Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/aaf49c-83dd-46aa-8ce7-b84c413dfaa4/1/rutCqUK9zCJ5iUxTRp7oVMeZRPA.roa
File:                     rutCqUK9zCJ5iUxTRp7oVMeZRPA.roa (raw, json)
Hash identifier:          Lxcle/YTyEp0WVy8osnQf6SkJrJSHPhqCbh2BHxiytE=
Subject key identifier:   AE:EB:42:A9:42:BD:CC:22:79:89:4C:53:46:9E:E8:54:C7:99:44:F0
Certificate issuer:       /CN=29f6a300bf7d40b7f8d6181c5b8a7dbc71b7d123
Certificate serial:       0185C1E79BC370B00D893342BEEA72D9D34E
Authority key identifier: 29:F6:A3:00:BF:7D:40:B7:F8:D6:18:1C:5B:8A:7D:BC:71:B7:D1:23
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KfajAL99QLf41hgcW4p9vHG30SM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fa/aaf49c-83dd-46aa-8ce7-b84c413dfaa4/1/rutCqUK9zCJ5iUxTRp7oVMeZRPA.roa
Signing time:             Tue 17 Jan 2023 22:44:19 +0000
ROA not before:           Tue 17 Jan 2023 22:44:19 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     201935
IP address blocks:        81.85.167.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 00:29:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:c1:e7:9b:c3:70:b0:0d:89:33:42:be:ea:72:d9:d3:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=29f6a300bf7d40b7f8d6181c5b8a7dbc71b7d123
        Validity
            Not Before: Jan 17 22:44:19 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=aeeb42a942bdcc2279894c53469ee854c79944f0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:43:5b:84:30:a3:35:8b:1b:f4:65:16:46:98:
                    fc:e7:7a:37:70:aa:f2:f6:26:51:2e:e6:93:35:69:
                    cb:75:8a:b2:f2:c2:6d:a3:bd:f5:b3:bb:58:5e:75:
                    76:d0:e0:ee:48:61:48:3a:b3:48:c4:27:de:36:18:
                    17:8f:a8:c6:9e:10:9e:c5:8a:fc:9f:ea:91:32:96:
                    56:cd:84:ad:4b:02:7a:1a:a3:87:a1:bc:0b:6a:f6:
                    29:c7:93:4c:99:4e:5f:0b:ab:36:03:bd:2c:26:42:
                    9a:39:95:28:c9:e3:26:e5:d1:96:a4:18:40:c3:62:
                    e0:d9:a8:e9:6b:16:0e:b1:45:3c:e2:1f:1b:2a:81:
                    90:16:b4:e9:35:ff:47:16:04:40:2d:d3:a4:7a:43:
                    cc:19:0b:09:b6:77:db:37:d7:97:23:14:5d:08:69:
                    b2:8b:49:09:1f:c3:d4:a1:39:62:f8:e2:db:b6:ee:
                    62:86:75:07:d2:77:39:ba:04:e8:07:e5:21:72:41:
                    3f:ed:e8:74:0f:15:bb:39:2d:89:d1:5a:dd:a8:33:
                    88:49:00:71:79:68:29:06:60:b5:46:82:67:e5:81:
                    38:cb:59:6f:6c:ac:5e:26:0f:1c:c5:98:23:0c:24:
                    d9:ec:18:fa:7d:a9:9e:c8:16:88:21:b0:15:87:d5:
                    5d:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:EB:42:A9:42:BD:CC:22:79:89:4C:53:46:9E:E8:54:C7:99:44:F0
            X509v3 Authority Key Identifier:
                keyid:29:F6:A3:00:BF:7D:40:B7:F8:D6:18:1C:5B:8A:7D:BC:71:B7:D1:23

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KfajAL99QLf41hgcW4p9vHG30SM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/aaf49c-83dd-46aa-8ce7-b84c413dfaa4/1/rutCqUK9zCJ5iUxTRp7oVMeZRPA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/aaf49c-83dd-46aa-8ce7-b84c413dfaa4/1/KfajAL99QLf41hgcW4p9vHG30SM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.85.167.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8e:76:0b:69:64:89:b0:bd:94:55:ef:af:a4:a8:d1:0e:2b:5b:
         c5:54:7b:b6:5c:22:15:a4:d8:9b:e1:9b:fa:35:95:ad:64:5e:
         fa:95:dd:fd:f0:ad:00:7c:ba:7b:58:04:51:2e:f9:4e:fa:fb:
         5b:39:25:cc:b3:39:ff:81:43:c2:b1:80:94:b9:10:b6:c8:20:
         2c:6d:3a:53:35:14:0c:7f:1b:55:37:e0:7f:a3:c3:e8:3c:b5:
         c4:e7:ec:74:ed:af:d3:21:94:f8:77:f6:a7:52:28:03:6a:7b:
         88:9a:14:51:4b:80:24:41:d4:fc:e7:fe:28:49:1c:20:43:d8:
         90:09:bc:09:20:d9:4b:f7:89:00:a8:b0:4b:6a:13:cd:9a:5b:
         99:9b:02:3f:64:e9:1b:28:5a:52:0f:c1:b7:cc:ec:b8:d8:43:
         96:63:3c:da:6e:f4:1c:05:a0:8f:3b:8c:04:5b:c8:7d:6d:b6:
         a6:3c:28:74:25:bc:5a:77:b8:a7:0e:91:95:98:2a:29:fb:36:
         10:6f:2d:0a:37:ca:68:25:e2:13:6e:af:06:f0:17:26:74:eb:
         11:f2:89:09:f2:22:48:30:96:6b:c0:ee:82:ac:7e:0b:ff:16:
         00:5b:5a:c5:56:da:f5:24:8b:17:89:8f:eb:33:46:39:d6:80:
         12:ca:f9:95
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYXB55vDcLANiTNCvupy2dNOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZjZhMzAwYmY3ZDQwYjdmOGQ2MTgxYzViOGE3ZGJjNzFi
N2QxMjMwHhcNMjMwMTE3MjI0NDE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZWViNDJhOTQyYmRjYzIyNzk4OTRjNTM0NjllZTg1NGM3OTk0NGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk0NbhDCjNYsb9GUWRpj853o3cKry
9iZRLuaTNWnLdYqy8sJto731s7tYXnV20ODuSGFIOrNIxCfeNhgXj6jGnhCexYr8
n+qRMpZWzYStSwJ6GqOHobwLavYpx5NMmU5fC6s2A70sJkKaOZUoyeMm5dGWpBhA
w2Lg2ajpaxYOsUU84h8bKoGQFrTpNf9HFgRALdOkekPMGQsJtnfbN9eXIxRdCGmy
i0kJH8PUoTli+OLbtu5ihnUH0nc5ugToB+UhckE/7eh0DxW7OS2J0VrdqDOISQBx
eWgpBmC1RoJn5YE4y1lvbKxeJg8cxZgjDCTZ7Bj6fameyBaIIbAVh9VdaQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK7rQqlCvcwieYlMU0ae6FTHmUTwMB8GA1UdIwQY
MBaAFCn2owC/fUC3+NYYHFuKfbxxt9EjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2ZhakFMOTlRTGY0MWhnY1c0cDl2SEczMFNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9hYWY0OWMtODNkZC00NmFhLThjZTct
Yjg0YzQxM2RmYWE0LzEvcnV0Q3FVSzl6Q0o1aVV4VFJwN29WTWVaUlBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9hYWY0OWMtODNkZC00NmFhLThjZTctYjg0YzQxM2RmYWE0
LzEvS2ZhakFMOTlRTGY0MWhnY1c0cDl2SEczMFNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUVWnMA0G
CSqGSIb3DQEBCwUAA4IBAQCOdgtpZImwvZRV76+kqNEOK1vFVHu2XCIVpNib4Zv6
NZWtZF76ld398K0AfLp7WARRLvlO+vtbOSXMszn/gUPCsYCUuRC2yCAsbTpTNRQM
fxtVN+B/o8PoPLXE5+x07a/TIZT4d/anUigDanuImhRRS4AkQdT85/4oSRwgQ9iQ
CbwJINlL94kAqLBLahPNmluZmwI/ZOkbKFpSD8G3zOy42EOWYzzabvQcBaCPO4wE
W8h9bbamPCh0Jbxad7inDpGVmCop+zYQby0KN8poJeITbq8G8BcmdOsR8okJ8iJI
MJZrwO6CrH4L/xYAW1rFVtr1JIsXiY/rM0Y51oASyvmV
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:32 2024 by rpki-client on console-fra.rpki-client.org