Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/uzVQnwPo66ojUlh9MsPaAwiq8gc.roa
File:                     uzVQnwPo66ojUlh9MsPaAwiq8gc.roa (raw, json)
Hash identifier:          p+qYh1B8E/f2GbYxm5F6GMMNpzSzX0sWq1dXijT0piw=
Subject key identifier:   BB:35:50:9F:03:E8:EB:AA:23:52:58:7D:32:C3:DA:03:08:AA:F2:07
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       01894A7AD83FDD542B3EE7312DDE4EF091BE
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/uzVQnwPo66ojUlh9MsPaAwiq8gc.roa
Signing time:             Wed 12 Jul 2023 14:21:52 +0000
ROA not before:           Wed 12 Jul 2023 14:21:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     206509
IP address blocks:        81.168.0.0/17 maxlen: 17
                          109.176.0.0/16 maxlen: 16
                          81.5.128.0/18 maxlen: 18
                          82.152.0.0/15 maxlen: 15
                          213.152.32.0/19 maxlen: 19

Validation:               Failed, certificate revoked on Thu 02 Nov 2023 18:35:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:4a:7a:d8:3f:dd:54:2b:3e:e7:31:2d:de:4e:f0:91:be
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jul 12 14:21:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=bb35509f03e8ebaa2352587d32c3da0308aaf207
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:ff:37:27:4d:99:0c:a1:f3:00:68:0e:2b:0e:
                    14:28:54:d9:29:7e:39:63:d8:de:55:64:c2:28:af:
                    ab:b1:2d:6e:fe:74:ed:25:6b:dd:27:b9:28:0d:44:
                    dc:40:2b:23:49:11:9b:a9:d3:95:a8:7d:7a:36:92:
                    58:f8:45:9d:80:2f:4d:dc:17:c6:cc:ad:4a:5e:ea:
                    5e:8d:2a:c5:3a:c5:a0:fa:c6:22:42:41:e2:5f:60:
                    85:ce:70:b1:f6:40:c3:e7:a8:5e:ae:6e:40:76:7d:
                    cb:cb:a5:e5:9f:63:3f:b2:9e:fb:80:33:67:65:7c:
                    4e:5e:74:da:d9:9e:51:ad:3f:0f:43:0d:67:c3:3c:
                    d0:87:35:a1:b7:66:5f:9e:5e:d3:dc:f4:28:c0:19:
                    1f:6b:20:c6:93:12:40:80:87:e4:9a:5f:fe:bb:32:
                    63:87:4e:6b:ac:3b:0a:78:08:15:81:7c:ff:56:53:
                    5a:6b:6b:c5:f8:18:46:63:1d:d0:bb:ef:33:4c:48:
                    79:12:32:e0:46:7b:80:e1:2c:76:51:52:a9:45:df:
                    a7:cc:a2:a4:3b:21:a8:c0:54:3b:3a:6b:a4:db:59:
                    91:12:f4:af:45:d5:ab:ea:70:4f:0b:e7:ed:e1:e3:
                    ba:a6:ce:7a:f6:c7:9f:f6:62:64:20:f2:c6:44:b2:
                    d0:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:35:50:9F:03:E8:EB:AA:23:52:58:7D:32:C3:DA:03:08:AA:F2:07
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/uzVQnwPo66ojUlh9MsPaAwiq8gc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.5.128.0/18
                  81.168.0.0/17
                  82.152.0.0/15
                  109.176.0.0/16
                  213.152.32.0/19

    Signature Algorithm: sha256WithRSAEncryption
         34:af:7c:97:4b:f1:ba:51:e5:3e:64:ab:c5:f6:98:bc:e6:1f:
         fa:9e:33:bd:50:b4:ec:7c:ff:80:98:54:b4:aa:cf:e7:e7:4a:
         99:1b:eb:22:b9:66:51:48:96:d3:50:40:cc:14:59:70:cc:98:
         3b:06:af:61:fc:d8:10:6d:9d:55:c2:5f:9b:f4:2f:59:3d:57:
         6d:c7:ad:9b:2f:72:e9:cd:5f:a5:48:4a:82:17:0e:da:3c:b4:
         8a:24:8a:c4:59:6b:5e:73:6a:e6:29:56:be:37:e2:9d:a8:8c:
         f8:ad:42:e3:08:7e:f4:fc:49:87:5e:07:db:71:93:17:ca:bf:
         c6:97:ea:47:19:ad:d3:4e:47:aa:4c:3d:5f:d4:69:08:4f:7f:
         86:47:ea:d5:c9:71:7c:f5:4c:13:f7:72:ec:0a:c0:c6:2c:f3:
         cc:35:f6:99:88:1f:75:b5:79:16:39:83:3a:ae:86:98:fd:56:
         3f:6e:9b:58:43:f3:68:23:13:71:ac:8c:0c:c8:71:aa:36:93:
         6c:e0:4f:10:02:50:df:04:c6:21:be:3c:94:d0:b2:51:4b:5c:
         ea:db:50:08:69:62:34:92:d9:8b:6f:0d:09:a5:0a:c6:34:b3:
         26:48:93:4f:d0:42:71:07:14:fb:7e:83:76:a8:6c:fd:25:d0:
         78:3a:b5:8e
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYlKetg/3VQrPucxLd5O8JG+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNzEyMTQyMTUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjM1NTA5ZjAzZThlYmFhMjM1MjU4N2QzMmMzZGEwMzA4YWFmMjA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiP83J02ZDKHzAGgOKw4UKFTZKX45
Y9jeVWTCKK+rsS1u/nTtJWvdJ7koDUTcQCsjSRGbqdOVqH16NpJY+EWdgC9N3BfG
zK1KXupejSrFOsWg+sYiQkHiX2CFznCx9kDD56herm5Adn3Ly6Xln2M/sp77gDNn
ZXxOXnTa2Z5RrT8PQw1nwzzQhzWht2Zfnl7T3PQowBkfayDGkxJAgIfkml/+uzJj
h05rrDsKeAgVgXz/VlNaa2vF+BhGYx3Qu+8zTEh5EjLgRnuA4Sx2UVKpRd+nzKKk
OyGowFQ7Omuk21mREvSvRdWr6nBPC+ft4eO6ps569sef9mJkIPLGRLLQLQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFLs1UJ8D6OuqI1JYfTLD2gMIqvIHMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvdXpWUW53UG82Nm9qVWxoOU1zUGFBd2lxOGdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcAwQGUQWAAwQH
UagAAwMBUpgDAwBtsAMEBdWYIDANBgkqhkiG9w0BAQsFAAOCAQEANK98l0vxulHl
PmSrxfaYvOYf+p4zvVC07Hz/gJhUtKrP5+dKmRvrIrlmUUiW01BAzBRZcMyYOwav
YfzYEG2dVcJfm/QvWT1Xbcetmy9y6c1fpUhKghcO2jy0iiSKxFlrXnNq5ilWvjfi
naiM+K1C4wh+9PxJh14H23GTF8q/xpfqRxmt005Hqkw9X9RpCE9/hkfq1clxfPVM
E/dy7ArAxizzzDX2mYgfdbV5FjmDOq6GmP1WP26bWEPzaCMTcayMDMhxqjaTbOBP
EAJQ3wTGIb48lNCyUUtc6ttQCGliNJLZi28NCaUKxjSzJkiTT9BCcQcU+36Ddqhs
/SXQeDq1jg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:32 2024 by rpki-client on console-ams.rpki-client.org