Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/UGcOzaa-AyFLD5fOqXuCLZaJSuI.roa
File:                     UGcOzaa-AyFLD5fOqXuCLZaJSuI.roa (raw, json)
Hash identifier:          O9IiDO88klFXjRx/OYqdZAtRDRp7F+Dt/Jh0CEPtNUM=
Subject key identifier:   50:67:0E:CD:A6:BE:03:21:4B:0F:97:CE:A9:7B:82:2D:96:89:4A:E2
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       0189D0A4F5D1364C444A027B3A02F2C97F78
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/UGcOzaa-AyFLD5fOqXuCLZaJSuI.roa
Signing time:             Mon 07 Aug 2023 15:36:59 +0000
ROA not before:           Mon 07 Aug 2023 15:36:59 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     140155
IP address blocks:        109.176.252.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:30:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:d0:a4:f5:d1:36:4c:44:4a:02:7b:3a:02:f2:c9:7f:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Aug  7 15:36:59 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=50670ecda6be03214b0f97cea97b822d96894ae2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:57:39:5d:e6:d0:64:76:da:5a:de:91:cd:29:
                    7e:39:f3:70:54:c8:15:d8:6f:0b:96:20:b3:51:ee:
                    57:c9:b5:92:a7:0a:f7:47:1d:80:04:0d:17:55:3e:
                    4b:b4:09:31:ee:c6:b0:c6:d3:0d:02:bf:96:25:6b:
                    74:63:cb:2d:b0:50:7d:d0:33:f9:5e:b6:6f:63:0d:
                    24:e6:8e:8a:7f:bc:38:40:01:48:6b:a2:53:c5:0b:
                    c7:d0:00:27:7b:fe:cd:3e:a8:59:94:fb:80:9f:9b:
                    c8:f9:3a:12:a0:7e:97:4e:e8:98:5c:2f:86:78:3c:
                    cf:1a:bd:fb:58:fd:1f:52:45:ea:ef:10:17:58:f5:
                    26:97:af:2d:70:1d:1e:17:57:3c:e8:51:40:b3:da:
                    3b:35:29:ff:72:06:1c:ac:e5:6f:ea:3f:b3:72:e5:
                    37:91:44:18:fc:45:e9:90:28:61:a1:91:26:b2:bb:
                    aa:f3:24:53:eb:e8:52:7f:63:47:67:01:53:d1:37:
                    ec:2f:b2:c9:2c:b6:4b:19:d8:6d:48:9b:d1:ae:a6:
                    da:39:c1:c6:a6:77:8e:d4:e8:75:db:39:91:7f:7a:
                    5f:26:c4:85:37:6d:32:aa:0d:96:fb:da:7b:00:da:
                    6b:ba:9c:a7:0a:82:f2:53:26:e2:4e:bc:7b:f9:91:
                    e3:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:67:0E:CD:A6:BE:03:21:4B:0F:97:CE:A9:7B:82:2D:96:89:4A:E2
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/UGcOzaa-AyFLD5fOqXuCLZaJSuI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.176.252.0/24

    Signature Algorithm: sha256WithRSAEncryption
         57:d3:f5:e3:92:13:9d:b4:2e:93:64:89:d1:85:96:db:76:6f:
         b3:c5:1d:54:2e:32:81:bd:2e:ef:2f:b6:75:2d:e7:13:86:67:
         e8:b3:67:14:e2:3a:fa:68:a0:51:11:7d:b3:8f:70:f3:7d:9a:
         b2:52:53:34:9c:8c:aa:7c:40:ac:f8:52:6f:aa:ad:7c:88:b4:
         e8:76:67:67:c0:29:69:66:5c:71:a0:30:15:a6:84:07:ef:d3:
         d5:9a:85:ad:15:a1:19:44:61:84:f0:b4:92:97:c8:77:f7:2e:
         43:da:8f:3f:f5:36:67:f1:d8:1c:77:79:ce:b1:7d:b0:ea:63:
         9a:cb:01:21:08:bd:c5:dd:11:c9:b2:c6:13:c8:a3:e2:db:42:
         8e:4a:41:59:1e:fa:dc:c1:a5:89:ad:89:a0:c1:97:e7:84:0c:
         68:4a:31:ae:ca:4a:a9:5d:ff:15:f3:8a:7f:2d:58:ea:15:4d:
         f0:ef:69:92:a1:f7:fd:3b:8e:f0:d8:8d:1a:d7:a3:21:67:e1:
         33:f7:1e:5b:a9:4a:52:2a:dd:5f:bb:5c:4b:74:45:e7:ab:76:
         a4:24:e3:23:60:5e:0a:93:a5:16:46:be:69:c1:e1:18:a7:9d:
         22:79:d3:3a:c8:a2:84:18:10:72:15:f3:b0:d0:3e:d7:2c:96:
         ae:a5:90:fc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYnQpPXRNkxESgJ7OgLyyX94MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwODA3MTUzNjU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDY3MGVjZGE2YmUwMzIxNGIwZjk3Y2VhOTdiODIyZDk2ODk0YWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj1c5XebQZHbaWt6RzSl+OfNwVMgV
2G8LliCzUe5XybWSpwr3Rx2ABA0XVT5LtAkx7sawxtMNAr+WJWt0Y8stsFB90DP5
XrZvYw0k5o6Kf7w4QAFIa6JTxQvH0AAne/7NPqhZlPuAn5vI+ToSoH6XTuiYXC+G
eDzPGr37WP0fUkXq7xAXWPUml68tcB0eF1c86FFAs9o7NSn/cgYcrOVv6j+zcuU3
kUQY/EXpkChhoZEmsruq8yRT6+hSf2NHZwFT0TfsL7LJLLZLGdhtSJvRrqbaOcHG
pneO1Oh12zmRf3pfJsSFN20yqg2W+9p7ANprupynCoLyUybiTrx7+ZHjiQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFBnDs2mvgMhSw+Xzql7gi2WiUriMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvVUdjT3phYS1BeUZMRDVmT3FYdUNMWmFKU3VJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbbD8MA0G
CSqGSIb3DQEBCwUAA4IBAQBX0/XjkhOdtC6TZInRhZbbdm+zxR1ULjKBvS7vL7Z1
LecThmfos2cU4jr6aKBREX2zj3DzfZqyUlM0nIyqfECs+FJvqq18iLTodmdnwClp
ZlxxoDAVpoQH79PVmoWtFaEZRGGE8LSSl8h39y5D2o8/9TZn8dgcd3nOsX2w6mOa
ywEhCL3F3RHJssYTyKPi20KOSkFZHvrcwaWJrYmgwZfnhAxoSjGuykqpXf8V84p/
LVjqFU3w72mSoff9O47w2I0a16MhZ+Ez9x5bqUpSKt1fu1xLdEXnq3akJOMjYF4K
k6UWRr5pweEYp50iedM6yKKEGBByFfOw0D7XLJaupZD8
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:16 2024 by rpki-client on console-fra.rpki-client.org