Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/xHmO5nNy1dYJRFp1ZvipCwXviGY.roa
File:                     xHmO5nNy1dYJRFp1ZvipCwXviGY.roa (raw, json)
Hash identifier:          zfdlcwkyvvlR4Tk8EKRNQSorzjoH4scVXbkjfoumTZc=
Subject key identifier:   C4:79:8E:E6:73:72:D5:D6:09:44:5A:75:66:F8:A9:0B:05:EF:88:66
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018571FA24D4FC4215D13BCBA9DFC2274F8C
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/xHmO5nNy1dYJRFp1ZvipCwXviGY.roa
Signing time:             Mon 02 Jan 2023 10:14:56 +0000
ROA not before:           Mon 02 Jan 2023 10:14:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     40676
IP address blocks:        81.168.41.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 30 Jan 2023 09:09:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:fa:24:d4:fc:42:15:d1:3b:cb:a9:df:c2:27:4f:8c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jan  2 10:14:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c4798ee67372d5d609445a7566f8a90b05ef8866
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:85:ed:25:47:78:43:ec:81:5f:b2:13:7a:9a:
                    dd:cf:b5:1e:35:59:55:90:e2:35:58:d3:13:3f:05:
                    a9:f7:a1:82:92:e6:84:35:85:44:5c:09:3a:2e:4e:
                    e8:f8:04:d9:54:e0:98:23:6d:a9:ae:e8:2a:4c:5f:
                    ad:c0:a0:1b:d9:65:0d:10:3e:2f:fd:7b:19:5b:1e:
                    ff:8f:e3:8f:b3:d9:1a:05:41:ac:67:1f:82:d7:b5:
                    9f:81:df:96:3c:70:84:93:e0:09:12:dd:ab:2e:2e:
                    82:98:70:da:be:2b:c6:58:d7:45:ad:45:89:67:95:
                    37:ed:9e:e8:71:7a:99:5c:cd:ad:fc:c2:40:97:55:
                    f6:6c:74:48:4e:8a:c5:f2:64:ab:1d:53:6e:0b:72:
                    5e:b6:f7:f7:e6:9d:35:bb:e4:dd:1f:6a:77:9b:97:
                    16:d0:0b:9b:3c:b6:52:a6:4b:01:12:32:bb:a6:b8:
                    e5:ac:14:43:5d:db:15:25:8b:b4:95:04:ea:a8:6c:
                    28:6f:d1:e7:9b:0a:d3:0b:e3:16:70:aa:6a:5c:1c:
                    95:84:22:38:13:06:ef:36:ac:5f:52:fb:61:18:e6:
                    66:e8:6a:29:b1:b7:08:76:14:16:f3:22:23:35:ea:
                    84:de:d8:ea:de:a7:de:f2:9a:f8:f1:b9:f9:80:b0:
                    29:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:79:8E:E6:73:72:D5:D6:09:44:5A:75:66:F8:A9:0B:05:EF:88:66
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/xHmO5nNy1dYJRFp1ZvipCwXviGY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.168.41.0/24

    Signature Algorithm: sha256WithRSAEncryption
         77:a1:32:ee:26:f3:0a:a2:d4:5f:52:16:61:8f:83:3d:47:ac:
         a7:9a:b1:2f:d6:c7:76:9f:d9:47:dd:f8:2f:31:ea:83:25:fa:
         6b:f4:43:bc:ae:3b:ea:43:36:4d:5a:7c:c6:e0:08:46:00:2d:
         24:6d:4d:c7:f3:80:34:30:f7:15:b7:a8:fe:48:78:69:e7:57:
         ba:47:3f:d6:ae:92:f7:d4:dd:92:14:58:76:31:83:f7:38:b0:
         2a:d5:b1:ec:46:2c:17:7e:c0:df:09:ef:75:43:65:fa:28:3a:
         e2:55:5d:6f:a3:2d:bb:30:9d:c5:43:d5:a1:03:8c:93:f6:26:
         11:80:2f:5f:b0:f9:4b:f2:57:5a:55:91:7d:6e:e5:67:b7:75:
         1c:a0:b4:95:06:a5:54:b3:7e:bc:be:fa:cc:01:15:9f:a2:d4:
         ab:42:fa:e6:00:47:01:19:5f:74:84:a9:eb:93:df:d6:2d:59:
         e0:d6:04:b4:ce:cd:22:c2:d7:93:65:b9:60:57:15:d2:90:d6:
         8c:65:b6:da:07:33:db:8e:eb:68:89:50:63:68:18:18:2e:ee:
         82:c2:1b:27:e4:87:3f:ec:ad:96:2a:c3:fb:55:98:bf:1f:c5:
         25:10:7d:7e:07:79:bc:4a:7d:33:af:ec:21:6f:0d:df:a9:2d:
         aa:d6:a0:8d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVx+iTU/EIV0TvLqd/CJ0+MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwMTAyMTAxNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDc5OGVlNjczNzJkNWQ2MDk0NDVhNzU2NmY4YTkwYjA1ZWY4ODY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhYXtJUd4Q+yBX7ITeprdz7UeNVlV
kOI1WNMTPwWp96GCkuaENYVEXAk6Lk7o+ATZVOCYI22prugqTF+twKAb2WUNED4v
/XsZWx7/j+OPs9kaBUGsZx+C17Wfgd+WPHCEk+AJEt2rLi6CmHDavivGWNdFrUWJ
Z5U37Z7ocXqZXM2t/MJAl1X2bHRITorF8mSrHVNuC3Jetvf35p01u+TdH2p3m5cW
0AubPLZSpksBEjK7prjlrBRDXdsVJYu0lQTqqGwob9HnmwrTC+MWcKpqXByVhCI4
EwbvNqxfUvthGOZm6GopsbcIdhQW8yIjNeqE3tjq3qfe8pr48bn5gLAp9QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMR5juZzctXWCURadWb4qQsF74hmMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEveEhtTzVuTnkxZFlKUkZwMVp2aXBDd1h2aUdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUagpMA0G
CSqGSIb3DQEBCwUAA4IBAQB3oTLuJvMKotRfUhZhj4M9R6ynmrEv1sd2n9lH3fgv
MeqDJfpr9EO8rjvqQzZNWnzG4AhGAC0kbU3H84A0MPcVt6j+SHhp51e6Rz/WrpL3
1N2SFFh2MYP3OLAq1bHsRiwXfsDfCe91Q2X6KDriVV1voy27MJ3FQ9WhA4yT9iYR
gC9fsPlL8ldaVZF9buVnt3UcoLSVBqVUs368vvrMARWfotSrQvrmAEcBGV90hKnr
k9/WLVng1gS0zs0iwteTZblgVxXSkNaMZbbaBzPbjutoiVBjaBgYLu6Cwhsn5Ic/
7K2WKsP7VZi/H8UlEH1+B3m8Sn0zr+whbw3fqS2q1qCN
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:32 2024 by rpki-client on console-ams.rpki-client.org