Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vwfbb0nJrk03PflsOZjMwq4uQME.roa
File:                     vwfbb0nJrk03PflsOZjMwq4uQME.roa (raw, json)
Hash identifier:          f3kYgkn9ksviDNsuRHAAWsD/VwPPd5DF+yPzfXuGwo0=
Subject key identifier:   BF:07:DB:6F:49:C9:AE:4D:37:3D:F9:6C:39:98:CC:C2:AE:2E:40:C1
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018571FA2CB9A74400809D42EA682505A2E4
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vwfbb0nJrk03PflsOZjMwq4uQME.roa
Signing time:             Mon 02 Jan 2023 10:14:58 +0000
ROA not before:           Mon 02 Jan 2023 10:14:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211373
IP address blocks:        81.168.117.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:30:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:fa:2c:b9:a7:44:00:80:9d:42:ea:68:25:05:a2:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jan  2 10:14:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=bf07db6f49c9ae4d373df96c3998ccc2ae2e40c1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:65:71:0d:7f:19:dd:be:a2:eb:6a:d2:94:e5:
                    1c:fa:d4:6d:ec:d2:83:9e:b6:cb:9e:30:99:86:e9:
                    f2:4c:c3:23:bc:0e:9a:66:e3:b6:29:12:8b:2c:33:
                    9e:0e:eb:95:7f:94:d2:d7:7f:05:67:70:a9:16:85:
                    40:38:72:fc:c5:b3:1b:52:83:b3:a5:c8:b8:8e:33:
                    b4:f1:ec:63:ed:75:03:fc:75:06:c7:fa:fd:f9:9b:
                    2f:19:ce:42:cd:43:a9:ca:6a:60:96:fe:64:53:19:
                    b4:1c:b7:98:3f:29:f7:80:73:5d:ef:8d:0b:4e:92:
                    ee:c0:e9:ae:bf:be:8c:0e:89:fc:ce:0f:7e:2c:ce:
                    08:c6:34:3b:f7:4d:ac:54:c1:f5:35:fe:cb:59:db:
                    67:45:38:67:8c:b5:6a:9c:16:c6:1d:f9:3a:7d:2a:
                    e3:72:b8:0c:37:7d:d4:80:3d:a2:f8:20:08:34:fd:
                    39:72:42:c5:ae:82:65:45:df:fb:56:e9:22:1c:7d:
                    c0:4c:2a:18:00:26:f6:ec:e3:6b:2e:99:07:e6:ea:
                    a2:a5:e8:ec:b3:7d:86:14:2e:83:3d:2d:87:35:5f:
                    9f:20:3e:d9:92:df:e4:db:b8:cc:70:26:3f:1b:75:
                    01:6a:c5:21:58:4e:b0:c7:c9:aa:fc:f7:38:56:b4:
                    68:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:07:DB:6F:49:C9:AE:4D:37:3D:F9:6C:39:98:CC:C2:AE:2E:40:C1
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vwfbb0nJrk03PflsOZjMwq4uQME.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.168.117.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7a:07:f8:e6:ef:0f:11:f9:3e:db:7d:92:d3:22:64:4f:6f:a0:
         8e:41:0f:63:3f:d3:07:4d:f7:43:0c:b7:82:bd:2b:6e:99:c0:
         4a:4f:a6:5a:5f:2e:f9:08:b8:fb:91:b0:b2:06:4b:9e:90:f6:
         bf:d5:24:36:28:05:c6:34:93:45:5e:57:a4:3e:f4:21:d7:9e:
         cc:c2:eb:e6:90:28:b8:26:9f:d7:f7:68:6e:2c:f1:96:3f:6d:
         92:86:c3:cf:44:14:c8:dc:de:f0:a0:d6:f1:c0:97:7e:53:bb:
         61:b0:80:b3:6b:02:4e:90:6b:43:de:2d:d4:c0:33:52:14:41:
         a3:d2:fe:6b:1c:96:f7:04:ec:e0:82:f4:bc:6b:5f:be:e1:d9:
         73:4f:52:22:5f:3a:51:5b:7a:c0:82:9f:3a:39:7a:74:be:9b:
         c4:36:f9:43:af:3f:5f:18:f5:40:29:ac:27:00:88:da:a6:95:
         01:cd:8a:87:05:30:44:0a:cb:be:1a:b9:1f:44:c0:bf:40:17:
         da:01:f0:53:5d:02:72:14:3a:5e:6b:79:80:98:9a:05:98:27:
         9f:56:af:7b:0f:ec:55:b5:7f:e0:64:3c:c7:43:f6:12:52:d0:
         8d:e2:29:c5:8a:d7:fc:77:e2:8b:45:17:40:22:65:92:4f:4f:
         31:33:f4:8c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVx+iy5p0QAgJ1C6mglBaLkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwMTAyMTAxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjA3ZGI2ZjQ5YzlhZTRkMzczZGY5NmMzOTk4Y2NjMmFlMmU0MGMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApGVxDX8Z3b6i62rSlOUc+tRt7NKD
nrbLnjCZhunyTMMjvA6aZuO2KRKLLDOeDuuVf5TS138FZ3CpFoVAOHL8xbMbUoOz
pci4jjO08exj7XUD/HUGx/r9+ZsvGc5CzUOpympglv5kUxm0HLeYPyn3gHNd740L
TpLuwOmuv76MDon8zg9+LM4IxjQ7902sVMH1Nf7LWdtnRThnjLVqnBbGHfk6fSrj
crgMN33UgD2i+CAINP05ckLFroJlRd/7VukiHH3ATCoYACb27ONrLpkH5uqipejs
s32GFC6DPS2HNV+fID7Zkt/k27jMcCY/G3UBasUhWE6wx8mq/Pc4VrRoOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL8H229Jya5NNz35bDmYzMKuLkDBMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvdndmYmIwbkpyazAzUGZsc09aak13cTR1UU1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUah1MA0G
CSqGSIb3DQEBCwUAA4IBAQB6B/jm7w8R+T7bfZLTImRPb6COQQ9jP9MHTfdDDLeC
vStumcBKT6ZaXy75CLj7kbCyBkuekPa/1SQ2KAXGNJNFXlekPvQh157MwuvmkCi4
Jp/X92huLPGWP22ShsPPRBTI3N7woNbxwJd+U7thsICzawJOkGtD3i3UwDNSFEGj
0v5rHJb3BOzggvS8a1++4dlzT1IiXzpRW3rAgp86OXp0vpvENvlDrz9fGPVAKawn
AIjappUBzYqHBTBECsu+GrkfRMC/QBfaAfBTXQJyFDpea3mAmJoFmCefVq97D+xV
tX/gZDzHQ/YSUtCN4inFitf8d+KLRRdAImWST08xM/SM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:18 2024 by rpki-client on console-fra.rpki-client.org