Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/GfsW1zI599mY9dkU-tNuKdcBZjM.roa
File:                     GfsW1zI599mY9dkU-tNuKdcBZjM.roa (raw, json)
Hash identifier:          e7/JLTARNqWMhyBEiKMELXSI1dfa9/GpIA7lKsDTsfo=
Subject key identifier:   19:FB:16:D7:32:39:F7:D9:98:F5:D9:14:FA:D3:6E:29:D7:01:66:33
Certificate issuer:       /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial:       018616612077A1A56A526E02F49C18A2A342
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/GfsW1zI599mY9dkU-tNuKdcBZjM.roa
Signing time:             Fri 03 Feb 2023 08:25:09 +0000
ROA not before:           Fri 03 Feb 2023 08:25:09 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212238
IP address blocks:        109.121.40.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 17 Mar 2023 21:12:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:16:61:20:77:a1:a5:6a:52:6e:02:f4:9c:18:a2:a3:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
        Validity
            Not Before: Feb  3 08:25:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=19fb16d73239f7d998f5d914fad36e29d7016633
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:09:f3:3f:b6:20:3f:72:58:3a:2b:72:bd:d3:
                    50:94:1c:0e:d5:44:15:f4:f4:ef:3b:0e:12:78:b0:
                    d1:c2:c9:53:4a:cc:bb:d4:86:8c:40:f4:a6:a0:5b:
                    23:be:a9:14:0f:45:4b:f8:c9:8c:67:b0:93:a5:bb:
                    27:b3:1d:43:81:81:8f:70:75:11:68:41:67:8b:82:
                    54:9d:b3:f6:67:86:52:42:14:7b:5d:f2:81:6f:04:
                    17:5f:63:ee:25:b2:59:25:f7:6a:e5:8e:7e:61:88:
                    8e:b0:82:24:e1:fa:46:06:ff:68:97:06:08:5f:28:
                    42:7b:45:91:5a:89:bb:55:5f:31:c2:f9:13:8d:c1:
                    8c:d9:a1:11:72:a9:16:b6:95:00:2a:f9:de:23:4f:
                    d4:e9:22:7a:8f:0c:eb:73:bb:5a:06:c3:e2:0f:5b:
                    37:4c:d1:7a:8e:36:ff:df:2f:91:34:0d:cf:da:f0:
                    3a:ce:dd:ab:95:a5:2e:b2:5d:43:f1:e8:36:ce:6b:
                    6f:f7:37:66:8f:43:2f:2e:2c:d4:d8:25:b1:7f:a8:
                    e0:66:9a:1e:5a:5c:9a:5e:e7:08:31:24:e5:ae:dd:
                    64:23:14:ed:2e:77:7e:6f:35:56:d8:8b:08:fe:5d:
                    25:ad:3e:ac:e4:bb:cc:f6:0d:05:4f:c5:c7:49:df:
                    e3:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:FB:16:D7:32:39:F7:D9:98:F5:D9:14:FA:D3:6E:29:D7:01:66:33
            X509v3 Authority Key Identifier:
                keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/GfsW1zI599mY9dkU-tNuKdcBZjM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.121.40.0/24

    Signature Algorithm: sha256WithRSAEncryption
         43:0e:a8:9d:56:00:1a:1d:83:a9:8e:a6:a2:d7:96:a9:0b:64:
         2e:0f:ec:bd:08:34:2a:c0:3a:bf:49:70:81:93:d1:b7:47:56:
         61:2b:ce:4c:1c:d7:77:bf:02:c9:c7:6f:39:26:fe:70:92:bc:
         91:42:ac:21:63:3f:f3:04:20:f5:5d:ff:f1:b2:29:c0:cd:78:
         5a:f4:6b:90:08:ad:0b:cf:6d:cb:02:fe:ed:cd:f6:5c:06:24:
         34:01:c3:e9:c8:00:da:92:fe:9e:09:ca:a7:3f:2c:90:08:aa:
         55:68:74:68:e9:9b:8a:e7:40:13:fe:3d:39:da:4b:cc:89:26:
         c5:db:fc:98:00:0a:ea:c4:60:ff:88:10:a7:44:c7:eb:6b:9e:
         cc:9d:bb:fb:2c:45:77:01:9a:c6:93:54:49:26:fa:49:ca:6b:
         f7:f8:9e:8f:19:36:67:bf:bd:bd:dd:77:27:64:e5:94:2e:27:
         81:3a:66:e2:6c:b7:27:29:0f:02:6c:8f:ba:a4:f9:15:c1:53:
         e1:f5:d8:b2:c8:68:81:70:48:ac:fd:91:01:46:16:81:6d:3f:
         27:63:a9:32:37:a2:f0:4f:db:1a:0d:19:71:69:a3:8a:e0:27:
         e1:2f:b3:ec:42:c7:cd:76:e2:41:21:fd:bb:d2:2e:52:61:a5:
         a7:5a:e9:b0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYYWYSB3oaVqUm4C9JwYoqNCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjMwMjAzMDgyNTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOWZiMTZkNzMyMzlmN2Q5OThmNWQ5MTRmYWQzNmUyOWQ3MDE2NjMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjgnzP7YgP3JYOityvdNQlBwO1UQV
9PTvOw4SeLDRwslTSsy71IaMQPSmoFsjvqkUD0VL+MmMZ7CTpbsnsx1DgYGPcHUR
aEFni4JUnbP2Z4ZSQhR7XfKBbwQXX2PuJbJZJfdq5Y5+YYiOsIIk4fpGBv9olwYI
XyhCe0WRWom7VV8xwvkTjcGM2aERcqkWtpUAKvneI0/U6SJ6jwzrc7taBsPiD1s3
TNF6jjb/3y+RNA3P2vA6zt2rlaUusl1D8eg2zmtv9zdmj0MvLizU2CWxf6jgZpoe
WlyaXucIMSTlrt1kIxTtLnd+bzVW2IsI/l0lrT6s5LvM9g0FT8XHSd/jowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBn7FtcyOffZmPXZFPrTbinXAWYzMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvR2ZzVzF6STU5OW1ZOWRrVS10TnVLZGNCWmpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbXkoMA0G
CSqGSIb3DQEBCwUAA4IBAQBDDqidVgAaHYOpjqai15apC2QuD+y9CDQqwDq/SXCB
k9G3R1ZhK85MHNd3vwLJx285Jv5wkryRQqwhYz/zBCD1Xf/xsinAzXha9GuQCK0L
z23LAv7tzfZcBiQ0AcPpyADakv6eCcqnPyyQCKpVaHRo6ZuK50AT/j052kvMiSbF
2/yYAArqxGD/iBCnRMfra57Mnbv7LEV3AZrGk1RJJvpJymv3+J6PGTZnv7293Xcn
ZOWULieBOmbibLcnKQ8CbI+6pPkVwVPh9diyyGiBcEis/ZEBRhaBbT8nY6kyN6Lw
T9saDRlxaaOK4CfhL7PsQsfNduJBIf270i5SYaWnWumw
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:26 2024 by rpki-client on console-fra.rpki-client.org