Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/40V-DVmC9evtotUZGmJJ1uKWkxY.roa
File:                     40V-DVmC9evtotUZGmJJ1uKWkxY.roa (raw, json)
Hash identifier:          O65JkoMzYkjzPgYzo1HMtXeB9jCuOcN4VVxgojD83Ts=
Subject key identifier:   E3:45:7E:0D:59:82:F5:EB:ED:A2:D5:19:1A:62:49:D6:E2:96:93:16
Certificate issuer:       /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial:       018572BA4F3C368513E3E4A053BEBEC1E71D
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/40V-DVmC9evtotUZGmJJ1uKWkxY.roa
Signing time:             Mon 02 Jan 2023 13:44:50 +0000
ROA not before:           Mon 02 Jan 2023 13:44:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     49478
IP address blocks:        109.248.252.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:30:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:ba:4f:3c:36:85:13:e3:e4:a0:53:be:be:c1:e7:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
        Validity
            Not Before: Jan  2 13:44:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e3457e0d5982f5ebeda2d5191a6249d6e2969316
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:aa:0e:95:f8:a6:23:29:ac:6a:91:af:3d:61:
                    76:d5:c6:db:13:d4:db:ab:03:a1:38:3f:70:80:fb:
                    33:3b:5b:bc:56:8b:1d:18:41:b0:80:7d:b3:06:bf:
                    14:9b:9d:0a:4e:56:1b:3f:49:ab:be:1b:41:cc:77:
                    1f:1a:07:ac:08:e5:5e:21:3d:df:dd:ca:bb:90:bb:
                    3a:1a:3f:47:f5:0e:79:50:eb:11:0c:08:30:04:ca:
                    41:da:35:55:5d:a6:d9:17:bf:8c:d9:50:0c:e5:73:
                    82:66:fa:be:c2:b1:27:95:8a:34:46:4c:7a:5d:f5:
                    49:a3:ca:d4:74:0f:59:3f:5e:6a:67:e1:74:73:4f:
                    97:ff:a9:ff:b3:f7:7f:d7:16:c0:fa:93:b8:8e:4d:
                    95:74:24:29:0b:18:ea:ce:b5:32:b3:39:3f:9d:0f:
                    23:dd:e1:f8:f4:33:88:81:0b:f1:6b:64:bd:92:ba:
                    90:0b:19:5f:4e:15:9c:e9:07:f9:26:33:fe:cb:19:
                    25:c6:e2:02:9f:4f:2c:3e:96:82:ff:12:f3:bb:06:
                    74:2c:d9:0a:04:60:7b:3e:89:9e:45:75:3b:f7:cc:
                    ed:66:4f:0f:aa:ee:4f:a1:b0:9c:17:26:ef:6a:db:
                    1b:9e:c2:fa:d2:3a:8d:f8:f0:47:25:7c:19:e3:76:
                    97:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:45:7E:0D:59:82:F5:EB:ED:A2:D5:19:1A:62:49:D6:E2:96:93:16
            X509v3 Authority Key Identifier:
                keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/40V-DVmC9evtotUZGmJJ1uKWkxY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.248.252.0/23

    Signature Algorithm: sha256WithRSAEncryption
         25:4b:cd:a8:8d:6d:a7:bf:29:18:9d:40:0e:9a:af:7e:33:2f:
         ac:89:02:4a:90:ee:2e:82:15:ac:7e:42:b9:8b:a2:7c:03:b6:
         0a:65:27:87:d6:7a:98:bc:71:8d:75:71:4c:a4:4d:4a:6a:85:
         99:17:76:b3:6b:ac:0c:7f:70:ce:12:e6:5b:bf:8c:35:e7:f8:
         0c:78:f6:8c:0f:01:d5:43:44:b7:db:00:f4:49:d1:3f:3e:ce:
         9d:71:3d:ef:53:8f:7c:e7:6a:e8:1d:08:47:72:8f:0e:bf:0b:
         f0:2f:00:e3:21:95:c9:d1:ac:8e:4f:d7:3f:43:38:2c:8f:b4:
         03:dd:07:06:a8:21:70:df:49:46:99:49:25:c9:e7:d3:05:10:
         5b:03:52:22:68:c5:26:12:39:52:33:8f:c9:98:68:95:3b:f8:
         49:cb:15:87:5b:90:fd:19:5e:aa:66:47:0c:cf:4a:bc:23:5a:
         8b:ce:33:e6:b6:5e:54:f5:a2:b1:f9:40:34:25:c4:50:d7:d6:
         50:48:0c:15:41:75:72:1e:ef:9d:ae:b5:14:37:40:7e:df:bd:
         aa:31:ac:9a:0c:f4:01:b3:73:5f:d1:9e:ae:b2:94:80:e6:1e:
         32:6b:3b:6d:18:35:cd:41:1f:3a:86:f3:79:9d:48:34:bb:1c:
         48:16:6e:ac
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyuk88NoUT4+SgU76+wecdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjMwMTAyMTM0NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzQ1N2UwZDU5ODJmNWViZWRhMmQ1MTkxYTYyNDlkNmUyOTY5MzE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApKoOlfimIymsapGvPWF21cbbE9Tb
qwOhOD9wgPszO1u8VosdGEGwgH2zBr8Um50KTlYbP0mrvhtBzHcfGgesCOVeIT3f
3cq7kLs6Gj9H9Q55UOsRDAgwBMpB2jVVXabZF7+M2VAM5XOCZvq+wrEnlYo0Rkx6
XfVJo8rUdA9ZP15qZ+F0c0+X/6n/s/d/1xbA+pO4jk2VdCQpCxjqzrUyszk/nQ8j
3eH49DOIgQvxa2S9krqQCxlfThWc6Qf5JjP+yxklxuICn08sPpaC/xLzuwZ0LNkK
BGB7PomeRXU798ztZk8Pqu5PobCcFybvatsbnsL60jqN+PBHJXwZ43aXbQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFONFfg1ZgvXr7aLVGRpiSdbilpMWMB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEvNDBWLURWbUM5ZXZ0b3RVWkdtSkoxdUtXa3hZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBbfj8MA0G
CSqGSIb3DQEBCwUAA4IBAQAlS82ojW2nvykYnUAOmq9+My+siQJKkO4ughWsfkK5
i6J8A7YKZSeH1nqYvHGNdXFMpE1KaoWZF3aza6wMf3DOEuZbv4w15/gMePaMDwHV
Q0S32wD0SdE/Ps6dcT3vU49852roHQhHco8OvwvwLwDjIZXJ0ayOT9c/Qzgsj7QD
3QcGqCFw30lGmUklyefTBRBbA1IiaMUmEjlSM4/JmGiVO/hJyxWHW5D9GV6qZkcM
z0q8I1qLzjPmtl5U9aKx+UA0JcRQ19ZQSAwVQXVyHu+drrUUN0B+372qMayaDPQB
s3Nf0Z6uspSA5h4yazttGDXNQR86hvN5nUg0uxxIFm6s
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:57 2024 by rpki-client on console-fra.rpki-client.org