Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/PcP1ZOeT3JpgJCu4zsrF92Unl2o.roa
File:                     PcP1ZOeT3JpgJCu4zsrF92Unl2o.roa (raw, json)
Hash identifier:          oMp4LP+DUsUuVe/rsmpUs53Axg7OpdkkTrK60fzBIOc=
Subject key identifier:   3D:C3:F5:64:E7:93:DC:9A:60:24:2B:B8:CE:CA:C5:F7:65:27:97:6A
Certificate issuer:       /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial:       018CC56E0F208CA4D091E6984EB2235A4127
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/PcP1ZOeT3JpgJCu4zsrF92Unl2o.roa
Signing time:             Mon 01 Jan 2024 14:29:33 +0000
ROA not before:           Mon 01 Jan 2024 14:29:33 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     44477
IP address blocks:        109.233.189.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 15 Jan 2024 15:08:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:6e:0f:20:8c:a4:d0:91:e6:98:4e:b2:23:5a:41:27
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
        Validity
            Not Before: Jan  1 14:29:33 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=3dc3f564e793dc9a60242bb8cecac5f76527976a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:08:0d:47:e6:03:1a:68:87:ac:eb:03:81:65:
                    cc:80:8a:47:fa:bf:12:b0:23:39:65:33:03:44:04:
                    32:86:fe:66:cf:fd:b9:ed:98:d5:1d:a2:42:80:a6:
                    17:c7:4f:f4:54:ef:40:fe:eb:05:cb:39:68:58:c3:
                    04:28:fa:e2:c5:77:c5:1c:cb:69:cc:47:d2:13:a4:
                    ac:4a:2f:a1:a8:bd:4e:d7:68:5e:86:50:1d:42:5c:
                    41:9e:46:52:ec:63:6f:1d:1c:b7:05:51:59:f4:ee:
                    f3:4a:2f:8a:fb:a5:16:8a:b5:bf:d2:00:90:8b:54:
                    25:c2:a7:c5:b7:dd:88:ad:67:c6:96:d2:0c:19:2a:
                    65:93:3a:61:d6:69:13:58:60:7b:eb:98:1b:be:c0:
                    18:e7:be:1e:be:98:03:20:33:1e:27:e9:1b:59:74:
                    77:ce:ce:61:d7:29:0e:8c:8f:73:8f:fb:4c:29:6d:
                    bb:76:02:1e:a7:7b:35:d3:f3:02:c4:5e:6d:fa:37:
                    6e:25:99:02:5b:c5:28:35:95:09:46:da:9e:54:71:
                    a8:f7:53:4a:77:22:f7:be:32:29:0f:e0:04:d6:f1:
                    82:a3:ed:0c:35:9d:c7:e4:03:50:46:0e:c1:c3:48:
                    80:17:d9:e8:97:66:79:fd:91:a7:0d:e0:24:1f:ed:
                    f3:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:C3:F5:64:E7:93:DC:9A:60:24:2B:B8:CE:CA:C5:F7:65:27:97:6A
            X509v3 Authority Key Identifier:
                keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/PcP1ZOeT3JpgJCu4zsrF92Unl2o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.233.189.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8a:59:01:2f:15:73:c2:c9:ad:e2:5d:20:28:ce:1a:c5:68:57:
         f1:a5:26:88:31:92:f0:e1:81:0a:92:b1:41:96:81:f6:00:0c:
         27:d3:ad:07:f4:db:f8:25:14:b8:a1:89:7e:d0:73:c4:33:2f:
         b2:2a:b5:d3:fa:75:b6:3a:9d:fb:29:b5:5a:4e:5a:ec:ff:70:
         8b:06:5e:fc:2f:70:79:4d:fd:23:3c:d7:c9:98:7a:5b:19:3a:
         16:47:72:ac:b0:18:b3:81:04:31:45:b4:79:6a:1d:c2:3d:a6:
         74:16:9a:2f:9e:47:1f:70:28:16:c6:85:15:db:78:e4:eb:4d:
         64:5f:3c:44:20:fa:30:27:eb:35:91:e8:ed:5b:65:aa:a4:b6:
         43:33:24:bd:ab:5b:43:30:2a:59:69:05:6e:59:df:a2:fc:ef:
         fb:03:9b:27:7d:bc:c3:c2:b6:41:fa:70:a6:2f:19:05:9e:1b:
         da:8c:c7:07:be:22:06:78:40:49:6a:d4:22:8d:ea:91:8f:e0:
         0c:cb:3a:53:7a:34:93:a3:cc:1f:ec:74:d3:2e:d1:89:0e:6e:
         15:79:d8:48:c4:49:47:8d:6f:2e:fa:ec:c8:a8:3d:1f:09:b5:
         8b:48:47:f4:de:cd:fb:5b:1f:0c:42:67:53:c3:93:4d:03:57:
         4c:98:4c:26
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbg8gjKTQkeaYTrIjWkEnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjQwMTAxMTQyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGMzZjU2NGU3OTNkYzlhNjAyNDJiYjhjZWNhYzVmNzY1Mjc5NzZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzggNR+YDGmiHrOsDgWXMgIpH+r8S
sCM5ZTMDRAQyhv5mz/257ZjVHaJCgKYXx0/0VO9A/usFyzloWMMEKPrixXfFHMtp
zEfSE6SsSi+hqL1O12hehlAdQlxBnkZS7GNvHRy3BVFZ9O7zSi+K+6UWirW/0gCQ
i1QlwqfFt92IrWfGltIMGSplkzph1mkTWGB765gbvsAY574evpgDIDMeJ+kbWXR3
zs5h1ykOjI9zj/tMKW27dgIep3s10/MCxF5t+jduJZkCW8UoNZUJRtqeVHGo91NK
dyL3vjIpD+AE1vGCo+0MNZ3H5ANQRg7Bw0iAF9nol2Z5/ZGnDeAkH+3zgwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD3D9WTnk9yaYCQruM7KxfdlJ5dqMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvUGNQMVpPZVQzSnBnSkN1NHpzckY5MlVubDJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbem9MA0G
CSqGSIb3DQEBCwUAA4IBAQCKWQEvFXPCya3iXSAozhrFaFfxpSaIMZLw4YEKkrFB
loH2AAwn060H9Nv4JRS4oYl+0HPEMy+yKrXT+nW2Op37KbVaTlrs/3CLBl78L3B5
Tf0jPNfJmHpbGToWR3KssBizgQQxRbR5ah3CPaZ0FpovnkcfcCgWxoUV23jk601k
XzxEIPowJ+s1kejtW2WqpLZDMyS9q1tDMCpZaQVuWd+i/O/7A5snfbzDwrZB+nCm
LxkFnhvajMcHviIGeEBJatQijeqRj+AMyzpTejSTo8wf7HTTLtGJDm4VedhIxElH
jW8u+uzIqD0fCbWLSEf03s37Wx8MQmdTw5NNA1dMmEwm
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:04 2024 by rpki-client on console-ams.rpki-client.org