Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/NbE4V2QmPDQy_OeiC3ya3ITSjz8.roa
File:                     NbE4V2QmPDQy_OeiC3ya3ITSjz8.roa (raw, json)
Hash identifier:          ITHdg6b5QtzJbTsMyr8+d08YX64xTt2x9yjgtXlxNQ0=
Subject key identifier:   35:B1:38:57:64:26:3C:34:32:FC:E7:A2:0B:7C:9A:DC:84:D2:8F:3F
Certificate issuer:       /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial:       018CC56E0AC2329342A8AD0C91A754946B46
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/NbE4V2QmPDQy_OeiC3ya3ITSjz8.roa
Signing time:             Mon 01 Jan 2024 14:29:32 +0000
ROA not before:           Mon 01 Jan 2024 14:29:32 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     834
IP address blocks:        109.121.32.0/24 maxlen: 24
                          109.121.41.0/24 maxlen: 24
                          109.121.43.0/24 maxlen: 24
                          109.121.46.0/24 maxlen: 24
                          185.47.91.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 03 Jan 2024 09:01:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:6e:0a:c2:32:93:42:a8:ad:0c:91:a7:54:94:6b:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
        Validity
            Not Before: Jan  1 14:29:32 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=35b1385764263c3432fce7a20b7c9adc84d28f3f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:81:8b:f4:b7:0d:2e:d3:5d:3e:2f:40:21:3f:
                    e7:9e:58:f7:56:35:f2:1d:20:c0:21:4b:b9:83:06:
                    b8:82:4a:dc:4d:2a:6d:c8:6d:42:db:91:6d:38:03:
                    b3:e6:c2:e7:c6:27:e4:58:57:14:18:49:14:d6:54:
                    34:e4:2e:32:bc:48:83:10:62:b8:c8:a6:0a:4a:09:
                    ad:10:e3:35:33:2b:c1:06:c2:e5:47:a8:eb:5e:41:
                    02:0e:a4:61:f5:57:46:45:55:8f:7d:d8:3f:79:e7:
                    f1:42:78:4d:ce:2e:8d:ab:d7:51:d4:c5:82:84:0d:
                    e7:c6:d3:0a:17:e8:e3:58:1f:12:67:a5:30:91:78:
                    c6:6d:5a:83:17:2d:47:8a:60:f4:3c:eb:b1:9f:5a:
                    13:ee:3a:a7:48:27:a2:5b:71:cd:5d:47:0f:69:7d:
                    de:8f:9c:38:a0:51:fa:4a:ca:43:0a:56:2f:45:bd:
                    75:16:61:68:69:e4:28:31:4d:5e:f0:9d:d0:96:94:
                    2a:83:f4:75:0a:e9:dc:0c:33:6d:7f:a3:2e:d4:a5:
                    e7:cf:aa:bb:41:2a:12:a1:a7:dd:c6:aa:99:18:3d:
                    a5:12:d1:9e:85:35:58:65:9a:06:ee:0e:99:b8:26:
                    72:cd:dc:da:21:88:8c:ce:f5:73:d1:48:1d:aa:ae:
                    0b:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:B1:38:57:64:26:3C:34:32:FC:E7:A2:0B:7C:9A:DC:84:D2:8F:3F
            X509v3 Authority Key Identifier:
                keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/NbE4V2QmPDQy_OeiC3ya3ITSjz8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.121.32.0/24
                  109.121.41.0/24
                  109.121.43.0/24
                  109.121.46.0/24
                  185.47.91.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3b:5f:f2:01:c6:b8:3c:1b:23:4a:84:5a:ea:45:2d:ee:fd:5e:
         b2:f5:22:c1:61:d3:f0:5f:80:94:fe:86:18:5b:0a:41:dc:22:
         d7:0d:28:4f:b7:df:ba:75:e2:bd:9a:c5:04:b4:86:04:0c:78:
         4c:d8:3f:00:72:81:82:22:de:3b:1d:9f:f4:1d:3b:15:ae:cb:
         28:35:b3:e8:ed:41:5a:ff:3e:5f:4b:f9:52:00:73:b1:11:94:
         f6:18:e7:69:88:41:08:be:97:2e:5c:9c:d4:2f:a1:ad:cf:63:
         05:cc:d8:33:87:dc:22:2c:16:3c:b6:60:26:b6:11:d4:46:23:
         82:f5:15:45:46:6e:0e:b5:be:f4:09:b2:e8:8a:48:3b:fd:e7:
         21:fc:48:51:ed:92:92:13:ed:3f:6f:9f:95:ea:79:3d:30:95:
         60:9c:0d:b8:0b:23:75:22:48:04:f6:7c:63:97:f6:5f:df:83:
         31:79:1b:9f:e3:8d:e8:31:d3:e4:ff:39:dc:26:17:e6:84:e0:
         9c:40:1f:a3:ec:cf:16:06:bb:03:ed:a1:ad:9b:40:93:47:9d:
         4a:e3:3b:ab:56:32:81:7d:99:34:e7:84:4e:69:98:19:5b:38:
         06:16:93:1f:46:98:72:25:61:8b:31:e8:90:d8:ef:28:ca:a9:
         05:d2:51:fc
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzFbgrCMpNCqK0MkadUlGtGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjQwMTAxMTQyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWIxMzg1NzY0MjYzYzM0MzJmY2U3YTIwYjdjOWFkYzg0ZDI4ZjNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlYGL9LcNLtNdPi9AIT/nnlj3VjXy
HSDAIUu5gwa4gkrcTSptyG1C25FtOAOz5sLnxifkWFcUGEkU1lQ05C4yvEiDEGK4
yKYKSgmtEOM1MyvBBsLlR6jrXkECDqRh9VdGRVWPfdg/eefxQnhNzi6Nq9dR1MWC
hA3nxtMKF+jjWB8SZ6UwkXjGbVqDFy1HimD0POuxn1oT7jqnSCeiW3HNXUcPaX3e
j5w4oFH6SspDClYvRb11FmFoaeQoMU1e8J3QlpQqg/R1CuncDDNtf6Mu1KXnz6q7
QSoSoafdxqqZGD2lEtGehTVYZZoG7g6ZuCZyzdzaIYiMzvVz0Ugdqq4L6QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFDWxOFdkJjw0Mvznogt8mtyE0o8/MB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvTmJFNFYyUW1QRFF5X09laUMzeWEzSVRTano4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAbXkgAwQA
bXkpAwQAbXkrAwQAbXkuAwQAuS9bMA0GCSqGSIb3DQEBCwUAA4IBAQA7X/IBxrg8
GyNKhFrqRS3u/V6y9SLBYdPwX4CU/oYYWwpB3CLXDShPt9+6deK9msUEtIYEDHhM
2D8AcoGCIt47HZ/0HTsVrssoNbPo7UFa/z5fS/lSAHOxEZT2GOdpiEEIvpcuXJzU
L6Gtz2MFzNgzh9wiLBY8tmAmthHURiOC9RVFRm4Otb70CbLoikg7/ech/EhR7ZKS
E+0/b5+V6nk9MJVgnA24CyN1IkgE9nxjl/Zf34MxeRuf443oMdPk/zncJhfmhOCc
QB+j7M8WBrsD7aGtm0CTR51K4zurVjKBfZk054ROaZgZWzgGFpMfRphyJWGLMeiQ
2O8oyqkF0lH8
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:26 2024 by rpki-client on console-fra.rpki-client.org