Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/tlUkKvLuThgNwpIMXUWmsXrKIao.roa
File:                     tlUkKvLuThgNwpIMXUWmsXrKIao.roa (raw, json)
Hash identifier:          deoeVUfoPF5LmIQVDr7JXk0+EglsRL6zNygQQeUB9Ag=
Subject key identifier:   B6:55:24:2A:F2:EE:4E:18:0D:C2:92:0C:5D:45:A6:B1:7A:CA:21:AA
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       0185E838CA3C8B11A525A5B6DC5376F65312
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/tlUkKvLuThgNwpIMXUWmsXrKIao.roa
Signing time:             Wed 25 Jan 2023 09:18:33 +0000
ROA not before:           Wed 25 Jan 2023 09:18:33 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     393427
IP address blocks:        81.168.35.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 28 Feb 2023 09:35:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:e8:38:ca:3c:8b:11:a5:25:a5:b6:dc:53:76:f6:53:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jan 25 09:18:33 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b655242af2ee4e180dc2920c5d45a6b17aca21aa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:bc:a8:d6:ac:37:0c:65:7e:39:f3:d8:55:a6:
                    b4:27:45:e8:16:85:91:a0:fe:b1:95:cc:d9:f3:ea:
                    30:87:59:68:7e:86:0f:eb:f0:e2:7e:f9:7b:f8:74:
                    0d:ea:c1:8f:00:14:51:39:ce:cc:74:3b:bb:04:96:
                    c6:89:77:80:f7:d5:14:04:97:d7:25:b5:59:04:8e:
                    be:ad:9a:02:b7:07:77:7b:e3:ae:e7:de:76:de:82:
                    f5:d0:1f:6e:17:8f:80:63:87:d4:5b:04:30:3c:95:
                    31:d8:e4:72:56:60:4f:fc:65:fe:8f:af:18:17:6f:
                    7c:0e:84:64:20:31:51:46:26:77:cb:3f:53:64:e1:
                    94:5a:bb:ef:6e:9f:42:67:b3:87:6d:24:14:7a:00:
                    d8:19:39:d2:7c:8b:67:da:0e:af:88:b0:36:e0:c5:
                    db:88:ab:98:a8:a0:67:88:14:03:72:bc:ae:be:e1:
                    2a:fb:fb:da:5f:90:f4:16:03:c2:b6:4e:20:ba:4b:
                    4a:6e:85:79:c2:ba:d7:a9:38:0f:e3:88:2a:fd:a6:
                    c2:71:a3:bc:a8:4c:a2:c7:6c:b5:22:76:4e:44:92:
                    4b:08:c7:2e:1d:f6:5a:06:07:07:a6:1f:ce:32:74:
                    15:db:bc:c7:42:6d:b5:db:2b:ca:3c:93:2a:a3:49:
                    ac:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:55:24:2A:F2:EE:4E:18:0D:C2:92:0C:5D:45:A6:B1:7A:CA:21:AA
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/tlUkKvLuThgNwpIMXUWmsXrKIao.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.168.35.0/24

    Signature Algorithm: sha256WithRSAEncryption
         84:ae:ba:1c:d8:e6:da:5c:18:ec:0c:30:cd:59:2e:01:cd:f3:
         30:c5:eb:17:d6:d8:d6:a2:8d:bd:7d:41:4d:62:93:11:74:4f:
         eb:95:bd:fc:52:02:25:ca:1d:74:1b:3c:1b:18:7c:64:20:f9:
         a1:4d:78:70:2a:07:f2:c1:4c:5a:b2:1b:b2:4e:8a:04:d6:7f:
         62:2a:fd:66:0a:cd:08:75:79:73:16:7b:ad:43:85:9a:38:e4:
         d8:1d:b9:63:e4:e0:bb:e3:1a:2c:a8:09:db:8d:db:27:10:8a:
         f6:93:bb:1b:f0:95:01:2b:d0:de:cf:b4:f9:51:35:2b:c8:7f:
         6e:02:5f:a6:b2:54:f6:32:b2:23:ea:9d:db:89:92:be:20:fe:
         f0:c5:f1:bd:07:59:34:1c:37:24:c9:c0:1b:89:7d:11:d0:ee:
         eb:f2:e4:15:25:06:09:dc:98:e6:8b:93:c8:35:55:03:68:d9:
         60:39:27:89:96:88:c6:c3:79:65:87:53:ff:8f:ea:cf:d4:88:
         ce:21:8a:76:cd:65:1d:b3:79:cb:7e:10:f2:ea:38:25:63:d3:
         37:80:ff:7a:c0:6a:da:76:37:4b:61:43:75:e4:b7:ea:43:37:
         82:b3:aa:87:56:90:8b:a8:ba:f9:61:89:8c:9c:d8:92:13:43:
         3f:95:13:76
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYXoOMo8ixGlJaW23FN29lMSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwMTI1MDkxODMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjU1MjQyYWYyZWU0ZTE4MGRjMjkyMGM1ZDQ1YTZiMTdhY2EyMWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi7yo1qw3DGV+OfPYVaa0J0XoFoWR
oP6xlczZ8+owh1lofoYP6/Difvl7+HQN6sGPABRROc7MdDu7BJbGiXeA99UUBJfX
JbVZBI6+rZoCtwd3e+Ou59523oL10B9uF4+AY4fUWwQwPJUx2ORyVmBP/GX+j68Y
F298DoRkIDFRRiZ3yz9TZOGUWrvvbp9CZ7OHbSQUegDYGTnSfItn2g6viLA24MXb
iKuYqKBniBQDcryuvuEq+/vaX5D0FgPCtk4guktKboV5wrrXqTgP44gq/abCcaO8
qEyix2y1InZORJJLCMcuHfZaBgcHph/OMnQV27zHQm212yvKPJMqo0msHwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLZVJCry7k4YDcKSDF1FprF6yiGqMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvdGxVa0t2THVUaGdOd3BJTVhVV21zWHJLSWFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUagjMA0G
CSqGSIb3DQEBCwUAA4IBAQCErroc2ObaXBjsDDDNWS4BzfMwxesX1tjWoo29fUFN
YpMRdE/rlb38UgIlyh10GzwbGHxkIPmhTXhwKgfywUxashuyTooE1n9iKv1mCs0I
dXlzFnutQ4WaOOTYHblj5OC74xosqAnbjdsnEIr2k7sb8JUBK9Dez7T5UTUryH9u
Al+mslT2MrIj6p3biZK+IP7wxfG9B1k0HDckycAbiX0R0O7r8uQVJQYJ3Jjmi5PI
NVUDaNlgOSeJlojGw3llh1P/j+rP1IjOIYp2zWUds3nLfhDy6jglY9M3gP96wGra
djdLYUN15LfqQzeCs6qHVpCLqLr5YYmMnNiSE0M/lRN2
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:31 2024 by rpki-client on console-ams.rpki-client.org