Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/6dac86-224b-4ae5-b2a8-496ba82492ce/1/8-RFE8LtW8qhn31SJct19K8XoqY.roa
File:                     8-RFE8LtW8qhn31SJct19K8XoqY.roa (raw, json)
Hash identifier:          KjeaYfMV5ekZPlncB8x+hDHbocwBRBt2qb5PDAprRzs=
Subject key identifier:   F3:E4:45:13:C2:ED:5B:CA:A1:9F:7D:52:25:CB:75:F4:AF:17:A2:A6
Certificate issuer:       /CN=9c556767201c50f6b2a955db6a1e6e011dfa5d44
Certificate serial:       018CF43B2E8EADDD638795AB0C9E59F376F6
Authority key identifier: 9C:55:67:67:20:1C:50:F6:B2:A9:55:DB:6A:1E:6E:01:1D:FA:5D:44
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nFVnZyAcUPayqVXbah5uAR36XUQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2f/6dac86-224b-4ae5-b2a8-496ba82492ce/1/8-RFE8LtW8qhn31SJct19K8XoqY.roa
Signing time:             Wed 10 Jan 2024 16:36:08 +0000
ROA not before:           Wed 10 Jan 2024 16:36:08 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     208882
IP address blocks:        92.249.26.0/24 maxlen: 24
                          45.81.40.0/23 maxlen: 23
                          2a0e:4d80::/29 maxlen: 29
                          2a0d:ff40::/29 maxlen: 29

Validation:               Failed, certificate revoked on Tue 29 Oct 2024 21:25:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:f4:3b:2e:8e:ad:dd:63:87:95:ab:0c:9e:59:f3:76:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9c556767201c50f6b2a955db6a1e6e011dfa5d44
        Validity
            Not Before: Jan 10 16:36:08 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=f3e44513c2ed5bcaa19f7d5225cb75f4af17a2a6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:6d:a9:14:94:0c:3d:69:ff:92:10:f0:30:da:
                    b9:a1:30:ff:ee:db:5d:ff:dc:d4:7b:51:c3:e9:a0:
                    c3:06:e8:82:0c:5b:e1:86:e8:99:ac:67:95:37:1b:
                    42:d6:eb:f6:fd:75:1f:a1:a0:b1:c8:77:6d:3f:55:
                    d0:85:51:df:f3:5e:84:09:65:31:d9:98:75:47:e5:
                    4c:a4:ba:24:e6:82:bd:11:79:c3:50:31:fa:fe:f2:
                    53:ac:c1:e0:cb:23:37:8a:6b:e7:f2:a8:c7:88:ef:
                    e1:c1:ed:76:69:18:6b:1d:9a:76:46:6f:3c:8e:ba:
                    34:21:42:6d:a7:8b:e8:0d:39:fc:4e:03:8f:bd:3c:
                    2a:00:1b:19:fd:e3:c9:3f:5c:36:55:e6:e4:85:c0:
                    bd:fb:d3:90:d7:ec:04:3c:71:d5:f9:ab:21:95:5a:
                    2b:e3:c5:f6:db:fe:30:eb:70:bb:aa:f2:02:61:e8:
                    98:57:34:ad:26:f3:91:fb:6b:b5:a9:1d:c0:5e:4a:
                    07:e4:52:de:a3:fb:00:26:80:ca:ca:df:f6:e7:d6:
                    6b:2d:ca:d6:f8:ce:04:e8:29:6a:d2:0a:ce:3e:7f:
                    b9:52:67:6c:57:7f:01:55:d6:79:ae:27:78:51:51:
                    95:03:1b:62:24:4c:a5:a0:63:57:bb:f5:0e:5e:80:
                    d4:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:E4:45:13:C2:ED:5B:CA:A1:9F:7D:52:25:CB:75:F4:AF:17:A2:A6
            X509v3 Authority Key Identifier:
                keyid:9C:55:67:67:20:1C:50:F6:B2:A9:55:DB:6A:1E:6E:01:1D:FA:5D:44

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nFVnZyAcUPayqVXbah5uAR36XUQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/6dac86-224b-4ae5-b2a8-496ba82492ce/1/8-RFE8LtW8qhn31SJct19K8XoqY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/6dac86-224b-4ae5-b2a8-496ba82492ce/1/nFVnZyAcUPayqVXbah5uAR36XUQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.81.40.0/23
                  92.249.26.0/24
                IPv6:
                  2a0d:ff40::/29
                  2a0e:4d80::/29

    Signature Algorithm: sha256WithRSAEncryption
         8a:4c:ae:6a:7d:a1:3a:47:8a:23:3d:6a:e2:f9:d1:35:9e:30:
         49:40:fc:4d:74:1d:b1:57:7a:2f:bb:94:e6:db:96:0a:71:1a:
         90:63:53:46:4f:9c:09:02:e1:f5:9f:ef:8f:5b:9c:1b:48:c1:
         9a:9f:7d:9c:90:b0:2b:36:dc:48:26:0b:6b:12:6a:26:85:12:
         2d:5b:1b:27:0b:3d:78:2c:a2:e2:87:d8:f9:46:4d:21:d3:6b:
         24:8a:58:a7:78:2c:fc:d3:96:d6:af:22:e5:43:18:f7:52:7c:
         0e:00:d4:3a:a1:0a:ff:8c:fb:c9:d7:ef:4d:e5:b2:1a:c1:22:
         97:36:06:60:3f:35:a0:2b:30:4f:9b:2d:38:77:d7:13:0d:5a:
         68:26:4e:48:fa:94:8a:e0:88:18:cf:41:e8:cb:86:1c:64:26:
         a6:13:48:0f:51:47:95:db:a9:29:b3:30:0e:8d:2f:9c:1d:82:
         52:34:6c:d0:d9:ad:9d:bb:3f:28:bc:84:83:e9:b6:cd:6b:7e:
         79:a7:a1:17:94:b9:f2:0b:d2:b7:f1:b6:27:fe:45:04:8c:ad:
         8a:da:9e:0e:5f:1f:f3:63:69:53:32:85:3c:64:f5:82:dc:8c:
         6d:85:64:6c:9b:e7:ac:70:cb:c8:68:79:db:4d:b6:ee:24:ca:
         09:01:bc:64
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYz0Oy6Ord1jh5WrDJ5Z83b2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljNTU2NzY3MjAxYzUwZjZiMmE5NTVkYjZhMWU2ZTAxMWRm
YTVkNDQwHhcNMjQwMTEwMTYzNjA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2U0NDUxM2MyZWQ1YmNhYTE5ZjdkNTIyNWNiNzVmNGFmMTdhMmE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqG2pFJQMPWn/khDwMNq5oTD/7ttd
/9zUe1HD6aDDBuiCDFvhhuiZrGeVNxtC1uv2/XUfoaCxyHdtP1XQhVHf816ECWUx
2Zh1R+VMpLok5oK9EXnDUDH6/vJTrMHgyyM3imvn8qjHiO/hwe12aRhrHZp2Rm88
jro0IUJtp4voDTn8TgOPvTwqABsZ/ePJP1w2VebkhcC9+9OQ1+wEPHHV+ashlVor
48X22/4w63C7qvICYeiYVzStJvOR+2u1qR3AXkoH5FLeo/sAJoDKyt/259ZrLcrW
+M4E6Clq0grOPn+5UmdsV38BVdZ5rid4UVGVAxtiJEyloGNXu/UOXoDUjwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFPPkRRPC7VvKoZ99UiXLdfSvF6KmMB8GA1UdIwQY
MBaAFJxVZ2cgHFD2sqlV22oebgEd+l1EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkZWblp5QWNVUGF5cVZYYmFoNXVBUjM2WFVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi82ZGFjODYtMjI0Yi00YWU1LWIyYTgt
NDk2YmE4MjQ5MmNlLzEvOC1SRkU4THRXOHFobjMxU0pjdDE5SzhYb3FZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi82ZGFjODYtMjI0Yi00YWU1LWIyYTgtNDk2YmE4MjQ5MmNl
LzEvbkZWblp5QWNVUGF5cVZYYmFoNXVBUjM2WFVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQBLVEoAwQA
XPkaMBQEAgACMA4DBQMqDf9AAwUDKg5NgDANBgkqhkiG9w0BAQsFAAOCAQEAikyu
an2hOkeKIz1q4vnRNZ4wSUD8TXQdsVd6L7uU5tuWCnEakGNTRk+cCQLh9Z/vj1uc
G0jBmp99nJCwKzbcSCYLaxJqJoUSLVsbJws9eCyi4ofY+UZNIdNrJIpYp3gs/NOW
1q8i5UMY91J8DgDUOqEK/4z7ydfvTeWyGsEilzYGYD81oCswT5stOHfXEw1aaCZO
SPqUiuCIGM9B6MuGHGQmphNID1FHldupKbMwDo0vnB2CUjRs0Nmtnbs/KLyEg+m2
zWt+eaehF5S58gvSt/G2J/5FBIytitqeDl8f82NpUzKFPGT1gtyMbYVkbJvnrHDL
yGh520227iTKCQG8ZA==
-----END CERTIFICATE-----
Generated at Tue Oct 29 22:46:04 2024 by rpki-client on console-fra.rpki-client.org