Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/4842a9-9fcd-4bb6-bb04-0dbbc249e657/1/1-tnCJ4EvIyqQ5W9o4zFZmXIjQnU.roa
File:                     1-tnCJ4EvIyqQ5W9o4zFZmXIjQnU.roa (raw, json)
Hash identifier:          kTxrbsdhkKoCCQXYNStJ87QpuulA7g+eVFPAZS2TfJI=
Subject key identifier:   FA:D9:C2:27:81:2F:23:2A:90:E5:6F:68:E3:31:59:99:72:23:42:75
Certificate issuer:       /CN=49216f5c165b827a7fd73d8107aebd2f63c63e24
Certificate serial:       018B58B4A6329C40DEB8BACD63B60A48914B
Authority key identifier: 49:21:6F:5C:16:5B:82:7A:7F:D7:3D:81:07:AE:BD:2F:63:C6:3E:24
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SSFvXBZbgnp_1z2BB669L2PGPiQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f2/4842a9-9fcd-4bb6-bb04-0dbbc249e657/1/1-tnCJ4EvIyqQ5W9o4zFZmXIjQnU.roa
Signing time:             Sun 22 Oct 2023 18:45:15 +0000
ROA not before:           Sun 22 Oct 2023 18:45:15 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     205473
IP address blocks:        81.90.17.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:29:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:58:b4:a6:32:9c:40:de:b8:ba:cd:63:b6:0a:48:91:4b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49216f5c165b827a7fd73d8107aebd2f63c63e24
        Validity
            Not Before: Oct 22 18:45:15 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=fad9c227812f232a90e56f68e331599972234275
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:52:bb:46:e6:ac:02:cf:cf:8b:95:8f:1a:f3:
                    f5:a3:d0:50:8f:bb:26:bd:ed:ff:20:9c:1a:d0:44:
                    62:1f:52:fd:b6:c7:b4:b7:4c:6c:fa:a7:e5:f6:b7:
                    9a:5a:a9:4f:3e:eb:4a:bc:e2:51:40:27:80:53:a4:
                    46:fe:80:59:ab:dd:2e:18:ce:23:97:56:5f:df:4d:
                    28:54:25:f9:bb:83:ad:d4:7f:ad:b3:2a:38:96:25:
                    67:63:69:29:b1:22:35:94:e9:fc:10:d0:ed:d9:b0:
                    48:c5:d3:96:a0:58:1e:92:28:de:59:b0:37:43:47:
                    6b:fb:07:d2:fe:c3:47:11:64:9f:cd:0d:5c:da:83:
                    db:af:e3:f1:c7:f3:67:16:1e:90:3d:a1:66:79:9f:
                    4a:f1:60:4f:57:a4:2a:69:dd:38:b5:d5:f6:d5:0f:
                    0e:18:25:ea:4c:0d:cb:2b:4e:ea:cc:24:ac:d1:34:
                    81:61:e7:b2:80:11:b4:35:fa:9b:21:a6:2a:59:75:
                    f0:b3:9b:44:b8:22:5e:f8:4b:68:ff:e7:83:28:93:
                    09:1b:ce:9c:10:b4:16:56:c9:1d:62:aa:e2:17:e9:
                    d5:80:4c:5c:34:91:ec:c6:24:1a:b3:ea:50:36:94:
                    be:b0:ba:76:de:15:28:47:8d:e1:f4:bb:97:2e:83:
                    8b:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:D9:C2:27:81:2F:23:2A:90:E5:6F:68:E3:31:59:99:72:23:42:75
            X509v3 Authority Key Identifier:
                keyid:49:21:6F:5C:16:5B:82:7A:7F:D7:3D:81:07:AE:BD:2F:63:C6:3E:24

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SSFvXBZbgnp_1z2BB669L2PGPiQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/4842a9-9fcd-4bb6-bb04-0dbbc249e657/1/1-tnCJ4EvIyqQ5W9o4zFZmXIjQnU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/4842a9-9fcd-4bb6-bb04-0dbbc249e657/1/SSFvXBZbgnp_1z2BB669L2PGPiQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.90.17.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6f:fb:5f:27:94:79:ed:b4:3c:13:12:7b:43:a3:5d:1e:b6:a6:
         ba:6b:e7:aa:51:da:26:b4:9e:5c:36:da:ad:60:21:b2:4f:2e:
         35:0e:f3:57:e3:90:5c:cb:a8:13:c5:1a:ea:74:3b:73:0d:4b:
         8b:2e:8a:9e:8e:4e:19:13:74:18:44:8c:cd:e8:c3:bf:bd:ba:
         88:d6:f7:97:4e:1c:c2:39:5f:4f:5a:47:08:2c:55:16:51:c2:
         a5:6a:a6:78:ba:ad:ea:86:5e:3f:33:ea:82:43:dc:7e:4b:9b:
         c0:16:49:7d:74:46:09:08:6a:54:19:76:b6:40:8d:1d:80:69:
         fc:be:f2:32:6c:25:2e:14:48:8a:b2:73:ae:06:5d:6c:50:6b:
         2d:ac:10:f0:19:90:e1:31:1a:20:6a:56:49:28:ab:a9:82:17:
         24:82:97:61:f7:32:79:1d:9c:84:ca:1a:a1:01:84:c8:22:39:
         92:27:d7:27:0f:d4:44:79:cb:04:0e:83:cc:95:99:f8:ce:79:
         7b:73:3f:e6:67:2e:bf:36:89:22:b3:7d:92:1a:22:e5:70:25:
         56:af:e2:45:ef:f4:21:41:0c:eb:ed:99:93:ab:f7:4e:d7:05:
         ed:5e:73:77:90:74:bd:81:b6:a2:21:aa:38:f9:ad:e4:ea:ac:
         a8:06:d6:9a
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYtYtKYynEDeuLrNY7YKSJFLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5MjE2ZjVjMTY1YjgyN2E3ZmQ3M2Q4MTA3YWViZDJmNjNj
NjNlMjQwHhcNMjMxMDIyMTg0NTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWQ5YzIyNzgxMmYyMzJhOTBlNTZmNjhlMzMxNTk5OTcyMjM0Mjc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqVK7RuasAs/Pi5WPGvP1o9BQj7sm
ve3/IJwa0ERiH1L9tse0t0xs+qfl9reaWqlPPutKvOJRQCeAU6RG/oBZq90uGM4j
l1Zf300oVCX5u4Ot1H+tsyo4liVnY2kpsSI1lOn8ENDt2bBIxdOWoFgekijeWbA3
Q0dr+wfS/sNHEWSfzQ1c2oPbr+Pxx/NnFh6QPaFmeZ9K8WBPV6Qqad04tdX21Q8O
GCXqTA3LK07qzCSs0TSBYeeygBG0NfqbIaYqWXXws5tEuCJe+Eto/+eDKJMJG86c
ELQWVskdYqriF+nVgExcNJHsxiQas+pQNpS+sLp23hUoR43h9LuXLoOL5wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPrZwieBLyMqkOVvaOMxWZlyI0J1MB8GA1UdIwQY
MBaAFEkhb1wWW4J6f9c9gQeuvS9jxj4kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1NGdlhCWmJnbnBfMXoyQkI2NjlMMlBHUGlRLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi80ODQyYTktOWZjZC00YmI2LWJiMDQt
MGRiYmMyNDllNjU3LzEvMS10bkNKNEV2SXlxUTVXOW80ekZabVhJalFuVS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZjIvNDg0MmE5LTlmY2QtNGJiNi1iYjA0LTBkYmJjMjQ5ZTY1
Ny8xL1NTRnZYQlpiZ25wXzF6MkJCNjY5TDJQR1BpUS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFFaETAN
BgkqhkiG9w0BAQsFAAOCAQEAb/tfJ5R57bQ8ExJ7Q6NdHramumvnqlHaJrSeXDba
rWAhsk8uNQ7zV+OQXMuoE8Ua6nQ7cw1Liy6Kno5OGRN0GESMzejDv726iNb3l04c
wjlfT1pHCCxVFlHCpWqmeLqt6oZePzPqgkPcfkubwBZJfXRGCQhqVBl2tkCNHYBp
/L7yMmwlLhRIirJzrgZdbFBrLawQ8BmQ4TEaIGpWSSirqYIXJIKXYfcyeR2chMoa
oQGEyCI5kifXJw/URHnLBA6DzJWZ+M55e3M/5mcuvzaJIrN9khoi5XAlVq/iRe/0
IUEM6+2Zk6v3TtcF7V5zd5B0vYG2oiGqOPmt5OqsqAbWmg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:15 2024 by rpki-client on console-ams.rpki-client.org