Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/0makA2LRfdCDhaLYMA1KMu1hG3w.roa
File:                     0makA2LRfdCDhaLYMA1KMu1hG3w.roa (raw, json)
Hash identifier:          ukqpGwR9pVXqNFT3QNlPqrFa4dPeATs4sglNXBRAyOc=
Subject key identifier:   D2:66:A4:03:62:D1:7D:D0:83:85:A2:D8:30:0D:4A:32:ED:61:1B:7C
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018B1004113F8BF3A6023D7F67E9AB863984
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/0makA2LRfdCDhaLYMA1KMu1hG3w.roa
Signing time:             Sun 08 Oct 2023 15:59:43 +0000
ROA not before:           Sun 08 Oct 2023 15:59:43 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     216200
IP address blocks:        109.176.240.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:30:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:10:04:11:3f:8b:f3:a6:02:3d:7f:67:e9:ab:86:39:84
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Oct  8 15:59:43 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d266a40362d17dd08385a2d8300d4a32ed611b7c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:6e:10:21:d5:49:3e:e3:d6:48:35:90:83:e8:
                    cb:c8:eb:3d:3e:f3:91:27:4e:1a:ed:de:26:c9:bd:
                    36:a9:65:ef:ef:21:b9:49:75:07:ed:79:8c:a0:5b:
                    0c:fc:b0:80:c8:8f:73:39:98:07:a8:a0:60:60:90:
                    95:c7:07:c3:08:ae:95:fd:ee:6c:ba:4e:69:06:84:
                    68:ee:db:be:5a:23:ec:a0:46:d3:66:4a:1f:97:6b:
                    76:d7:03:e7:ce:ef:b1:17:43:e3:74:55:bf:b4:ab:
                    2d:1e:05:00:41:69:d6:6c:a1:d8:14:1f:91:0a:51:
                    b2:06:25:f5:c2:7e:1b:e0:65:79:7b:f5:42:ee:ad:
                    06:93:d6:4a:a6:a0:53:12:5d:79:76:6c:a3:bb:7f:
                    c5:09:54:7d:0a:d7:b5:24:fc:07:9c:7b:41:d4:1a:
                    ab:64:94:38:e7:6a:e6:b5:d2:fc:63:fd:3e:94:92:
                    3d:db:6d:1f:25:65:6b:45:6a:67:4e:69:ac:af:ba:
                    5b:be:06:25:9f:01:8f:5e:b7:18:50:19:13:a2:02:
                    08:58:2b:3c:ea:5b:a9:e7:e6:48:e5:93:0b:f3:7d:
                    95:8e:39:90:2d:f5:31:90:8f:47:09:9d:c4:5e:a5:
                    84:24:06:93:ee:52:5b:32:ee:e0:73:46:ed:6f:ab:
                    00:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:66:A4:03:62:D1:7D:D0:83:85:A2:D8:30:0D:4A:32:ED:61:1B:7C
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/0makA2LRfdCDhaLYMA1KMu1hG3w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.176.240.0/24

    Signature Algorithm: sha256WithRSAEncryption
         20:ce:4d:96:74:4e:4e:92:a1:fb:d0:dc:65:ee:4d:fb:3e:c4:
         0c:67:a2:b9:ac:af:4d:6a:5b:c4:2f:06:84:1e:ea:a7:50:dd:
         46:83:17:d3:ab:62:4d:07:e1:3a:4a:d4:75:e8:7d:87:54:d7:
         31:47:8f:a4:01:a6:d3:b2:b5:98:82:31:dd:ed:5c:af:07:21:
         5c:ea:38:77:84:f4:8b:c6:50:37:e3:c1:f6:74:bf:25:ef:2a:
         eb:df:ae:76:cf:7e:58:02:01:b4:9f:6c:3e:28:05:a7:91:c4:
         2b:56:c6:71:c3:a5:24:aa:40:89:d8:6b:25:9f:81:71:42:49:
         5d:f3:26:c9:22:4c:be:38:c6:9c:c4:3c:bf:b4:58:51:24:81:
         8f:53:a0:e8:79:16:94:47:36:25:72:ee:ff:c5:f3:64:62:a2:
         e0:44:8a:fd:7a:4e:0a:3c:b4:83:83:46:fb:92:b2:5f:ec:3b:
         dd:6b:60:9f:8f:e0:f6:69:53:46:b1:da:89:39:0b:a0:b7:43:
         6b:96:eb:19:6a:20:7f:32:60:d4:81:58:b0:2c:f3:7f:a1:72:
         82:63:3d:04:6a:0c:f9:1e:a4:4c:ed:69:b9:ab:43:59:d0:e7:
         ca:20:3d:91:cf:bc:5e:27:1d:80:16:dc:be:9a:a7:12:11:e6:
         2d:a7:78:c9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYsQBBE/i/OmAj1/Z+mrhjmEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMxMDA4MTU1OTQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjY2YTQwMzYyZDE3ZGQwODM4NWEyZDgzMDBkNGEzMmVkNjExYjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqm4QIdVJPuPWSDWQg+jLyOs9PvOR
J04a7d4myb02qWXv7yG5SXUH7XmMoFsM/LCAyI9zOZgHqKBgYJCVxwfDCK6V/e5s
uk5pBoRo7tu+WiPsoEbTZkofl2t21wPnzu+xF0PjdFW/tKstHgUAQWnWbKHYFB+R
ClGyBiX1wn4b4GV5e/VC7q0Gk9ZKpqBTEl15dmyju3/FCVR9Cte1JPwHnHtB1Bqr
ZJQ452rmtdL8Y/0+lJI9220fJWVrRWpnTmmsr7pbvgYlnwGPXrcYUBkTogIIWCs8
6lup5+ZI5ZML832VjjmQLfUxkI9HCZ3EXqWEJAaT7lJbMu7gc0btb6sAowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNJmpANi0X3Qg4Wi2DANSjLtYRt8MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvMG1ha0EyTFJmZENEaGFMWU1BMUtNdTFoRzN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbbDwMA0G
CSqGSIb3DQEBCwUAA4IBAQAgzk2WdE5OkqH70Nxl7k37PsQMZ6K5rK9NalvELwaE
HuqnUN1GgxfTq2JNB+E6StR16H2HVNcxR4+kAabTsrWYgjHd7VyvByFc6jh3hPSL
xlA348H2dL8l7yrr3652z35YAgG0n2w+KAWnkcQrVsZxw6UkqkCJ2Gsln4FxQkld
8ybJIky+OMacxDy/tFhRJIGPU6DoeRaURzYlcu7/xfNkYqLgRIr9ek4KPLSDg0b7
krJf7Dvda2Cfj+D2aVNGsdqJOQugt0NrlusZaiB/MmDUgViwLPN/oXKCYz0Eagz5
HqRM7Wm5q0NZ0OfKID2Rz7xeJx2AFty+mqcSEeYtp3jJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:19 2024 by rpki-client on console-ams.rpki-client.org