Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/OgAzZhDEcj-OH7AHz00UJ83QYVk.roa
File:                     OgAzZhDEcj-OH7AHz00UJ83QYVk.roa (raw, json)
Hash identifier:          lDmiVlFVYr6ZMD9jezcoE1qN2gXElPHl9n3pCo1Ph6w=
Subject key identifier:   3A:00:33:66:10:C4:72:3F:8E:1F:B0:07:CF:4D:14:27:CD:D0:61:59
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018930FCF155B5D46851F577CCFD7AB1BB3A
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/OgAzZhDEcj-OH7AHz00UJ83QYVk.roa
Signing time:             Fri 07 Jul 2023 15:33:50 +0000
ROA not before:           Fri 07 Jul 2023 15:33:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     200019
IP address blocks:        109.176.249.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 07 Aug 2023 15:28:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:30:fc:f1:55:b5:d4:68:51:f5:77:cc:fd:7a:b1:bb:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jul  7 15:33:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3a00336610c4723f8e1fb007cf4d1427cdd06159
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:44:75:14:31:8d:7b:a8:34:60:ac:39:88:d5:
                    40:e4:f2:6a:fd:38:66:5b:d5:26:50:83:91:de:c0:
                    74:37:31:24:40:5c:b3:25:c7:23:21:f8:01:e0:99:
                    d7:fc:d2:b1:bd:c0:93:59:9c:60:92:c6:0a:c0:ef:
                    e3:d7:dd:39:5a:e4:a4:9e:86:1e:d1:ec:20:f7:f3:
                    23:f6:7d:85:8f:11:2e:43:1e:d9:7d:56:33:a0:05:
                    d4:99:20:26:55:15:c5:67:4a:99:c3:14:3c:12:df:
                    4c:13:1e:40:73:fd:7f:ae:ba:19:e8:45:3e:97:e8:
                    20:1d:b0:e0:69:06:a5:2e:e9:9a:e1:3a:21:38:83:
                    2e:04:61:7e:e3:ab:f3:8b:f3:9e:e4:63:39:eb:5c:
                    69:57:76:7d:e3:4f:fe:17:ea:65:2d:d9:21:76:01:
                    3b:04:9e:29:b6:d1:14:99:d2:7c:ee:10:ac:34:5c:
                    68:14:98:9d:ae:79:5a:de:43:7c:26:45:ac:a3:6f:
                    05:3b:46:fa:40:a2:e2:dc:d4:42:3e:e2:dd:da:d1:
                    9f:a4:85:5a:37:fc:b7:7a:03:24:3f:9e:5c:ed:b8:
                    f5:e5:d3:89:99:f4:94:57:e3:a4:99:c4:04:09:2b:
                    83:87:2c:61:b8:b3:04:85:4c:2e:64:be:bf:be:7b:
                    3f:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:00:33:66:10:C4:72:3F:8E:1F:B0:07:CF:4D:14:27:CD:D0:61:59
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/OgAzZhDEcj-OH7AHz00UJ83QYVk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.176.249.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8d:a5:c4:c3:b2:47:09:df:5d:b6:23:a4:72:f6:f1:e6:26:7d:
         a2:f2:70:c1:65:62:30:a6:43:2b:41:6d:ae:88:32:cd:49:86:
         5f:f4:62:ee:b6:10:65:49:5b:b2:f1:45:2c:2e:61:69:75:f3:
         c8:46:2c:75:21:c1:4d:3f:74:1b:2c:2b:1d:5b:46:e4:ab:82:
         56:53:d7:a1:2a:09:d7:14:55:31:ad:ea:e9:61:1f:66:cf:d7:
         dd:6f:f5:36:5e:f1:1e:b7:ed:4c:a9:f4:4b:99:e8:55:32:ea:
         14:cf:97:34:ac:33:7c:4e:d0:48:d2:81:ea:32:b7:fe:6e:80:
         a5:43:0f:73:5c:f9:73:0a:5f:68:60:8f:5f:b0:7b:9f:d0:39:
         73:ad:5f:7a:29:66:1a:78:da:a9:87:1b:7d:20:65:04:fe:f7:
         fa:21:e5:a2:71:45:69:58:28:4c:96:1e:f3:cf:de:09:f9:38:
         86:cd:8c:d6:08:fc:cd:62:6b:a7:c2:97:c4:75:2a:93:17:a3:
         60:8e:7a:6c:8c:fa:39:a6:34:5a:ec:64:e5:62:58:72:49:20:
         e5:e8:55:b7:04:da:41:ea:e7:cb:a6:93:d0:f2:32:3e:1d:c7:
         a4:46:c6:40:f7:a1:b9:6b:0b:49:a7:7a:1b:c7:4f:ed:eb:94:
         54:c2:0d:36
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYkw/PFVtdRoUfV3zP16sbs6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNzA3MTUzMzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTAwMzM2NjEwYzQ3MjNmOGUxZmIwMDdjZjRkMTQyN2NkZDA2MTU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjUR1FDGNe6g0YKw5iNVA5PJq/Thm
W9UmUIOR3sB0NzEkQFyzJccjIfgB4JnX/NKxvcCTWZxgksYKwO/j1905WuSknoYe
0ewg9/Mj9n2FjxEuQx7ZfVYzoAXUmSAmVRXFZ0qZwxQ8Et9MEx5Ac/1/rroZ6EU+
l+ggHbDgaQalLuma4TohOIMuBGF+46vzi/Oe5GM561xpV3Z940/+F+plLdkhdgE7
BJ4pttEUmdJ87hCsNFxoFJidrnla3kN8JkWso28FO0b6QKLi3NRCPuLd2tGfpIVa
N/y3egMkP55c7bj15dOJmfSUV+OkmcQECSuDhyxhuLMEhUwuZL6/vns/bQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDoAM2YQxHI/jh+wB89NFCfN0GFZMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvT2dBelpoREVjai1PSDdBSHowMFVKODNRWVZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbbD5MA0G
CSqGSIb3DQEBCwUAA4IBAQCNpcTDskcJ3122I6Ry9vHmJn2i8nDBZWIwpkMrQW2u
iDLNSYZf9GLuthBlSVuy8UUsLmFpdfPIRix1IcFNP3QbLCsdW0bkq4JWU9ehKgnX
FFUxrerpYR9mz9fdb/U2XvEet+1MqfRLmehVMuoUz5c0rDN8TtBI0oHqMrf+boCl
Qw9zXPlzCl9oYI9fsHuf0DlzrV96KWYaeNqphxt9IGUE/vf6IeWicUVpWChMlh7z
z94J+TiGzYzWCPzNYmunwpfEdSqTF6NgjnpsjPo5pjRa7GTlYlhySSDl6FW3BNpB
6ufLppPQ8jI+HcekRsZA96G5awtJp3obx0/t65RUwg02
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:23 2024 by rpki-client on console-ams.rpki-client.org