Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/_7_djqoV4gr1ZbukZq9KliDJxtg.roa
File:                     _7_djqoV4gr1ZbukZq9KliDJxtg.roa (raw, json)
Hash identifier:          A+HHm5bzf4kS6Lo/HP2XL3GIVqvAYWvp5cM33e2VMlw=
Subject key identifier:   FF:BF:DD:8E:AA:15:E2:0A:F5:65:BB:A4:66:AF:4A:96:20:C9:C6:D8
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018D6B20029537C6B7C6605656814B47FA9A
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/_7_djqoV4gr1ZbukZq9KliDJxtg.roa
Signing time:             Fri 02 Feb 2024 18:41:16 +0000
ROA not before:           Fri 02 Feb 2024 18:41:16 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     398465
IP address blocks:        81.168.119.0/24 maxlen: 24
                          82.153.1.0/24 maxlen: 24
                          89.213.133.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 26 Feb 2024 10:35:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:6b:20:02:95:37:c6:b7:c6:60:56:56:81:4b:47:fa:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Feb  2 18:41:16 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=ffbfdd8eaa15e20af565bba466af4a9620c9c6d8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:c2:d1:e1:f4:8d:f6:25:21:0b:12:7f:99:06:
                    13:a8:76:64:b6:62:93:6d:de:9e:a6:a5:9d:57:61:
                    bc:75:9b:66:85:3f:fb:82:91:56:83:e3:6d:c1:42:
                    6e:c2:8a:90:32:c2:96:f7:76:e5:80:db:ad:b3:47:
                    86:e7:a3:e2:21:4e:96:40:10:5d:ab:0d:af:ff:3c:
                    c5:59:9a:d0:6c:43:c7:b9:ff:6f:cc:cc:53:83:b7:
                    84:2f:68:e6:9b:3a:52:10:4b:06:f3:42:ec:72:b1:
                    f3:8b:99:89:d7:99:45:07:a1:e9:fd:4c:a3:bd:6c:
                    7a:db:45:ad:6c:3a:07:0f:0c:16:f8:78:6f:25:c7:
                    9a:b2:95:85:2f:17:fb:29:3d:a8:8b:ae:3b:65:52:
                    b8:09:64:62:6f:06:24:b1:12:64:d3:6b:e2:6f:2d:
                    e4:ac:99:8f:49:7f:01:fe:06:4e:2a:41:e9:be:0b:
                    08:16:17:fc:17:28:c3:7d:cd:72:d6:80:60:0f:13:
                    cc:fa:c0:44:97:eb:d0:6c:38:f7:73:33:48:55:1e:
                    3c:76:1f:b8:74:ed:77:8c:ab:bd:5d:da:07:4a:fb:
                    f6:af:81:b0:fb:21:f6:46:3d:0c:01:31:2d:e2:be:
                    f4:25:d8:ca:16:97:34:c3:2c:3b:22:7a:9c:63:67:
                    3f:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:BF:DD:8E:AA:15:E2:0A:F5:65:BB:A4:66:AF:4A:96:20:C9:C6:D8
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/_7_djqoV4gr1ZbukZq9KliDJxtg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.168.119.0/24
                  82.153.1.0/24
                  89.213.133.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4a:03:06:34:33:75:4d:a4:91:53:00:40:b4:91:7b:65:fb:71:
         eb:cc:56:03:f0:b5:c5:ff:58:70:8c:f8:6e:13:46:d5:28:35:
         94:2e:63:6a:99:5e:52:54:ad:eb:65:ed:78:dd:49:3d:3c:be:
         1d:f0:59:f7:40:a5:31:dd:ff:57:3a:7a:69:eb:5f:c3:53:7e:
         1c:98:f4:23:c4:cb:7f:1a:c5:47:75:c2:23:c8:07:d6:d5:7f:
         71:1d:67:79:61:47:b4:bc:67:12:2b:af:fa:01:81:cb:ee:d4:
         b2:47:66:0f:67:29:5c:26:ed:74:97:16:52:b2:19:26:4e:18:
         62:df:6f:75:f3:de:a5:cc:d1:72:15:06:77:d2:0c:52:3c:4c:
         fd:58:bf:02:31:a2:33:92:8a:ee:ee:44:3c:8c:a4:91:3e:68:
         52:7e:81:ad:05:b6:2d:5e:51:7c:58:6f:28:a5:be:4f:4d:bb:
         12:82:01:13:e2:f6:40:90:29:4e:8a:70:59:2a:ef:52:78:90:
         c7:73:92:a2:5f:e0:33:ba:91:ae:ce:56:11:b3:df:79:b6:43:
         a9:d9:e7:6c:8f:63:0f:4d:46:ed:6c:41:0a:39:68:33:3a:eb:
         d5:b5:9b:28:ac:2f:ba:fb:8a:37:37:5e:e7:10:66:e8:08:29:
         cb:74:40:ac
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY1rIAKVN8a3xmBWVoFLR/qaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMjAyMTg0MTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZmJmZGQ4ZWFhMTVlMjBhZjU2NWJiYTQ2NmFmNGE5NjIwYzljNmQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuMLR4fSN9iUhCxJ/mQYTqHZktmKT
bd6epqWdV2G8dZtmhT/7gpFWg+NtwUJuwoqQMsKW93blgNuts0eG56PiIU6WQBBd
qw2v/zzFWZrQbEPHuf9vzMxTg7eEL2jmmzpSEEsG80LscrHzi5mJ15lFB6Hp/Uyj
vWx620WtbDoHDwwW+HhvJceaspWFLxf7KT2oi647ZVK4CWRibwYksRJk02viby3k
rJmPSX8B/gZOKkHpvgsIFhf8FyjDfc1y1oBgDxPM+sBEl+vQbDj3czNIVR48dh+4
dO13jKu9XdoHSvv2r4Gw+yH2Rj0MATEt4r70JdjKFpc0wyw7InqcY2c/kQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFP+/3Y6qFeIK9WW7pGavSpYgycbYMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvXzdfZGpxb1Y0Z3IxWmJ1a1pxOUtsaURKeHRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUah3AwQA
UpkBAwQAWdWFMA0GCSqGSIb3DQEBCwUAA4IBAQBKAwY0M3VNpJFTAEC0kXtl+3Hr
zFYD8LXF/1hwjPhuE0bVKDWULmNqmV5SVK3rZe143Uk9PL4d8Fn3QKUx3f9XOnpp
61/DU34cmPQjxMt/GsVHdcIjyAfW1X9xHWd5YUe0vGcSK6/6AYHL7tSyR2YPZylc
Ju10lxZSshkmThhi3291896lzNFyFQZ30gxSPEz9WL8CMaIzkoru7kQ8jKSRPmhS
foGtBbYtXlF8WG8opb5PTbsSggET4vZAkClOinBZKu9SeJDHc5KiX+AzupGuzlYR
s995tkOp2edsj2MPTUbtbEEKOWgzOuvVtZsorC+6+4o3N17nEGboCCnLdECs
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:24 2024 by rpki-client on console-ams.rpki-client.org