Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/4tpBP0XGC-K3zv_ZtKpPiAPPAf0.roa
File:                     4tpBP0XGC-K3zv_ZtKpPiAPPAf0.roa (raw, json)
Hash identifier:          G5VtKSQJ2GFPPgaNTMWfHT3eWWGRbgDOio/0KaQzKwA=
Subject key identifier:   E2:DA:41:3F:45:C6:0B:E2:B7:CE:FF:D9:B4:AA:4F:88:03:CF:01:FD
Certificate issuer:       /CN=e3be07cb1fd4f1e3c922303b670a881b82e61491
Certificate serial:       018CC86F8D4111560DBE84DF6C4AC208BB83
Authority key identifier: E3:BE:07:CB:1F:D4:F1:E3:C9:22:30:3B:67:0A:88:1B:82:E6:14:91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/474Hyx_U8ePJIjA7ZwqIG4LmFJE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/4tpBP0XGC-K3zv_ZtKpPiAPPAf0.roa
Signing time:             Tue 02 Jan 2024 04:30:02 +0000
ROA not before:           Tue 02 Jan 2024 04:30:02 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     24921
IP address blocks:        81.198.189.0/24 maxlen: 24
                          194.8.22.0/24 maxlen: 24
                          213.175.79.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 03 Apr 2024 12:33:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:6f:8d:41:11:56:0d:be:84:df:6c:4a:c2:08:bb:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e3be07cb1fd4f1e3c922303b670a881b82e61491
        Validity
            Not Before: Jan  2 04:30:02 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=e2da413f45c60be2b7ceffd9b4aa4f8803cf01fd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:33:3f:44:c8:60:79:4e:86:fd:55:c3:cf:89:
                    39:40:29:09:0a:1e:c1:3e:54:33:55:4f:30:52:ce:
                    cf:0d:98:f5:cf:ae:18:3b:d1:54:51:80:75:04:77:
                    df:06:99:8e:96:e0:55:30:9b:06:d1:91:4e:0f:56:
                    f9:7c:5e:28:d4:3a:79:4c:d4:f5:86:0f:79:ba:87:
                    80:9e:ab:49:6d:9e:95:ab:86:55:4b:e9:1b:3f:36:
                    e4:42:23:d9:7b:22:95:99:81:0d:41:57:f4:ed:c8:
                    57:ac:f3:fd:bf:9b:03:d0:08:3b:93:e9:ab:0d:4d:
                    7e:99:82:5d:46:5e:a6:19:fe:71:bb:fb:a5:78:cc:
                    37:82:c6:93:65:9d:0d:e5:02:cc:b2:b9:cd:90:6e:
                    f3:8a:9f:5f:75:9e:f0:f3:26:7d:cd:65:46:e3:32:
                    78:54:a4:66:ae:47:0e:7c:7e:1c:f3:4a:6d:d5:ad:
                    54:b5:a6:80:13:b5:0f:b2:4f:07:1f:57:97:60:a3:
                    06:8a:8f:8a:8f:63:a1:5d:c6:ae:3b:b0:6a:94:07:
                    33:c4:3f:f9:4a:8c:b1:66:7b:1f:f1:bc:ba:ce:97:
                    46:a4:c8:7a:b9:3d:dc:58:87:b2:fc:6d:39:74:0c:
                    5f:0b:0c:f5:0c:82:97:04:7e:60:4e:2d:af:6a:5e:
                    f8:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:DA:41:3F:45:C6:0B:E2:B7:CE:FF:D9:B4:AA:4F:88:03:CF:01:FD
            X509v3 Authority Key Identifier:
                keyid:E3:BE:07:CB:1F:D4:F1:E3:C9:22:30:3B:67:0A:88:1B:82:E6:14:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/474Hyx_U8ePJIjA7ZwqIG4LmFJE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/4tpBP0XGC-K3zv_ZtKpPiAPPAf0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/474Hyx_U8ePJIjA7ZwqIG4LmFJE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.198.189.0/24
                  194.8.22.0/24
                  213.175.79.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4e:24:f1:fa:05:3b:f3:35:76:4e:92:fe:57:ca:43:92:2c:7e:
         90:5b:d3:52:b1:84:ad:d9:de:c5:06:a6:44:18:e9:dc:55:bf:
         d3:07:48:87:30:0f:56:c5:84:a3:e0:79:32:00:e4:31:61:1f:
         65:49:86:90:6b:12:f3:21:37:87:18:33:c7:73:9c:99:b3:71:
         e2:3f:fc:51:9e:3b:91:9c:db:cb:87:28:72:4f:22:88:f7:7a:
         5a:93:27:02:86:de:01:e0:c9:24:e0:27:99:eb:a1:af:00:ec:
         d4:47:08:85:0f:16:47:65:47:fa:26:04:ae:c6:36:df:58:ca:
         19:4c:f7:04:5d:94:ae:01:f3:e8:d4:86:e4:b2:c1:3a:ac:c6:
         a9:0c:97:ee:0f:40:70:0e:a7:ba:87:2f:4d:86:c9:7f:d9:0a:
         96:15:6a:3c:39:71:88:13:00:6c:7d:49:31:d3:dd:86:b6:61:
         d1:33:7a:28:19:85:a3:fa:ac:2f:9d:3f:ea:e7:10:ce:89:3a:
         a0:9d:12:3d:06:4f:40:89:dc:05:97:45:c5:2b:4d:4c:32:37:
         55:4d:dd:52:b5:90:30:ea:34:f6:53:39:35:81:b0:f6:2f:12:
         bd:a1:c3:68:86:1a:fe:a6:a8:6b:f3:4f:2d:8e:0c:de:72:c2:
         f6:c7:c3:4a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzIb41BEVYNvoTfbErCCLuDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzYmUwN2NiMWZkNGYxZTNjOTIyMzAzYjY3MGE4ODFiODJl
NjE0OTEwHhcNMjQwMTAyMDQzMDAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmRhNDEzZjQ1YzYwYmUyYjdjZWZmZDliNGFhNGY4ODAzY2YwMWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgDM/RMhgeU6G/VXDz4k5QCkJCh7B
PlQzVU8wUs7PDZj1z64YO9FUUYB1BHffBpmOluBVMJsG0ZFOD1b5fF4o1Dp5TNT1
hg95uoeAnqtJbZ6Vq4ZVS+kbPzbkQiPZeyKVmYENQVf07chXrPP9v5sD0Ag7k+mr
DU1+mYJdRl6mGf5xu/uleMw3gsaTZZ0N5QLMsrnNkG7zip9fdZ7w8yZ9zWVG4zJ4
VKRmrkcOfH4c80pt1a1UtaaAE7UPsk8HH1eXYKMGio+Kj2OhXcauO7BqlAczxD/5
SoyxZnsf8by6zpdGpMh6uT3cWIey/G05dAxfCwz1DIKXBH5gTi2val74AQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOLaQT9Fxgvit87/2bSqT4gDzwH9MB8GA1UdIwQY
MBaAFOO+B8sf1PHjySIwO2cKiBuC5hSRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDc0SHl4X1U4ZVBKSWpBN1p3cUlHNExtRkpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS84ZjVmYWUtZGE5MC00MzE0LWJmZmMt
ZDRlZTFkMzg5ZTBkLzEvNHRwQlAwWEdDLUszenZfWnRLcFBpQVBQQWYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS84ZjVmYWUtZGE5MC00MzE0LWJmZmMtZDRlZTFkMzg5ZTBk
LzEvNDc0SHl4X1U4ZVBKSWpBN1p3cUlHNExtRkpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUca9AwQA
wggWAwQA1a9PMA0GCSqGSIb3DQEBCwUAA4IBAQBOJPH6BTvzNXZOkv5XykOSLH6Q
W9NSsYSt2d7FBqZEGOncVb/TB0iHMA9WxYSj4HkyAOQxYR9lSYaQaxLzITeHGDPH
c5yZs3HiP/xRnjuRnNvLhyhyTyKI93pakycCht4B4Mkk4CeZ66GvAOzURwiFDxZH
ZUf6JgSuxjbfWMoZTPcEXZSuAfPo1IbkssE6rMapDJfuD0BwDqe6hy9Nhsl/2QqW
FWo8OXGIEwBsfUkx092GtmHRM3ooGYWj+qwvnT/q5xDOiTqgnRI9Bk9AidwFl0XF
K01MMjdVTd1StZAw6jT2Uzk1gbD2LxK9ocNohhr+pqhr808tjgzecsL2x8NK
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:47 2024 by rpki-client on console-ams.rpki-client.org