Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/6ovCoZiwxor7XVNAwbHftyTtRcU.roa
File:                     6ovCoZiwxor7XVNAwbHftyTtRcU.roa (raw, json)
Hash identifier:          C39UHtFnowJePneWxrRbKVVsybMh8KbrrByJTVdAX3c=
Subject key identifier:   EA:8B:C2:A1:98:B0:C6:8A:FB:5D:53:40:C1:B1:DF:B7:24:ED:45:C5
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018FA45768096CAB5934303697BFF26A0651
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/6ovCoZiwxor7XVNAwbHftyTtRcU.roa
Signing time:             Thu 23 May 2024 07:25:42 +0000
ROA not before:           Thu 23 May 2024 07:25:42 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     211318
IP address blocks:        109.176.253.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 27 May 2024 08:48:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:a4:57:68:09:6c:ab:59:34:30:36:97:bf:f2:6a:06:51
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: May 23 07:25:42 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=ea8bc2a198b0c68afb5d5340c1b1dfb724ed45c5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:2c:e2:be:77:97:c9:7b:68:c9:61:db:df:b2:
                    46:dd:e6:4a:4e:89:f3:5f:ae:78:d1:fe:6d:e0:9e:
                    a5:64:cf:82:7e:7b:b4:d3:b9:5f:fc:cd:19:83:b7:
                    e2:ec:30:1c:bc:45:6b:1b:2c:47:ff:9a:04:b3:ee:
                    e2:9c:e2:ed:41:44:93:ed:65:1c:6b:1d:4b:ab:06:
                    d2:ff:42:c5:df:af:15:fe:28:85:c4:bb:3d:63:1f:
                    55:5f:df:c6:fb:d4:aa:50:7f:66:4a:88:0e:ad:2f:
                    c5:45:10:f6:a6:ad:23:e6:b1:de:ef:dc:4b:b9:8d:
                    92:89:47:83:82:bc:2a:ed:b6:b8:20:77:da:95:9c:
                    c0:a6:89:9c:33:8a:c7:cd:0c:cd:6f:33:95:e1:2b:
                    0f:37:f0:35:b8:8d:fb:bf:60:d7:b2:d2:4f:24:06:
                    96:87:af:aa:18:6d:cf:e7:0b:b6:98:0d:3e:ab:b3:
                    08:7c:f6:1c:28:84:62:08:3d:76:3c:46:a7:f1:5e:
                    3c:27:59:74:11:30:55:51:1e:a5:86:f5:5c:15:24:
                    cc:29:90:4a:88:a0:69:b8:5d:54:e4:1e:e2:2e:89:
                    64:8c:2a:8d:ed:35:2b:84:93:67:6b:f6:26:56:13:
                    4e:a1:ba:e6:d4:c9:09:2e:af:81:28:e5:68:d5:32:
                    64:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:8B:C2:A1:98:B0:C6:8A:FB:5D:53:40:C1:B1:DF:B7:24:ED:45:C5
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/6ovCoZiwxor7XVNAwbHftyTtRcU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.176.253.0/24

    Signature Algorithm: sha256WithRSAEncryption
         11:4d:32:e9:72:a2:c1:8b:12:6d:c3:89:20:fe:41:23:b1:b3:
         2a:57:e9:e1:15:76:4f:9d:17:ad:24:86:a1:6a:69:15:71:19:
         14:d3:ae:b9:7c:75:27:0e:35:de:e8:f3:22:8a:c4:54:60:19:
         25:49:f5:44:ac:ba:cd:1a:38:ed:09:26:5c:2c:39:55:b8:e9:
         81:19:9f:67:34:22:3c:63:dd:5e:df:ad:6e:4b:20:61:8a:2c:
         13:e7:0b:fa:fd:ce:08:ba:18:08:a1:a6:c2:f9:df:f5:4e:85:
         06:f1:57:94:f6:ec:d7:87:94:f9:aa:a8:e4:10:f0:2a:4b:fc:
         74:ca:7c:57:90:47:ec:06:28:a7:58:a8:24:23:b0:36:2b:0c:
         3d:9d:61:49:7b:cd:cb:88:31:4e:8b:52:6d:f3:9d:e7:b5:2f:
         a1:a9:a6:a5:d1:1d:2b:64:b8:15:50:d5:41:8a:ad:c7:4d:b0:
         7a:1a:9f:ab:0a:3f:a5:fe:c5:44:28:5c:92:37:02:f2:27:06:
         57:e4:ee:89:82:3f:a1:7f:eb:cb:31:af:b3:18:5c:b5:1c:68:
         0c:81:62:85:15:f6:f7:88:c8:e7:65:d7:2d:ab:b7:33:52:c6:
         2d:56:24:fa:6e:0b:7f:48:94:22:c5:63:38:2c:4b:cc:08:7b:
         b2:d4:9c:17
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY+kV2gJbKtZNDA2l7/yagZRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNTIzMDcyNTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYThiYzJhMTk4YjBjNjhhZmI1ZDUzNDBjMWIxZGZiNzI0ZWQ0NWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6CzivneXyXtoyWHb37JG3eZKTonz
X6540f5t4J6lZM+Cfnu007lf/M0Zg7fi7DAcvEVrGyxH/5oEs+7inOLtQUST7WUc
ax1LqwbS/0LF368V/iiFxLs9Yx9VX9/G+9SqUH9mSogOrS/FRRD2pq0j5rHe79xL
uY2SiUeDgrwq7ba4IHfalZzApomcM4rHzQzNbzOV4SsPN/A1uI37v2DXstJPJAaW
h6+qGG3P5wu2mA0+q7MIfPYcKIRiCD12PEan8V48J1l0ETBVUR6lhvVcFSTMKZBK
iKBpuF1U5B7iLolkjCqN7TUrhJNna/YmVhNOobrm1MkJLq+BKOVo1TJkKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOqLwqGYsMaK+11TQMGx37ck7UXFMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvNm92Q29aaXd4b3I3WFZOQXdiSGZ0eVR0UmNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbbD9MA0G
CSqGSIb3DQEBCwUAA4IBAQARTTLpcqLBixJtw4kg/kEjsbMqV+nhFXZPnRetJIah
amkVcRkU0665fHUnDjXe6PMiisRUYBklSfVErLrNGjjtCSZcLDlVuOmBGZ9nNCI8
Y91e361uSyBhiiwT5wv6/c4IuhgIoabC+d/1ToUG8VeU9uzXh5T5qqjkEPAqS/x0
ynxXkEfsBiinWKgkI7A2Kww9nWFJe83LiDFOi1Jt853ntS+hqaal0R0rZLgVUNVB
iq3HTbB6Gp+rCj+l/sVEKFySNwLyJwZX5O6Jgj+hf+vLMa+zGFy1HGgMgWKFFfb3
iMjnZdctq7czUsYtViT6bgt/SJQixWM4LEvMCHuy1JwX
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:20 2024 by rpki-client on console-ams.rpki-client.org