Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/HXAM0pWjsYknRAnA2hODZnoO-1A.roa
File:                     HXAM0pWjsYknRAnA2hODZnoO-1A.roa (raw, json)
Hash identifier:          4p1x2m/wEP1W9PU80KjjwSrprbrTxj5jd0o2jCrqBjQ=
Subject key identifier:   1D:70:0C:D2:95:A3:B1:89:27:44:09:C0:DA:13:83:66:7A:0E:FB:50
Certificate issuer:       /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial:       018608002363A730B1188B329F79AF7C839A
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/HXAM0pWjsYknRAnA2hODZnoO-1A.roa
Signing time:             Tue 31 Jan 2023 13:24:32 +0000
ROA not before:           Tue 31 Jan 2023 13:24:32 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61317
IP address blocks:        109.121.35.0/24 maxlen: 24
                          109.121.32.0/24 maxlen: 24
                          109.121.40.0/24 maxlen: 24
                          109.121.43.0/24 maxlen: 24
                          109.121.44.0/24 maxlen: 24
                          188.255.128.0/24 maxlen: 24
                          109.121.46.0/24 maxlen: 24
                          109.233.184.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 17 Mar 2023 21:12:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:08:00:23:63:a7:30:b1:18:8b:32:9f:79:af:7c:83:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
        Validity
            Not Before: Jan 31 13:24:32 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1d700cd295a3b189274409c0da1383667a0efb50
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:6d:ab:b4:ab:fa:7b:07:30:51:54:02:e1:e5:
                    dd:1c:60:9e:73:e1:a9:4b:ed:b7:29:fa:04:3f:f9:
                    46:64:01:71:70:c3:86:f1:5d:06:01:b9:bd:01:35:
                    43:22:5a:8a:f4:b5:86:c3:df:8c:34:8f:0e:9d:8f:
                    2c:1d:74:f1:12:fd:62:82:8a:eb:f6:cf:f6:56:c6:
                    79:4f:d2:b4:e1:aa:77:ad:b0:f8:7d:cf:c6:81:8e:
                    76:ec:45:e5:35:48:3a:4c:0b:a2:66:6b:b8:66:33:
                    64:ea:72:94:8b:99:55:36:21:58:02:13:af:4e:7c:
                    80:3f:dc:d4:49:fc:34:9e:4e:99:77:85:26:f7:35:
                    47:cd:0d:48:29:34:ca:42:a7:8e:10:ed:a3:6c:65:
                    13:f7:ea:cc:25:5e:d6:4b:2a:73:7e:d6:a8:19:b4:
                    fc:df:3c:68:89:2e:e2:be:33:52:5c:c3:69:d4:48:
                    0e:1e:ec:90:66:3f:0b:ae:ba:47:62:24:c5:82:3e:
                    9a:94:eb:4a:b9:b7:73:99:fa:18:4d:98:94:a7:16:
                    d6:40:1b:80:40:0a:c5:d1:bc:e5:81:ad:86:e4:a4:
                    7f:59:42:51:df:76:af:6c:eb:07:d0:da:1c:84:80:
                    f8:8f:39:7c:f7:48:16:57:0b:2d:f3:43:2b:ec:b7:
                    db:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:70:0C:D2:95:A3:B1:89:27:44:09:C0:DA:13:83:66:7A:0E:FB:50
            X509v3 Authority Key Identifier:
                keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/HXAM0pWjsYknRAnA2hODZnoO-1A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.121.32.0/24
                  109.121.35.0/24
                  109.121.40.0/24
                  109.121.43.0-109.121.44.255
                  109.121.46.0/24
                  109.233.184.0/24
                  188.255.128.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9e:9f:b0:5a:93:5e:43:6f:9c:d4:6a:e6:18:15:a6:a3:4f:cc:
         95:c0:14:fc:55:c4:15:93:bb:6b:c8:b3:f7:d9:18:9d:36:cd:
         2e:a8:3e:5a:8f:9e:cd:75:10:87:41:d0:4d:0d:71:4a:f6:5d:
         04:8f:70:a4:a5:77:64:9a:d9:71:00:60:ca:90:db:c2:b5:03:
         c2:8d:30:69:e2:7c:0c:31:fb:9d:c3:96:94:46:23:8f:7d:c4:
         6d:19:40:db:a5:64:e0:51:b9:d3:7a:49:51:29:9c:78:ca:5c:
         51:48:68:88:63:77:29:84:d5:f1:d4:ce:24:ee:85:d4:aa:84:
         6c:e7:14:5d:51:9b:74:e0:8f:30:7d:d7:3e:93:58:4d:4c:8e:
         18:0d:e7:7d:6f:55:be:34:d2:0d:55:3a:58:86:e0:40:66:2e:
         2d:10:83:2c:82:21:5c:ea:c2:c6:9c:7f:6b:fe:9d:2f:f9:c6:
         0f:93:dd:db:7b:47:a5:ee:27:71:02:85:48:44:78:fa:64:54:
         9b:d9:c2:fa:0d:5c:21:95:ad:f4:29:da:89:66:1a:b1:35:be:
         44:12:6d:a7:de:b4:75:6d:9d:ad:cd:d0:87:74:66:3d:43:fb:
         35:0e:b4:d6:2f:8a:56:49:5d:0d:f2:e9:6c:09:ac:dd:5b:63:
         31:e4:e1:50
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYYIACNjpzCxGIsyn3mvfIOaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjMwMTMxMTMyNDMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDcwMGNkMjk1YTNiMTg5Mjc0NDA5YzBkYTEzODM2NjdhMGVmYjUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAim2rtKv6ewcwUVQC4eXdHGCec+Gp
S+23KfoEP/lGZAFxcMOG8V0GAbm9ATVDIlqK9LWGw9+MNI8OnY8sHXTxEv1igorr
9s/2VsZ5T9K04ap3rbD4fc/GgY527EXlNUg6TAuiZmu4ZjNk6nKUi5lVNiFYAhOv
TnyAP9zUSfw0nk6Zd4Um9zVHzQ1IKTTKQqeOEO2jbGUT9+rMJV7WSypzftaoGbT8
3zxoiS7ivjNSXMNp1EgOHuyQZj8LrrpHYiTFgj6alOtKubdzmfoYTZiUpxbWQBuA
QArF0bzlga2G5KR/WUJR33avbOsH0NochID4jzl890gWVwst80Mr7LfbcwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFB1wDNKVo7GJJ0QJwNoTg2Z6DvtQMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvSFhBTTBwV2pzWWtuUkFuQTJoT0Rabm9PLTFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQAbXkgAwQA
bXkjAwQAbXkoMAwDBABteSsDBABteSwDBABteS4DBABt6bgDBAC8/4AwDQYJKoZI
hvcNAQELBQADggEBAJ6fsFqTXkNvnNRq5hgVpqNPzJXAFPxVxBWTu2vIs/fZGJ02
zS6oPlqPns11EIdB0E0NcUr2XQSPcKSld2Sa2XEAYMqQ28K1A8KNMGnifAwx+53D
lpRGI499xG0ZQNulZOBRudN6SVEpnHjKXFFIaIhjdymE1fHUziTuhdSqhGznFF1R
m3TgjzB91z6TWE1MjhgN531vVb400g1VOliG4EBmLi0QgyyCIVzqwsacf2v+nS/5
xg+T3dt7R6XuJ3EChUhEePpkVJvZwvoNXCGVrfQp2olmGrE1vkQSbafetHVtna3N
0Id0Zj1D+zUOtNYvilZJXQ3y6WwJrN1bYzHk4VA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:26 2024 by rpki-client on console-fra.rpki-client.org