Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/IwpW04dG2a0_ShclLyWDgCbO4Do.roa
File:                     IwpW04dG2a0_ShclLyWDgCbO4Do.roa (raw, json)
Hash identifier:          /gwcklbfpp5Cq9Dde6eDhCgNxbS+a4KQDydscCqQHSk=
Subject key identifier:   23:0A:56:D3:87:46:D9:AD:3F:4A:17:25:2F:25:83:80:26:CE:E0:3A
Certificate issuer:       /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial:       0185BA37E47656B31F7D4CA2BD5F655F980A
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/IwpW04dG2a0_ShclLyWDgCbO4Do.roa
Signing time:             Mon 16 Jan 2023 10:55:03 +0000
ROA not before:           Mon 16 Jan 2023 10:55:03 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61317
IP address blocks:        109.121.35.0/24 maxlen: 24
                          109.121.32.0/24 maxlen: 24
                          109.121.40.0/24 maxlen: 24
                          109.121.43.0/24 maxlen: 24
                          109.121.44.0/24 maxlen: 24
                          109.121.46.0/24 maxlen: 24
                          109.233.184.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 31 Jan 2023 13:24:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:ba:37:e4:76:56:b3:1f:7d:4c:a2:bd:5f:65:5f:98:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
        Validity
            Not Before: Jan 16 10:55:03 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=230a56d38746d9ad3f4a17252f25838026cee03a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:12:35:39:51:6e:6a:0e:3d:1f:9e:02:12:01:
                    bf:02:49:f5:24:11:ed:b6:e9:cb:54:e0:cf:75:d2:
                    61:ab:fd:d4:d4:b7:18:a3:c1:00:8d:f5:56:ff:0c:
                    96:59:6d:c1:50:eb:c1:3e:87:86:ba:82:35:10:d1:
                    0a:28:ee:9f:ab:da:01:41:5c:59:7a:94:d0:92:49:
                    71:ea:98:16:c3:9c:f4:80:15:0b:a2:4a:6f:de:45:
                    2f:88:81:f6:69:76:d2:9d:01:e7:31:e6:3c:95:b8:
                    30:4a:ab:a5:11:0c:39:8e:f9:f9:92:8a:1f:44:9b:
                    89:50:47:c1:a9:fe:a2:84:50:52:ae:c5:26:98:b9:
                    5b:49:ca:b5:c7:b7:e4:c6:99:a2:9d:9d:fd:f3:c7:
                    fc:fa:ce:2e:d2:15:97:01:c1:ab:34:9a:c3:69:29:
                    59:b5:48:b9:4d:2e:04:3a:0b:22:6b:30:8f:1a:28:
                    fc:44:f2:43:0f:a1:de:0f:41:30:78:3d:bf:52:15:
                    ea:4d:90:82:37:a1:9f:f4:7a:af:32:60:fe:98:b4:
                    ae:a6:ff:73:e4:57:80:45:16:0d:78:4e:6d:72:23:
                    48:f6:87:66:bf:5a:4d:e2:dc:3e:eb:be:6c:b6:20:
                    03:c8:83:5f:9d:bf:e8:59:30:41:20:1b:05:96:dc:
                    31:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:0A:56:D3:87:46:D9:AD:3F:4A:17:25:2F:25:83:80:26:CE:E0:3A
            X509v3 Authority Key Identifier:
                keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/IwpW04dG2a0_ShclLyWDgCbO4Do.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.121.32.0/24
                  109.121.35.0/24
                  109.121.40.0/24
                  109.121.43.0-109.121.44.255
                  109.121.46.0/24
                  109.233.184.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9a:90:4a:74:b8:3d:5f:64:de:9a:e6:b4:10:6e:f6:86:14:2a:
         1f:cd:77:81:7d:01:2e:ae:23:ff:7c:71:03:57:c3:cd:4d:3d:
         14:7a:6d:28:c6:c9:a8:71:4e:d3:cf:f4:d3:b4:70:8f:26:9d:
         be:ec:17:da:91:19:12:cb:e3:4d:cc:c0:5f:e7:10:84:0c:9b:
         42:47:93:77:fd:80:c0:61:5c:47:b9:24:c3:cc:d3:7b:6f:a6:
         4a:21:3a:84:1e:43:a8:bf:9a:44:84:07:21:09:fb:73:23:ff:
         b8:19:9c:1d:54:96:f6:61:d1:3e:2c:9c:da:bb:b8:b9:f3:fa:
         3d:43:40:d3:ea:d7:e6:77:4b:bb:d7:83:9a:b3:08:1d:b2:8d:
         53:c8:98:4a:2f:bd:0e:49:3e:51:64:79:c1:0f:43:5f:bf:b1:
         86:5c:a4:ad:91:93:9f:a0:59:54:b6:c2:9f:8b:47:8a:d2:0b:
         ce:e6:96:d2:60:d3:b3:56:7e:f2:90:2b:06:4c:a0:e4:60:c3:
         b2:34:5c:79:c4:7a:6e:67:dd:9b:3c:f6:89:f9:eb:06:aa:a5:
         c7:4c:ac:c5:49:e5:c2:af:17:4d:17:9f:90:82:d7:ce:66:54:
         d8:79:9f:3a:ee:a9:78:56:6e:a5:0d:93:41:7d:2e:16:f0:77:
         6e:ac:7e:35
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYW6N+R2VrMffUyivV9lX5gKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjMwMTE2MTA1NTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzBhNTZkMzg3NDZkOWFkM2Y0YTE3MjUyZjI1ODM4MDI2Y2VlMDNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuBI1OVFuag49H54CEgG/Akn1JBHt
tunLVODPddJhq/3U1LcYo8EAjfVW/wyWWW3BUOvBPoeGuoI1ENEKKO6fq9oBQVxZ
epTQkklx6pgWw5z0gBULokpv3kUviIH2aXbSnQHnMeY8lbgwSqulEQw5jvn5koof
RJuJUEfBqf6ihFBSrsUmmLlbScq1x7fkxpminZ3988f8+s4u0hWXAcGrNJrDaSlZ
tUi5TS4EOgsiazCPGij8RPJDD6HeD0EweD2/UhXqTZCCN6Gf9HqvMmD+mLSupv9z
5FeARRYNeE5tciNI9odmv1pN4tw+675stiADyINfnb/oWTBBIBsFltwxewIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFCMKVtOHRtmtP0oXJS8lg4AmzuA6MB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvSXdwVzA0ZEcyYTBfU2hjbEx5V0RnQ2JPNERvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQAbXkgAwQA
bXkjAwQAbXkoMAwDBABteSsDBABteSwDBABteS4DBABt6bgwDQYJKoZIhvcNAQEL
BQADggEBAJqQSnS4PV9k3prmtBBu9oYUKh/Nd4F9AS6uI/98cQNXw81NPRR6bSjG
yahxTtPP9NO0cI8mnb7sF9qRGRLL403MwF/nEIQMm0JHk3f9gMBhXEe5JMPM03tv
pkohOoQeQ6i/mkSEByEJ+3Mj/7gZnB1UlvZh0T4snNq7uLnz+j1DQNPq1+Z3S7vX
g5qzCB2yjVPImEovvQ5JPlFkecEPQ1+/sYZcpK2Rk5+gWVS2wp+LR4rSC87mltJg
07NWfvKQKwZMoORgw7I0XHnEem5n3Zs89on56waqpcdMrMVJ5cKvF00Xn5CC185m
VNh5nzruqXhWbqUNk0F9Lhbwd26sfjU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:26 2024 by rpki-client on console-fra.rpki-client.org