Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/7UlyBxQ2LwZ4DFyukyqcf6snvDY.roa
File:                     7UlyBxQ2LwZ4DFyukyqcf6snvDY.roa (raw, json)
Hash identifier:          ZsM2Td8jkuxFpBJgi/U9Y6barl3JsL83OLlSaMmyEmc=
Subject key identifier:   ED:49:72:07:14:36:2F:06:78:0C:5C:AE:93:2A:9C:7F:AB:27:BC:36
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       0189CF54F4AC10B82AA885CE03E87270639F
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/7UlyBxQ2LwZ4DFyukyqcf6snvDY.roa
Signing time:             Mon 07 Aug 2023 09:29:58 +0000
ROA not before:           Mon 07 Aug 2023 09:29:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     14445
IP address blocks:        109.176.244.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:30:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:cf:54:f4:ac:10:b8:2a:a8:85:ce:03:e8:72:70:63:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Aug  7 09:29:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ed49720714362f06780c5cae932a9c7fab27bc36
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:fa:4e:0f:10:fe:5d:81:87:29:1f:c3:cb:99:
                    c7:bc:dc:ba:7c:24:b2:b3:3c:54:e7:10:3b:8d:da:
                    78:db:81:a5:2b:ee:db:67:d6:69:cb:70:07:72:67:
                    7a:5d:8c:b2:71:fc:23:e5:cd:cf:10:b5:ed:1c:03:
                    93:60:df:d3:63:dd:45:e3:aa:71:a1:6b:58:f0:ec:
                    f5:9d:c7:38:62:83:38:fb:4c:6a:d6:48:00:e6:e5:
                    ef:94:46:df:6d:8b:01:51:1e:cc:85:77:cb:c0:57:
                    3a:1b:61:7b:65:4a:14:06:b2:90:6f:fd:35:1a:a7:
                    9a:bb:0d:3d:90:85:2d:6d:ce:a1:59:a0:b2:05:b4:
                    e1:75:97:25:9c:4c:e7:7b:d9:d2:8c:e8:31:32:a8:
                    69:36:6d:18:f5:02:1e:e4:57:da:8b:2f:6f:2c:5b:
                    c7:f7:8b:c5:e2:00:c8:3a:48:24:48:8c:42:de:ee:
                    3e:3a:fa:5e:fb:96:63:8a:7f:cd:35:d4:6a:c6:de:
                    25:5a:c0:bc:17:d9:e8:f3:31:ed:0a:14:4c:ba:23:
                    f2:48:10:13:e8:41:a6:de:98:b3:d9:08:14:1e:fb:
                    cd:7f:a3:9b:e3:e9:7c:1e:65:7c:dc:28:a0:a4:d7:
                    c6:b8:39:cd:8e:e1:e3:71:85:c8:6b:d5:2b:30:91:
                    ff:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:49:72:07:14:36:2F:06:78:0C:5C:AE:93:2A:9C:7F:AB:27:BC:36
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/7UlyBxQ2LwZ4DFyukyqcf6snvDY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.176.244.0/24

    Signature Algorithm: sha256WithRSAEncryption
         16:f5:83:c6:6a:82:35:d4:cd:e6:62:2a:a4:f5:a1:1f:33:bd:
         80:d6:33:c1:80:1b:25:06:30:14:68:45:12:4b:eb:a3:e5:95:
         c8:18:23:e9:77:2d:ec:60:e9:aa:49:20:b1:e5:2d:b4:a0:74:
         92:19:99:66:33:8e:de:63:8b:46:e5:45:68:9f:81:8d:03:6a:
         5c:7d:51:56:8f:39:62:0c:2d:fa:2e:dc:16:cc:a6:5d:24:47:
         ee:7f:ad:cc:71:51:b6:a0:0b:e0:76:1d:4d:91:e5:b0:17:87:
         91:46:af:13:9d:d6:37:b5:d7:3a:28:ad:b6:e0:4e:73:70:12:
         72:18:b9:b5:d6:3f:4b:b2:da:f6:2b:ba:60:ef:2a:ee:cc:28:
         a5:3a:0c:11:dc:bc:19:c6:3f:8b:10:f8:22:99:1b:b0:c5:3b:
         64:ea:d7:1d:09:9d:b6:a0:d2:4d:3f:6f:35:d0:61:a8:9f:7f:
         0e:5d:ef:5f:80:d6:a5:13:0a:df:0d:5a:d2:28:0a:97:45:e9:
         f2:15:c9:91:45:76:8d:4f:54:81:fe:bf:ed:ec:4d:f9:df:3f:
         e5:2b:d3:0a:d5:12:0c:33:30:95:13:c9:46:b5:66:64:77:ed:
         5f:ff:a4:fe:17:3c:af:83:07:ad:4c:27:42:c3:4d:0e:42:26:
         11:78:4e:d7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYnPVPSsELgqqIXOA+hycGOfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwODA3MDkyOTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDQ5NzIwNzE0MzYyZjA2NzgwYzVjYWU5MzJhOWM3ZmFiMjdiYzM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3/pODxD+XYGHKR/Dy5nHvNy6fCSy
szxU5xA7jdp424GlK+7bZ9Zpy3AHcmd6XYyycfwj5c3PELXtHAOTYN/TY91F46px
oWtY8Oz1ncc4YoM4+0xq1kgA5uXvlEbfbYsBUR7MhXfLwFc6G2F7ZUoUBrKQb/01
Gqeauw09kIUtbc6hWaCyBbThdZclnEzne9nSjOgxMqhpNm0Y9QIe5Ffaiy9vLFvH
94vF4gDIOkgkSIxC3u4+Ovpe+5Zjin/NNdRqxt4lWsC8F9no8zHtChRMuiPySBAT
6EGm3piz2QgUHvvNf6Ob4+l8HmV83CigpNfGuDnNjuHjcYXIa9UrMJH/DwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO1JcgcUNi8GeAxcrpMqnH+rJ7w2MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvN1VseUJ4UTJMd1o0REZ5dWt5cWNmNnNudkRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbbD0MA0G
CSqGSIb3DQEBCwUAA4IBAQAW9YPGaoI11M3mYiqk9aEfM72A1jPBgBslBjAUaEUS
S+uj5ZXIGCPpdy3sYOmqSSCx5S20oHSSGZlmM47eY4tG5UVon4GNA2pcfVFWjzli
DC36LtwWzKZdJEfuf63McVG2oAvgdh1NkeWwF4eRRq8TndY3tdc6KK224E5zcBJy
GLm11j9Lstr2K7pg7yruzCilOgwR3LwZxj+LEPgimRuwxTtk6tcdCZ22oNJNP281
0GGon38OXe9fgNalEwrfDVrSKAqXRenyFcmRRXaNT1SB/r/t7E353z/lK9MK1RIM
MzCVE8lGtWZkd+1f/6T+FzyvgwetTCdCw00OQiYReE7X
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:20 2024 by rpki-client on console-ams.rpki-client.org