Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Pu7wum_NiRtvp-o9k_KrNsfHlYI.roa
File:                     Pu7wum_NiRtvp-o9k_KrNsfHlYI.roa (raw, json)
Hash identifier:          QzjU/pFWGHbm1kh4h9QYTVsVGYwObZLS89QnVy6QXPQ=
Subject key identifier:   3E:EE:F0:BA:6F:CD:89:1B:6F:A7:EA:3D:93:F2:AB:36:C7:C7:95:82
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018945A2D06AB490615FF6D5D19DC8DFABF2
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Pu7wum_NiRtvp-o9k_KrNsfHlYI.roa
Signing time:             Tue 11 Jul 2023 15:47:25 +0000
ROA not before:           Tue 11 Jul 2023 15:47:25 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     35913
IP address blocks:        109.176.249.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 07 Aug 2023 15:28:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:45:a2:d0:6a:b4:90:61:5f:f6:d5:d1:9d:c8:df:ab:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jul 11 15:47:25 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3eeef0ba6fcd891b6fa7ea3d93f2ab36c7c79582
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:de:f8:f6:71:76:f2:b3:4c:ad:b2:fb:d9:f3:
                    a3:66:4e:ab:5c:c3:86:3c:58:00:42:93:54:9d:5e:
                    02:f2:f9:57:99:8e:16:ac:b5:2f:ec:05:9c:23:31:
                    67:d0:49:9e:cc:88:c5:38:fb:c7:da:01:ca:70:12:
                    c3:3f:e3:79:d7:87:92:cc:77:f7:af:55:44:dc:ad:
                    03:1a:42:73:8a:9e:75:c1:aa:87:f8:9d:a5:07:94:
                    a0:ef:86:2f:b3:ad:0c:15:28:6c:43:09:d1:aa:2e:
                    d8:0f:d0:3a:d2:4b:74:8c:23:98:de:01:83:c5:eb:
                    52:2b:54:ca:b9:07:61:e0:ab:dc:7b:5e:9b:bb:ba:
                    21:79:d4:d5:01:65:26:64:c9:2c:5b:3b:5e:93:ed:
                    ce:7c:f4:11:d7:5d:64:eb:9f:b5:93:64:1b:08:af:
                    5d:1b:47:f1:b3:ed:f7:d1:54:01:aa:c7:cd:2f:20:
                    66:28:a7:70:0b:e1:04:83:7b:d9:a2:89:3b:40:89:
                    b7:c3:1f:23:c8:f5:71:94:9b:bd:c8:77:c0:6f:44:
                    f1:e2:35:56:36:5a:c6:df:d9:4c:14:3c:55:9a:bb:
                    7a:35:42:f9:05:6d:f8:d3:3f:37:3e:2d:fd:3a:d3:
                    5a:8a:6a:72:91:46:89:c1:cc:d4:29:d4:ca:59:31:
                    3c:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:EE:F0:BA:6F:CD:89:1B:6F:A7:EA:3D:93:F2:AB:36:C7:C7:95:82
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Pu7wum_NiRtvp-o9k_KrNsfHlYI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.176.249.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0e:1e:80:a7:a5:50:88:de:6a:1f:78:e8:af:a1:4d:52:3c:1f:
         ed:81:e4:b5:c3:b8:08:ea:b0:f7:cb:f2:b6:80:d4:df:30:32:
         ca:eb:09:9a:69:58:42:ee:fe:73:46:f1:f7:d9:f1:ed:64:5c:
         7d:59:a1:5d:f1:02:a9:80:dd:c5:74:8f:cf:33:1b:9b:50:60:
         e7:2f:e6:21:6b:ba:65:a0:2a:fd:d1:63:1d:52:aa:39:4d:b9:
         06:6f:be:35:63:19:f0:df:1c:aa:b1:8c:67:dd:b2:53:60:1d:
         7b:42:8d:69:8c:5a:03:2a:ca:37:38:cf:26:08:73:b8:f1:d4:
         9e:26:cb:fb:74:36:6d:0e:f5:ac:f1:5a:d1:ff:17:1b:61:d9:
         73:fe:5d:13:92:4c:45:2c:d5:89:d4:e7:00:56:40:7a:59:d9:
         52:1d:44:4f:5e:ec:25:f1:dd:8c:07:08:10:cd:2b:c0:b3:9f:
         bd:f0:1f:09:e9:f1:9d:1d:d0:97:c1:20:4e:4a:e6:16:99:3f:
         0f:4b:04:df:7e:2b:24:26:8f:57:8f:ec:e9:82:9c:32:bf:62:
         fe:1a:bb:db:d7:e1:17:ca:40:0e:ae:4c:46:6f:39:c4:3e:5e:
         49:1c:18:a4:8c:c5:93:27:92:b8:78:8b:b9:08:13:99:17:8a:
         e3:80:3c:6b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYlFotBqtJBhX/bV0Z3I36vyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNzExMTU0NzI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWVlZjBiYTZmY2Q4OTFiNmZhN2VhM2Q5M2YyYWIzNmM3Yzc5NTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjN749nF28rNMrbL72fOjZk6rXMOG
PFgAQpNUnV4C8vlXmY4WrLUv7AWcIzFn0EmezIjFOPvH2gHKcBLDP+N514eSzHf3
r1VE3K0DGkJzip51waqH+J2lB5Sg74Yvs60MFShsQwnRqi7YD9A60kt0jCOY3gGD
xetSK1TKuQdh4Kvce16bu7ohedTVAWUmZMksWztek+3OfPQR111k65+1k2QbCK9d
G0fxs+330VQBqsfNLyBmKKdwC+EEg3vZook7QIm3wx8jyPVxlJu9yHfAb0Tx4jVW
NlrG39lMFDxVmrt6NUL5BW340z83Pi39OtNaimpykUaJwczUKdTKWTE8JQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD7u8LpvzYkbb6fqPZPyqzbHx5WCMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvUHU3d3VtX05pUnR2cC1vOWtfS3JOc2ZIbFlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbbD5MA0G
CSqGSIb3DQEBCwUAA4IBAQAOHoCnpVCI3mofeOivoU1SPB/tgeS1w7gI6rD3y/K2
gNTfMDLK6wmaaVhC7v5zRvH32fHtZFx9WaFd8QKpgN3FdI/PMxubUGDnL+Yha7pl
oCr90WMdUqo5TbkGb741Yxnw3xyqsYxn3bJTYB17Qo1pjFoDKso3OM8mCHO48dSe
Jsv7dDZtDvWs8VrR/xcbYdlz/l0TkkxFLNWJ1OcAVkB6WdlSHURPXuwl8d2MBwgQ
zSvAs5+98B8J6fGdHdCXwSBOSuYWmT8PSwTffiskJo9Xj+zpgpwyv2L+Grvb1+EX
ykAOrkxGbznEPl5JHBikjMWTJ5K4eIu5CBOZF4rjgDxr
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:23 2024 by rpki-client on console-ams.rpki-client.org