Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/KGwOfZty-g9ECxC4fYcq_4G5Ir0.roa
File:                     KGwOfZty-g9ECxC4fYcq_4G5Ir0.roa (raw, json)
Hash identifier:          FtlEVq/c9vhyf02vFGQtCwUWZjR27tDYdSWxpsKHkDg=
Subject key identifier:   28:6C:0E:7D:9B:72:FA:0F:44:0B:10:B8:7D:87:2A:FF:81:B9:22:BD
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018926BB84755AAE28B0CEF00CA014E04FB5
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/KGwOfZty-g9ECxC4fYcq_4G5Ir0.roa
Signing time:             Wed 05 Jul 2023 15:46:10 +0000
ROA not before:           Wed 05 Jul 2023 15:46:10 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     147287
IP address blocks:        109.176.246.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 08 Aug 2023 10:11:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:26:bb:84:75:5a:ae:28:b0:ce:f0:0c:a0:14:e0:4f:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jul  5 15:46:10 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=286c0e7d9b72fa0f440b10b87d872aff81b922bd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:ca:ab:56:51:ec:a8:10:5b:c8:73:b2:83:03:
                    72:3e:ae:03:41:9a:b6:95:9b:34:a0:53:a0:53:65:
                    54:54:50:7d:0f:5a:c4:d5:c5:7a:f8:34:3c:ae:25:
                    42:6d:a7:df:ea:e9:a2:18:29:85:49:ee:02:02:63:
                    7d:6a:ed:c2:da:55:8d:95:90:d3:80:95:8d:18:eb:
                    be:40:8a:42:56:94:e4:16:3d:e6:8e:59:57:04:8d:
                    68:90:d4:4f:4a:ee:cf:32:46:79:12:17:4f:8d:d8:
                    66:90:01:a3:c1:b8:26:d7:c3:3e:6b:6f:ea:72:d1:
                    58:f4:0a:66:7e:4c:4c:eb:66:9a:bd:26:0c:a3:5a:
                    8d:9a:8d:08:63:05:39:7b:0b:23:e2:0a:ab:41:f3:
                    8d:e1:41:4e:a2:0d:f2:7e:21:5a:a3:4c:23:66:5a:
                    07:ed:f4:0c:18:93:47:53:9b:74:fa:77:3e:3e:4f:
                    61:08:42:c5:9b:5a:f3:50:aa:95:fa:76:45:66:5d:
                    a0:41:ce:a9:fd:e5:d2:94:12:ce:fd:c1:97:1c:a9:
                    41:31:25:9a:18:15:33:46:d6:6b:82:52:4a:e4:57:
                    5d:30:9b:18:45:8f:0c:38:9f:9e:5b:b2:bf:55:ee:
                    59:cc:f9:e4:d0:cf:d6:19:78:ac:74:92:33:f5:98:
                    18:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:6C:0E:7D:9B:72:FA:0F:44:0B:10:B8:7D:87:2A:FF:81:B9:22:BD
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/KGwOfZty-g9ECxC4fYcq_4G5Ir0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.176.246.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6d:92:7b:c7:77:15:3d:b1:8e:15:82:0e:c6:b3:c3:bd:33:fb:
         8a:8b:02:d3:3d:22:00:c6:85:56:43:cc:f2:e0:21:62:4b:cf:
         97:22:ce:ed:eb:bc:03:12:c8:ea:8b:1f:52:9d:d4:c3:01:b0:
         8c:fc:87:49:db:fb:57:fb:b8:e1:67:7b:69:d4:79:b6:c3:9f:
         75:da:9e:34:24:39:39:31:c2:ae:8a:0f:e2:8b:8a:30:de:23:
         d3:33:19:d1:91:67:c8:a0:b9:46:3f:cb:85:f7:7b:12:2e:d5:
         a5:c9:33:8a:77:9f:05:43:2f:aa:3b:dd:ef:59:f8:db:71:48:
         b0:e8:af:69:62:38:6b:d0:5f:1c:d9:0d:88:db:ef:37:9b:cc:
         9c:ad:e8:a0:5e:4b:4e:3e:a9:5f:c6:26:43:fb:6d:5d:be:8e:
         db:94:08:89:73:34:47:34:fc:22:d3:9c:ab:c3:f0:1a:28:fc:
         b4:05:0e:a2:90:70:be:4e:e3:69:cb:5f:c0:4f:8e:27:ef:e2:
         70:f9:02:f9:bf:08:d1:38:cf:50:f6:95:b1:0e:ff:6e:8d:2b:
         7a:6b:3d:8e:e6:b7:e1:9d:9b:56:59:4b:d2:9e:54:cd:80:7e:
         14:10:9f:21:48:ea:3d:52:6a:f4:ff:d1:99:ac:0d:a6:36:1f:
         65:98:9c:ba
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYkmu4R1Wq4osM7wDKAU4E+1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNzA1MTU0NjEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODZjMGU3ZDliNzJmYTBmNDQwYjEwYjg3ZDg3MmFmZjgxYjkyMmJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvcqrVlHsqBBbyHOygwNyPq4DQZq2
lZs0oFOgU2VUVFB9D1rE1cV6+DQ8riVCbaff6umiGCmFSe4CAmN9au3C2lWNlZDT
gJWNGOu+QIpCVpTkFj3mjllXBI1okNRPSu7PMkZ5EhdPjdhmkAGjwbgm18M+a2/q
ctFY9ApmfkxM62aavSYMo1qNmo0IYwU5ewsj4gqrQfON4UFOog3yfiFao0wjZloH
7fQMGJNHU5t0+nc+Pk9hCELFm1rzUKqV+nZFZl2gQc6p/eXSlBLO/cGXHKlBMSWa
GBUzRtZrglJK5FddMJsYRY8MOJ+eW7K/Ve5ZzPnk0M/WGXisdJIz9ZgYPwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFChsDn2bcvoPRAsQuH2HKv+BuSK9MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvS0d3T2ZadHktZzlFQ3hDNGZZY3FfNEc1SXIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbbD2MA0G
CSqGSIb3DQEBCwUAA4IBAQBtknvHdxU9sY4Vgg7Gs8O9M/uKiwLTPSIAxoVWQ8zy
4CFiS8+XIs7t67wDEsjqix9SndTDAbCM/IdJ2/tX+7jhZ3tp1Hm2w5912p40JDk5
McKuig/ii4ow3iPTMxnRkWfIoLlGP8uF93sSLtWlyTOKd58FQy+qO93vWfjbcUiw
6K9pYjhr0F8c2Q2I2+83m8ycreigXktOPqlfxiZD+21dvo7blAiJczRHNPwi05yr
w/AaKPy0BQ6ikHC+TuNpy1/AT44n7+Jw+QL5vwjROM9Q9pWxDv9ujSt6az2O5rfh
nZtWWUvSnlTNgH4UEJ8hSOo9Umr0/9GZrA2mNh9lmJy6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:15 2024 by rpki-client on console-fra.rpki-client.org