Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/tWhE5KH2aCsezDXcnZB01m-pfxM.roa
File:                     tWhE5KH2aCsezDXcnZB01m-pfxM.roa (raw, json)
Hash identifier:          tg+MxUjQdKXBMY9bO+R8zvPGk6tRAJW1XLVeSJ6WFWs=
Subject key identifier:   B5:68:44:E4:A1:F6:68:2B:1E:CC:35:DC:9D:90:74:D6:6F:A9:7F:13
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       0187A31BCFC1B9A9598E294B65C38D4F8F88
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/tWhE5KH2aCsezDXcnZB01m-pfxM.roa
Signing time:             Fri 21 Apr 2023 09:18:41 +0000
ROA not before:           Fri 21 Apr 2023 09:18:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     996
IP address blocks:        82.153.231.0/24 maxlen: 24
                          81.168.116.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 24 Apr 2023 07:59:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:a3:1b:cf:c1:b9:a9:59:8e:29:4b:65:c3:8d:4f:8f:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Apr 21 09:18:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b56844e4a1f6682b1ecc35dc9d9074d66fa97f13
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:f9:c0:93:18:f0:45:d0:32:ad:2b:99:9c:de:
                    94:50:ee:41:b7:dd:d8:09:28:28:db:85:a0:4e:78:
                    6b:b5:d4:aa:93:5e:82:4b:fa:08:06:87:c0:f9:ad:
                    e1:fe:6a:ab:d2:b6:d2:32:ab:00:7f:4d:13:08:bc:
                    1c:db:04:a4:b5:f3:b5:a8:80:c1:a4:44:75:2f:d9:
                    ab:a1:28:f3:71:cf:21:43:54:9a:08:83:bf:0c:1d:
                    55:50:a8:8e:cc:ce:6b:a3:ef:ce:40:98:72:99:8a:
                    4b:9f:5f:11:98:03:9b:6d:b6:78:2a:aa:b0:0b:62:
                    d3:4e:38:00:bd:20:bb:42:67:80:70:02:fe:6e:18:
                    db:d7:64:69:6f:85:93:af:40:92:60:a3:51:be:a3:
                    bc:8f:c9:41:9f:23:a9:6d:7f:9a:89:77:98:19:df:
                    fb:7a:b6:80:8d:7e:bf:9d:7f:94:10:43:e3:c7:d4:
                    5e:54:3d:e7:76:1e:3d:25:19:c1:c3:6b:0e:3e:66:
                    d3:93:36:64:a9:db:24:d7:4f:50:3a:83:16:77:9b:
                    6c:19:6a:ce:56:5f:b5:f5:62:29:54:0f:9b:c6:1d:
                    d4:4b:e3:ff:ba:3c:30:49:d0:55:db:61:08:e2:f8:
                    95:bc:01:92:fe:73:34:79:3e:07:25:d0:d8:99:3e:
                    6f:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:68:44:E4:A1:F6:68:2B:1E:CC:35:DC:9D:90:74:D6:6F:A9:7F:13
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/tWhE5KH2aCsezDXcnZB01m-pfxM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.168.116.0/24
                  82.153.231.0/24

    Signature Algorithm: sha256WithRSAEncryption
         80:2a:17:6b:41:7f:45:c0:1c:a5:78:02:2a:4d:d9:2e:3d:32:
         75:80:07:53:03:39:27:a6:23:a5:78:14:92:da:c0:9e:52:0e:
         3c:03:bc:a8:db:a7:ff:e5:8a:23:29:9a:0b:ea:7d:be:52:70:
         23:28:dd:89:2c:f7:41:47:28:76:e6:16:2e:14:24:19:97:d2:
         50:a1:e4:d8:06:a3:d1:ec:79:44:ec:2a:f3:1c:e7:ea:b7:d4:
         bd:41:5b:ea:cd:b7:26:65:c6:aa:fc:47:5d:45:13:b9:9b:fa:
         c0:dc:49:7a:32:be:ed:3d:55:46:d2:c0:ba:da:82:20:64:4f:
         83:28:4f:96:04:f0:2e:c5:8e:16:06:4f:e1:65:c4:bc:b9:91:
         b5:9b:26:f9:14:b8:cf:48:a3:f2:d9:57:fc:ef:7c:39:af:ba:
         fd:cc:2a:2e:eb:63:5b:c6:bb:5a:4c:45:15:2e:29:f8:43:d5:
         af:5a:e5:36:58:8a:08:59:57:b6:51:d8:45:a8:8c:17:f3:c8:
         fb:a5:c8:7c:d2:5c:7f:69:70:8b:62:99:3f:5c:2d:02:3f:6c:
         62:ca:4f:f7:38:e8:60:8e:47:9b:25:3d:09:57:23:b5:db:2f:
         1f:1d:10:40:08:67:3b:5c:a8:31:f8:c7:1b:43:f0:15:3d:75:
         a2:b4:8b:8d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYejG8/BualZjilLZcONT4+IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNDIxMDkxODQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTY4NDRlNGExZjY2ODJiMWVjYzM1ZGM5ZDkwNzRkNjZmYTk3ZjEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqvnAkxjwRdAyrSuZnN6UUO5Bt93Y
CSgo24WgTnhrtdSqk16CS/oIBofA+a3h/mqr0rbSMqsAf00TCLwc2wSktfO1qIDB
pER1L9mroSjzcc8hQ1SaCIO/DB1VUKiOzM5ro+/OQJhymYpLn18RmAObbbZ4Kqqw
C2LTTjgAvSC7QmeAcAL+bhjb12Rpb4WTr0CSYKNRvqO8j8lBnyOpbX+aiXeYGd/7
eraAjX6/nX+UEEPjx9ReVD3ndh49JRnBw2sOPmbTkzZkqdsk109QOoMWd5tsGWrO
Vl+19WIpVA+bxh3US+P/ujwwSdBV22EI4viVvAGS/nM0eT4HJdDYmT5vIQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLVoROSh9mgrHsw13J2QdNZvqX8TMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvdFdoRTVLSDJhQ3NlekRYY25aQjAxbS1wZnhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUah0AwQA
UpnnMA0GCSqGSIb3DQEBCwUAA4IBAQCAKhdrQX9FwByleAIqTdkuPTJ1gAdTAzkn
piOleBSS2sCeUg48A7yo26f/5YojKZoL6n2+UnAjKN2JLPdBRyh25hYuFCQZl9JQ
oeTYBqPR7HlE7CrzHOfqt9S9QVvqzbcmZcaq/EddRRO5m/rA3El6Mr7tPVVG0sC6
2oIgZE+DKE+WBPAuxY4WBk/hZcS8uZG1myb5FLjPSKPy2Vf873w5r7r9zCou62Nb
xrtaTEUVLin4Q9WvWuU2WIoIWVe2UdhFqIwX88j7pch80lx/aXCLYpk/XC0CP2xi
yk/3OOhgjkebJT0JVyO12y8fHRBACGc7XKgx+McbQ/AVPXWitIuN
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:18 2024 by rpki-client on console-fra.rpki-client.org