Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/HcmgJDmdeIfvlDeFGV_Jk8qwVSo.roa
File:                     HcmgJDmdeIfvlDeFGV_Jk8qwVSo.roa (raw, json)
Hash identifier:          kBoBTe7q7XhoFZMEvHP7UI7ONUiWcvtx7UEOV+QVJoU=
Subject key identifier:   1D:C9:A0:24:39:9D:78:87:EF:94:37:85:19:5F:C9:93:CA:B0:55:2A
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018F816E5D4BE639A73778D0ECA0361660D9
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/HcmgJDmdeIfvlDeFGV_Jk8qwVSo.roa
Signing time:             Thu 16 May 2024 12:44:04 +0000
ROA not before:           Thu 16 May 2024 12:44:04 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     48753
IP address blocks:        109.176.21.0/24 maxlen: 24
                          109.176.201.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 29 May 2024 08:16:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:81:6e:5d:4b:e6:39:a7:37:78:d0:ec:a0:36:16:60:d9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: May 16 12:44:04 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=1dc9a024399d7887ef943785195fc993cab0552a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:89:12:b5:4d:cb:ee:66:9a:bc:85:d1:33:8f:
                    2c:40:3c:7d:b3:a6:92:62:c8:2d:94:2c:ae:79:5a:
                    f8:0c:49:ec:74:64:67:5c:b5:ba:e2:31:23:24:d7:
                    77:36:c8:e6:cf:fe:51:84:96:32:7d:bd:2e:4b:dd:
                    33:0d:69:1f:11:a7:42:35:ce:df:0c:c4:0c:9d:d9:
                    70:cb:ba:4d:19:31:5d:90:e5:f1:d3:7a:6a:e5:81:
                    26:c8:2b:85:91:29:69:7c:69:0a:06:f1:68:62:e2:
                    95:a5:d0:50:e1:19:e4:d9:3e:af:e5:bf:37:4a:f8:
                    05:c2:0f:b0:61:c5:d9:fb:71:ed:03:d8:38:75:2e:
                    e6:2e:9f:c2:7a:e6:1f:17:dc:c9:a3:af:5f:1a:1a:
                    72:6b:22:80:83:09:47:ae:1c:de:6c:3c:ef:8b:16:
                    24:15:1f:e9:10:f8:9c:3e:cd:de:47:0e:08:82:63:
                    39:6f:67:f3:1f:6c:e7:58:ee:56:57:3c:00:df:86:
                    c0:4a:e2:6b:60:ff:d6:a7:ab:e0:a5:54:5c:f5:94:
                    e2:e1:1b:df:f6:4b:6f:c3:0b:62:09:a0:47:46:04:
                    3f:7f:7c:70:9d:cc:c5:c7:7a:06:76:95:85:ed:1d:
                    ed:ac:d0:3e:41:e0:b2:c9:b9:95:ba:70:d7:03:87:
                    e2:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:C9:A0:24:39:9D:78:87:EF:94:37:85:19:5F:C9:93:CA:B0:55:2A
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/HcmgJDmdeIfvlDeFGV_Jk8qwVSo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.176.21.0/24
                  109.176.201.0/24

    Signature Algorithm: sha256WithRSAEncryption
         17:07:f6:d3:91:c1:32:d4:71:d3:15:e5:db:c1:77:04:8d:0d:
         b8:d7:74:af:9a:b2:63:db:2e:f0:53:17:bd:53:b9:40:7e:ba:
         8c:db:63:91:d1:0c:35:28:a3:13:1a:9e:32:06:c2:4b:e5:88:
         48:ea:5d:dc:94:85:0e:87:cb:cf:83:2a:d1:12:88:87:b0:19:
         c3:9b:92:06:81:cf:25:fe:95:d0:4c:a0:ca:ec:32:83:ca:7e:
         96:e8:d5:a9:8e:de:84:15:5a:2c:4d:be:f1:5e:8f:a4:17:28:
         81:ec:0c:6b:97:10:d3:b9:54:1a:94:7f:f0:02:f0:85:43:1f:
         1a:8e:12:97:a5:64:12:bf:84:18:34:03:a2:01:15:82:a6:7a:
         d6:0e:63:e8:4b:15:70:02:35:b4:89:d0:49:4a:f6:2f:76:4a:
         2e:55:48:86:e9:24:b2:1f:f5:25:bd:a0:60:aa:b3:f6:31:52:
         f3:50:13:c3:f4:98:6a:f6:d7:3c:be:97:1e:07:5b:9b:60:59:
         58:47:f2:58:36:35:2d:c0:f4:70:28:ab:6d:f2:86:6c:d0:17:
         23:17:86:d7:79:91:b0:43:4f:4d:ac:c7:f3:10:58:03:d5:49:
         c8:c1:e5:6c:bb:93:e9:46:c3:5f:3f:24:28:aa:4a:65:04:5d:
         23:c3:7c:0a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY+Bbl1L5jmnN3jQ7KA2FmDZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNTE2MTI0NDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGM5YTAyNDM5OWQ3ODg3ZWY5NDM3ODUxOTVmYzk5M2NhYjA1NTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj4kStU3L7maavIXRM48sQDx9s6aS
YsgtlCyueVr4DEnsdGRnXLW64jEjJNd3Nsjmz/5RhJYyfb0uS90zDWkfEadCNc7f
DMQMndlwy7pNGTFdkOXx03pq5YEmyCuFkSlpfGkKBvFoYuKVpdBQ4Rnk2T6v5b83
SvgFwg+wYcXZ+3HtA9g4dS7mLp/CeuYfF9zJo69fGhpyayKAgwlHrhzebDzvixYk
FR/pEPicPs3eRw4IgmM5b2fzH2znWO5WVzwA34bASuJrYP/Wp6vgpVRc9ZTi4Rvf
9ktvwwtiCaBHRgQ/f3xwnczFx3oGdpWF7R3trNA+QeCyybmVunDXA4fifQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFB3JoCQ5nXiH75Q3hRlfyZPKsFUqMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvSGNtZ0pEbWRlSWZ2bERlRkdWX0prOHF3VlNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAbbAVAwQA
bbDJMA0GCSqGSIb3DQEBCwUAA4IBAQAXB/bTkcEy1HHTFeXbwXcEjQ2413SvmrJj
2y7wUxe9U7lAfrqM22OR0Qw1KKMTGp4yBsJL5YhI6l3clIUOh8vPgyrREoiHsBnD
m5IGgc8l/pXQTKDK7DKDyn6W6NWpjt6EFVosTb7xXo+kFyiB7AxrlxDTuVQalH/w
AvCFQx8ajhKXpWQSv4QYNAOiARWCpnrWDmPoSxVwAjW0idBJSvYvdkouVUiG6SSy
H/UlvaBgqrP2MVLzUBPD9Jhq9tc8vpceB1ubYFlYR/JYNjUtwPRwKKtt8oZs0Bcj
F4bXeZGwQ09NrMfzEFgD1UnIweVsu5PpRsNfPyQoqkplBF0jw3wK
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:21 2024 by rpki-client on console-ams.rpki-client.org