Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/FSYqySDcwKhv5D4xzQkBQnHBLT8.roa
File:                     FSYqySDcwKhv5D4xzQkBQnHBLT8.roa (raw, json)
Hash identifier:          TRpUVktQwCo5QWbFXtX4+YJhaqEa3eJfjCE079hUaIE=
Subject key identifier:   15:26:2A:C9:20:DC:C0:A8:6F:E4:3E:31:CD:09:01:42:71:C1:2D:3F
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018F2A01AB19CC778293464A872E2131DFCD
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/FSYqySDcwKhv5D4xzQkBQnHBLT8.roa
Signing time:             Mon 29 Apr 2024 13:18:23 +0000
ROA not before:           Mon 29 Apr 2024 13:18:23 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     61272
IP address blocks:        109.176.18.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 07 May 2024 07:12:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:2a:01:ab:19:cc:77:82:93:46:4a:87:2e:21:31:df:cd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Apr 29 13:18:23 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=15262ac920dcc0a86fe43e31cd09014271c12d3f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:d9:2e:97:95:f3:d3:77:0c:35:fe:e9:1b:57:
                    22:8a:ea:b9:8d:93:9d:e5:1d:0d:00:1f:b5:3d:8b:
                    7d:bc:db:4f:42:b2:d7:a9:9e:5e:a5:64:7c:db:a8:
                    f8:34:f1:63:cf:b8:20:22:9b:ba:6c:d9:be:d4:8b:
                    f1:42:4a:f1:81:29:47:dc:ee:07:d4:ce:28:fc:74:
                    8e:ad:43:04:70:85:c0:bd:a5:68:4e:00:53:fc:02:
                    d7:08:fe:ef:07:eb:7c:17:b1:41:da:b0:0f:cd:ef:
                    2c:68:9c:23:d8:74:b0:3a:fa:35:68:3e:3e:93:b0:
                    64:80:72:8c:67:bf:63:62:87:1b:f3:9f:7d:ad:c7:
                    c9:a9:17:aa:3d:76:9d:d8:62:c3:d6:b5:f3:57:34:
                    02:b4:af:6f:e7:ae:91:cd:0c:9b:5b:0c:c5:39:aa:
                    36:83:8a:26:a3:20:f2:0a:be:b2:8a:16:81:cf:4e:
                    90:eb:88:d7:11:87:ce:01:1c:e6:bd:9a:98:93:b8:
                    84:2c:25:29:f6:7f:92:e0:68:12:b5:0d:58:10:2f:
                    09:e6:a4:52:47:c4:ce:28:8e:a5:c2:3b:1e:cd:5e:
                    01:15:52:6f:c8:e4:52:09:37:4d:50:e5:5a:b1:04:
                    a2:cf:02:57:76:2d:4d:3b:f9:15:20:62:37:fb:0d:
                    fc:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:26:2A:C9:20:DC:C0:A8:6F:E4:3E:31:CD:09:01:42:71:C1:2D:3F
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/FSYqySDcwKhv5D4xzQkBQnHBLT8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.176.18.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ad:95:75:a8:fe:9a:a6:c2:9f:7f:33:44:6e:63:d1:38:75:81:
         f4:95:86:8f:f1:ff:ec:d4:cb:c2:03:13:c0:45:a0:fe:a8:b4:
         f1:ea:78:9a:6a:14:75:08:43:30:20:b8:25:fe:af:35:c3:b7:
         a3:e9:c6:9b:b2:9a:f2:aa:7c:9b:01:cf:84:2c:68:cc:24:3c:
         e5:97:e9:4e:85:4f:47:95:18:c5:9a:cf:17:3e:d2:25:b6:99:
         a5:8e:84:eb:b2:9f:8e:2f:e9:32:88:21:1f:e3:94:94:94:ad:
         c6:ca:8f:99:3f:8d:73:9b:51:d3:37:4d:0b:68:22:b9:87:a0:
         04:ad:59:81:6b:1f:e2:09:2a:43:dc:9c:76:44:dc:9d:a0:ac:
         92:39:75:94:25:41:9c:04:df:17:18:c0:5e:c3:43:74:f9:76:
         ad:48:79:19:dd:68:0f:af:3a:7a:80:93:02:8b:c2:f9:28:7d:
         9f:61:75:2d:c0:55:0f:54:dd:41:fc:6d:ac:be:f3:82:46:b5:
         2f:cc:b2:0c:00:9e:19:4d:fe:f4:3d:24:82:61:8a:d7:c2:e2:
         06:9d:0a:02:01:ed:28:43:28:a5:02:46:eb:e4:69:70:bd:1a:
         bf:10:69:45:f6:f7:c6:45:43:61:01:71:0a:ba:36:7c:71:a4:
         96:89:e8:d4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY8qAasZzHeCk0ZKhy4hMd/NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNDI5MTMxODIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTI2MmFjOTIwZGNjMGE4NmZlNDNlMzFjZDA5MDE0MjcxYzEyZDNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwdkul5Xz03cMNf7pG1ciiuq5jZOd
5R0NAB+1PYt9vNtPQrLXqZ5epWR826j4NPFjz7ggIpu6bNm+1IvxQkrxgSlH3O4H
1M4o/HSOrUMEcIXAvaVoTgBT/ALXCP7vB+t8F7FB2rAPze8saJwj2HSwOvo1aD4+
k7BkgHKMZ79jYocb8599rcfJqReqPXad2GLD1rXzVzQCtK9v566RzQybWwzFOao2
g4omoyDyCr6yihaBz06Q64jXEYfOARzmvZqYk7iELCUp9n+S4GgStQ1YEC8J5qRS
R8TOKI6lwjsezV4BFVJvyORSCTdNUOVasQSizwJXdi1NO/kVIGI3+w38aQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBUmKskg3MCob+Q+Mc0JAUJxwS0/MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvRlNZcXlTRGN3S2h2NUQ0eHpRa0JRbkhCTFQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbbASMA0G
CSqGSIb3DQEBCwUAA4IBAQCtlXWo/pqmwp9/M0RuY9E4dYH0lYaP8f/s1MvCAxPA
RaD+qLTx6niaahR1CEMwILgl/q81w7ej6cabspryqnybAc+ELGjMJDzll+lOhU9H
lRjFms8XPtIltpmljoTrsp+OL+kyiCEf45SUlK3Gyo+ZP41zm1HTN00LaCK5h6AE
rVmBax/iCSpD3Jx2RNydoKySOXWUJUGcBN8XGMBew0N0+XatSHkZ3WgPrzp6gJMC
i8L5KH2fYXUtwFUPVN1B/G2svvOCRrUvzLIMAJ4ZTf70PSSCYYrXwuIGnQoCAe0o
QyilAkbr5GlwvRq/EGlF9vfGRUNhAXEKujZ8caSWiejU
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:14 2024 by rpki-client on console-fra.rpki-client.org