Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/oGv_DYqVkUaWcmC7k44h9hv-iZE.roa
File:                     oGv_DYqVkUaWcmC7k44h9hv-iZE.roa (raw, json)
Hash identifier:          9p2eLHgjmFQFwbUQi+eNVShPu2H4At6mEmAJV99Z6H8=
Subject key identifier:   A0:6B:FF:0D:8A:95:91:46:96:72:60:BB:93:8E:21:F6:1B:FE:89:91
Certificate issuer:       /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial:       018C8774597450F15992F249809933799E07
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/oGv_DYqVkUaWcmC7k44h9hv-iZE.roa
Signing time:             Wed 20 Dec 2023 13:39:58 +0000
ROA not before:           Wed 20 Dec 2023 13:39:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     197577
IP address blocks:        109.248.41.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:30:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:87:74:59:74:50:f1:59:92:f2:49:80:99:33:79:9e:07
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
        Validity
            Not Before: Dec 20 13:39:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a06bff0d8a959146967260bb938e21f61bfe8991
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:e1:25:8d:bd:be:e4:e9:7a:d3:d8:13:fc:89:
                    a6:3e:2c:c8:d0:77:f8:c4:26:d2:d8:31:b8:be:ed:
                    b8:71:2c:d9:a7:9a:b7:db:03:5c:8e:42:82:27:c8:
                    46:d1:86:f6:35:5c:3d:50:e1:f4:ec:6d:30:a7:a0:
                    b2:bd:8f:93:64:fc:73:60:d0:60:c5:64:dd:8f:00:
                    56:ba:61:54:12:9d:03:69:b3:6c:79:73:51:70:55:
                    8f:e1:c6:5e:fa:a2:89:cc:67:e8:73:4b:82:95:7d:
                    62:92:90:a7:e7:72:22:7b:c2:3c:92:db:75:e7:16:
                    de:43:e1:da:cf:5e:63:ee:71:b8:7b:04:0d:2b:fc:
                    29:bc:c4:8f:44:8b:a9:6c:6f:cb:01:6c:a6:68:47:
                    70:c3:e5:34:40:2b:c5:e2:30:8c:d2:9e:c2:b2:53:
                    52:06:19:27:e1:e3:a4:5c:ef:d4:5c:07:be:87:05:
                    3a:82:be:e0:f3:ed:4e:1d:85:32:e4:ba:dc:5b:81:
                    18:a3:e6:a5:ec:2b:43:b7:d5:53:e1:26:9d:0f:26:
                    13:1a:b2:67:63:60:29:6b:1c:44:fe:fa:18:5a:4e:
                    11:fb:43:83:2e:b3:40:04:c7:e4:84:db:17:80:60:
                    f6:4e:1f:be:b8:ea:77:f4:f1:2f:f1:e3:7f:2d:89:
                    9c:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:6B:FF:0D:8A:95:91:46:96:72:60:BB:93:8E:21:F6:1B:FE:89:91
            X509v3 Authority Key Identifier:
                keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/oGv_DYqVkUaWcmC7k44h9hv-iZE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.248.41.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8d:3f:46:b4:af:d9:b5:eb:bd:13:88:57:ca:da:ad:d6:08:9b:
         97:cb:8e:29:d0:5d:f2:f8:6b:32:36:8a:2d:76:e0:ee:bf:10:
         83:52:d4:f9:d8:b0:ec:62:83:a6:75:63:4f:b9:f8:8b:f4:64:
         f9:0a:78:ae:81:10:c8:d5:c0:eb:41:c5:1d:1d:de:1d:5c:b2:
         69:a3:07:59:0a:7b:56:a6:32:f8:01:d6:52:14:63:a6:36:9c:
         a8:b1:1d:0a:a5:bc:37:51:a5:04:86:19:7a:71:8d:4a:b0:6b:
         df:b7:6c:ca:ca:6c:e7:0c:9c:9d:d3:05:2d:a6:87:27:5e:aa:
         84:ba:10:c7:5a:5c:56:a9:e8:48:87:d0:a2:45:1b:24:65:96:
         40:de:31:d8:fb:61:c2:50:90:61:64:cc:9b:64:33:b7:b5:a9:
         73:f6:ba:6a:08:fa:1b:03:ac:97:e4:0d:86:77:af:b9:b9:b0:
         3a:12:bb:79:4f:b2:c7:69:22:09:a2:fc:4f:4b:40:ae:ca:82:
         cc:f1:e9:ce:5c:d9:24:0c:71:66:a2:a5:00:47:af:b3:ca:c9:
         b7:53:bb:11:2f:eb:be:26:b8:f7:7c:49:15:b9:eb:5e:2c:fd:
         33:84:d5:2d:ef:ff:e1:31:4a:68:20:4d:11:94:24:b4:f0:f9:
         76:f7:0e:32
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYyHdFl0UPFZkvJJgJkzeZ4HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjMxMjIwMTMzOTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDZiZmYwZDhhOTU5MTQ2OTY3MjYwYmI5MzhlMjFmNjFiZmU4OTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAieEljb2+5Ol609gT/ImmPizI0Hf4
xCbS2DG4vu24cSzZp5q32wNcjkKCJ8hG0Yb2NVw9UOH07G0wp6CyvY+TZPxzYNBg
xWTdjwBWumFUEp0DabNseXNRcFWP4cZe+qKJzGfoc0uClX1ikpCn53Iie8I8ktt1
5xbeQ+Haz15j7nG4ewQNK/wpvMSPRIupbG/LAWymaEdww+U0QCvF4jCM0p7CslNS
Bhkn4eOkXO/UXAe+hwU6gr7g8+1OHYUy5LrcW4EYo+al7CtDt9VT4SadDyYTGrJn
Y2ApaxxE/voYWk4R+0ODLrNABMfkhNsXgGD2Th++uOp39PEv8eN/LYmcewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKBr/w2KlZFGlnJgu5OOIfYb/omRMB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEvb0d2X0RZcVZrVWFXY21DN2s0NGg5aHYtaVpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbfgpMA0G
CSqGSIb3DQEBCwUAA4IBAQCNP0a0r9m1670TiFfK2q3WCJuXy44p0F3y+GsyNoot
duDuvxCDUtT52LDsYoOmdWNPufiL9GT5CniugRDI1cDrQcUdHd4dXLJpowdZCntW
pjL4AdZSFGOmNpyosR0Kpbw3UaUEhhl6cY1KsGvft2zKymznDJyd0wUtpocnXqqE
uhDHWlxWqehIh9CiRRskZZZA3jHY+2HCUJBhZMybZDO3talz9rpqCPobA6yX5A2G
d6+5ubA6Ert5T7LHaSIJovxPS0CuyoLM8enOXNkkDHFmoqUAR6+zysm3U7sRL+u+
Jrj3fEkVueteLP0zhNUt7//hMUpoIE0RlCS08Pl29w4y
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:57 2024 by rpki-client on console-fra.rpki-client.org