Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/VnjVbZSONpyEeAhfr8pnkesuSw0.roa
File:                     VnjVbZSONpyEeAhfr8pnkesuSw0.roa (raw, json)
Hash identifier:          AExrepfx5x1k8hQelPXqwP/SHTfyaw7/qdEaFt2l78M=
Subject key identifier:   56:78:D5:6D:94:8E:36:9C:84:78:08:5F:AF:CA:67:91:EB:2E:4B:0D
Certificate issuer:       /CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Certificate serial:       018CC6B81A99B1BE3D1CC2DB13CB67CFFD11
Authority key identifier: AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/VnjVbZSONpyEeAhfr8pnkesuSw0.roa
Signing time:             Mon 01 Jan 2024 20:30:03 +0000
ROA not before:           Mon 01 Jan 2024 20:30:03 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     209024
IP address blocks:        176.109.68.0/24 maxlen: 24
                          176.109.66.0/24 maxlen: 24
                          176.109.69.0/24 maxlen: 24
                          2a02:28:d::/48 maxlen: 48

Validation:               Failed, certificate revoked on Thu 02 May 2024 09:36:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c6:b8:1a:99:b1:be:3d:1c:c2:db:13:cb:67:cf:fd:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aefe1c859409ac5de7414c48f86739913be6b7e5
        Validity
            Not Before: Jan  1 20:30:03 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=5678d56d948e369c8478085fafca6791eb2e4b0d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:c7:56:5f:d3:76:64:6c:a3:71:ed:fd:35:25:
                    0b:2c:a0:ac:01:01:db:09:c2:48:aa:cd:19:62:7d:
                    1a:86:e7:8e:0c:ec:5b:9a:c9:ca:23:39:bd:f8:8a:
                    3d:e4:10:af:bf:26:57:c6:50:3a:09:7e:20:18:1e:
                    44:52:ff:e5:c0:82:35:a8:ea:74:40:6d:db:f7:f8:
                    4e:01:c9:4a:d2:9a:c2:7a:25:42:db:10:14:f4:ec:
                    c5:40:c2:51:ad:9f:3f:88:ce:c7:e0:37:b7:1f:06:
                    b7:26:cb:8a:20:2a:e2:e3:81:5c:46:1b:b9:40:d0:
                    d3:28:55:23:2d:89:59:bd:66:21:2d:52:1f:32:fe:
                    8e:f5:c2:cc:27:a2:b3:3d:68:1b:c5:92:21:0c:5b:
                    07:54:72:bb:3a:5e:fa:ca:18:64:4c:f9:62:ec:60:
                    59:31:b5:59:24:f9:a2:dc:58:fa:87:9e:7d:a5:4e:
                    e5:6d:af:e9:bb:aa:91:c6:1f:0c:8f:0b:a7:4e:dd:
                    7d:06:bf:d7:e2:d1:d9:43:ad:32:cd:42:53:83:4b:
                    87:de:60:5d:2e:cc:84:83:57:47:f1:9d:5f:d5:db:
                    93:2e:d7:56:30:db:3b:fd:0c:36:5c:13:3d:94:38:
                    d8:b9:47:8a:e6:b9:f7:2b:8b:75:80:2d:c5:0c:9f:
                    a4:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:78:D5:6D:94:8E:36:9C:84:78:08:5F:AF:CA:67:91:EB:2E:4B:0D
            X509v3 Authority Key Identifier:
                keyid:AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/VnjVbZSONpyEeAhfr8pnkesuSw0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/rv4chZQJrF3nQUxI-Gc5kTvmt-U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.109.66.0/24
                  176.109.68.0/23
                IPv6:
                  2a02:28:d::/48

    Signature Algorithm: sha256WithRSAEncryption
         40:7e:e7:4d:d4:e3:a2:a9:c5:81:a0:d6:c7:90:0a:c1:e2:41:
         9a:eb:19:78:99:d6:c1:cf:eb:ed:bb:cb:e4:c2:7c:e5:4f:c3:
         f3:6e:57:7f:0b:81:7a:ef:3e:11:d9:1d:17:4b:5d:40:b2:60:
         f2:5e:d9:76:75:3f:a1:28:3a:98:7e:a8:96:b3:31:dc:ce:f4:
         4e:66:f4:fe:b5:2e:bd:90:92:98:85:f3:96:67:37:cc:4c:b1:
         dd:16:4e:78:d4:75:84:c0:1c:a1:ae:06:27:04:1f:5f:f5:1a:
         b5:fe:44:b5:d1:6f:fe:ac:7a:57:57:b5:90:f4:59:37:c1:a9:
         b7:ae:91:98:55:38:d9:fa:5f:ea:9a:8f:e3:f2:af:e2:ec:76:
         c1:20:1d:c0:94:f5:91:de:ad:b5:fb:a2:d5:c4:3e:1c:65:02:
         c5:eb:39:aa:ec:4c:fd:24:85:00:ec:23:7d:a0:27:e7:48:ea:
         1f:14:99:91:09:2f:60:5d:75:d4:e0:a9:ea:ef:81:1b:b2:1f:
         13:22:9b:3f:46:fe:1d:98:1b:fa:35:4d:1c:74:a0:d7:f1:2d:
         6b:a4:a4:c6:ee:87:7a:65:fc:cf:5e:44:2d:9c:15:18:d4:c6:
         ed:c2:f3:66:a0:65:9d:2a:fe:51:a1:78:cd:be:3f:82:89:6b:
         37:36:aa:e6
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzGuBqZsb49HMLbE8tnz/0RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZmUxYzg1OTQwOWFjNWRlNzQxNGM0OGY4NjczOTkxM2Jl
NmI3ZTUwHhcNMjQwMTAxMjAzMDAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Njc4ZDU2ZDk0OGUzNjljODQ3ODA4NWZhZmNhNjc5MWViMmU0YjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgMdWX9N2ZGyjce39NSULLKCsAQHb
CcJIqs0ZYn0ahueODOxbmsnKIzm9+Io95BCvvyZXxlA6CX4gGB5EUv/lwII1qOp0
QG3b9/hOAclK0prCeiVC2xAU9OzFQMJRrZ8/iM7H4De3Hwa3JsuKICri44FcRhu5
QNDTKFUjLYlZvWYhLVIfMv6O9cLMJ6KzPWgbxZIhDFsHVHK7Ol76yhhkTPli7GBZ
MbVZJPmi3Fj6h559pU7lba/pu6qRxh8MjwunTt19Br/X4tHZQ60yzUJTg0uH3mBd
LsyEg1dH8Z1f1duTLtdWMNs7/Qw2XBM9lDjYuUeK5rn3K4t1gC3FDJ+kKwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFFZ41W2UjjachHgIX6/KZ5HrLksNMB8GA1UdIwQY
MBaAFK7+HIWUCaxd50FMSPhnOZE75rflMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEt
NDI4NDU4Njc5Y2U0LzEvVm5qVmJaU09OcHlFZUFoZnI4cG5rZXN1U3cwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEtNDI4NDU4Njc5Y2U0
LzEvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAsG1CAwQB
sG1EMA8EAgACMAkDBwAqAgAoAA0wDQYJKoZIhvcNAQELBQADggEBAEB+503U46Kp
xYGg1seQCsHiQZrrGXiZ1sHP6+27y+TCfOVPw/NuV38LgXrvPhHZHRdLXUCyYPJe
2XZ1P6EoOph+qJazMdzO9E5m9P61Lr2QkpiF85ZnN8xMsd0WTnjUdYTAHKGuBicE
H1/1GrX+RLXRb/6seldXtZD0WTfBqbeukZhVONn6X+qaj+Pyr+LsdsEgHcCU9ZHe
rbX7otXEPhxlAsXrOarsTP0khQDsI32gJ+dI6h8UmZEJL2BdddTgqervgRuyHxMi
mz9G/h2YG/o1TRx0oNfxLWukpMbuh3pl/M9eRC2cFRjUxu3C82agZZ0q/lGheM2+
P4KJazc2quY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:30 2024 by rpki-client on console-ams.rpki-client.org