Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/676RQdC2zS58Q6cOsifFwg5hCx0.roa
File:                     676RQdC2zS58Q6cOsifFwg5hCx0.roa (raw, json)
Hash identifier:          nw9KT+F/EL57hcYhU6oB+1diNPHzZg2pgQxPKGM+5m0=
Subject key identifier:   EB:BE:91:41:D0:B6:CD:2E:7C:43:A7:0E:B2:27:C5:C2:0E:61:0B:1D
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018F28AEEA1B9AA15C77A47E8AFEEA6A319A
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/676RQdC2zS58Q6cOsifFwg5hCx0.roa
Signing time:             Mon 29 Apr 2024 07:08:22 +0000
ROA not before:           Mon 29 Apr 2024 07:08:22 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     210164
IP address blocks:        109.176.16.0/24 maxlen: 24
                          109.176.24.0/24 maxlen: 24
                          213.218.236.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 01 May 2024 07:35:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:28:ae:ea:1b:9a:a1:5c:77:a4:7e:8a:fe:ea:6a:31:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Apr 29 07:08:22 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=ebbe9141d0b6cd2e7c43a70eb227c5c20e610b1d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:a5:74:c2:e7:8e:84:bb:be:a6:74:a3:75:e0:
                    22:66:88:18:c1:12:47:dd:2f:2e:11:77:07:cd:32:
                    ff:42:77:78:7f:2c:53:97:4e:1f:47:57:ba:26:48:
                    77:09:ba:04:55:31:ac:f5:19:8f:88:ea:8f:e1:79:
                    c5:9d:ae:58:74:1c:67:04:3a:a9:2c:9b:89:fa:b2:
                    ea:88:84:0e:06:b5:2b:63:63:31:4a:f9:4f:0e:e6:
                    94:db:1a:5d:bd:4a:26:9d:f9:d0:8b:97:3c:31:13:
                    8a:24:19:f9:a6:89:b2:3d:15:92:2a:ba:bd:4a:da:
                    b2:9f:d3:1c:b0:8d:de:23:d2:65:38:27:21:26:30:
                    bb:d7:00:22:b9:bf:0e:69:8f:2f:3c:46:82:97:90:
                    c6:0e:cf:d5:f0:18:9f:1d:af:94:20:a4:2d:f9:27:
                    b1:7a:fe:df:c6:4e:0a:7c:ae:b5:b8:4c:13:e5:78:
                    27:c7:d6:ea:58:db:15:d4:b6:2d:6f:4b:2b:3f:f1:
                    63:df:33:87:88:4a:6a:ac:97:c3:6c:15:27:e2:c2:
                    6c:60:57:be:a4:5a:9e:8c:b3:4d:5a:13:f2:96:a9:
                    1d:86:61:ea:ca:de:2c:38:11:21:86:f9:e7:51:be:
                    32:88:f7:f2:b5:c7:15:a9:ac:89:de:dc:16:b5:59:
                    4d:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:BE:91:41:D0:B6:CD:2E:7C:43:A7:0E:B2:27:C5:C2:0E:61:0B:1D
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/676RQdC2zS58Q6cOsifFwg5hCx0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.176.16.0/24
                  109.176.24.0/24
                  213.218.236.0/24

    Signature Algorithm: sha256WithRSAEncryption
         48:f4:df:37:f7:a9:be:ef:87:b6:79:18:e5:5b:42:45:43:7a:
         56:99:da:b0:57:24:e8:21:b6:10:9f:d9:e6:30:56:54:c2:5f:
         ac:08:50:9a:2b:d3:3d:f7:fe:3a:3d:4a:95:d4:40:2e:58:10:
         e8:f9:e6:65:c5:40:27:33:2a:b4:f0:45:22:44:29:3c:a7:1a:
         b7:2f:22:a9:6d:d3:f7:b4:52:a9:e5:46:ac:e7:93:2d:20:5e:
         38:2c:20:3a:42:5b:07:eb:53:9a:25:fa:5c:f7:e3:42:61:42:
         88:e8:9e:c6:07:6e:45:97:1a:de:aa:a6:48:22:b6:98:7f:e4:
         e8:d6:01:2a:3c:66:40:3e:85:36:d2:12:b8:80:14:90:75:03:
         bc:b8:3f:f8:6c:4f:0e:9b:00:c1:91:4f:7d:5e:42:10:0d:2c:
         e1:7c:f4:f6:f0:8b:91:5a:f2:eb:f3:0d:e9:21:ae:58:fd:e7:
         1f:33:e2:bc:b6:17:db:1b:8d:d0:c5:9e:d2:5c:73:1d:90:0f:
         f0:09:8e:78:98:88:7d:39:27:5e:9d:14:65:fc:78:2a:29:da:
         07:c9:01:3f:64:9a:06:ce:90:74:ac:98:94:c3:94:76:8a:dc:
         a2:8c:f8:5c:ea:2b:e9:f7:05:76:f5:95:d8:6e:86:90:cf:84:
         9c:75:88:53
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY8oruobmqFcd6R+iv7qajGaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNDI5MDcwODIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYmJlOTE0MWQwYjZjZDJlN2M0M2E3MGViMjI3YzVjMjBlNjEwYjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv6V0wueOhLu+pnSjdeAiZogYwRJH
3S8uEXcHzTL/Qnd4fyxTl04fR1e6Jkh3CboEVTGs9RmPiOqP4XnFna5YdBxnBDqp
LJuJ+rLqiIQOBrUrY2MxSvlPDuaU2xpdvUomnfnQi5c8MROKJBn5pomyPRWSKrq9
Stqyn9McsI3eI9JlOCchJjC71wAiub8OaY8vPEaCl5DGDs/V8BifHa+UIKQt+Sex
ev7fxk4KfK61uEwT5Xgnx9bqWNsV1LYtb0srP/Fj3zOHiEpqrJfDbBUn4sJsYFe+
pFqejLNNWhPylqkdhmHqyt4sOBEhhvnnUb4yiPfytccVqayJ3twWtVlNOQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOu+kUHQts0ufEOnDrInxcIOYQsdMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvNjc2UlFkQzJ6UzU4UTZjT3NpZkZ3ZzVoQ3gwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAbbAQAwQA
bbAYAwQA1drsMA0GCSqGSIb3DQEBCwUAA4IBAQBI9N8396m+74e2eRjlW0JFQ3pW
mdqwVyToIbYQn9nmMFZUwl+sCFCaK9M99/46PUqV1EAuWBDo+eZlxUAnMyq08EUi
RCk8pxq3LyKpbdP3tFKp5Uas55MtIF44LCA6QlsH61OaJfpc9+NCYUKI6J7GB25F
lxreqqZIIraYf+To1gEqPGZAPoU20hK4gBSQdQO8uD/4bE8OmwDBkU99XkIQDSzh
fPT28IuRWvLr8w3pIa5Y/ecfM+K8thfbG43QxZ7SXHMdkA/wCY54mIh9OSdenRRl
/HgqKdoHyQE/ZJoGzpB0rJiUw5R2ityijPhc6ivp9wV29ZXYboaQz4ScdYhT
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:14 2024 by rpki-client on console-fra.rpki-client.org