Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/4424ef-68aa-4b70-b2cc-0873e3994d0e/1/DJUg3Einy9P9qXmpdOjidVP9zM4.roa
File:                     DJUg3Einy9P9qXmpdOjidVP9zM4.roa (raw, json)
Hash identifier:          dIB4sp0F9vSxjrRg8nxfUCLrXIIkqk0DhKLU2BR9cwM=
Subject key identifier:   0C:95:20:DC:48:A7:CB:D3:FD:A9:79:A9:74:E8:E2:75:53:FD:CC:CE
Certificate issuer:       /CN=ff7d8a79bad4f983d0c49895af50ea8a03ebc70d
Certificate serial:       018CC80199A64D73ECAEF3793FC504A4D990
Authority key identifier: FF:7D:8A:79:BA:D4:F9:83:D0:C4:98:95:AF:50:EA:8A:03:EB:C7:0D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_32KebrU-YPQxJiVr1DqigPrxw0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/4424ef-68aa-4b70-b2cc-0873e3994d0e/1/DJUg3Einy9P9qXmpdOjidVP9zM4.roa
Signing time:             Tue 02 Jan 2024 02:29:57 +0000
ROA not before:           Tue 02 Jan 2024 02:29:57 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     43641
IP address blocks:        37.16.75.0/24 maxlen: 24
                          91.202.4.0/23 maxlen: 24
                          31.42.176.0/23 maxlen: 24
                          2a11:6101::/32 maxlen: 32

Validation:               Failed, certificate revoked on Thu 15 Aug 2024 12:33:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:01:99:a6:4d:73:ec:ae:f3:79:3f:c5:04:a4:d9:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ff7d8a79bad4f983d0c49895af50ea8a03ebc70d
        Validity
            Not Before: Jan  2 02:29:57 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=0c9520dc48a7cbd3fda979a974e8e27553fdccce
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:58:8a:24:3d:ae:75:43:c7:52:5e:05:b2:c6:
                    55:52:20:ac:13:15:a4:ac:da:42:68:1c:ce:7c:97:
                    ba:0e:13:17:f7:33:9b:37:22:4d:e9:75:55:a4:99:
                    6a:c2:78:48:88:7f:db:0f:49:2c:18:d5:24:bd:d6:
                    6d:39:16:3d:23:f9:88:44:c2:6a:1b:91:c9:4c:15:
                    51:08:dc:ff:49:2a:a7:36:07:5f:39:ba:d1:44:50:
                    3d:06:5c:a4:6f:78:49:40:7b:c0:b4:8f:b7:27:6c:
                    ff:cb:ad:52:26:c3:fd:24:58:a5:ee:d5:22:d4:d7:
                    c0:09:fd:41:6b:a0:c8:70:21:48:87:7e:ef:8d:7e:
                    b9:5f:fe:3c:d5:b2:da:d5:9d:b9:2c:67:24:a0:a6:
                    9d:21:fb:db:f9:70:17:3c:89:e9:ad:2d:73:1f:60:
                    49:9e:31:69:7e:18:82:da:53:38:29:b4:98:ae:23:
                    2c:af:2b:e8:75:1e:a4:1c:3d:39:d2:65:bc:1c:6e:
                    f4:f9:0c:db:00:95:67:ec:89:e1:a9:c7:c9:a0:e6:
                    6b:bb:55:83:ca:30:90:32:af:ec:b2:e0:31:10:39:
                    ae:fa:dc:19:85:45:ea:2a:5e:4d:1e:04:89:4c:c1:
                    f9:e2:c9:65:66:3e:eb:2c:45:6b:9c:6c:ec:f7:ca:
                    91:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:95:20:DC:48:A7:CB:D3:FD:A9:79:A9:74:E8:E2:75:53:FD:CC:CE
            X509v3 Authority Key Identifier:
                keyid:FF:7D:8A:79:BA:D4:F9:83:D0:C4:98:95:AF:50:EA:8A:03:EB:C7:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_32KebrU-YPQxJiVr1DqigPrxw0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/4424ef-68aa-4b70-b2cc-0873e3994d0e/1/DJUg3Einy9P9qXmpdOjidVP9zM4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/4424ef-68aa-4b70-b2cc-0873e3994d0e/1/_32KebrU-YPQxJiVr1DqigPrxw0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.42.176.0/23
                  37.16.75.0/24
                  91.202.4.0/23
                IPv6:
                  2a11:6101::/32

    Signature Algorithm: sha256WithRSAEncryption
         aa:f0:5e:97:b1:cb:db:26:ae:fd:90:cf:9d:08:6f:b8:53:89:
         0b:05:8c:21:2d:73:49:d9:c9:09:ee:5a:0b:8e:d1:ad:20:c8:
         8c:60:ec:ea:d2:e5:18:7e:7d:0c:9a:88:2b:41:9a:06:63:77:
         c5:5b:ae:4d:68:9b:d1:47:f8:fd:70:1d:f3:1e:d5:27:61:ef:
         8b:67:47:ef:a8:41:ca:33:3e:71:31:40:43:b0:db:85:a7:2c:
         0c:43:58:e2:53:36:73:2f:73:7a:5a:72:8e:6d:97:ee:39:ea:
         6e:49:f8:64:da:85:9e:78:d1:78:18:3f:ed:1f:e1:e5:a4:a8:
         b5:2b:a4:12:d9:36:45:bf:71:41:06:f4:a1:1b:6e:76:2a:3f:
         c2:ce:de:aa:49:91:66:03:b3:96:c8:b6:6c:4f:02:24:81:e8:
         5e:07:79:20:87:e0:97:9d:06:b9:d6:3d:2e:10:0f:de:6d:a2:
         be:a6:08:7d:05:37:98:54:ec:f0:ed:5c:a6:9a:62:36:14:15:
         e8:4b:05:55:06:7b:7d:60:fd:aa:05:69:53:85:4b:f6:78:1e:
         98:1f:37:d3:3d:75:6c:01:f1:77:97:90:b0:10:22:b8:e4:36:
         ac:55:53:39:67:89:41:1d:a1:1c:23:4f:d0:7f:95:9e:73:b6:
         30:b6:03:5b
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzIAZmmTXPsrvN5P8UEpNmQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmN2Q4YTc5YmFkNGY5ODNkMGM0OTg5NWFmNTBlYThhMDNl
YmM3MGQwHhcNMjQwMTAyMDIyOTU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzk1MjBkYzQ4YTdjYmQzZmRhOTc5YTk3NGU4ZTI3NTUzZmRjY2NlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnViKJD2udUPHUl4FssZVUiCsExWk
rNpCaBzOfJe6DhMX9zObNyJN6XVVpJlqwnhIiH/bD0ksGNUkvdZtORY9I/mIRMJq
G5HJTBVRCNz/SSqnNgdfObrRRFA9Blykb3hJQHvAtI+3J2z/y61SJsP9JFil7tUi
1NfACf1Ba6DIcCFIh37vjX65X/481bLa1Z25LGckoKadIfvb+XAXPInprS1zH2BJ
njFpfhiC2lM4KbSYriMsryvodR6kHD050mW8HG70+QzbAJVn7InhqcfJoOZru1WD
yjCQMq/ssuAxEDmu+twZhUXqKl5NHgSJTMH54sllZj7rLEVrnGzs98qR5QIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFAyVINxIp8vT/al5qXTo4nVT/czOMB8GA1UdIwQY
MBaAFP99inm61PmD0MSYla9Q6ooD68cNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzMyS2ViclUtWVBReEppVnIxRHFpZ1ByeHcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi80NDI0ZWYtNjhhYS00YjcwLWIyY2Mt
MDg3M2UzOTk0ZDBlLzEvREpVZzNFaW55OVA5cVhtcGRPamlkVlA5ek00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi80NDI0ZWYtNjhhYS00YjcwLWIyY2MtMDg3M2UzOTk0ZDBl
LzEvXzMyS2ViclUtWVBReEppVnIxRHFpZ1ByeHcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQBHyqwAwQA
JRBLAwQBW8oEMA0EAgACMAcDBQAqEWEBMA0GCSqGSIb3DQEBCwUAA4IBAQCq8F6X
scvbJq79kM+dCG+4U4kLBYwhLXNJ2ckJ7loLjtGtIMiMYOzq0uUYfn0MmogrQZoG
Y3fFW65NaJvRR/j9cB3zHtUnYe+LZ0fvqEHKMz5xMUBDsNuFpywMQ1jiUzZzL3N6
WnKObZfuOepuSfhk2oWeeNF4GD/tH+HlpKi1K6QS2TZFv3FBBvShG252Kj/Czt6q
SZFmA7OWyLZsTwIkgeheB3kgh+CXnQa51j0uEA/ebaK+pgh9BTeYVOzw7VymmmI2
FBXoSwVVBnt9YP2qBWlThUv2eB6YHzfTPXVsAfF3l5CwECK45DasVVM5Z4lBHaEc
I0/Qf5Wec7YwtgNb
-----END CERTIFICATE-----
Generated at Thu Aug 15 17:31:36 2024 by rpki-client on console-ams.rpki-client.org