Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/iLg6CnXyYK1V9hLTIeHttG8p4WI.roa
File:                     iLg6CnXyYK1V9hLTIeHttG8p4WI.roa (raw, json)
Hash identifier:          rg2pmMr9MpTlGa+YbnXt6goPEWXrPEm9jiJG7cYyIi4=
Subject key identifier:   88:B8:3A:0A:75:F2:60:AD:55:F6:12:D3:21:E1:ED:B4:6F:29:E1:62
Certificate issuer:       /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial:       018E4E9C3BA9622C725DAABE2A02F618E436
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/iLg6CnXyYK1V9hLTIeHttG8p4WI.roa
Signing time:             Sun 17 Mar 2024 22:50:45 +0000
ROA not before:           Sun 17 Mar 2024 22:50:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     7018
IP address blocks:        79.175.95.0/24 maxlen: 24
                          79.175.96.0/24 maxlen: 24
                          109.121.0.0/19 maxlen: 24
                          109.121.33.0/24 maxlen: 24
                          109.121.36.0/24 maxlen: 24
                          109.121.37.0/24 maxlen: 24
                          109.121.38.0/24 maxlen: 24
                          109.121.39.0/24 maxlen: 24
                          109.121.40.0/24 maxlen: 24
                          109.121.42.0/24 maxlen: 24
                          109.121.43.0/24 maxlen: 24
                          109.121.45.0/24 maxlen: 24
                          109.121.47.0/24 maxlen: 24
                          109.233.184.0/24 maxlen: 24
                          109.233.185.0/24 maxlen: 24
                          178.253.237.0/24 maxlen: 24
                          188.255.212.0/24 maxlen: 24
                          212.69.11.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 29 Apr 2024 09:07:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:4e:9c:3b:a9:62:2c:72:5d:aa:be:2a:02:f6:18:e4:36
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
        Validity
            Not Before: Mar 17 22:50:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=88b83a0a75f260ad55f612d321e1edb46f29e162
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:af:10:3d:a7:ff:2c:4c:04:c1:d3:96:60:86:
                    02:01:59:03:c8:c3:65:d0:53:cd:cb:0b:68:ed:81:
                    d7:49:9a:d2:85:a9:bd:6d:83:f9:59:90:46:f3:d4:
                    4d:b9:9e:37:c6:c2:c8:ff:9d:70:0a:93:6b:db:29:
                    68:b9:a0:6d:cd:50:c2:62:7d:75:c1:b0:17:f9:93:
                    89:ba:8e:f9:bb:b0:28:b2:42:23:a0:f6:4c:3d:c4:
                    37:cf:5b:d8:c9:65:ea:e8:75:a4:4c:ac:dc:43:a7:
                    80:cd:b3:fe:56:9b:67:56:54:90:81:bd:db:30:f9:
                    3c:25:1f:9b:84:13:1a:77:5d:9d:0a:5c:8e:07:8f:
                    67:1d:48:1c:42:a4:cf:a7:58:42:cd:5d:dc:61:7b:
                    17:7c:b9:22:80:e9:73:b1:ab:b4:2e:99:89:68:d5:
                    25:f1:37:a8:86:e5:73:71:f1:e2:42:1a:b3:76:22:
                    8e:99:18:8e:e7:7b:1c:7d:b8:dd:fa:49:b6:ba:e4:
                    ec:94:01:8b:3d:77:c5:47:e5:fb:a4:b0:29:59:e2:
                    89:74:6a:46:3a:e0:b5:8d:27:e1:b7:38:30:e8:76:
                    e2:40:81:52:56:db:8b:85:f3:b5:a3:12:69:8e:bf:
                    04:1e:0b:8e:99:6b:14:10:e1:8b:57:51:32:a3:a9:
                    53:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:B8:3A:0A:75:F2:60:AD:55:F6:12:D3:21:E1:ED:B4:6F:29:E1:62
            X509v3 Authority Key Identifier:
                keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/iLg6CnXyYK1V9hLTIeHttG8p4WI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  79.175.95.0-79.175.96.255
                  109.121.0.0/19
                  109.121.33.0/24
                  109.121.36.0-109.121.40.255
                  109.121.42.0/23
                  109.121.45.0/24
                  109.121.47.0/24
                  109.233.184.0/23
                  178.253.237.0/24
                  188.255.212.0/24
                  212.69.11.0/24

    Signature Algorithm: sha256WithRSAEncryption
         76:f2:bd:b0:81:2b:df:b7:a0:bd:19:6c:2c:d3:87:9a:c2:8b:
         ff:79:0e:2e:d1:d5:d3:a4:a6:a3:3b:cd:54:fd:48:88:08:b7:
         b5:e5:d7:2d:ab:11:5e:e5:56:15:23:78:0c:f5:69:06:e5:fa:
         12:ac:5d:7f:db:4b:3a:fc:49:53:de:35:16:a8:f9:67:fd:05:
         9d:3c:30:b2:e1:c3:0d:06:de:9d:21:04:2f:53:25:e5:6c:ae:
         fd:35:5e:7a:c4:bd:45:e5:f1:27:e5:6a:ae:3b:9a:c0:f4:86:
         02:76:cf:e1:99:8f:9f:40:14:71:a6:75:78:9e:f0:2f:a0:d5:
         57:73:83:e7:8c:7c:36:d9:f0:36:3a:25:7a:74:02:a8:05:b7:
         d2:0b:96:50:6c:38:a2:1e:2b:21:2d:8e:ca:bf:86:6a:9b:52:
         00:f7:87:5e:41:a9:3a:d1:c9:63:a6:8a:56:7c:3c:c1:d4:6d:
         13:8e:de:db:5a:4b:1c:06:e8:f2:5e:da:32:f2:c9:69:7b:84:
         34:21:a2:6e:ae:c4:16:26:95:ea:8f:76:f2:be:55:30:3e:27:
         d7:b1:46:9a:16:01:9d:38:70:0e:d8:d4:3e:86:7c:a8:14:2f:
         30:24:c6:21:ff:5b:ab:20:b5:aa:47:9d:9e:c0:71:cc:79:ff:
         ad:c9:0c:9c
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAY5OnDupYixyXaq+KgL2GOQ2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjQwMzE3MjI1MDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGI4M2EwYTc1ZjI2MGFkNTVmNjEyZDMyMWUxZWRiNDZmMjllMTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz68QPaf/LEwEwdOWYIYCAVkDyMNl
0FPNywto7YHXSZrSham9bYP5WZBG89RNuZ43xsLI/51wCpNr2ylouaBtzVDCYn11
wbAX+ZOJuo75u7AoskIjoPZMPcQ3z1vYyWXq6HWkTKzcQ6eAzbP+VptnVlSQgb3b
MPk8JR+bhBMad12dClyOB49nHUgcQqTPp1hCzV3cYXsXfLkigOlzsau0LpmJaNUl
8TeohuVzcfHiQhqzdiKOmRiO53scfbjd+km2uuTslAGLPXfFR+X7pLApWeKJdGpG
OuC1jSfhtzgw6HbiQIFSVtuLhfO1oxJpjr8EHguOmWsUEOGLV1Eyo6lTRQIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFIi4Ogp18mCtVfYS0yHh7bRvKeFiMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvaUxnNkNuWHlZSzFWOWhMVEllSHR0RzhwNFdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBYBAIAATBSMAwDBABPr18D
BABPr2ADBAVteQADBABteSEwDAMEAm15JAMEAG15KAMEAW15KgMEAG15LQMEAG15
LwMEAW3puAMEALL97QMEALz/1AMEANRFCzANBgkqhkiG9w0BAQsFAAOCAQEAdvK9
sIEr37egvRlsLNOHmsKL/3kOLtHV06SmozvNVP1IiAi3teXXLasRXuVWFSN4DPVp
BuX6Eqxdf9tLOvxJU941Fqj5Z/0FnTwwsuHDDQbenSEEL1Ml5Wyu/TVeesS9ReXx
J+VqrjuawPSGAnbP4ZmPn0AUcaZ1eJ7wL6DVV3OD54x8NtnwNjolenQCqAW30guW
UGw4oh4rIS2Oyr+GaptSAPeHXkGpOtHJY6aKVnw8wdRtE47e21pLHAbo8l7aMvLJ
aXuENCGibq7EFiaV6o928r5VMD4n17FGmhYBnThwDtjUPoZ8qBQvMCTGIf9bqyC1
qkednsBxzHn/rckMnA==
-----END CERTIFICATE-----