Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Awu9cHkUNR_W9jj6OWM3MRsfluQ.roa
File:                     Awu9cHkUNR_W9jj6OWM3MRsfluQ.roa (raw, json)
Hash identifier:          2JRLfYyQII5ziQW/4Vy1y1/Y/v7jGCNR/FEcGT1FfWw=
Subject key identifier:   03:0B:BD:70:79:14:35:1F:D6:F6:38:FA:39:63:37:31:1B:1F:96:E4
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018D54B2590517B4B3A6A17A8347AC06B943
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Awu9cHkUNR_W9jj6OWM3MRsfluQ.roa
Signing time:             Mon 29 Jan 2024 10:09:50 +0000
ROA not before:           Mon 29 Jan 2024 10:09:50 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     215668
IP address blocks:        109.176.253.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 11 May 2024 21:06:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:54:b2:59:05:17:b4:b3:a6:a1:7a:83:47:ac:06:b9:43
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jan 29 10:09:50 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=030bbd707914351fd6f638fa396337311b1f96e4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:c8:e8:2c:34:6e:65:91:61:de:68:d3:ec:44:
                    ff:c3:b4:00:27:69:74:fd:c9:dc:e4:8b:b3:ad:d4:
                    23:d5:d8:6c:b1:bd:93:8d:62:17:21:6e:bd:c4:94:
                    88:e1:c1:9a:40:e7:7d:24:52:9f:81:ee:1c:ef:c6:
                    ee:de:b5:9d:b2:ce:49:8a:e0:bf:75:86:f1:fe:fe:
                    54:4d:fa:2a:cb:2d:35:f7:db:74:57:4d:f7:c2:07:
                    ea:96:07:6e:d1:ba:67:01:4f:6a:94:08:52:4a:a8:
                    5c:02:92:b7:d0:5d:4d:79:db:8e:bf:be:3e:e3:35:
                    cd:5f:b3:e1:e9:da:0f:4d:9a:a4:ce:9d:8b:24:27:
                    0c:48:49:e9:2a:fb:47:b6:7d:48:92:47:9f:c4:8d:
                    bd:13:2e:9f:2f:78:ef:62:e5:19:0b:f9:92:17:d1:
                    84:e4:d9:02:13:13:18:e3:06:69:dc:d2:45:79:93:
                    06:1c:af:40:29:ad:da:b4:27:3d:f9:b5:bf:07:80:
                    20:f3:47:66:0b:4b:32:74:05:d3:9e:5d:c3:a8:62:
                    0b:d4:7c:79:2c:d1:92:4c:10:14:8e:ee:d6:13:c1:
                    22:62:c1:85:86:4a:c1:79:c0:f5:bd:64:68:f3:f6:
                    1e:f3:e9:25:ad:1f:06:97:56:60:a0:0c:c6:4b:2b:
                    57:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:0B:BD:70:79:14:35:1F:D6:F6:38:FA:39:63:37:31:1B:1F:96:E4
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Awu9cHkUNR_W9jj6OWM3MRsfluQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.176.253.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8c:59:bf:fa:65:1d:ef:ab:2f:61:9b:17:99:4f:18:57:ac:be:
         d3:31:a8:a7:d4:c4:2b:8d:de:20:b8:82:2d:86:74:99:95:92:
         f0:b3:60:6b:1a:a2:15:9a:7d:26:6c:f0:75:53:9e:58:f6:0c:
         4c:6e:65:e8:7a:b9:93:dc:71:58:fa:df:bf:66:5a:d9:6e:cf:
         ba:b8:4d:f4:fe:fc:e0:fc:d3:b2:a7:af:99:96:27:91:b6:83:
         f8:15:76:e1:79:ca:47:a5:c5:ea:9f:39:79:ff:fc:64:a9:c5:
         68:05:c9:a9:96:42:2c:73:4e:4d:50:ab:37:50:9d:a6:de:c9:
         78:25:93:b9:b6:ba:57:b5:96:ac:49:6e:ac:d1:fa:72:95:67:
         18:9e:bd:8b:c5:c2:60:7f:81:82:d8:0e:1e:c6:f3:54:34:0d:
         bd:bd:68:2e:73:64:c3:86:2f:b1:31:cd:cd:ad:00:b8:52:40:
         ed:9a:e2:a6:a9:eb:c1:92:62:31:3b:89:be:a1:55:8b:59:2e:
         e2:0f:aa:84:7f:b7:60:6d:e5:0b:aa:4d:1c:4e:1f:73:5b:6b:
         c0:ab:86:5f:34:a4:2e:83:13:8c:d7:4b:f8:80:26:ae:98:bc:
         8d:fc:3c:05:cf:cd:c1:aa:06:ef:6b:33:ef:2c:8b:99:eb:7b:
         88:03:4f:e7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY1UslkFF7SzpqF6g0esBrlDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMTI5MTAwOTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzBiYmQ3MDc5MTQzNTFmZDZmNjM4ZmEzOTYzMzczMTFiMWY5NmU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAncjoLDRuZZFh3mjT7ET/w7QAJ2l0
/cnc5IuzrdQj1dhssb2TjWIXIW69xJSI4cGaQOd9JFKfge4c78bu3rWdss5JiuC/
dYbx/v5UTfoqyy0199t0V033wgfqlgdu0bpnAU9qlAhSSqhcApK30F1NeduOv74+
4zXNX7Ph6doPTZqkzp2LJCcMSEnpKvtHtn1IkkefxI29Ey6fL3jvYuUZC/mSF9GE
5NkCExMY4wZp3NJFeZMGHK9AKa3atCc9+bW/B4Ag80dmC0sydAXTnl3DqGIL1Hx5
LNGSTBAUju7WE8EiYsGFhkrBecD1vWRo8/Ye8+klrR8Gl1ZgoAzGSytXJwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAMLvXB5FDUf1vY4+jljNzEbH5bkMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvQXd1OWNIa1VOUl9XOWpqNk9XTTNNUnNmbHVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbbD9MA0G
CSqGSIb3DQEBCwUAA4IBAQCMWb/6ZR3vqy9hmxeZTxhXrL7TMain1MQrjd4guIIt
hnSZlZLws2BrGqIVmn0mbPB1U55Y9gxMbmXoermT3HFY+t+/ZlrZbs+6uE30/vzg
/NOyp6+ZlieRtoP4FXbhecpHpcXqnzl5//xkqcVoBcmplkIsc05NUKs3UJ2m3sl4
JZO5trpXtZasSW6s0fpylWcYnr2LxcJgf4GC2A4exvNUNA29vWguc2TDhi+xMc3N
rQC4UkDtmuKmqevBkmIxO4m+oVWLWS7iD6qEf7dgbeULqk0cTh9zW2vAq4ZfNKQu
gxOM10v4gCaumLyN/DwFz83BqgbvazPvLIuZ63uIA0/n
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:21 2024 by rpki-client on console-ams.rpki-client.org