Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/KdjdxGZJThPGsaMj2fPfVw2ULNk.roa
File:                     KdjdxGZJThPGsaMj2fPfVw2ULNk.roa (raw, json)
Hash identifier:          Q6hfNq65pdr6RikoOf8IjGUdAtncRgngjlabcC/3ti0=
Subject key identifier:   29:D8:DD:C4:66:49:4E:13:C6:B1:A3:23:D9:F3:DF:57:0D:94:2C:D9
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018921B7F37A20638A1EFDF6C893798AF687
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/KdjdxGZJThPGsaMj2fPfVw2ULNk.roa
Signing time:             Tue 04 Jul 2023 16:24:10 +0000
ROA not before:           Tue 04 Jul 2023 16:24:10 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     209181
IP address blocks:        109.176.244.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 03 Aug 2023 09:14:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:21:b7:f3:7a:20:63:8a:1e:fd:f6:c8:93:79:8a:f6:87
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jul  4 16:24:10 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=29d8ddc466494e13c6b1a323d9f3df570d942cd9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:7f:1d:81:c2:4e:10:c4:d1:7e:75:92:a5:24:
                    db:c4:12:46:29:f2:b5:d9:13:2c:b8:aa:5f:78:07:
                    d3:2f:ec:bb:f6:53:74:37:8e:b1:2a:65:8b:17:16:
                    87:5b:f2:2e:c7:80:49:11:e6:3a:a6:60:e5:8d:7d:
                    91:18:cb:cf:85:80:6e:5e:82:d6:ad:f6:a6:bc:f9:
                    76:eb:e5:38:a8:3b:23:73:8c:d3:68:ad:af:4a:66:
                    13:96:d0:7d:df:5a:87:00:e6:f3:79:12:10:f9:70:
                    a6:19:0a:5c:44:71:c6:25:b1:55:c9:73:8f:7a:9a:
                    b4:c3:c8:8f:fd:4a:d2:84:d7:7a:50:d2:d7:89:97:
                    29:bf:fc:b3:0a:ba:8f:2b:d8:fb:fd:bf:ab:71:0f:
                    cd:29:72:a8:ac:62:a9:c6:af:53:b1:ff:51:f3:a5:
                    c2:7f:91:4b:ef:fb:b9:ee:c7:9a:e3:0b:4f:4d:6c:
                    a9:43:22:9c:88:2a:19:ef:d5:e3:47:59:b0:1e:24:
                    c3:d4:fe:ea:96:17:91:c9:7e:81:38:e6:5b:7c:d8:
                    c6:f6:1e:dc:16:d2:25:e5:23:58:98:6c:6a:b6:74:
                    99:de:4f:50:5c:b0:90:30:a0:b5:32:65:2b:2f:0e:
                    e1:33:69:9d:6a:da:6d:50:42:34:82:e8:6f:51:1c:
                    e7:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:D8:DD:C4:66:49:4E:13:C6:B1:A3:23:D9:F3:DF:57:0D:94:2C:D9
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/KdjdxGZJThPGsaMj2fPfVw2ULNk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.176.244.0/24

    Signature Algorithm: sha256WithRSAEncryption
         13:32:f7:33:9f:52:20:d7:35:ab:8a:9e:a3:19:9b:e9:ad:02:
         d0:8b:8c:e6:3e:85:11:54:21:fa:65:b6:04:ef:a1:f8:a4:8d:
         ef:f6:67:79:e2:36:f6:e1:eb:92:d3:f9:71:45:15:b5:04:2a:
         08:e6:64:0b:4f:75:f9:68:b3:5b:db:e0:4e:4a:86:15:8a:2c:
         cc:10:38:cc:5b:00:dc:b9:f2:4a:7c:a2:73:94:2b:59:88:a9:
         c9:9f:e8:c1:4c:a3:1f:c9:be:88:7e:29:a1:e6:d4:58:89:fc:
         75:80:b8:68:22:5b:89:49:2d:df:97:e5:a2:84:1e:83:16:c4:
         12:fd:be:2c:ec:3a:73:7f:6e:97:ba:c9:94:94:f3:87:8d:77:
         33:bb:be:3e:ec:46:d6:5f:f2:1d:a6:75:b7:bc:20:05:ea:47:
         98:24:fd:6b:96:a5:78:69:c8:a2:7b:4e:e7:3e:e2:e7:e7:c1:
         a1:c9:01:49:cf:98:db:98:9f:fd:3d:5d:09:6d:59:41:51:89:
         d4:b8:45:15:a3:e2:30:1a:f9:4b:9c:57:b3:38:c6:cf:a5:dd:
         2e:bd:be:dc:0c:48:39:cf:e4:94:ad:54:5e:70:08:92:ab:82:
         fb:3f:39:7c:22:b6:e2:7f:53:3b:60:02:93:21:d7:3c:03:31:
         3e:83:35:cf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYkht/N6IGOKHv32yJN5ivaHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNzA0MTYyNDEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWQ4ZGRjNDY2NDk0ZTEzYzZiMWEzMjNkOWYzZGY1NzBkOTQyY2Q5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgX8dgcJOEMTRfnWSpSTbxBJGKfK1
2RMsuKpfeAfTL+y79lN0N46xKmWLFxaHW/Iux4BJEeY6pmDljX2RGMvPhYBuXoLW
rfamvPl26+U4qDsjc4zTaK2vSmYTltB931qHAObzeRIQ+XCmGQpcRHHGJbFVyXOP
epq0w8iP/UrShNd6UNLXiZcpv/yzCrqPK9j7/b+rcQ/NKXKorGKpxq9Tsf9R86XC
f5FL7/u57sea4wtPTWypQyKciCoZ79XjR1mwHiTD1P7qlheRyX6BOOZbfNjG9h7c
FtIl5SNYmGxqtnSZ3k9QXLCQMKC1MmUrLw7hM2mdatptUEI0guhvURznmQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCnY3cRmSU4TxrGjI9nz31cNlCzZMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvS2RqZHhHWkpUaFBHc2FNajJmUGZWdzJVTE5rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbbD0MA0G
CSqGSIb3DQEBCwUAA4IBAQATMvczn1Ig1zWrip6jGZvprQLQi4zmPoURVCH6ZbYE
76H4pI3v9md54jb24euS0/lxRRW1BCoI5mQLT3X5aLNb2+BOSoYViizMEDjMWwDc
ufJKfKJzlCtZiKnJn+jBTKMfyb6Ifimh5tRYifx1gLhoIluJSS3fl+WihB6DFsQS
/b4s7Dpzf26XusmUlPOHjXczu74+7EbWX/IdpnW3vCAF6keYJP1rlqV4aciie07n
PuLn58GhyQFJz5jbmJ/9PV0JbVlBUYnUuEUVo+IwGvlLnFezOMbPpd0uvb7cDEg5
z+SUrVRecAiSq4L7Pzl8Irbif1M7YAKTIdc8AzE+gzXP
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:22 2024 by rpki-client on console-ams.rpki-client.org