Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/VknqbP6HjKZY0N44_iO5-fgcA6I.roa
File:                     VknqbP6HjKZY0N44_iO5-fgcA6I.roa (raw, json)
Hash identifier:          YrgHxtjxyECKUiLtWqF+bVB4XEXk7f0gkQm+rid5+zQ=
Subject key identifier:   56:49:EA:6C:FE:87:8C:A6:58:D0:DE:38:FE:23:B9:F9:F8:1C:03:A2
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018CC3494BE01356C04506605A9417F1468C
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/VknqbP6HjKZY0N44_iO5-fgcA6I.roa
Signing time:             Mon 01 Jan 2024 04:30:09 +0000
ROA not before:           Mon 01 Jan 2024 04:30:09 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     14445
IP address blocks:        109.176.244.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 04 Feb 2024 12:28:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:49:4b:e0:13:56:c0:45:06:60:5a:94:17:f1:46:8c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jan  1 04:30:09 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=5649ea6cfe878ca658d0de38fe23b9f9f81c03a2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:61:9c:15:a7:10:dc:80:21:f2:08:c4:84:06:
                    1a:bb:30:8f:90:95:bd:d8:8d:b4:62:eb:c4:9a:70:
                    ed:1f:81:1c:ce:34:15:51:17:3a:b6:a4:67:08:96:
                    56:62:16:97:8c:69:27:63:30:87:a1:52:eb:2c:c3:
                    dd:fe:9f:98:9e:d8:de:60:d3:38:43:b4:4d:77:ca:
                    36:df:9f:ad:af:79:96:76:64:dc:ac:42:ec:63:8f:
                    82:d0:65:41:c5:14:a9:8b:e6:94:52:14:da:79:78:
                    5e:c4:9b:a7:a2:af:ad:48:e6:e5:fb:f2:44:e9:23:
                    c3:5b:c7:21:9f:2f:d1:bd:2a:d2:38:a3:bf:43:89:
                    04:40:85:39:f6:4e:20:89:ab:6e:80:92:19:c9:2b:
                    fa:62:c4:80:89:d1:b0:ea:4c:80:ec:ec:d8:c5:ed:
                    f9:04:40:38:d4:68:94:c6:96:a6:3c:7c:7d:ed:4f:
                    53:7c:e7:35:27:8c:a1:17:46:4c:e0:87:cc:7b:c8:
                    15:31:1f:cf:b1:34:85:98:7f:68:14:64:b2:6d:4b:
                    9e:21:25:93:3a:40:2f:03:a9:51:2a:a6:24:8b:df:
                    e8:ec:76:bd:c0:48:2a:e9:c4:31:4d:62:ae:b0:20:
                    05:06:38:d8:3c:b1:ec:62:fa:77:01:9e:ce:3c:01:
                    ef:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:49:EA:6C:FE:87:8C:A6:58:D0:DE:38:FE:23:B9:F9:F8:1C:03:A2
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/VknqbP6HjKZY0N44_iO5-fgcA6I.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.176.244.0/24

    Signature Algorithm: sha256WithRSAEncryption
         02:01:4a:43:d2:e3:07:0e:24:7e:19:b9:61:68:8e:49:2d:30:
         aa:62:f8:46:85:bd:f7:f1:ec:91:0e:1e:43:f8:63:42:50:95:
         cd:23:bb:73:4a:45:87:18:60:ba:2a:50:79:b9:7e:86:a5:61:
         d1:00:7c:47:f4:e2:32:76:67:8a:69:7e:bd:70:12:49:b6:76:
         8e:d7:65:70:a8:ec:b6:6d:11:cf:6c:1f:b0:4e:7a:01:c1:66:
         76:76:72:cb:44:61:b4:18:b4:94:50:75:2a:4a:2f:d1:b0:36:
         d3:2c:3c:05:90:41:fc:44:4c:78:3f:c3:06:64:04:b7:66:ff:
         f9:73:67:9d:03:af:af:f4:9d:cf:2e:d4:bb:d5:02:1b:9b:8e:
         55:f5:26:8c:ff:dc:e9:06:17:3e:c3:12:4d:77:cc:38:16:1e:
         85:7b:79:eb:0d:f5:ff:8f:a8:c6:ef:88:b9:d5:4a:fd:bc:a2:
         fa:14:bf:4b:fa:c1:7b:f8:5e:65:91:97:72:60:f3:6d:e5:f1:
         6f:65:62:79:b3:71:4f:f1:b8:6b:d2:91:6b:00:ca:1a:cc:3b:
         2c:93:93:03:48:1e:14:16:b7:e5:97:2b:66:b6:f5:05:b9:4a:
         ad:15:d2:73:28:8e:5f:aa:aa:4e:85:4e:e9:8d:2a:ba:25:8a:
         a0:37:6e:be
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSUvgE1bARQZgWpQX8UaMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMTAxMDQzMDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjQ5ZWE2Y2ZlODc4Y2E2NThkMGRlMzhmZTIzYjlmOWY4MWMwM2EyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoWGcFacQ3IAh8gjEhAYauzCPkJW9
2I20YuvEmnDtH4EczjQVURc6tqRnCJZWYhaXjGknYzCHoVLrLMPd/p+YntjeYNM4
Q7RNd8o235+tr3mWdmTcrELsY4+C0GVBxRSpi+aUUhTaeXhexJunoq+tSObl+/JE
6SPDW8chny/RvSrSOKO/Q4kEQIU59k4giatugJIZySv6YsSAidGw6kyA7OzYxe35
BEA41GiUxpamPHx97U9TfOc1J4yhF0ZM4IfMe8gVMR/PsTSFmH9oFGSybUueISWT
OkAvA6lRKqYki9/o7Ha9wEgq6cQxTWKusCAFBjjYPLHsYvp3AZ7OPAHvBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFZJ6mz+h4ymWNDeOP4jufn4HAOiMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvVmtucWJQNkhqS1pZME40NF9pTzUtZmdjQTZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbbD0MA0G
CSqGSIb3DQEBCwUAA4IBAQACAUpD0uMHDiR+GblhaI5JLTCqYvhGhb338eyRDh5D
+GNCUJXNI7tzSkWHGGC6KlB5uX6GpWHRAHxH9OIydmeKaX69cBJJtnaO12VwqOy2
bRHPbB+wTnoBwWZ2dnLLRGG0GLSUUHUqSi/RsDbTLDwFkEH8REx4P8MGZAS3Zv/5
c2edA6+v9J3PLtS71QIbm45V9SaM/9zpBhc+wxJNd8w4Fh6Fe3nrDfX/j6jG74i5
1Ur9vKL6FL9L+sF7+F5lkZdyYPNt5fFvZWJ5s3FP8bhr0pFrAMoazDssk5MDSB4U
FrfllytmtvUFuUqtFdJzKI5fqqpOhU7pjSq6JYqgN26+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:16 2024 by rpki-client on console-fra.rpki-client.org