Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Y9X-3C2kHtGksPCBz0j5XfjbwVw.roa
File:                     Y9X-3C2kHtGksPCBz0j5XfjbwVw.roa (raw, json)
Hash identifier:          Lj5404wbjGntu7YD7X9zvNJvBt0OfJKdrvGNsqvZ0Uw=
Subject key identifier:   63:D5:FE:DC:2D:A4:1E:D1:A4:B0:F0:81:CF:48:F9:5D:F8:DB:C1:5C
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018571FA29604E781A2A451F90727C10DECA
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Y9X-3C2kHtGksPCBz0j5XfjbwVw.roa
Signing time:             Mon 02 Jan 2023 10:14:57 +0000
ROA not before:           Mon 02 Jan 2023 10:14:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     138687
IP address blocks:        81.5.156.0/24 maxlen: 24
                          82.153.224.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 09 Jan 2023 09:25:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:fa:29:60:4e:78:1a:2a:45:1f:90:72:7c:10:de:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jan  2 10:14:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=63d5fedc2da41ed1a4b0f081cf48f95df8dbc15c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:13:56:de:08:32:e7:d4:7a:cb:4a:90:f6:82:
                    a2:03:b4:f6:9b:c3:c4:19:85:31:db:ae:91:83:fc:
                    de:31:51:52:67:e8:b5:e0:f0:3f:ae:f0:1a:bf:15:
                    5f:4c:25:a7:4c:a2:b7:af:fc:75:11:13:52:84:8b:
                    8c:07:42:e9:5d:2d:a7:0c:55:16:1a:48:ab:81:95:
                    20:b9:94:14:cd:d0:50:1e:d0:68:a7:23:86:39:c5:
                    96:0e:3c:b4:30:63:1a:a2:01:58:1a:9c:f7:fb:01:
                    c6:99:78:8e:c4:42:fb:aa:df:c0:11:59:02:fa:0e:
                    18:74:aa:a2:e4:3a:9d:4a:32:2a:06:02:e6:8e:91:
                    54:f6:38:5a:e2:50:72:e9:60:59:a8:cf:99:a5:1e:
                    1e:02:a7:c8:09:5b:c1:82:7b:37:4d:0d:51:51:70:
                    d4:0a:cc:22:14:1d:f9:04:c9:57:a2:71:68:b5:1b:
                    ac:70:9c:27:5c:bf:60:84:55:e4:49:ac:07:2b:ca:
                    46:44:ea:e6:26:6c:38:ba:92:21:d8:a4:a8:42:1d:
                    d2:ed:1a:12:ef:aa:b3:86:50:c2:8a:3e:0b:47:49:
                    41:fc:05:77:0c:f3:68:92:72:b2:d3:02:9f:8d:75:
                    09:f6:d6:84:65:e6:8a:68:89:85:c7:e5:37:63:b0:
                    3e:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:D5:FE:DC:2D:A4:1E:D1:A4:B0:F0:81:CF:48:F9:5D:F8:DB:C1:5C
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Y9X-3C2kHtGksPCBz0j5XfjbwVw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.5.156.0/24
                  82.153.224.0/24

    Signature Algorithm: sha256WithRSAEncryption
         13:1d:e1:5f:20:d1:fc:c5:e4:92:18:27:88:3f:e9:fd:dd:86:
         15:96:45:33:29:0d:c5:ef:ea:a7:27:06:54:f0:9d:23:33:d2:
         00:43:a1:1c:eb:c2:c6:ba:4c:44:5b:86:25:33:3f:16:f7:e0:
         fe:73:b9:cc:e1:7d:78:0f:70:c5:fb:8a:3e:6a:6f:f1:1f:8c:
         5f:bb:68:71:6e:56:3e:0a:5d:0b:ef:ee:a4:60:f0:e4:26:27:
         1b:98:0b:2c:00:60:aa:67:77:ea:e2:31:d0:a0:a9:f8:3c:6e:
         34:03:4c:2c:8c:37:06:cb:f0:f7:05:e6:c3:08:d1:11:c1:e3:
         c4:1f:d2:3b:4f:76:26:79:2f:98:db:06:38:36:b7:34:83:48:
         7b:83:0a:3a:5d:cc:0f:cd:a1:5a:db:81:1c:2a:65:40:87:72:
         a4:85:86:85:21:60:99:2d:6d:2f:59:0f:fb:79:bf:35:04:d2:
         08:cc:67:0f:c2:df:ea:66:75:cd:91:25:13:85:9f:78:ee:91:
         ab:36:13:22:bc:f8:6e:3c:08:d1:25:42:ff:47:84:13:8a:75:
         34:a2:ba:a6:15:b7:c8:3d:89:64:db:52:e8:0d:58:05:f1:5a:
         2a:f6:6a:6b:71:2e:cf:28:ea:cb:f0:0c:97:0c:1e:8f:fc:1d:
         51:85:42:a3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVx+ilgTngaKkUfkHJ8EN7KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwMTAyMTAxNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2Q1ZmVkYzJkYTQxZWQxYTRiMGYwODFjZjQ4Zjk1ZGY4ZGJjMTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhBNW3ggy59R6y0qQ9oKiA7T2m8PE
GYUx266Rg/zeMVFSZ+i14PA/rvAavxVfTCWnTKK3r/x1ERNShIuMB0LpXS2nDFUW
GkirgZUguZQUzdBQHtBopyOGOcWWDjy0MGMaogFYGpz3+wHGmXiOxEL7qt/AEVkC
+g4YdKqi5DqdSjIqBgLmjpFU9jha4lBy6WBZqM+ZpR4eAqfICVvBgns3TQ1RUXDU
CswiFB35BMlXonFotRuscJwnXL9ghFXkSawHK8pGROrmJmw4upIh2KSoQh3S7RoS
76qzhlDCij4LR0lB/AV3DPNoknKy0wKfjXUJ9taEZeaKaImFx+U3Y7A+mQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGPV/twtpB7RpLDwgc9I+V3428FcMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvWTlYLTNDMmtIdEdrc1BDQnowajVYZmpid1Z3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUQWcAwQA
UpngMA0GCSqGSIb3DQEBCwUAA4IBAQATHeFfINH8xeSSGCeIP+n93YYVlkUzKQ3F
7+qnJwZU8J0jM9IAQ6Ec68LGukxEW4YlMz8W9+D+c7nM4X14D3DF+4o+am/xH4xf
u2hxblY+Cl0L7+6kYPDkJicbmAssAGCqZ3fq4jHQoKn4PG40A0wsjDcGy/D3BebD
CNERwePEH9I7T3YmeS+Y2wY4Nrc0g0h7gwo6XcwPzaFa24EcKmVAh3KkhYaFIWCZ
LW0vWQ/7eb81BNIIzGcPwt/qZnXNkSUThZ947pGrNhMivPhuPAjRJUL/R4QTinU0
orqmFbfIPYlk21LoDVgF8Voq9mprcS7PKOrL8AyXDB6P/B1RhUKj
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:16 2024 by rpki-client on console-fra.rpki-client.org