Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/78c577-8f98-40b2-b01d-10777f9e3685/1/PfKki3WyvWV-PMLCGYMiyKZEzqA.roa
File:                     PfKki3WyvWV-PMLCGYMiyKZEzqA.roa (raw, json)
Hash identifier:          A/uZgFiUyfRf0qpEelKp/WZlTMGQ080AqdFTfi9884I=
Subject key identifier:   3D:F2:A4:8B:75:B2:BD:65:7E:3C:C2:C2:19:83:22:C8:A6:44:CE:A0
Certificate issuer:       /CN=532d1e41424819bcc0cd637d8ee141fea585d00d
Certificate serial:       01894E49DF21F9E2EBB78A8038B13A7F04D3
Authority key identifier: 53:2D:1E:41:42:48:19:BC:C0:CD:63:7D:8E:E1:41:FE:A5:85:D0:0D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Uy0eQUJIGbzAzWN9juFB_qWF0A0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/98/78c577-8f98-40b2-b01d-10777f9e3685/1/PfKki3WyvWV-PMLCGYMiyKZEzqA.roa
Signing time:             Thu 13 Jul 2023 08:06:51 +0000
ROA not before:           Thu 13 Jul 2023 08:06:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     201404
IP address blocks:        185.49.49.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 25 Sep 2023 06:49:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:4e:49:df:21:f9:e2:eb:b7:8a:80:38:b1:3a:7f:04:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=532d1e41424819bcc0cd637d8ee141fea585d00d
        Validity
            Not Before: Jul 13 08:06:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3df2a48b75b2bd657e3cc2c2198322c8a644cea0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:94:4a:8d:de:e5:e6:79:2b:88:43:c0:73:2a:
                    6e:3f:a9:bd:e9:2d:6d:a9:ea:fb:de:72:c4:10:5d:
                    39:aa:fa:51:02:1a:92:67:6e:1a:c1:70:b2:c1:3b:
                    30:87:6f:d6:bf:ee:72:02:64:cc:dc:42:c0:2f:2c:
                    4d:11:1f:7d:8b:e7:72:82:2e:62:2d:e2:6c:72:a2:
                    d9:3b:35:d5:c4:65:37:89:c3:dd:48:81:a5:ac:30:
                    9f:51:fa:75:f4:bd:4d:ab:e2:4a:6c:35:31:80:db:
                    9c:e0:b1:1b:8b:45:c9:57:00:33:e8:e0:a3:79:fb:
                    22:1b:cd:81:9f:39:85:11:09:8b:8f:47:c8:31:c2:
                    2f:01:1e:73:7c:73:64:8a:97:b8:cf:83:fa:6d:57:
                    0b:d4:f5:ac:37:b0:76:69:c7:92:2f:a4:5a:5b:18:
                    76:26:4a:eb:a8:31:0d:0b:f7:53:f2:a1:1e:3d:f8:
                    8f:dc:60:b5:83:06:b3:06:71:43:8a:c3:64:e4:da:
                    5c:81:69:e2:e3:5c:11:4c:f9:ae:9b:4e:a4:70:91:
                    73:c5:94:df:39:b0:51:70:2a:c8:78:5a:8c:02:d7:
                    ac:9f:0f:fa:13:ed:3c:46:7e:03:80:8a:d4:cc:41:
                    7a:99:30:ed:81:2f:da:1f:f3:17:e9:dd:1e:d9:c2:
                    b5:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:F2:A4:8B:75:B2:BD:65:7E:3C:C2:C2:19:83:22:C8:A6:44:CE:A0
            X509v3 Authority Key Identifier:
                keyid:53:2D:1E:41:42:48:19:BC:C0:CD:63:7D:8E:E1:41:FE:A5:85:D0:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Uy0eQUJIGbzAzWN9juFB_qWF0A0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/78c577-8f98-40b2-b01d-10777f9e3685/1/PfKki3WyvWV-PMLCGYMiyKZEzqA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/98/78c577-8f98-40b2-b01d-10777f9e3685/1/Uy0eQUJIGbzAzWN9juFB_qWF0A0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.49.49.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ae:87:d7:07:63:66:75:85:58:6a:46:55:99:ba:2b:1a:52:4c:
         a9:6d:db:e1:a6:a5:2c:31:fa:cf:4b:0d:f2:37:00:78:2a:27:
         5d:99:7c:9e:35:85:62:a4:2e:03:ac:f2:38:03:77:24:75:85:
         ec:39:43:de:af:4c:a8:92:6a:62:8f:17:79:0f:be:da:0f:c2:
         35:0e:89:51:0d:2b:d8:f9:5c:e4:aa:d0:b2:30:c4:21:72:b0:
         76:d3:33:68:09:c2:c8:c5:7a:4e:29:51:3d:6b:3b:eb:d3:cb:
         47:0a:32:63:c6:53:34:5b:39:d7:36:8c:d7:1d:cc:31:19:05:
         bc:71:92:68:36:0c:a8:23:20:9c:bb:9d:ac:1b:eb:96:7f:a7:
         47:86:02:62:36:81:c1:70:c0:30:1f:57:d1:d5:08:3d:11:5e:
         ff:25:5b:8d:d1:38:00:3e:bc:92:eb:b6:82:fc:84:fa:59:52:
         53:fd:3a:79:7e:3b:a2:c4:46:a8:52:92:6c:43:6f:af:3e:be:
         84:c1:ab:55:17:a8:20:92:dd:1a:e2:7b:30:e2:c8:e3:e8:51:
         48:03:3d:ef:16:fd:0d:23:78:1e:9c:3f:8c:9e:84:1d:f1:e5:
         ac:4b:af:30:66:da:85:38:e3:c9:ac:39:63:1d:ec:e9:2e:94:
         82:1f:b6:b5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYlOSd8h+eLrt4qAOLE6fwTTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzMmQxZTQxNDI0ODE5YmNjMGNkNjM3ZDhlZTE0MWZlYTU4
NWQwMGQwHhcNMjMwNzEzMDgwNjUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGYyYTQ4Yjc1YjJiZDY1N2UzY2MyYzIxOTgzMjJjOGE2NDRjZWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyJRKjd7l5nkriEPAcypuP6m96S1t
qer73nLEEF05qvpRAhqSZ24awXCywTswh2/Wv+5yAmTM3ELALyxNER99i+dygi5i
LeJscqLZOzXVxGU3icPdSIGlrDCfUfp19L1Nq+JKbDUxgNuc4LEbi0XJVwAz6OCj
efsiG82BnzmFEQmLj0fIMcIvAR5zfHNkipe4z4P6bVcL1PWsN7B2aceSL6RaWxh2
JkrrqDENC/dT8qEePfiP3GC1gwazBnFDisNk5NpcgWni41wRTPmum06kcJFzxZTf
ObBRcCrIeFqMAtesnw/6E+08Rn4DgIrUzEF6mTDtgS/aH/MX6d0e2cK1FQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD3ypIt1sr1lfjzCwhmDIsimRM6gMB8GA1UdIwQY
MBaAFFMtHkFCSBm8wM1jfY7hQf6lhdANMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXkwZVFVSklHYnpBeldOOWp1RkJfcVdGMEEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC83OGM1NzctOGY5OC00MGIyLWIwMWQt
MTA3NzdmOWUzNjg1LzEvUGZLa2kzV3l2V1YtUE1MQ0dZTWl5S1pFenFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC83OGM1NzctOGY5OC00MGIyLWIwMWQtMTA3NzdmOWUzNjg1
LzEvVXkwZVFVSklHYnpBeldOOWp1RkJfcVdGMEEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuTExMA0G
CSqGSIb3DQEBCwUAA4IBAQCuh9cHY2Z1hVhqRlWZuisaUkypbdvhpqUsMfrPSw3y
NwB4KiddmXyeNYVipC4DrPI4A3ckdYXsOUPer0yokmpijxd5D77aD8I1DolRDSvY
+VzkqtCyMMQhcrB20zNoCcLIxXpOKVE9azvr08tHCjJjxlM0WznXNozXHcwxGQW8
cZJoNgyoIyCcu52sG+uWf6dHhgJiNoHBcMAwH1fR1Qg9EV7/JVuN0TgAPryS67aC
/IT6WVJT/Tp5fjuixEaoUpJsQ2+vPr6EwatVF6ggkt0a4nsw4sjj6FFIAz3vFv0N
I3genD+MnoQd8eWsS68wZtqFOOPJrDljHezpLpSCH7a1
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:05 2024 by rpki-client on console-ams.rpki-client.org