Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/2zK-OF0eLAENC2sne5D_DwYzJGU.roa
File:                     2zK-OF0eLAENC2sne5D_DwYzJGU.roa (raw, json)
Hash identifier:          NuMPWvIdcQG/xnpxCSaf9Th9yFy9/S9KVvn3xKEtEN8=
Subject key identifier:   DB:32:BE:38:5D:1E:2C:01:0D:0B:6B:27:7B:90:FF:0F:06:33:24:65
Certificate issuer:       /CN=618478f198fe569010c3df6219142f530c4f5e56
Certificate serial:       0186CC02FF42C02ED4AAA0F8311BE087EE7B
Authority key identifier: 61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/2zK-OF0eLAENC2sne5D_DwYzJGU.roa
Signing time:             Fri 10 Mar 2023 14:53:13 +0000
ROA not before:           Fri 10 Mar 2023 14:53:13 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     202376
IP address blocks:        81.25.69.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:31:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:cc:02:ff:42:c0:2e:d4:aa:a0:f8:31:1b:e0:87:ee:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=618478f198fe569010c3df6219142f530c4f5e56
        Validity
            Not Before: Mar 10 14:53:13 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=db32be385d1e2c010d0b6b277b90ff0f06332465
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:03:94:5d:f9:18:a8:78:82:0d:94:9a:d1:2d:
                    13:d4:5e:93:4b:15:67:1c:55:14:a1:2d:34:f8:1b:
                    7c:02:c9:c6:f2:1b:ac:5f:9a:96:14:d5:0f:ff:99:
                    d0:4d:90:97:64:b8:b9:44:33:e7:a2:42:c4:3e:22:
                    96:dc:58:9f:bc:07:e1:12:2d:a9:3d:a6:98:68:47:
                    55:1d:5a:f1:64:08:cc:77:50:dc:63:28:58:1f:1d:
                    8b:53:d5:bb:6d:4f:c9:0c:d9:0d:da:a6:43:8b:a9:
                    25:13:6f:4d:14:26:30:5d:4f:b7:49:29:ff:6f:a1:
                    ab:e7:e3:c2:dc:8b:17:2f:65:70:8e:49:03:c6:39:
                    00:f7:11:3c:59:2d:c2:68:31:26:17:fe:f2:27:40:
                    9c:76:68:28:75:13:8e:0c:52:dd:54:05:1f:2f:02:
                    3c:20:cc:95:84:33:cc:4f:f7:67:5d:9b:8c:dd:0a:
                    9e:7b:76:c4:81:9f:5e:cf:da:ea:97:b3:b1:6f:76:
                    00:2d:9a:47:80:54:7f:11:9f:64:58:f9:a6:2a:6b:
                    6c:0b:a2:b8:67:a9:1e:27:80:cd:78:0d:c4:a9:b7:
                    aa:a1:1d:5d:e3:ef:27:01:2c:da:42:67:e2:e5:75:
                    a3:71:19:4a:5c:17:74:e8:80:39:55:fc:01:bc:67:
                    93:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:32:BE:38:5D:1E:2C:01:0D:0B:6B:27:7B:90:FF:0F:06:33:24:65
            X509v3 Authority Key Identifier:
                keyid:61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/2zK-OF0eLAENC2sne5D_DwYzJGU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.25.69.0/24

    Signature Algorithm: sha256WithRSAEncryption
         43:4a:ce:48:0c:68:5c:bc:69:3c:46:32:6d:1e:6b:29:86:63:
         5d:b9:67:62:93:6f:1b:ae:42:16:c0:a7:f0:61:5a:a5:aa:72:
         51:1e:4b:e2:58:cc:fe:7c:f6:5b:5e:c2:7c:8c:32:ea:c1:72:
         62:09:f1:4b:96:0b:2e:ea:28:4a:02:65:32:d6:6d:91:49:5e:
         4b:21:1d:45:e0:6c:d7:9e:b3:9c:a4:00:4e:f9:b9:5b:00:3a:
         39:4e:03:52:b1:d6:00:d4:be:80:c6:d0:85:00:62:a0:6a:e9:
         1e:4e:fd:42:65:35:86:a6:da:88:f3:0b:b9:e5:8e:8d:f4:24:
         ea:46:19:35:c7:54:9c:fe:67:b8:39:fc:ee:60:60:24:41:b9:
         04:23:47:bb:ca:3c:9a:f3:0f:cd:2a:af:44:8c:33:60:52:53:
         fe:1d:6d:00:ec:cd:ea:89:06:5c:e2:29:b7:1a:3d:c2:3c:47:
         34:1d:ac:d2:3a:b3:bc:1c:bd:1b:04:ad:3b:f7:70:81:d9:70:
         74:ef:89:20:d4:65:64:00:af:b3:ce:38:1b:9a:41:b1:a2:d8:
         95:6f:33:f0:ff:51:de:42:83:d2:b7:b0:ec:08:49:c4:80:35:
         e0:4d:04:b8:a3:6b:99:32:69:b6:ba:4c:db:26:28:6d:18:1c:
         dc:47:1d:87
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYbMAv9CwC7UqqD4MRvgh+57MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxODQ3OGYxOThmZTU2OTAxMGMzZGY2MjE5MTQyZjUzMGM0
ZjVlNTYwHhcNMjMwMzEwMTQ1MzEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjMyYmUzODVkMWUyYzAxMGQwYjZiMjc3YjkwZmYwZjA2MzMyNDY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjgOUXfkYqHiCDZSa0S0T1F6TSxVn
HFUUoS00+Bt8AsnG8husX5qWFNUP/5nQTZCXZLi5RDPnokLEPiKW3FifvAfhEi2p
PaaYaEdVHVrxZAjMd1DcYyhYHx2LU9W7bU/JDNkN2qZDi6klE29NFCYwXU+3SSn/
b6Gr5+PC3IsXL2VwjkkDxjkA9xE8WS3CaDEmF/7yJ0CcdmgodROODFLdVAUfLwI8
IMyVhDPMT/dnXZuM3Qqee3bEgZ9ez9rql7Oxb3YALZpHgFR/EZ9kWPmmKmtsC6K4
Z6keJ4DNeA3EqbeqoR1d4+8nASzaQmfi5XWjcRlKXBd06IA5VfwBvGeTJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNsyvjhdHiwBDQtrJ3uQ/w8GMyRlMB8GA1UdIwQY
MBaAFGGEePGY/laQEMPfYhkUL1MMT15WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEt
YmE5OGYxMTIyMTIxLzEvMnpLLU9GMGVMQUVOQzJzbmU1RF9Ed1l6SkdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEtYmE5OGYxMTIyMTIx
LzEvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAURlFMA0G
CSqGSIb3DQEBCwUAA4IBAQBDSs5IDGhcvGk8RjJtHmsphmNduWdik28brkIWwKfw
YVqlqnJRHkviWMz+fPZbXsJ8jDLqwXJiCfFLlgsu6ihKAmUy1m2RSV5LIR1F4GzX
nrOcpABO+blbADo5TgNSsdYA1L6AxtCFAGKgaukeTv1CZTWGptqI8wu55Y6N9CTq
Rhk1x1Sc/me4OfzuYGAkQbkEI0e7yjya8w/NKq9EjDNgUlP+HW0A7M3qiQZc4im3
Gj3CPEc0HazSOrO8HL0bBK0793CB2XB074kg1GVkAK+zzjgbmkGxotiVbzPw/1He
QoPSt7DsCEnEgDXgTQS4o2uZMmm2ukzbJihtGBzcRx2H
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:38 2024 by rpki-client on console-ams.rpki-client.org