Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/cO2C07TloVaVjEVlY1iIhnCXmbg.roa
File:                     cO2C07TloVaVjEVlY1iIhnCXmbg.roa (raw, json)
Hash identifier:          UQZ0536oMpHgHUunW/izFuAvyD8dQYl71yme0LdMfIM=
Subject key identifier:   70:ED:82:D3:B4:E5:A1:56:95:8C:45:65:63:58:88:86:70:97:99:B8
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       01888A95C96F1E4488584D3F00F2963ED531
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/cO2C07TloVaVjEVlY1iIhnCXmbg.roa
Signing time:             Mon 05 Jun 2023 08:04:12 +0000
ROA not before:           Mon 05 Jun 2023 08:04:12 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     49981
IP address blocks:        81.168.41.0/24 maxlen: 24
                          82.153.220.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 30 Jul 2023 09:01:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:8a:95:c9:6f:1e:44:88:58:4d:3f:00:f2:96:3e:d5:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jun  5 08:04:12 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=70ed82d3b4e5a156958c456563588886709799b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:d3:0d:fd:14:98:80:c3:4e:d0:c8:a9:c4:30:
                    5b:7a:5e:73:f6:48:7d:6d:e4:c2:ad:4e:07:3c:1c:
                    e9:99:ef:2a:a5:f4:50:0d:01:fd:65:40:47:51:ac:
                    76:0a:fd:a7:a3:6a:1d:64:34:f8:06:68:c1:57:ee:
                    eb:d9:a0:6c:5e:b1:b2:23:20:7f:63:70:26:fc:3d:
                    d8:04:85:70:f5:c4:84:ad:b7:ba:44:62:1c:04:19:
                    84:3f:d4:01:d4:51:f4:7e:ba:72:fe:bc:75:01:01:
                    dc:92:02:f6:43:bc:51:ff:f9:f2:ea:f7:a1:b6:54:
                    a6:8d:da:2b:6f:65:da:d7:d9:c0:07:4a:5b:a2:c7:
                    4d:3e:2f:9f:a4:0d:6a:79:e6:2b:be:8a:e6:ed:56:
                    5d:cd:e6:57:a4:74:76:bf:dc:4f:64:4d:4b:90:b0:
                    25:a6:4e:08:98:9e:13:0d:2c:13:fe:6b:f7:cf:23:
                    eb:fc:5d:91:82:9b:aa:7d:ea:bd:65:45:da:a2:ea:
                    20:ea:87:6f:a1:07:eb:e3:e4:a2:0a:56:00:b3:f0:
                    cc:c5:7c:b8:26:e4:01:68:f5:21:26:af:bb:72:9c:
                    69:b9:4d:1c:60:91:e4:83:51:07:d8:b0:fb:c6:17:
                    cb:70:83:0d:94:89:6a:43:6d:22:29:e8:14:ee:1d:
                    1d:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:ED:82:D3:B4:E5:A1:56:95:8C:45:65:63:58:88:86:70:97:99:B8
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/cO2C07TloVaVjEVlY1iIhnCXmbg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.168.41.0/24
                  82.153.220.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ad:83:cb:32:54:ba:78:5e:e4:8b:3a:0b:80:c1:5d:54:13:c4:
         9d:d0:fa:73:49:c6:31:d6:9f:d8:eb:e3:f4:ee:f1:fe:1c:9d:
         53:76:66:f9:ba:9c:a1:04:e1:8b:d5:42:df:bb:bb:36:f4:9e:
         aa:24:da:73:36:30:6f:84:7a:bc:69:02:aa:a0:25:66:a5:cd:
         a1:8a:2c:38:83:89:fb:e5:27:c4:c1:89:5e:b4:a9:11:6f:4c:
         52:0d:70:af:25:35:b4:db:1b:c0:a6:b9:2a:12:e4:45:ed:fc:
         33:77:bb:94:46:b1:42:2d:29:9f:61:48:f7:a0:b6:a6:1a:2a:
         5b:d5:77:ad:d1:5d:ce:56:cc:91:7f:ea:48:6f:5e:27:87:41:
         02:d1:c0:2f:9b:56:86:01:c6:67:f8:bb:15:5a:4e:6a:7b:ce:
         82:fe:90:47:2b:57:32:99:a1:7f:6c:2b:1c:4d:f8:c2:66:1c:
         78:d8:c3:72:ad:e7:6e:2b:4a:de:97:24:38:88:9e:af:aa:b5:
         b0:cb:f6:ae:a6:58:7b:a4:09:a4:fb:3d:d2:66:65:85:bb:62:
         f7:38:dd:48:32:e6:df:0f:a6:14:60:72:9f:16:97:09:d9:45:
         d4:86:86:b9:84:96:ec:57:9c:39:f3:c1:22:2f:e0:1a:ca:99:
         3f:42:4f:a7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYiKlclvHkSIWE0/APKWPtUxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNjA1MDgwNDEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGVkODJkM2I0ZTVhMTU2OTU4YzQ1NjU2MzU4ODg4NjcwOTc5OWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgtMN/RSYgMNO0MipxDBbel5z9kh9
beTCrU4HPBzpme8qpfRQDQH9ZUBHUax2Cv2no2odZDT4BmjBV+7r2aBsXrGyIyB/
Y3Am/D3YBIVw9cSErbe6RGIcBBmEP9QB1FH0frpy/rx1AQHckgL2Q7xR//ny6veh
tlSmjdorb2Xa19nAB0pbosdNPi+fpA1qeeYrvorm7VZdzeZXpHR2v9xPZE1LkLAl
pk4ImJ4TDSwT/mv3zyPr/F2Rgpuqfeq9ZUXaouog6odvoQfr4+SiClYAs/DMxXy4
JuQBaPUhJq+7cpxpuU0cYJHkg1EH2LD7xhfLcIMNlIlqQ20iKegU7h0drQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHDtgtO05aFWlYxFZWNYiIZwl5m4MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvY08yQzA3VGxvVmFWakVWbFkxaUlobkNYbWJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUagpAwQA
UpncMA0GCSqGSIb3DQEBCwUAA4IBAQCtg8syVLp4XuSLOguAwV1UE8Sd0PpzScYx
1p/Y6+P07vH+HJ1Tdmb5upyhBOGL1ULfu7s29J6qJNpzNjBvhHq8aQKqoCVmpc2h
iiw4g4n75SfEwYletKkRb0xSDXCvJTW02xvAprkqEuRF7fwzd7uURrFCLSmfYUj3
oLamGipb1Xet0V3OVsyRf+pIb14nh0EC0cAvm1aGAcZn+LsVWk5qe86C/pBHK1cy
maF/bCscTfjCZhx42MNyreduK0relyQ4iJ6vqrWwy/auplh7pAmk+z3SZmWFu2L3
ON1IMubfD6YUYHKfFpcJ2UXUhoa5hJbsV5w588EiL+Aaypk/Qk+n
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:24 2024 by rpki-client on console-ams.rpki-client.org