Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/HEzclNnk4gAAnCHi-3XTGqBmKUw.roa
File:                     HEzclNnk4gAAnCHi-3XTGqBmKUw.roa (raw, json)
Hash identifier:          4HY/9JtT4HZLMxztFU445xYVLLyK7SMYiTYmsgVA01o=
Subject key identifier:   1C:4C:DC:94:D9:E4:E2:00:00:9C:21:E2:FB:75:D3:1A:A0:66:29:4C
Certificate issuer:       /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial:       01887D20A8639C294AD7FD6B85038B55C37E
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/HEzclNnk4gAAnCHi-3XTGqBmKUw.roa
Signing time:             Fri 02 Jun 2023 17:21:12 +0000
ROA not before:           Fri 02 Jun 2023 17:21:12 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        109.121.35.0/24 maxlen: 24
                          109.121.34.0/24 maxlen: 24
                          109.121.43.0/24 maxlen: 24
                          109.121.40.0/24 maxlen: 24
                          109.233.185.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 06 Jun 2023 16:11:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:7d:20:a8:63:9c:29:4a:d7:fd:6b:85:03:8b:55:c3:7e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
        Validity
            Not Before: Jun  2 17:21:12 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1c4cdc94d9e4e200009c21e2fb75d31aa066294c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:c1:3c:d2:45:5c:21:25:fa:0a:21:d4:b3:4b:
                    46:67:31:37:75:d5:c5:ec:89:26:ee:2f:34:27:1f:
                    4b:0b:83:6b:e2:1b:b1:b5:d6:b0:4e:9f:cd:7f:5e:
                    12:ed:7e:87:bf:21:5b:0d:57:76:e8:ab:26:a2:02:
                    b0:bb:ea:94:02:7a:be:42:04:8a:00:7a:46:11:36:
                    7b:f2:48:15:a2:12:44:33:70:68:cc:57:ae:73:3e:
                    97:03:dd:bd:00:9a:a4:14:cf:e8:bb:9d:99:7b:14:
                    ae:b2:af:71:0b:c0:f0:db:fe:6d:37:85:96:56:1c:
                    1d:22:3a:1c:d9:89:b2:29:f5:e9:21:2d:fc:41:1e:
                    66:38:e6:d4:56:50:dc:6e:63:b0:ce:49:85:0b:cf:
                    c4:6c:f9:1c:d4:df:bb:5c:0d:f6:e3:2e:ee:e7:c4:
                    68:03:14:31:d3:e5:d6:a9:8e:e8:e8:0f:2a:bd:e7:
                    fb:e5:e9:89:2a:f5:45:5e:72:50:c9:cc:93:ff:1c:
                    4d:b2:c7:1e:19:7c:8e:c7:3c:a9:1b:9b:a7:2d:4d:
                    17:27:ae:02:a0:23:1e:1a:47:75:bb:e1:3e:6c:75:
                    14:0e:80:98:e6:08:4e:02:46:a2:6e:b1:7c:6e:32:
                    a1:66:cb:d6:d6:63:83:75:f2:7c:67:ca:25:14:f1:
                    0f:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:4C:DC:94:D9:E4:E2:00:00:9C:21:E2:FB:75:D3:1A:A0:66:29:4C
            X509v3 Authority Key Identifier:
                keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/HEzclNnk4gAAnCHi-3XTGqBmKUw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.121.34.0/23
                  109.121.40.0/24
                  109.121.43.0/24
                  109.233.185.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8a:67:9e:11:6e:8a:a2:ec:5f:16:0c:b8:0a:03:15:58:e1:72:
         19:ec:80:ea:e5:c9:45:e4:67:77:50:46:73:13:25:54:58:a3:
         bf:f0:20:df:cb:ea:47:ca:45:68:df:88:76:ea:26:69:10:15:
         d2:4a:77:72:fa:76:54:b8:f1:3b:cc:90:26:65:6b:11:47:2e:
         69:cd:10:a5:14:de:31:60:c0:68:d8:36:70:5e:19:e5:bc:bb:
         1f:7f:fe:fe:ff:dc:c3:51:09:96:34:8a:58:7f:12:b0:60:a8:
         b7:fe:4d:01:9f:a3:bb:5b:6b:48:6d:92:26:a2:19:c4:4e:27:
         5c:83:56:86:9e:97:04:f8:c0:32:94:08:38:e4:da:99:f5:a9:
         d5:cd:8b:e8:b2:9c:cc:fc:d9:40:a7:5b:f2:5b:b2:c3:6c:95:
         0b:6d:26:55:f6:d9:98:2f:df:78:56:93:e2:4c:2b:4d:3a:d4:
         ad:8f:8b:4e:35:f6:1a:e0:0e:78:e1:20:a4:09:70:04:76:7b:
         1d:a5:41:1f:46:38:c1:f4:68:c3:71:81:9e:48:42:6b:97:eb:
         c7:01:05:c7:35:29:e0:d9:e9:cf:56:55:e0:64:b8:c9:a1:39:
         f5:de:5e:ca:22:33:94:11:13:23:93:04:5d:f1:8d:f0:8c:77:
         09:3f:20:8d
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYh9IKhjnClK1/1rhQOLVcN+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjMwNjAyMTcyMTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzRjZGM5NGQ5ZTRlMjAwMDA5YzIxZTJmYjc1ZDMxYWEwNjYyOTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAusE80kVcISX6CiHUs0tGZzE3ddXF
7Ikm7i80Jx9LC4Nr4huxtdawTp/Nf14S7X6HvyFbDVd26KsmogKwu+qUAnq+QgSK
AHpGETZ78kgVohJEM3BozFeucz6XA929AJqkFM/ou52ZexSusq9xC8Dw2/5tN4WW
VhwdIjoc2YmyKfXpIS38QR5mOObUVlDcbmOwzkmFC8/EbPkc1N+7XA324y7u58Ro
AxQx0+XWqY7o6A8qvef75emJKvVFXnJQycyT/xxNssceGXyOxzypG5unLU0XJ64C
oCMeGkd1u+E+bHUUDoCY5ghOAkaibrF8bjKhZsvW1mODdfJ8Z8olFPEPjwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBxM3JTZ5OIAAJwh4vt10xqgZilMMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvSEV6Y2xObms0Z0FBbkNIaS0zWFRHcUJtS1V3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBbXkiAwQA
bXkoAwQAbXkrAwQAbem5MA0GCSqGSIb3DQEBCwUAA4IBAQCKZ54Rboqi7F8WDLgK
AxVY4XIZ7IDq5clF5Gd3UEZzEyVUWKO/8CDfy+pHykVo34h26iZpEBXSSndy+nZU
uPE7zJAmZWsRRy5pzRClFN4xYMBo2DZwXhnlvLsff/7+/9zDUQmWNIpYfxKwYKi3
/k0Bn6O7W2tIbZImohnETidcg1aGnpcE+MAylAg45NqZ9anVzYvospzM/NlAp1vy
W7LDbJULbSZV9tmYL994VpPiTCtNOtStj4tONfYa4A544SCkCXAEdnsdpUEfRjjB
9GjDcYGeSEJrl+vHAQXHNSng2enPVlXgZLjJoTn13l7KIjOUERMjkwRd8Y3wjHcJ
PyCN
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:26 2024 by rpki-client on console-fra.rpki-client.org