Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/G7CoI6uz2vwGgDZaJc2YCb2_TIs.roa
File:                     G7CoI6uz2vwGgDZaJc2YCb2_TIs.roa (raw, json)
Hash identifier:          ruxmstGZXAe+u2Qho60geKPioEq6KtOtJ3rYyrA9CJw=
Subject key identifier:   1B:B0:A8:23:AB:B3:DA:FC:06:80:36:5A:25:CD:98:09:BD:BF:4C:8B
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018C342DBC67B381E9A106F2C65BECC8830D
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/G7CoI6uz2vwGgDZaJc2YCb2_TIs.roa
Signing time:             Mon 04 Dec 2023 09:34:21 +0000
ROA not before:           Mon 04 Dec 2023 09:34:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     48678
IP address blocks:        109.176.245.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:30:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:34:2d:bc:67:b3:81:e9:a1:06:f2:c6:5b:ec:c8:83:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Dec  4 09:34:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1bb0a823abb3dafc0680365a25cd9809bdbf4c8b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:88:18:9f:03:b7:df:5d:b5:f6:e1:75:03:97:
                    18:ee:3e:c0:a5:19:99:30:07:47:b8:d8:a6:db:f2:
                    7b:88:e1:f2:5c:37:97:76:3f:42:9f:dd:13:2b:be:
                    52:99:47:08:62:39:40:12:02:95:5a:64:cd:9c:10:
                    de:e0:f2:28:fe:6a:c5:18:4f:63:a0:86:0f:ae:d6:
                    64:15:5f:ba:cf:ba:51:f2:24:7d:fa:09:3a:83:48:
                    23:f7:94:4c:d6:07:20:34:69:5d:c8:fb:c1:66:f5:
                    f9:0a:9a:f8:b9:1a:58:68:bb:20:1b:83:05:ac:5a:
                    a5:af:c1:6b:71:7c:7e:40:6e:67:ca:41:98:30:cf:
                    b7:47:9f:c2:08:2c:89:42:51:ce:1a:5e:ee:6a:9e:
                    bc:89:1a:f5:de:16:07:a6:5c:b3:38:76:50:93:0f:
                    b7:2c:1d:35:40:e7:89:90:ca:e5:26:95:5b:76:b3:
                    d8:bb:6f:bb:37:40:ff:ca:4b:f2:ba:ff:bd:d9:8f:
                    2a:c6:22:72:e2:e0:3c:c7:2b:24:8f:31:aa:ff:b0:
                    dd:e5:ad:4d:2f:35:43:40:ee:a5:f6:2b:ae:5f:3f:
                    55:af:d8:01:15:83:96:48:e1:e7:70:29:36:ee:c3:
                    58:80:13:23:85:ee:55:54:b4:c1:18:07:19:b9:88:
                    71:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:B0:A8:23:AB:B3:DA:FC:06:80:36:5A:25:CD:98:09:BD:BF:4C:8B
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/G7CoI6uz2vwGgDZaJc2YCb2_TIs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.176.245.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0d:80:ba:95:5f:a9:32:71:65:96:2f:e2:5b:66:ce:1f:e2:70:
         7e:7c:bc:35:58:4d:fa:7a:67:bc:28:ef:79:48:e3:45:53:2a:
         c0:73:38:13:55:b9:ee:5a:49:49:d6:35:13:d6:a4:c8:9b:36:
         4d:69:22:95:4e:e2:cb:ca:e6:77:9a:fb:1a:eb:b8:7f:bc:3b:
         dc:68:c7:06:3c:f4:15:67:17:3f:01:b6:6f:be:4f:4b:89:00:
         4f:51:37:31:7a:6e:67:b0:8b:a6:ba:e9:5f:34:86:29:52:4e:
         72:63:19:85:19:f0:24:16:02:be:9f:bd:09:54:37:bc:c0:30:
         91:37:35:02:b2:61:7c:98:01:31:db:2f:7c:11:13:88:39:7a:
         dc:68:ab:26:5f:9b:c3:20:69:fe:30:fe:2c:10:3f:bc:d0:96:
         46:45:b4:a0:42:dc:67:ef:d9:b5:ec:df:3f:54:fb:52:68:3f:
         24:b8:e0:f8:46:f5:b9:98:17:fb:80:bc:5b:db:c4:cc:71:8d:
         b2:06:10:94:b2:0d:7e:80:91:6c:ef:9c:54:1e:c9:c4:34:11:
         d0:79:96:32:58:9b:76:4d:aa:66:1a:0a:04:4b:25:78:e6:f8:
         86:dc:94:ac:67:e2:98:fa:5c:c2:82:ae:4c:be:83:b0:ea:c6:
         51:dd:60:36
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYw0Lbxns4HpoQbyxlvsyIMNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMxMjA0MDkzNDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmIwYTgyM2FiYjNkYWZjMDY4MDM2NWEyNWNkOTgwOWJkYmY0YzhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx4gYnwO331219uF1A5cY7j7ApRmZ
MAdHuNim2/J7iOHyXDeXdj9Cn90TK75SmUcIYjlAEgKVWmTNnBDe4PIo/mrFGE9j
oIYPrtZkFV+6z7pR8iR9+gk6g0gj95RM1gcgNGldyPvBZvX5Cpr4uRpYaLsgG4MF
rFqlr8FrcXx+QG5nykGYMM+3R5/CCCyJQlHOGl7uap68iRr13hYHplyzOHZQkw+3
LB01QOeJkMrlJpVbdrPYu2+7N0D/ykvyuv+92Y8qxiJy4uA8xyskjzGq/7Dd5a1N
LzVDQO6l9iuuXz9Vr9gBFYOWSOHncCk27sNYgBMjhe5VVLTBGAcZuYhx0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBuwqCOrs9r8BoA2WiXNmAm9v0yLMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvRzdDb0k2dXoydndHZ0RaYUpjMllDYjJfVElzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbbD1MA0G
CSqGSIb3DQEBCwUAA4IBAQANgLqVX6kycWWWL+JbZs4f4nB+fLw1WE36eme8KO95
SONFUyrAczgTVbnuWklJ1jUT1qTImzZNaSKVTuLLyuZ3mvsa67h/vDvcaMcGPPQV
Zxc/AbZvvk9LiQBPUTcxem5nsIumuulfNIYpUk5yYxmFGfAkFgK+n70JVDe8wDCR
NzUCsmF8mAEx2y98EROIOXrcaKsmX5vDIGn+MP4sED+80JZGRbSgQtxn79m17N8/
VPtSaD8kuOD4RvW5mBf7gLxb28TMcY2yBhCUsg1+gJFs75xUHsnENBHQeZYyWJt2
TapmGgoESyV45viG3JSsZ+KY+lzCgq5MvoOw6sZR3WA2
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:21 2024 by rpki-client on console-ams.rpki-client.org