Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/91E8S_FfpkECg0qfxiU4PAdgDMs.roa
File:                     91E8S_FfpkECg0qfxiU4PAdgDMs.roa (raw, json)
Hash identifier:          GR+rheNJSHiB0AqIZ9WsA5eqnqkfetdL+JUb417Wnds=
Subject key identifier:   F7:51:3C:4B:F1:5F:A6:41:02:83:4A:9F:C6:25:38:3C:07:60:0C:CB
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       0187232455D1208B3B90E35CAA5EB6D9A260
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/91E8S_FfpkECg0qfxiU4PAdgDMs.roa
Signing time:             Mon 27 Mar 2023 12:56:36 +0000
ROA not before:           Mon 27 Mar 2023 12:56:36 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     8075
IP address blocks:        109.176.255.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:30:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:23:24:55:d1:20:8b:3b:90:e3:5c:aa:5e:b6:d9:a2:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Mar 27 12:56:36 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f7513c4bf15fa64102834a9fc625383c07600ccb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:a2:14:f3:65:5f:cc:5e:9b:e3:ed:05:98:d4:
                    5a:13:7c:98:e0:db:17:04:da:66:89:28:93:ab:dd:
                    77:9e:c3:a2:e7:d5:00:40:de:3f:ee:b6:72:d9:a8:
                    fa:85:1a:e8:1b:ba:e1:b4:c1:22:70:42:c4:6b:92:
                    81:97:8a:67:5d:25:d2:b5:1b:a7:92:92:cb:d4:c9:
                    49:14:d7:8d:c5:52:4a:9d:34:e0:49:70:cf:72:28:
                    cf:19:ed:56:14:3e:93:d7:b9:96:9d:d5:01:e7:2f:
                    9f:ab:c0:3e:22:0e:cc:0a:a0:50:ef:fc:f0:1c:b4:
                    27:4c:0a:8a:0e:8e:ae:75:40:e4:d3:9b:2b:13:a9:
                    cc:0e:72:29:ee:1e:97:06:97:02:08:cf:7a:4b:21:
                    6d:88:5b:e4:1a:3f:b9:0f:75:b7:0a:84:d2:9e:e2:
                    58:fd:95:c1:2a:f7:2f:04:da:64:35:04:a1:80:c2:
                    39:95:11:1f:ca:20:12:99:4a:0e:43:c9:c5:bc:12:
                    8d:98:10:f9:4e:fb:fa:be:2c:17:20:9d:4a:5b:c5:
                    62:4b:58:60:30:be:6f:0b:78:0c:d6:f1:02:ea:b6:
                    08:01:27:26:09:db:1d:d8:f2:fd:9f:29:1e:f7:d1:
                    0b:12:b3:3e:2b:26:5e:8e:ba:bf:fc:42:8c:0e:e3:
                    fa:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:51:3C:4B:F1:5F:A6:41:02:83:4A:9F:C6:25:38:3C:07:60:0C:CB
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/91E8S_FfpkECg0qfxiU4PAdgDMs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.176.255.0/24

    Signature Algorithm: sha256WithRSAEncryption
         26:5d:5d:d3:d9:b2:eb:d1:37:34:6d:22:6d:54:3e:db:ac:fc:
         7c:99:2a:b8:ef:21:bb:ce:b1:15:0e:17:cf:f8:03:85:e0:8b:
         2c:6c:cf:3f:03:f6:29:c1:02:cd:23:39:59:94:a8:b9:94:89:
         86:ad:9d:9f:83:47:43:d2:15:3e:ac:f0:64:78:e7:55:ac:4c:
         d4:9b:0c:51:14:7f:ab:0a:9d:27:ae:01:22:62:9b:da:67:89:
         80:8d:55:ad:38:52:8b:99:a7:06:fb:77:5f:fc:21:c9:50:4c:
         9f:63:0a:55:95:dd:4b:88:ca:f5:09:6c:9b:93:b9:00:d7:ff:
         d9:0b:d4:78:0d:9d:cb:3f:46:5f:53:55:00:f3:03:36:91:9e:
         bd:f1:3d:d1:3c:b6:1c:e0:fb:6e:77:82:d6:6c:1e:18:4d:52:
         6a:41:61:64:9c:62:28:a3:d3:94:02:7b:ef:8c:48:4d:7e:13:
         c5:21:f9:1f:82:7f:1e:00:17:82:6e:8b:d7:a4:f8:23:e8:0d:
         97:4b:27:65:29:f8:eb:1e:d9:5a:9e:a0:35:ce:9c:fc:8d:ea:
         82:17:33:9b:0f:f5:c7:c9:51:04:d7:7c:27:a2:32:a0:59:19:
         21:38:62:ec:6b:cd:31:b7:d4:19:f3:4a:b0:32:91:2f:34:ed:
         fa:ca:8f:eb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYcjJFXRIIs7kONcql622aJgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwMzI3MTI1NjM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzUxM2M0YmYxNWZhNjQxMDI4MzRhOWZjNjI1MzgzYzA3NjAwY2NiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkqIU82VfzF6b4+0FmNRaE3yY4NsX
BNpmiSiTq913nsOi59UAQN4/7rZy2aj6hRroG7rhtMEicELEa5KBl4pnXSXStRun
kpLL1MlJFNeNxVJKnTTgSXDPcijPGe1WFD6T17mWndUB5y+fq8A+Ig7MCqBQ7/zw
HLQnTAqKDo6udUDk05srE6nMDnIp7h6XBpcCCM96SyFtiFvkGj+5D3W3CoTSnuJY
/ZXBKvcvBNpkNQShgMI5lREfyiASmUoOQ8nFvBKNmBD5Tvv6viwXIJ1KW8ViS1hg
ML5vC3gM1vEC6rYIAScmCdsd2PL9nyke99ELErM+KyZejrq//EKMDuP64wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPdRPEvxX6ZBAoNKn8YlODwHYAzLMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvOTFFOFNfRmZwa0VDZzBxZnhpVTRQQWRnRE1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbbD/MA0G
CSqGSIb3DQEBCwUAA4IBAQAmXV3T2bLr0Tc0bSJtVD7brPx8mSq47yG7zrEVDhfP
+AOF4IssbM8/A/YpwQLNIzlZlKi5lImGrZ2fg0dD0hU+rPBkeOdVrEzUmwxRFH+r
Cp0nrgEiYpvaZ4mAjVWtOFKLmacG+3df/CHJUEyfYwpVld1LiMr1CWybk7kA1//Z
C9R4DZ3LP0ZfU1UA8wM2kZ698T3RPLYc4Ptud4LWbB4YTVJqQWFknGIoo9OUAnvv
jEhNfhPFIfkfgn8eABeCbovXpPgj6A2XSydlKfjrHtlanqA1zpz8jeqCFzObD/XH
yVEE13wnojKgWRkhOGLsa80xt9QZ80qwMpEvNO36yo/r
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:14 2024 by rpki-client on console-fra.rpki-client.org