Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/n337GLaKb0EXD1dySP_lWnE-rDE.roa
File:                     n337GLaKb0EXD1dySP_lWnE-rDE.roa (raw, json)
Hash identifier:          zYfwAYWWxSkh6vnwzyx3JRdZgU0TRESKtkUW+GWJwHM=
Subject key identifier:   9F:7D:FB:18:B6:8A:6F:41:17:0F:57:72:48:FF:E5:5A:71:3E:AC:31
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018AB87A9CA2E8DDFC269DF8504D048A6B60
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/n337GLaKb0EXD1dySP_lWnE-rDE.roa
Signing time:             Thu 21 Sep 2023 16:02:37 +0000
ROA not before:           Thu 21 Sep 2023 16:02:37 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     63023
IP address blocks:        81.168.123.0/24 maxlen: 24
                          89.213.144.0/24 maxlen: 24
                          82.153.10.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 16 Oct 2023 16:02:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:b8:7a:9c:a2:e8:dd:fc:26:9d:f8:50:4d:04:8a:6b:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Sep 21 16:02:37 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9f7dfb18b68a6f41170f577248ffe55a713eac31
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:77:d9:e0:1c:91:d5:4f:d0:02:da:ab:5c:d1:
                    46:f1:a1:de:ff:a2:40:9a:ca:fb:57:2f:97:e9:71:
                    46:a8:c4:cb:af:3f:00:6a:9d:d4:db:6e:b6:cd:f7:
                    c1:c5:ca:a3:54:0c:cd:8a:8f:25:ae:ca:e8:f1:88:
                    e5:8f:b3:87:1e:68:a0:05:33:9c:46:67:6c:8c:ae:
                    30:f1:25:a2:33:b7:37:ce:b1:13:48:a1:a5:94:e8:
                    f6:bc:89:37:82:f7:23:92:d1:4c:47:50:fa:4a:da:
                    20:5a:53:42:2a:a7:5d:b7:e6:98:d7:3a:99:34:42:
                    0c:37:42:bc:6e:1f:0c:ba:a8:df:85:12:cd:19:6c:
                    52:f2:fa:93:8a:55:0e:74:e6:52:3c:b5:39:13:1f:
                    2b:c2:15:e4:1b:d9:44:86:f6:21:c6:93:39:9c:05:
                    27:fb:19:19:37:a6:8e:35:1f:f9:ca:f5:df:8b:9a:
                    83:bc:34:d1:11:9b:6c:2b:fc:d6:3d:f5:a4:00:f4:
                    be:ab:f4:ff:93:e2:af:04:58:2f:81:99:44:96:ee:
                    fd:68:1e:bc:a6:04:e7:6a:e4:31:71:56:c7:7b:e8:
                    e3:d7:b0:b5:b4:be:af:0d:b6:1c:4d:40:d7:27:1c:
                    c2:fa:50:79:9c:42:a4:a8:af:e6:36:42:78:fb:d1:
                    79:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:7D:FB:18:B6:8A:6F:41:17:0F:57:72:48:FF:E5:5A:71:3E:AC:31
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/n337GLaKb0EXD1dySP_lWnE-rDE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.168.123.0/24
                  82.153.10.0/24
                  89.213.144.0/24

    Signature Algorithm: sha256WithRSAEncryption
         98:be:ca:0f:28:a4:51:78:4b:85:39:e8:99:b8:92:4b:26:2b:
         39:43:e7:af:e3:31:8b:cb:2f:2d:ef:62:8e:8a:8f:f9:9a:84:
         61:da:3f:de:9a:c2:f8:75:b8:a9:ce:ff:c7:79:f9:33:95:9c:
         34:aa:bc:b2:39:26:05:5a:76:36:21:78:53:73:c9:fc:65:8e:
         25:b1:2b:4b:2b:85:a9:ac:76:2c:c9:b4:66:b5:1d:2e:30:54:
         2f:63:df:e5:82:83:75:4e:86:41:d1:a7:ea:e5:2d:2e:4e:b0:
         fe:12:7e:48:3e:30:3b:63:80:8f:90:50:8a:f8:24:e2:c4:f5:
         d0:f0:99:d6:d7:7b:ea:c4:ae:e1:e4:77:d5:72:f9:40:60:3f:
         1b:bb:34:a6:39:68:56:7d:af:94:f3:de:7d:32:22:8f:65:06:
         d1:17:2c:2e:27:03:ad:9b:38:78:2c:74:5f:cd:53:21:26:4b:
         e0:f6:78:62:0d:6e:6c:31:44:f0:dd:6f:d1:23:4a:ad:7e:db:
         62:2c:cf:4f:50:7d:45:67:af:0a:3c:e9:a7:20:3e:53:f8:41:
         83:84:96:80:47:1b:13:39:78:ba:cd:43:c4:70:33:76:6d:e7:
         1b:64:49:15:43:e3:4e:1f:ed:39:b7:7a:db:50:de:f8:97:1d:
         41:2c:be:69
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYq4epyi6N38Jp34UE0EimtgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwOTIxMTYwMjM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjdkZmIxOGI2OGE2ZjQxMTcwZjU3NzI0OGZmZTU1YTcxM2VhYzMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq3fZ4ByR1U/QAtqrXNFG8aHe/6JA
msr7Vy+X6XFGqMTLrz8Aap3U2262zffBxcqjVAzNio8lrsro8Yjlj7OHHmigBTOc
RmdsjK4w8SWiM7c3zrETSKGllOj2vIk3gvcjktFMR1D6StogWlNCKqddt+aY1zqZ
NEIMN0K8bh8MuqjfhRLNGWxS8vqTilUOdOZSPLU5Ex8rwhXkG9lEhvYhxpM5nAUn
+xkZN6aONR/5yvXfi5qDvDTREZtsK/zWPfWkAPS+q/T/k+KvBFgvgZlElu79aB68
pgTnauQxcVbHe+jj17C1tL6vDbYcTUDXJxzC+lB5nEKkqK/mNkJ4+9F5cwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJ99+xi2im9BFw9Xckj/5VpxPqwxMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvbjMzN0dMYUtiMEVYRDFkeVNQX2xXbkUtckRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUah7AwQA
UpkKAwQAWdWQMA0GCSqGSIb3DQEBCwUAA4IBAQCYvsoPKKRReEuFOeiZuJJLJis5
Q+ev4zGLyy8t72KOio/5moRh2j/emsL4dbipzv/HefkzlZw0qryyOSYFWnY2IXhT
c8n8ZY4lsStLK4WprHYsybRmtR0uMFQvY9/lgoN1ToZB0afq5S0uTrD+En5IPjA7
Y4CPkFCK+CTixPXQ8JnW13vqxK7h5HfVcvlAYD8buzSmOWhWfa+U8959MiKPZQbR
FywuJwOtmzh4LHRfzVMhJkvg9nhiDW5sMUTw3W/RI0qtfttiLM9PUH1FZ68KPOmn
ID5T+EGDhJaARxsTOXi6zUPEcDN2becbZEkVQ+NOH+05t3rbUN74lx1BLL5p
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:31 2024 by rpki-client on console-ams.rpki-client.org