Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/62584a-47ce-4aa8-8992-5ba756e78869/1/OM9hLpK3HHaTMIlzx4VA1Mt8QSo.roa
File:                     OM9hLpK3HHaTMIlzx4VA1Mt8QSo.roa (raw, json)
Hash identifier:          JXS6npkYqCqYdjPIjTygMQREBxIUfZXxjmIxeTZDAlU=
Subject key identifier:   38:CF:61:2E:92:B7:1C:76:93:30:89:73:C7:85:40:D4:CB:7C:41:2A
Certificate issuer:       /CN=7367c490447f5045c02367db8d21b4e08749fa76
Certificate serial:       01896D3F5E33061AA7F1D8EB3B7540848EF6
Authority key identifier: 73:67:C4:90:44:7F:50:45:C0:23:67:DB:8D:21:B4:E0:87:49:FA:76
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/c2fEkER_UEXAI2fbjSG04IdJ-nY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/61/62584a-47ce-4aa8-8992-5ba756e78869/1/OM9hLpK3HHaTMIlzx4VA1Mt8QSo.roa
Signing time:             Wed 19 Jul 2023 08:23:36 +0000
ROA not before:           Wed 19 Jul 2023 08:23:36 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     24837
IP address blocks:        176.108.176.0/22 maxlen: 24
                          176.108.183.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 19 Jul 2023 08:47:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:6d:3f:5e:33:06:1a:a7:f1:d8:eb:3b:75:40:84:8e:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7367c490447f5045c02367db8d21b4e08749fa76
        Validity
            Not Before: Jul 19 08:23:36 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=38cf612e92b71c7693308973c78540d4cb7c412a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:07:4f:71:73:22:a4:8f:54:d0:5a:a9:03:e9:
                    2e:d9:18:f2:a0:37:1f:2e:9b:a6:2a:a4:c6:3f:bb:
                    59:5d:1c:02:d7:25:35:01:8f:7c:4c:c3:41:cb:2e:
                    ad:de:c3:6c:8d:00:e2:01:a7:21:e8:7c:f4:68:4d:
                    c1:c9:c1:06:5f:d7:20:ce:23:5c:21:11:6f:1f:26:
                    06:82:c4:51:b9:d3:f9:62:43:eb:1b:75:77:6d:55:
                    93:2c:f3:d4:65:4c:db:be:11:7e:ee:a1:a8:12:93:
                    f1:f8:04:ef:d3:52:58:c0:42:14:63:3c:82:dd:56:
                    52:8d:a3:03:46:e5:ae:06:c5:69:83:33:fc:3e:ba:
                    00:a1:09:7e:0b:fc:39:c9:40:f7:6c:b0:61:27:8e:
                    f2:d2:90:37:49:58:14:74:9b:9a:2d:40:04:55:a8:
                    28:e1:31:22:20:96:f5:f5:6f:f4:9d:11:80:30:63:
                    88:d0:6a:a9:4f:f1:c4:ee:ff:1b:9f:e9:85:94:24:
                    08:bb:ee:0b:19:13:fd:73:9e:26:dd:58:a7:3a:a0:
                    cf:b2:1c:01:d0:ba:2e:5a:d5:e6:86:dc:78:c8:e1:
                    c8:85:fb:ab:7f:44:29:9f:e3:bb:4b:45:e5:b7:45:
                    d2:57:32:d4:0b:89:4d:97:12:f7:6f:50:3b:1b:d7:
                    ab:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:CF:61:2E:92:B7:1C:76:93:30:89:73:C7:85:40:D4:CB:7C:41:2A
            X509v3 Authority Key Identifier:
                keyid:73:67:C4:90:44:7F:50:45:C0:23:67:DB:8D:21:B4:E0:87:49:FA:76

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2fEkER_UEXAI2fbjSG04IdJ-nY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/62584a-47ce-4aa8-8992-5ba756e78869/1/OM9hLpK3HHaTMIlzx4VA1Mt8QSo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/61/62584a-47ce-4aa8-8992-5ba756e78869/1/c2fEkER_UEXAI2fbjSG04IdJ-nY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.108.176.0/22
                  176.108.183.0/24

    Signature Algorithm: sha256WithRSAEncryption
         19:46:f4:e2:d7:df:8b:f5:a1:3b:48:d6:a9:37:7c:ec:f9:3c:
         e1:89:9f:ec:b0:24:1d:c7:58:c1:ec:ef:15:4f:d7:9e:47:fc:
         3a:4f:07:38:9d:ca:11:d8:e9:f0:19:28:f6:43:6b:81:db:92:
         aa:9b:d1:03:3f:ec:9a:74:14:15:f4:9f:45:ce:c4:e4:c2:e3:
         6a:ab:8f:af:79:26:eb:46:87:b2:83:09:d6:fb:2f:57:bd:21:
         ad:6c:d0:69:43:84:81:ff:52:26:a8:9f:ff:6b:69:68:eb:04:
         9b:e7:9f:ed:1a:6d:bf:fa:64:01:06:69:a5:68:10:92:e2:5c:
         b2:2f:85:e6:9a:e5:7a:7f:55:e8:10:6b:2e:7c:22:2a:95:00:
         ce:15:06:69:bd:3f:3f:69:f0:dc:58:ce:1a:7f:60:f8:aa:02:
         57:5b:c8:76:f4:ac:10:52:b9:b2:1e:12:f1:37:10:57:82:52:
         9a:07:2e:e4:16:b3:3b:63:47:f6:25:50:54:11:f8:40:0e:cf:
         6f:68:14:1b:e5:18:39:a6:9a:f7:ce:76:fa:45:44:95:a5:c8:
         35:96:97:8e:e2:a9:62:ba:36:7a:dc:52:ee:4b:75:6c:88:72:
         7b:da:91:f2:a8:2f:2a:94:6a:8e:f7:7c:54:30:c1:c1:0c:3c:
         c2:95:c7:46
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYltP14zBhqn8djrO3VAhI72MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczNjdjNDkwNDQ3ZjUwNDVjMDIzNjdkYjhkMjFiNGUwODc0
OWZhNzYwHhcNMjMwNzE5MDgyMzM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGNmNjEyZTkyYjcxYzc2OTMzMDg5NzNjNzg1NDBkNGNiN2M0MTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxAdPcXMipI9U0FqpA+ku2RjyoDcf
LpumKqTGP7tZXRwC1yU1AY98TMNByy6t3sNsjQDiAach6Hz0aE3BycEGX9cgziNc
IRFvHyYGgsRRudP5YkPrG3V3bVWTLPPUZUzbvhF+7qGoEpPx+ATv01JYwEIUYzyC
3VZSjaMDRuWuBsVpgzP8ProAoQl+C/w5yUD3bLBhJ47y0pA3SVgUdJuaLUAEVago
4TEiIJb19W/0nRGAMGOI0GqpT/HE7v8bn+mFlCQIu+4LGRP9c54m3VinOqDPshwB
0LouWtXmhtx4yOHIhfurf0Qpn+O7S0Xlt0XSVzLUC4lNlxL3b1A7G9erTwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDjPYS6Stxx2kzCJc8eFQNTLfEEqMB8GA1UdIwQY
MBaAFHNnxJBEf1BFwCNn240htOCHSfp2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYzJmRWtFUl9VRVhBSTJmYmpTRzA0SWRKLW5ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS82MjU4NGEtNDdjZS00YWE4LTg5OTIt
NWJhNzU2ZTc4ODY5LzEvT005aExwSzNISGFUTUlseng0VkExTXQ4UVNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS82MjU4NGEtNDdjZS00YWE4LTg5OTItNWJhNzU2ZTc4ODY5
LzEvYzJmRWtFUl9VRVhBSTJmYmpTRzA0SWRKLW5ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCsGywAwQA
sGy3MA0GCSqGSIb3DQEBCwUAA4IBAQAZRvTi19+L9aE7SNapN3zs+TzhiZ/ssCQd
x1jB7O8VT9eeR/w6Twc4ncoR2OnwGSj2Q2uB25Kqm9EDP+yadBQV9J9FzsTkwuNq
q4+veSbrRoeygwnW+y9XvSGtbNBpQ4SB/1ImqJ//a2lo6wSb55/tGm2/+mQBBmml
aBCS4lyyL4XmmuV6f1XoEGsufCIqlQDOFQZpvT8/afDcWM4af2D4qgJXW8h29KwQ
UrmyHhLxNxBXglKaBy7kFrM7Y0f2JVBUEfhADs9vaBQb5Rg5ppr3znb6RUSVpcg1
lpeO4qliujZ63FLuS3VsiHJ72pHyqC8qlGqO93xUMMHBDDzClcdG
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:25 2024 by rpki-client on console-fra.rpki-client.org