Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/YlEz6oyJ1dVImOxDzEM_OOehdiQ.roa
File:                     YlEz6oyJ1dVImOxDzEM_OOehdiQ.roa (raw, json)
Hash identifier:          mP3NghjbDvMquio+DpmEBIU2ZQ0OtBhGu0+5NoNmWoM=
Subject key identifier:   62:51:33:EA:8C:89:D5:D5:48:98:EC:43:CC:43:3F:38:E7:A1:76:24
Certificate issuer:       /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial:       018DE78C9D855E84BB185B3AE3E438ABD204
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/YlEz6oyJ1dVImOxDzEM_OOehdiQ.roa
Signing time:             Mon 26 Feb 2024 22:32:48 +0000
ROA not before:           Mon 26 Feb 2024 22:32:48 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     215622
IP address blocks:        109.121.41.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Apr 2024 17:58:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:e7:8c:9d:85:5e:84:bb:18:5b:3a:e3:e4:38:ab:d2:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
        Validity
            Not Before: Feb 26 22:32:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=625133ea8c89d5d54898ec43cc433f38e7a17624
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:3a:29:24:aa:31:77:92:5e:12:69:9b:25:62:
                    23:22:98:b8:d6:b1:e1:a3:d6:8f:0c:70:4d:fc:fb:
                    94:b4:8e:a5:1d:e5:e0:11:56:29:7d:93:c7:a0:b2:
                    0b:10:d6:28:96:1c:5e:17:f4:21:8b:cf:1f:07:dd:
                    f4:2f:fc:e7:4d:ee:e4:29:ac:b4:d3:ea:fe:1c:52:
                    2e:8a:86:7f:a7:ad:55:0f:ab:1a:5a:fe:5c:5b:75:
                    00:63:ce:a2:2f:78:fd:f0:60:2f:0f:ff:bf:af:4a:
                    09:8f:bb:30:4f:78:b3:6b:2d:3e:3f:d2:f7:3b:47:
                    47:d8:bd:9c:83:1b:c3:68:48:e0:9b:1e:a0:bd:a0:
                    bd:7e:28:10:d6:72:70:f0:92:50:26:37:ed:f0:ea:
                    2a:cd:ae:33:6f:c6:6b:37:5a:8d:d3:b6:83:a7:3e:
                    84:75:ea:43:fb:c6:e3:2a:b1:68:87:a2:0b:1f:9b:
                    05:b1:94:d6:67:a4:fb:b1:ed:e0:64:ec:f4:52:01:
                    0e:fa:c7:19:2a:47:76:1e:4d:88:08:08:ab:e7:ff:
                    79:27:8c:dc:05:7b:50:68:63:20:29:a7:39:1e:28:
                    f7:47:f9:c6:1f:87:39:8f:9a:bf:b7:f9:ec:b4:3b:
                    7f:2c:3b:5f:19:b4:b7:a5:fb:fb:f1:03:4e:8a:d6:
                    00:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:51:33:EA:8C:89:D5:D5:48:98:EC:43:CC:43:3F:38:E7:A1:76:24
            X509v3 Authority Key Identifier:
                keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/YlEz6oyJ1dVImOxDzEM_OOehdiQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.121.41.0/24

    Signature Algorithm: sha256WithRSAEncryption
         01:2c:bf:6b:01:99:04:0a:2c:e4:29:53:82:f8:2c:65:6e:16:
         c1:99:ec:0d:52:3b:ea:80:f8:32:33:13:06:3d:bb:dc:3f:4e:
         d5:71:37:b2:4c:7b:aa:99:aa:88:8a:ac:4d:7b:40:09:60:96:
         53:9f:6b:41:7a:08:90:73:e7:0b:f1:d4:ee:91:47:e1:91:db:
         69:a7:86:a4:ca:cf:cc:a8:a7:15:48:a9:2d:eb:b3:22:7d:e1:
         9b:9a:27:ab:eb:85:8f:74:59:10:fa:70:e2:8d:12:74:66:7a:
         0f:86:fb:fd:22:01:26:6d:9d:64:41:08:26:43:cd:29:65:fb:
         0f:68:60:ab:f7:ad:ca:8c:8c:35:04:c5:4b:af:7d:c3:3b:c1:
         5f:16:5f:a5:25:85:e9:ed:06:22:40:76:34:7f:d0:77:4c:34:
         11:07:13:6e:e6:75:b9:e6:4b:27:84:7d:3b:42:d3:b0:67:52:
         56:c4:a7:60:6c:a3:77:4c:5b:37:d9:07:de:26:fc:72:a2:76:
         a3:40:26:e1:4e:45:6d:0b:e0:b9:1d:af:14:e6:69:f5:45:81:
         e8:cf:92:9a:7d:71:b2:bf:da:6f:24:1c:eb:3d:a6:c7:62:d3:
         ec:75:e3:7d:7d:f6:15:8c:8b:de:3c:36:c4:56:68:0f:3b:d1:
         f6:36:be:31
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY3njJ2FXoS7GFs64+Q4q9IEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjQwMjI2MjIzMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjUxMzNlYThjODlkNWQ1NDg5OGVjNDNjYzQzM2YzOGU3YTE3NjI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuDopJKoxd5JeEmmbJWIjIpi41rHh
o9aPDHBN/PuUtI6lHeXgEVYpfZPHoLILENYolhxeF/Qhi88fB930L/znTe7kKay0
0+r+HFIuioZ/p61VD6saWv5cW3UAY86iL3j98GAvD/+/r0oJj7swT3izay0+P9L3
O0dH2L2cgxvDaEjgmx6gvaC9figQ1nJw8JJQJjft8Ooqza4zb8ZrN1qN07aDpz6E
depD+8bjKrFoh6ILH5sFsZTWZ6T7se3gZOz0UgEO+scZKkd2Hk2ICAir5/95J4zc
BXtQaGMgKac5Hij3R/nGH4c5j5q/t/nstDt/LDtfGbS3pfv78QNOitYA8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGJRM+qMidXVSJjsQ8xDPzjnoXYkMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvWWxFejZveUoxZFZJbU94RHpFTV9PT2VoZGlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbXkpMA0G
CSqGSIb3DQEBCwUAA4IBAQABLL9rAZkECizkKVOC+CxlbhbBmewNUjvqgPgyMxMG
PbvcP07VcTeyTHuqmaqIiqxNe0AJYJZTn2tBegiQc+cL8dTukUfhkdtpp4akys/M
qKcVSKkt67MifeGbmier64WPdFkQ+nDijRJ0ZnoPhvv9IgEmbZ1kQQgmQ80pZfsP
aGCr963KjIw1BMVLr33DO8FfFl+lJYXp7QYiQHY0f9B3TDQRBxNu5nW55ksnhH07
QtOwZ1JWxKdgbKN3TFs32QfeJvxyonajQCbhTkVtC+C5Ha8U5mn1RYHoz5KafXGy
v9pvJBzrPabHYtPsdeN9ffYVjIvePDbEVmgPO9H2Nr4x
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:26 2024 by rpki-client on console-fra.rpki-client.org