Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS49999.roa
File:                     AS49999.roa (raw, json)
Hash identifier:          uA473ewQnuOvVpcP26vLu/Gt4r/IWf7qR7DzIiCYLvM=
Subject key identifier:   72:BA:EE:45:97:25:FA:12:09:40:EF:FC:53:55:63:D3:56:C8:1B:52
Certificate issuer:       /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial:       28678A6F02D11E2CA29035F7113A661EDC44555B
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS49999.roa
Signing time:             Tue 08 Aug 2023 02:00:10 +0000
ROA not before:           Tue 08 Aug 2023 01:55:10 +0000
ROA not after:            Tue 06 Aug 2024 02:00:10 +0000
asID:                     49999
IP address blocks:        181.215.127.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 23 Aug 2023 09:30:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            28:67:8a:6f:02:d1:1e:2c:a2:90:35:f7:11:3a:66:1e:dc:44:55:5b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
        Validity
            Not Before: Aug  8 01:55:10 2023 GMT
            Not After : Aug  6 02:00:10 2024 GMT
        Subject: CN=72BAEE459725FA120940EFFC535563D356C81B52
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:da:b3:79:db:41:07:4f:ea:c7:37:b0:fc:32:
                    a4:88:a0:20:c1:ab:dc:4e:af:d6:1f:8b:fb:a7:fe:
                    1d:f1:0c:c2:ee:7c:21:6f:95:40:c3:d1:de:6d:03:
                    04:bb:26:9d:49:da:85:c8:bb:43:60:de:9a:3b:b2:
                    ff:16:f3:0a:bb:d3:0b:7f:38:27:91:58:b0:06:62:
                    26:1b:5b:de:4a:80:ba:2e:28:e9:7f:30:65:8a:cc:
                    e8:a8:c5:31:00:bb:9c:2c:c1:a6:47:ef:08:4e:79:
                    ea:7e:97:52:66:a9:f9:f2:e3:a8:b4:43:40:e1:8b:
                    2b:ae:bf:24:6b:ca:9e:ac:f9:08:da:d9:70:9a:be:
                    5c:9e:64:34:3f:09:b4:84:38:47:63:c1:5f:d7:65:
                    8f:9f:49:ac:36:f1:06:18:f5:74:92:bf:ff:93:21:
                    16:cd:64:72:bd:a9:0e:b1:55:0f:b7:23:f1:1d:52:
                    ee:4a:31:ae:e7:a7:5f:ce:f7:83:b0:9a:a7:c6:a9:
                    62:07:5f:19:4b:56:24:ec:8f:75:81:30:de:b6:9e:
                    ac:4c:80:bc:ff:1d:a1:ae:d1:2a:d3:55:8e:7b:63:
                    a5:9e:54:49:82:71:b8:3e:6a:ef:2a:53:8c:36:8a:
                    0b:3c:1f:9a:a7:d5:bc:43:ee:7e:be:1f:14:c7:b7:
                    1f:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:BA:EE:45:97:25:FA:12:09:40:EF:FC:53:55:63:D3:56:C8:1B:52
            X509v3 Authority Key Identifier:
                keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS49999.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  181.215.127.0/24

    Signature Algorithm: sha256WithRSAEncryption
         88:09:73:5e:aa:66:d3:c6:6d:c3:21:6a:25:07:cf:65:bf:fa:
         10:4f:be:9a:36:30:15:80:c3:22:e6:2a:f9:e9:78:c3:99:15:
         6f:b4:0a:57:dc:a7:2c:74:a8:66:4a:b1:ed:0e:fa:17:bf:06:
         5c:a0:b9:64:31:4e:f5:d3:f3:0d:58:74:e3:b8:11:43:a9:a2:
         31:99:d9:d8:43:c7:48:e4:fd:46:f0:7e:08:70:69:8d:7a:cc:
         89:d5:35:6a:eb:7f:a6:af:45:f2:41:a3:9f:6b:eb:1c:fd:34:
         09:41:2f:2c:ff:33:1b:7c:ff:f0:80:36:58:3e:de:84:bd:50:
         3e:8c:cf:46:1a:da:0f:44:f7:27:cd:2a:23:e9:1c:ed:32:8d:
         81:e8:30:05:bf:76:21:8d:b3:53:eb:e0:99:fd:88:3d:82:96:
         5a:41:bf:bb:8a:1d:06:c8:4e:b1:64:7b:4e:fe:64:49:4b:02:
         be:0a:8b:19:09:37:97:e0:57:82:cb:11:25:75:b3:0b:5d:ba:
         07:ec:74:2d:01:42:7a:b2:23:22:56:2f:c6:87:84:2e:d6:6f:
         96:21:f4:33:28:59:12:30:80:b2:52:ac:93:50:5f:00:c9:42:
         61:fd:28:8d:1c:bb:6b:14:03:da:1f:eb:d3:d2:56:3d:94:f2:
         60:40:a3:a6
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUKGeKbwLRHiyikDX3ETpmHtxEVVswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yMzA4MDgwMTU1MTBaFw0yNDA4MDYwMjAwMTBaMDMxMTAvBgNV
BAMTKDcyQkFFRTQ1OTcyNUZBMTIwOTQwRUZGQzUzNTU2M0QzNTZDODFCNTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDa2rN520EHT+rHN7D8MqSIoCDB
q9xOr9Yfi/un/h3xDMLufCFvlUDD0d5tAwS7Jp1J2oXIu0Ng3po7sv8W8wq70wt/
OCeRWLAGYiYbW95KgLouKOl/MGWKzOioxTEAu5wswaZH7whOeep+l1Jmqfny46i0
Q0DhiyuuvyRryp6s+Qja2XCavlyeZDQ/CbSEOEdjwV/XZY+fSaw28QYY9XSSv/+T
IRbNZHK9qQ6xVQ+3I/EdUu5KMa7np1/O94OwmqfGqWIHXxlLViTsj3WBMN62nqxM
gLz/HaGu0SrTVY57Y6WeVEmCcbg+au8qU4w2igs8H5qn1bxD7n6+HxTHtx8DAgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQUcrruRZcl+hIJQO/8U1Vj01bIG1IwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTNDk5OTkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAC1138w
DQYJKoZIhvcNAQELBQADggEBAIgJc16qZtPGbcMhaiUHz2W/+hBPvpo2MBWAwyLm
KvnpeMOZFW+0Clfcpyx0qGZKse0O+he/BlyguWQxTvXT8w1YdOO4EUOpojGZ2dhD
x0jk/UbwfghwaY16zInVNWrrf6avRfJBo59r6xz9NAlBLyz/Mxt8//CANlg+3oS9
UD6Mz0Ya2g9E9yfNKiPpHO0yjYHoMAW/diGNs1Pr4Jn9iD2CllpBv7uKHQbITrFk
e07+ZElLAr4KixkJN5fgV4LLESV1swtdugfsdC0BQnqyIyJWL8aHhC7Wb5Yh9DMo
WRIwgLJSrJNQXwDJQmH9KI0cu2sUA9of69PSVj2U8mBAo6Y=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:16 2024 by rpki-client on console-fra.rpki-client.org