Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/Q2fbqntXfvOkkrfI29OTu9_HyKo.roa
File:                     Q2fbqntXfvOkkrfI29OTu9_HyKo.roa (raw, json)
Hash identifier:          RT2ccvwJZUZs93gRZKjbx9spR0AWOVQm9Wm7pPP4egM=
Subject key identifier:   43:67:DB:AA:7B:57:7E:F3:A4:92:B7:C8:DB:D3:93:BB:DF:C7:C8:AA
Certificate issuer:       /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial:       0191B8353E42A9B9B9EDCFE6CDDB3457F127
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/Q2fbqntXfvOkkrfI29OTu9_HyKo.roa
Signing time:             Tue 03 Sep 2024 14:06:22 +0000
ROA not before:           Tue 03 Sep 2024 14:06:22 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     393886
IP address blocks:        176.103.124.0/24 maxlen: 24
                          176.103.125.0/24 maxlen: 24
                          176.103.126.0/24 maxlen: 24
                          176.103.127.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 31 Oct 2024 14:22:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:91:b8:35:3e:42:a9:b9:b9:ed:cf:e6:cd:db:34:57:f1:27
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
        Validity
            Not Before: Sep  3 14:06:22 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=4367dbaa7b577ef3a492b7c8dbd393bbdfc7c8aa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:d9:37:c4:ac:d6:6b:33:41:4e:3d:7f:e2:07:
                    64:43:74:ce:e0:20:bd:8a:4d:7c:94:d7:e2:bc:ff:
                    37:b3:cd:ca:bb:66:c4:3a:5a:22:08:10:dc:6f:17:
                    e4:33:d5:82:c4:cb:e7:d1:5c:4a:03:35:33:a6:23:
                    9b:54:1f:44:e6:47:82:67:dc:7d:5e:1f:d7:f7:1d:
                    5f:8c:eb:5d:f6:80:91:6a:39:8e:d3:34:21:7e:c3:
                    d4:14:72:f4:2c:56:ba:ae:11:62:4d:18:bb:5c:2a:
                    21:55:05:ec:a6:8e:fc:61:5f:3a:6a:32:e6:c5:aa:
                    02:6e:bf:a8:57:79:8c:eb:65:33:07:5f:35:34:6f:
                    bd:6e:3e:56:f9:c7:1b:d9:2a:fd:be:b0:a6:69:29:
                    21:aa:bc:2f:4c:80:13:b0:ef:ff:93:18:e3:21:eb:
                    90:1c:15:36:1c:03:d4:5c:9f:ff:79:48:c8:e1:4e:
                    88:c6:20:31:ef:52:f3:0c:e4:aa:38:01:d1:20:c3:
                    91:6c:b0:13:61:54:b2:15:09:80:54:91:f5:cd:1e:
                    a3:0b:10:f6:b8:c0:f8:da:41:af:8a:42:20:cd:33:
                    1d:a1:ee:09:a6:ba:6d:05:07:fe:43:c2:67:af:0e:
                    b5:b9:e2:4d:95:6f:68:3e:2a:f8:38:53:b1:8f:88:
                    c0:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:67:DB:AA:7B:57:7E:F3:A4:92:B7:C8:DB:D3:93:BB:DF:C7:C8:AA
            X509v3 Authority Key Identifier:
                keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/Q2fbqntXfvOkkrfI29OTu9_HyKo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.103.124.0/22

    Signature Algorithm: sha256WithRSAEncryption
         72:e1:7b:7f:6a:09:ab:1f:65:48:95:0c:4e:c1:d2:91:76:b5:
         25:5e:7c:8e:a6:38:ba:ec:6f:a1:5d:98:d7:a1:e4:b9:8c:24:
         4e:69:56:b2:95:93:a0:46:b1:00:fd:19:75:05:5c:82:5f:4b:
         20:c0:cd:7a:b4:d9:26:13:93:cf:cf:3e:99:6a:a7:1b:ee:4c:
         ba:af:06:35:45:61:40:05:31:cc:d6:90:fe:c7:90:b9:33:41:
         db:6c:d2:06:47:91:a8:44:46:94:69:b4:7e:b6:87:ca:76:f6:
         fa:bb:23:39:f8:31:a2:d7:c5:5f:0c:75:dc:55:f6:97:f2:df:
         52:2b:d2:8d:20:46:d4:83:66:28:f9:ef:98:ac:29:3b:6c:b9:
         22:66:33:31:d2:c5:f2:84:94:d1:49:24:2b:71:e5:bc:62:75:
         ab:ab:5d:b5:58:e3:f5:68:7e:0c:c4:b5:ba:ee:87:2e:c9:59:
         29:ad:01:00:77:59:d3:7d:36:8e:59:ed:b0:60:1f:37:25:ea:
         e0:65:b3:c7:22:07:bf:96:17:ee:ff:2f:d8:0d:7c:c3:1b:69:
         cf:b0:43:25:e0:cd:22:cd:91:1e:11:72:80:77:f1:16:6c:24:
         00:54:4a:da:1d:97:27:41:68:e6:11:5a:93:07:a8:44:5a:3f:
         a4:b0:78:0a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZG4NT5Cqbm57c/mzds0V/EnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjQwOTAzMTQwNjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzY3ZGJhYTdiNTc3ZWYzYTQ5MmI3YzhkYmQzOTNiYmRmYzdjOGFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp9k3xKzWazNBTj1/4gdkQ3TO4CC9
ik18lNfivP83s83Ku2bEOloiCBDcbxfkM9WCxMvn0VxKAzUzpiObVB9E5keCZ9x9
Xh/X9x1fjOtd9oCRajmO0zQhfsPUFHL0LFa6rhFiTRi7XCohVQXspo78YV86ajLm
xaoCbr+oV3mM62UzB181NG+9bj5W+ccb2Sr9vrCmaSkhqrwvTIATsO//kxjjIeuQ
HBU2HAPUXJ//eUjI4U6IxiAx71LzDOSqOAHRIMORbLATYVSyFQmAVJH1zR6jCxD2
uMD42kGvikIgzTMdoe4JprptBQf+Q8Jnrw61ueJNlW9oPir4OFOxj4jACQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFENn26p7V37zpJK3yNvTk7vfx8iqMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvUTJmYnFudFhmdk9ra3JmSTI5T1R1OV9IeUtvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCsGd8MA0G
CSqGSIb3DQEBCwUAA4IBAQBy4Xt/agmrH2VIlQxOwdKRdrUlXnyOpji67G+hXZjX
oeS5jCROaVaylZOgRrEA/Rl1BVyCX0sgwM16tNkmE5PPzz6Zaqcb7ky6rwY1RWFA
BTHM1pD+x5C5M0HbbNIGR5GoREaUabR+tofKdvb6uyM5+DGi18VfDHXcVfaX8t9S
K9KNIEbUg2Yo+e+YrCk7bLkiZjMx0sXyhJTRSSQrceW8YnWrq121WOP1aH4MxLW6
7ocuyVkprQEAd1nTfTaOWe2wYB83JergZbPHIge/lhfu/y/YDXzDG2nPsEMl4M0i
zZEeEXKAd/EWbCQAVEraHZcnQWjmEVqTB6hEWj+ksHgK
-----END CERTIFICATE-----
Generated at Thu Oct 31 19:17:33 2024 by rpki-client on console-ams.rpki-client.org