Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/JXwy0dEcKN3TuNugus1H4NP4Wcg.roa
File:                     JXwy0dEcKN3TuNugus1H4NP4Wcg.roa (raw, json)
Hash identifier:          5z906qEe2EemsMz8w8HxvWdflqozsKgLtwtc1muHlbw=
Subject key identifier:   25:7C:32:D1:D1:1C:28:DD:D3:B8:DB:A0:BA:CD:47:E0:D3:F8:59:C8
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018F51E8B7F83400DEDA5F96870C7F0F4DA9
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/JXwy0dEcKN3TuNugus1H4NP4Wcg.roa
Signing time:             Tue 07 May 2024 07:15:56 +0000
ROA not before:           Tue 07 May 2024 07:15:56 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     151872
IP address blocks:        109.176.22.0/24 maxlen: 24
                          194.105.88.0/24 maxlen: 24
                          213.218.233.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 08 May 2024 10:32:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:51:e8:b7:f8:34:00:de:da:5f:96:87:0c:7f:0f:4d:a9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: May  7 07:15:56 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=257c32d1d11c28ddd3b8dba0bacd47e0d3f859c8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:1a:c4:80:93:b5:9d:a1:d7:04:86:9a:17:7f:
                    89:51:41:86:36:4b:5b:78:6e:99:be:05:de:13:b6:
                    55:2e:60:be:2a:14:4f:c5:e8:27:7b:78:db:65:37:
                    eb:15:6f:fa:b7:a7:cd:54:2a:c2:94:d3:85:ba:0b:
                    54:52:bd:01:41:64:92:88:d1:a8:17:e2:92:5e:9a:
                    d9:5f:f4:9e:5f:4a:0a:57:1c:9b:6c:d1:b8:37:57:
                    dd:13:fe:27:aa:96:55:68:8d:5f:75:ff:9d:9a:7d:
                    ad:1a:d4:ae:8f:b4:8e:b8:7d:3f:46:61:37:93:42:
                    68:d8:0a:de:de:b9:3e:66:b9:0f:a5:0e:28:46:b8:
                    f0:4a:b7:ff:64:aa:11:7e:8e:e4:a3:c5:eb:c2:78:
                    3e:5c:2b:f9:ad:08:d4:9b:14:41:cf:de:35:4e:87:
                    58:0f:49:52:62:af:d9:cc:f7:dc:ce:c4:a4:37:59:
                    3c:3d:68:d8:38:b0:a4:c1:1c:c0:a3:85:cd:e7:7d:
                    24:2a:f2:4d:b7:01:ff:86:d3:1f:18:19:f4:82:ed:
                    41:17:8a:bb:38:05:1a:e5:10:94:2e:b9:f8:c0:36:
                    a6:7b:d4:3a:47:94:ce:1c:62:45:d6:67:74:ed:54:
                    44:6e:69:69:fe:d8:ce:71:4a:dc:e3:b8:b3:1e:63:
                    5e:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:7C:32:D1:D1:1C:28:DD:D3:B8:DB:A0:BA:CD:47:E0:D3:F8:59:C8
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/JXwy0dEcKN3TuNugus1H4NP4Wcg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.176.22.0/24
                  194.105.88.0/24
                  213.218.233.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7e:0c:fb:53:50:ad:de:d1:15:14:55:bd:d3:0c:a7:1b:92:eb:
         10:ae:20:a7:09:77:12:ad:9a:15:2b:40:f9:db:88:52:4e:de:
         54:7e:7d:82:d3:59:13:5a:3e:ec:79:e6:b1:e6:ff:f0:ec:b5:
         a1:81:b6:44:c9:42:f9:fb:d0:62:6a:1b:90:54:a4:57:68:7c:
         f8:be:6b:be:5f:be:51:10:ee:d2:22:45:d6:ff:92:8c:1d:db:
         d0:b0:62:7f:05:29:58:29:4b:72:7b:4b:56:f5:1b:b2:70:26:
         e6:d6:be:ea:af:21:47:50:cc:4c:31:8f:37:6c:e2:0f:cd:ac:
         db:52:68:09:e6:db:10:c7:18:9e:91:d9:62:44:90:72:32:19:
         f4:81:69:e4:6c:d7:f2:61:4b:e9:ad:76:80:72:ca:64:d6:a1:
         30:5b:ba:27:95:2c:f9:43:8b:d0:58:27:be:45:ce:0d:7b:ff:
         2d:7a:c5:cc:83:3d:04:4a:0f:73:43:40:15:5b:77:d7:18:89:
         d6:e9:fa:59:cb:8f:40:ac:b7:61:52:29:4f:ae:10:56:08:38:
         c6:e4:b5:38:db:09:a9:63:3a:44:d4:71:1a:27:25:c5:95:ae:
         1d:22:a6:58:34:5e:7e:a7:51:f3:ef:d7:02:c5:18:80:c6:8d:
         90:5c:b0:7a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY9R6Lf4NADe2l+Whwx/D02pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNTA3MDcxNTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTdjMzJkMWQxMWMyOGRkZDNiOGRiYTBiYWNkNDdlMGQzZjg1OWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArxrEgJO1naHXBIaaF3+JUUGGNktb
eG6ZvgXeE7ZVLmC+KhRPxegne3jbZTfrFW/6t6fNVCrClNOFugtUUr0BQWSSiNGo
F+KSXprZX/SeX0oKVxybbNG4N1fdE/4nqpZVaI1fdf+dmn2tGtSuj7SOuH0/RmE3
k0Jo2Are3rk+ZrkPpQ4oRrjwSrf/ZKoRfo7ko8Xrwng+XCv5rQjUmxRBz941TodY
D0lSYq/ZzPfczsSkN1k8PWjYOLCkwRzAo4XN530kKvJNtwH/htMfGBn0gu1BF4q7
OAUa5RCULrn4wDame9Q6R5TOHGJF1md07VREbmlp/tjOcUrc47izHmNevwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCV8MtHRHCjd07jboLrNR+DT+FnIMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvSlh3eTBkRWNLTjNUdU51Z3VzMUg0TlA0V2NnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAbbAWAwQA
wmlYAwQA1drpMA0GCSqGSIb3DQEBCwUAA4IBAQB+DPtTUK3e0RUUVb3TDKcbkusQ
riCnCXcSrZoVK0D524hSTt5Ufn2C01kTWj7seeax5v/w7LWhgbZEyUL5+9BiahuQ
VKRXaHz4vmu+X75REO7SIkXW/5KMHdvQsGJ/BSlYKUtye0tW9RuycCbm1r7qryFH
UMxMMY83bOIPzazbUmgJ5tsQxxiekdliRJByMhn0gWnkbNfyYUvprXaAcspk1qEw
W7onlSz5Q4vQWCe+Rc4Ne/8tesXMgz0ESg9zQ0AVW3fXGInW6fpZy49ArLdhUilP
rhBWCDjG5LU42wmpYzpE1HEaJyXFla4dIqZYNF5+p1Hz79cCxRiAxo2QXLB6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:15 2024 by rpki-client on console-fra.rpki-client.org