Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/Zv9_k9hiFNR7Ad4EN521-QiDRiY.roa
File:                     Zv9_k9hiFNR7Ad4EN521-QiDRiY.roa (raw, json)
Hash identifier:          FEbth/TAd+ee6rK/ydXnixyjNP2s/e2DjVoarbJ73aY=
Subject key identifier:   66:FF:7F:93:D8:62:14:D4:7B:01:DE:04:37:9D:B5:F9:08:83:46:26
Certificate issuer:       /CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16
Certificate serial:       0188959D45CDB8C7EDFEC5F844CBEDD3C863
Authority key identifier: E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/Zv9_k9hiFNR7Ad4EN521-QiDRiY.roa
Signing time:             Wed 07 Jun 2023 11:28:12 +0000
ROA not before:           Wed 07 Jun 2023 11:28:12 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     43260
IP address blocks:        109.111.245.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 19 Jun 2023 17:40:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:95:9d:45:cd:b8:c7:ed:fe:c5:f8:44:cb:ed:d3:c8:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16
        Validity
            Not Before: Jun  7 11:28:12 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=66ff7f93d86214d47b01de04379db5f908834626
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:ef:a5:ec:91:31:ed:d0:d7:1e:5e:41:c7:64:
                    b6:b7:c6:51:ef:f9:ea:5d:48:74:e0:18:43:82:1b:
                    e8:de:6c:4a:e0:df:6b:64:3f:5a:d0:7c:1e:ee:4d:
                    b9:85:a3:d5:46:27:cb:a9:f4:9d:29:ef:be:27:2b:
                    6b:c2:12:b3:47:41:5a:8b:03:43:8d:29:b3:21:2b:
                    b8:df:42:dc:ec:96:9f:e0:16:ee:76:24:2f:8f:60:
                    bd:38:40:1c:61:fa:02:af:59:97:35:f4:a7:6e:f2:
                    76:b0:c1:1b:35:dc:c0:c9:c5:67:7e:10:0c:dc:4f:
                    06:ca:86:1a:04:64:9b:90:42:02:74:a9:8f:8f:98:
                    46:d3:69:20:74:c5:51:0e:1c:21:c6:53:96:95:bc:
                    5d:bd:61:f6:4c:4c:86:6a:43:88:96:a3:9c:8d:f0:
                    d5:d5:04:d3:d1:4a:b3:e0:cc:0b:0d:61:31:e0:5a:
                    f1:17:d0:2e:a8:eb:29:be:21:00:68:d4:c3:4a:78:
                    31:66:16:f1:7c:bc:ba:ba:b5:c4:1a:66:9d:d0:87:
                    b9:7e:64:66:8c:51:db:22:85:14:ba:22:4c:e3:32:
                    6b:03:4f:7f:81:3d:20:03:53:46:66:ff:cb:42:e9:
                    c7:61:4d:4c:f7:bf:57:51:c6:87:29:fc:b5:6a:11:
                    d4:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:FF:7F:93:D8:62:14:D4:7B:01:DE:04:37:9D:B5:F9:08:83:46:26
            X509v3 Authority Key Identifier:
                keyid:E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/Zv9_k9hiFNR7Ad4EN521-QiDRiY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.111.245.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5a:84:54:e2:73:6a:d5:2d:74:14:d7:56:08:78:57:20:b2:e1:
         a0:df:99:95:f4:02:09:ca:e8:50:9f:76:81:86:70:0c:58:19:
         ab:e3:71:79:f8:a6:a7:59:27:d2:48:60:30:75:80:0c:6f:7f:
         32:01:28:f3:d4:ce:c4:7a:6a:d0:a4:aa:62:32:35:79:86:64:
         f2:ec:84:09:7e:03:41:56:16:d1:2f:cc:1c:1c:46:57:f0:5d:
         f7:a0:3a:17:c0:b6:5f:ab:79:42:4a:e5:8a:68:a1:6c:39:35:
         07:86:76:7c:37:92:dd:61:f2:ff:3e:72:1d:4e:ef:8e:42:80:
         43:cd:cd:6c:c5:22:34:bc:eb:a2:1f:0a:a4:8c:c9:d8:e8:23:
         9a:a9:b5:c8:e2:00:05:37:3e:1b:aa:5d:f6:43:4f:a3:b4:2f:
         77:f7:6e:e3:65:11:c4:c0:2a:d5:61:f0:8e:9b:70:00:1b:c8:
         1a:c8:ba:38:00:2f:f5:50:94:45:ef:c8:fa:4c:5e:cc:ad:8a:
         a2:8d:4b:88:02:5d:91:fd:b3:32:3c:a3:c7:3b:82:26:b2:fb:
         f1:56:45:85:d3:5a:a7:53:7d:fd:4f:31:b7:f0:4b:5c:41:d4:
         bc:ce:92:23:93:26:a1:53:73:14:a7:5b:6e:0f:c3:ef:21:28:
         8b:d4:b8:36
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYiVnUXNuMft/sX4RMvt08hjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5NzEzZWYyNTI3N2UxM2RkNzNmNDQxOTZmZGE1Y2VjMGZk
OWNlMTYwHhcNMjMwNjA3MTEyODEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NmZmN2Y5M2Q4NjIxNGQ0N2IwMWRlMDQzNzlkYjVmOTA4ODM0NjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgO+l7JEx7dDXHl5Bx2S2t8ZR7/nq
XUh04BhDghvo3mxK4N9rZD9a0Hwe7k25haPVRifLqfSdKe++JytrwhKzR0FaiwND
jSmzISu430Lc7Jaf4BbudiQvj2C9OEAcYfoCr1mXNfSnbvJ2sMEbNdzAycVnfhAM
3E8GyoYaBGSbkEICdKmPj5hG02kgdMVRDhwhxlOWlbxdvWH2TEyGakOIlqOcjfDV
1QTT0Uqz4MwLDWEx4FrxF9AuqOspviEAaNTDSngxZhbxfLy6urXEGmad0Ie5fmRm
jFHbIoUUuiJM4zJrA09/gT0gA1NGZv/LQunHYU1M979XUcaHKfy1ahHUpQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGb/f5PYYhTUewHeBDedtfkIg0YmMB8GA1UdIwQY
MBaAFOlxPvJSd+E91z9EGW/aXOwP2c4WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEt
MGY2NmMxODg3OTE2LzEvWnY5X2s5aGlGTlI3QWQ0RU41MjEtUWlEUmlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEtMGY2NmMxODg3OTE2
LzEvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbW/1MA0G
CSqGSIb3DQEBCwUAA4IBAQBahFTic2rVLXQU11YIeFcgsuGg35mV9AIJyuhQn3aB
hnAMWBmr43F5+KanWSfSSGAwdYAMb38yASjz1M7EemrQpKpiMjV5hmTy7IQJfgNB
VhbRL8wcHEZX8F33oDoXwLZfq3lCSuWKaKFsOTUHhnZ8N5LdYfL/PnIdTu+OQoBD
zc1sxSI0vOuiHwqkjMnY6COaqbXI4gAFNz4bql32Q0+jtC93927jZRHEwCrVYfCO
m3AAG8gayLo4AC/1UJRF78j6TF7MrYqijUuIAl2R/bMyPKPHO4ImsvvxVkWF01qn
U339TzG38EtcQdS8zpIjkyahU3MUp1tuD8PvISiL1Lg2
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:45 2024 by rpki-client on console-fra.rpki-client.org