:8D:21:E8:0F:79:BD:D9:71:EA:5A:82:34:07:4E:E4:1D:90
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018571FA254F03AF924EAB3D808D5C72B11D
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/XLEHjSHoD3m92XHqWoI0B07kHZA.roa
Signing time:             Mon 02 Jan 2023 10:14:57 +0000
ROA not before:           Mon 02 Jan 2023 10:14:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     44486
IP address blocks:        81.5.189.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 10 Jan 2023 12:36:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:fa:25:4f:03:af:92:4e:ab:3d:80:8d:5c:72:b1:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jan  2 10:14:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5cb1078d21e80f79bdd971ea5a8234074ee41d90
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:92:3b:16:02:70:7e:fa:10:2c:fa:11:dd:ee:
                    b7:2f:1a:08:a7:33:66:81:0e:e0:21:ea:24:9e:d4:
                    4a:01:14:f2:d0:12:6a:2a:6e:4b:e8:7f:3b:29:60:
                    a2:e0:2b:54:93:93:11:4c:0f:05:cd:69:f7:33:05:
                    8a:67:de:4a:95:11:d4:20:48:79:ee:0d:b3:fc:82:
                    ab:bf:a9:4b:db:61:d8:7d:54:ec:61:88:60:08:59:
                    b5:88:d4:b2:77:60:d9:38:6a:02:b1:36:3a:ff:79:
                    56:d9:90:d9:79:1b:93:98:ca:4a:05:aa:4c:5a:aa:
                    e9:53:d5:4c:b8:61:1c:78:36:b9:8c:da:52:38:f0:
                    71:82:2a:e3:98:0e:10:cd:57:56:71:f5:58:a4:ae:
                    f5:79:02:5d:2a:5b:97:c3:0f:d4:bd:e8:48:37:8e:
                    91:0e:cf:7c:84:01:fb:8a:aa:60:a2:b6:a2:63:8c:
                    4a:e9:61:e1:59:58:32:61:04:c4:55:e5:e7:fb:2f:
                    04:00:61:32:9c:6f:98:ee:6b:96:97:d7:c4:11:1b:
                    65:bd:42:77:7e:47:28:43:f4:ad:88:28:22:b9:cf:
                    ee:ba:ad:bb:5b:d4:cd:ab:cd:a8:c6:d2:88:49:70:
                    10:5a:7f:c7:52:d2:47:32:d4:7f:f1:cd:04:21:e2:
                    85:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:B1:07:8D:21:E8:0F:79:BD:D9:71:EA:5A:82:34:07:4E:E4:1D:90
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/XLEHjSHoD3m92XHqWoI0B07kHZA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.5.189.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6b:5f:7f:66:9b:b2:b0:70:39:0a:c2:59:52:1f:28:1f:27:08:
         ed:37:2c:f4:42:3f:ff:68:88:9c:ea:d8:31:55:8e:d7:26:e9:
         97:79:c4:72:59:c4:64:bd:b3:ad:7b:23:64:0c:9a:ff:0d:23:
         af:86:b4:41:d9:0d:a4:2b:57:41:ab:1d:12:10:cc:c3:9f:7a:
         3d:58:17:93:69:56:fc:6a:6a:97:f8:fe:0e:a5:b2:07:ae:25:
         a4:ed:c7:09:48:6e:eb:45:72:6f:f6:10:ad:68:d5:04:de:99:
         de:0a:0a:12:1d:68:d8:16:dc:b0:6c:ef:21:dc:ce:ed:34:cd:
         14:81:01:bb:18:6d:b7:58:90:13:4a:0b:61:c5:68:19:11:ff:
         e8:47:30:42:37:45:ca:ef:88:f6:1e:ca:26:c5:71:82:3d:86:
         b0:84:85:a4:71:93:e7:aa:28:1a:f1:36:f3:34:5c:84:58:ea:
         b9:07:34:32:fb:f3:3c:f0:29:12:5e:df:4d:e3:5d:38:27:30:
         6f:cc:2d:71:fb:8c:87:24:0c:21:55:fd:15:66:ea:90:a7:34:
         5e:eb:20:de:67:af:54:82:e1:bc:67:91:69:f1:62:fc:c1:b5:
         e6:1c:44:29:be:33:ff:62:7e:5e:2d:11:cb:21:22:96:b9:c8:
         86:08:2f:61
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVx+iVPA6+STqs9gI1ccrEdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwMTAyMTAxNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2IxMDc4ZDIxZTgwZjc5YmRkOTcxZWE1YTgyMzQwNzRlZTQxZDkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAspI7FgJwfvoQLPoR3e63LxoIpzNm
gQ7gIeokntRKARTy0BJqKm5L6H87KWCi4CtUk5MRTA8FzWn3MwWKZ95KlRHUIEh5
7g2z/IKrv6lL22HYfVTsYYhgCFm1iNSyd2DZOGoCsTY6/3lW2ZDZeRuTmMpKBapM
WqrpU9VMuGEceDa5jNpSOPBxgirjmA4QzVdWcfVYpK71eQJdKluXww/UvehIN46R
Ds98hAH7iqpgoraiY4xK6WHhWVgyYQTEVeXn+y8EAGEynG+Y7muWl9fEERtlvUJ3
fkcoQ/StiCgiuc/uuq27W9TNq82oxtKISXAQWn/HUtJHMtR/8c0EIeKFIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFyxB40h6A95vdlx6lqCNAdO5B2QMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvWExFSGpTSG9EM205MlhIcVdvSTBCMDdrSFpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUQW9MA0G
CSqGSIb3DQEBCwUAA4IBAQBrX39mm7KwcDkKwllSHygfJwjtNyz0Qj//aIic6tgx
VY7XJumXecRyWcRkvbOteyNkDJr/DSOvhrRB2Q2kK1dBqx0SEMzDn3o9WBeTaVb8
amqX+P4OpbIHriWk7ccJSG7rRXJv9hCtaNUE3pneCgoSHWjYFtywbO8h3M7tNM0U
gQG7GG23WJATSgthxWgZEf/oRzBCN0XK74j2HsomxXGCPYawhIWkcZPnqiga8Tbz
NFyEWOq5BzQy+/M88CkSXt9N4104JzBvzC1x+4yHJAwhVf0VZuqQpzRe6yDeZ69U
guG8Z5Fp8WL8wbXmHEQpvjP/Yn5eLRHLISKWuciGCC9h
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:16 2024 by rpki-client on console-fra.rpki-client.org