Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/HsfNCXEb_yLqY6phwcHY3z5UIBo.roa
File:                     HsfNCXEb_yLqY6phwcHY3z5UIBo.roa (raw, json)
Hash identifier:          sUBDcIQHyX1zw4CRom1RF/0RN3Xs84bMF6GP+34B7VQ=
Subject key identifier:   1E:C7:CD:09:71:1B:FF:22:EA:63:AA:61:C1:C1:D8:DF:3E:54:20:1A
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       0189DE52D9569FED8EE2547372368D736EDB
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/HsfNCXEb_yLqY6phwcHY3z5UIBo.roa
Signing time:             Thu 10 Aug 2023 07:21:58 +0000
ROA not before:           Thu 10 Aug 2023 07:21:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     199614
IP address blocks:        109.176.212.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Sun 13 Aug 2023 15:28:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:de:52:d9:56:9f:ed:8e:e2:54:73:72:36:8d:73:6e:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Aug 10 07:21:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1ec7cd09711bff22ea63aa61c1c1d8df3e54201a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:05:b4:5c:11:d6:c6:6f:41:7a:70:93:05:1d:
                    5a:69:29:c2:d6:67:cc:12:2f:bc:60:0d:63:b4:da:
                    90:e6:e3:3f:bd:48:6a:0c:45:4e:56:8e:7a:b9:4d:
                    e2:10:b2:7d:6e:06:8e:a0:d3:60:bf:11:7f:84:17:
                    95:63:0d:95:46:d7:9a:5b:bc:89:af:a6:f2:bf:c5:
                    fb:31:10:b7:1d:e3:31:a7:20:69:72:4c:fc:9a:39:
                    02:83:35:d1:24:15:99:86:db:a8:d6:b1:64:6c:eb:
                    65:cd:03:01:24:0b:92:d2:83:74:91:e1:2f:81:f8:
                    cf:91:03:4f:ed:66:87:70:39:8e:bd:df:38:2f:74:
                    45:2c:55:72:f3:fc:27:85:fa:5c:a4:55:cb:a6:f5:
                    76:48:4d:1a:51:c6:d5:a9:5a:79:d5:4b:06:59:b1:
                    94:89:4b:d1:52:36:84:e0:82:a6:1b:07:29:e3:ef:
                    b8:9a:d7:73:9f:91:1f:74:e0:0d:d0:f5:ff:68:0c:
                    9c:c4:a6:db:f5:03:45:e6:a4:6f:93:d3:a8:9c:fe:
                    a9:48:a9:96:c6:60:39:91:19:ba:c7:64:46:6f:1f:
                    00:42:a4:2c:4c:30:0b:07:d5:28:46:2e:5a:1e:f5:
                    22:1d:8a:c9:d2:fd:08:19:ad:2b:2e:b0:8e:87:98:
                    42:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:C7:CD:09:71:1B:FF:22:EA:63:AA:61:C1:C1:D8:DF:3E:54:20:1A
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/HsfNCXEb_yLqY6phwcHY3z5UIBo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.176.212.0/23

    Signature Algorithm: sha256WithRSAEncryption
         87:fa:f6:d6:6e:4f:f6:17:42:aa:b0:27:a1:89:0a:78:ee:df:
         49:ab:a3:8d:a4:18:18:07:5f:7c:32:35:c0:dc:85:be:70:b5:
         43:80:48:59:14:9e:78:15:ab:0e:48:b1:68:1b:5e:47:2d:5f:
         0f:66:17:c3:a4:76:2e:92:3a:ad:2d:02:f2:f9:80:05:1f:5e:
         9d:ab:8f:f1:99:89:86:c5:99:8e:07:86:93:f1:1f:69:11:11:
         d9:18:23:cf:63:19:be:95:3c:3f:9d:50:e4:c5:3f:51:df:df:
         40:cf:67:d8:6a:40:d9:53:6c:fd:31:8a:53:db:1c:c0:7d:8e:
         7d:bc:0a:7e:28:07:aa:c8:4e:02:ff:1b:aa:b5:97:50:e7:a8:
         97:66:68:3c:ef:d4:bd:d6:f0:f6:8a:4b:4a:eb:77:4c:a4:e6:
         4f:fd:5c:47:87:45:d4:8b:eb:85:92:66:d0:61:6e:c4:48:a8:
         3a:47:69:1e:71:c0:67:0f:7b:12:7a:50:f2:b5:4e:c4:6d:ce:
         bb:b8:59:6e:66:1d:90:52:12:8e:31:b8:6d:37:ea:ba:50:a6:
         29:ca:42:a1:30:d6:f0:df:d9:f6:26:52:90:a2:02:2d:a4:f4:
         3a:e4:bf:c3:a9:54:41:21:ff:a5:ad:ba:4b:0a:1c:c7:0d:76:
         a5:ff:15:96
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYneUtlWn+2O4lRzcjaNc27bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwODEwMDcyMTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWM3Y2QwOTcxMWJmZjIyZWE2M2FhNjFjMWMxZDhkZjNlNTQyMDFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAowW0XBHWxm9BenCTBR1aaSnC1mfM
Ei+8YA1jtNqQ5uM/vUhqDEVOVo56uU3iELJ9bgaOoNNgvxF/hBeVYw2VRteaW7yJ
r6byv8X7MRC3HeMxpyBpckz8mjkCgzXRJBWZhtuo1rFkbOtlzQMBJAuS0oN0keEv
gfjPkQNP7WaHcDmOvd84L3RFLFVy8/wnhfpcpFXLpvV2SE0aUcbVqVp51UsGWbGU
iUvRUjaE4IKmGwcp4++4mtdzn5EfdOAN0PX/aAycxKbb9QNF5qRvk9OonP6pSKmW
xmA5kRm6x2RGbx8AQqQsTDALB9UoRi5aHvUiHYrJ0v0IGa0rLrCOh5hCCQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB7HzQlxG/8i6mOqYcHB2N8+VCAaMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvSHNmTkNYRWJfeUxxWTZwaHdjSFkzejVVSUJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBbbDUMA0G
CSqGSIb3DQEBCwUAA4IBAQCH+vbWbk/2F0KqsCehiQp47t9Jq6ONpBgYB198MjXA
3IW+cLVDgEhZFJ54FasOSLFoG15HLV8PZhfDpHYukjqtLQLy+YAFH16dq4/xmYmG
xZmOB4aT8R9pERHZGCPPYxm+lTw/nVDkxT9R399Az2fYakDZU2z9MYpT2xzAfY59
vAp+KAeqyE4C/xuqtZdQ56iXZmg879S91vD2iktK63dMpOZP/VxHh0XUi+uFkmbQ
YW7ESKg6R2keccBnD3sSelDytU7Ebc67uFluZh2QUhKOMbhtN+q6UKYpykKhMNbw
39n2JlKQogItpPQ65L/DqVRBIf+lrbpLChzHDXal/xWW
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:21 2024 by rpki-client on console-ams.rpki-client.org