Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/klCpypS0IdNhjRnsZxc-s2XKPyA.roa
File:                     klCpypS0IdNhjRnsZxc-s2XKPyA.roa (raw, json)
Hash identifier:          dUXcpSMCS7jJGgtUtDjc3bN7A+Dl68i9OR4qLXmzfhw=
Subject key identifier:   92:50:A9:CA:94:B4:21:D3:61:8D:19:EC:67:17:3E:B3:65:CA:3F:20
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       0187C6AF79F3DEDD353C78DB5A2DA99DD8FA
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/klCpypS0IdNhjRnsZxc-s2XKPyA.roa
Signing time:             Fri 28 Apr 2023 07:06:41 +0000
ROA not before:           Fri 28 Apr 2023 07:06:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     44547
IP address blocks:        81.168.116.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 31 May 2023 08:14:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:c6:af:79:f3:de:dd:35:3c:78:db:5a:2d:a9:9d:d8:fa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Apr 28 07:06:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9250a9ca94b421d3618d19ec67173eb365ca3f20
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:5b:f8:df:91:5f:ff:50:91:b5:b5:6e:34:85:
                    c5:46:b6:94:4d:82:7c:ac:7a:7a:94:5d:48:77:02:
                    f9:00:08:f6:b7:1e:d7:3c:16:af:20:e7:ee:29:d1:
                    d4:10:73:35:10:d1:03:61:f9:97:b5:99:2a:0c:3a:
                    d2:47:30:63:e7:93:0b:b6:93:46:a5:52:d3:ff:bd:
                    81:1b:8f:e8:da:55:f1:7b:67:11:07:41:69:25:7e:
                    61:ea:ac:dc:12:b3:5f:ef:e0:c2:df:a8:c3:8b:1c:
                    1b:75:4f:48:87:77:1f:e6:97:7e:72:34:e7:8a:4d:
                    ee:4e:9d:65:62:4c:af:13:49:15:a3:18:bf:73:64:
                    3f:9f:84:61:fe:e0:3e:95:d9:b8:20:a7:ea:83:08:
                    7e:f4:6e:cd:df:e5:2e:6a:e3:ff:9b:a6:dd:b8:f0:
                    af:80:08:36:ab:24:08:70:be:23:30:92:0d:fa:7e:
                    d5:0b:00:c4:f3:ea:76:1b:ec:da:e0:4e:06:6f:1c:
                    b4:1a:21:85:32:72:8e:35:c9:c6:89:9e:9f:29:d9:
                    52:ff:0a:20:b2:58:7d:67:98:72:fc:84:7d:ab:21:
                    e6:58:1e:2f:2d:e9:1c:b2:6e:7a:8c:a3:1b:a7:a9:
                    da:59:93:fd:df:fc:24:f8:41:71:26:be:18:01:38:
                    ce:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:50:A9:CA:94:B4:21:D3:61:8D:19:EC:67:17:3E:B3:65:CA:3F:20
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/klCpypS0IdNhjRnsZxc-s2XKPyA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.168.116.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a5:ed:ec:c9:dc:34:17:28:e4:56:33:e1:77:c9:65:47:d0:aa:
         8e:ae:c8:8e:d7:74:57:2d:d5:f0:a4:f0:0a:c9:d4:a5:f9:e4:
         ef:4e:64:93:ee:c0:0d:91:4d:76:1a:ec:8d:4a:a0:d7:dd:6e:
         2f:10:c6:28:25:41:53:16:38:37:36:12:58:47:b4:0e:5e:45:
         7b:2c:cb:ae:3e:e6:6c:49:3e:7f:da:57:0b:71:ff:57:6d:f7:
         2f:08:bc:f2:ae:ea:a8:b7:94:b7:f4:28:88:1a:af:db:6a:e6:
         e6:15:81:6f:f9:e3:5d:59:de:64:a4:38:2d:e0:89:9e:b5:5f:
         e7:22:88:56:2e:c3:ea:5e:b4:bd:6b:01:2b:dd:36:7f:ed:b6:
         65:20:d8:ad:49:a8:07:73:a2:47:eb:ef:5b:8c:51:7d:7c:76:
         a8:2c:2a:45:32:04:81:04:08:0d:7a:76:26:fd:61:d7:e1:0f:
         67:35:88:fa:9d:70:cb:66:48:eb:5b:47:17:6d:da:db:aa:48:
         6e:04:7a:a7:fa:a5:16:e3:9d:29:dc:68:94:ee:e1:f7:78:ac:
         98:04:d4:04:9d:fc:5d:00:e3:48:39:a5:34:43:54:6d:41:77:
         47:d7:58:0b:5b:a9:76:35:e7:b1:4f:0f:1b:3b:e3:5f:b4:9a:
         87:dc:6d:bd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYfGr3nz3t01PHjbWi2pndj6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNDI4MDcwNjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjUwYTljYTk0YjQyMWQzNjE4ZDE5ZWM2NzE3M2ViMzY1Y2EzZjIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAilv435Ff/1CRtbVuNIXFRraUTYJ8
rHp6lF1IdwL5AAj2tx7XPBavIOfuKdHUEHM1ENEDYfmXtZkqDDrSRzBj55MLtpNG
pVLT/72BG4/o2lXxe2cRB0FpJX5h6qzcErNf7+DC36jDixwbdU9Ih3cf5pd+cjTn
ik3uTp1lYkyvE0kVoxi/c2Q/n4Rh/uA+ldm4IKfqgwh+9G7N3+UuauP/m6bduPCv
gAg2qyQIcL4jMJIN+n7VCwDE8+p2G+za4E4Gbxy0GiGFMnKONcnGiZ6fKdlS/wog
slh9Z5hy/IR9qyHmWB4vLekcsm56jKMbp6naWZP93/wk+EFxJr4YATjOOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJJQqcqUtCHTYY0Z7GcXPrNlyj8gMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEva2xDcHlwUzBJZE5oalJuc1p4Yy1zMlhLUHlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUah0MA0G
CSqGSIb3DQEBCwUAA4IBAQCl7ezJ3DQXKORWM+F3yWVH0KqOrsiO13RXLdXwpPAK
ydSl+eTvTmST7sANkU12GuyNSqDX3W4vEMYoJUFTFjg3NhJYR7QOXkV7LMuuPuZs
ST5/2lcLcf9XbfcvCLzyruqot5S39CiIGq/baubmFYFv+eNdWd5kpDgt4ImetV/n
IohWLsPqXrS9awEr3TZ/7bZlINitSagHc6JH6+9bjFF9fHaoLCpFMgSBBAgNenYm
/WHX4Q9nNYj6nXDLZkjrW0cXbdrbqkhuBHqn+qUW450p3GiU7uH3eKyYBNQEnfxd
AONIOaU0Q1RtQXdH11gLW6l2NeexTw8bO+NftJqH3G29
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:30 2024 by rpki-client on console-ams.rpki-client.org