Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Zp0Pyp8ACrjBN0GtKpw-Sgl7AY4.roa
File:                     Zp0Pyp8ACrjBN0GtKpw-Sgl7AY4.roa (raw, json)
Hash identifier:          jc/gywhg8qF/5xLX+SKSTPTtJDXZ/qbvcto6B0W4RYM=
Subject key identifier:   66:9D:0F:CA:9F:00:0A:B8:C1:37:41:AD:2A:9C:3E:4A:09:7B:01:8E
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018A9411FF779D4A40C3CDB6CA2C8480ECF1
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Zp0Pyp8ACrjBN0GtKpw-Sgl7AY4.roa
Signing time:             Thu 14 Sep 2023 14:22:01 +0000
ROA not before:           Thu 14 Sep 2023 14:22:01 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211318
IP address blocks:        109.176.246.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 15 Nov 2023 11:18:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:94:11:ff:77:9d:4a:40:c3:cd:b6:ca:2c:84:80:ec:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Sep 14 14:22:01 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=669d0fca9f000ab8c13741ad2a9c3e4a097b018e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:bc:5a:b3:fc:44:44:59:90:64:46:34:c9:f0:
                    f2:09:14:8a:36:db:fa:74:2c:33:7c:54:ce:e0:21:
                    86:b7:ae:a7:35:cf:ea:92:d1:57:1b:89:65:e8:ee:
                    86:74:c5:53:de:14:04:0d:1a:8d:68:63:cd:3b:60:
                    01:02:94:2b:0c:97:75:ac:85:7b:91:11:d2:2b:eb:
                    77:1b:a4:55:2f:83:b0:b7:bc:c8:3b:54:eb:f0:ff:
                    b0:ce:c4:48:a5:ad:7e:30:43:6d:f0:79:6d:dc:fd:
                    fe:54:a8:04:35:11:eb:99:45:47:4a:cf:f1:20:d6:
                    a9:63:11:90:f1:f5:25:f9:d6:bb:49:ed:a8:b7:79:
                    31:9e:9e:75:47:d3:1b:6e:a6:85:a7:66:87:66:d4:
                    df:c0:c2:59:cc:44:d5:8b:4b:1e:55:a8:00:2f:42:
                    bf:68:c9:dc:0c:53:8c:e3:72:ab:8a:a4:2d:72:71:
                    2b:f8:1e:31:8d:fb:b6:c1:36:0f:5c:e0:cc:6b:4b:
                    77:33:3e:9d:cd:26:ef:e6:d2:e2:df:20:88:2c:79:
                    91:e2:40:f8:db:6a:9b:4b:66:2c:bf:7c:2b:11:35:
                    95:eb:d5:d0:44:5b:ff:14:ba:79:5f:4c:35:be:bb:
                    1c:3a:9a:79:5f:fc:e6:b6:73:9b:0b:97:83:64:f2:
                    62:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:9D:0F:CA:9F:00:0A:B8:C1:37:41:AD:2A:9C:3E:4A:09:7B:01:8E
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Zp0Pyp8ACrjBN0GtKpw-Sgl7AY4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.176.246.0/24

    Signature Algorithm: sha256WithRSAEncryption
         82:1c:5a:cf:c3:b5:31:d4:d4:db:84:11:8f:81:98:6b:ee:8d:
         32:2c:4c:71:ff:ee:cf:ed:1d:aa:12:9f:86:b8:01:9a:5d:f9:
         fe:f2:e7:3e:c9:b7:c3:60:dc:71:4e:cf:05:9e:bf:6b:f5:62:
         62:f1:75:42:b8:70:e6:86:70:d0:e8:90:7f:39:af:b8:2f:99:
         0e:9f:ae:d9:1e:20:45:f8:7d:69:3c:95:23:b5:35:85:cd:6f:
         8c:31:94:35:ba:2b:e8:dc:b0:16:ca:84:7f:aa:25:45:32:2b:
         61:7e:4f:f3:55:3c:c5:49:8f:a8:ed:b3:b4:dd:c0:5a:bc:24:
         1b:0d:65:0a:a8:c6:8b:cf:df:84:4c:69:79:95:5b:0b:30:df:
         81:83:02:1d:5d:19:1f:34:ac:83:3f:52:b7:d3:40:35:ac:b9:
         03:c1:4b:8d:21:c1:86:a3:12:8b:b6:a8:18:ca:5b:df:9f:c3:
         73:98:6f:9c:f9:da:5e:0a:e6:ea:ad:8d:53:e0:e4:27:77:6c:
         e6:34:92:01:6f:ad:64:10:8d:de:96:ce:5e:0b:95:a1:c5:13:
         21:4b:c6:f8:3d:7f:64:dc:e1:5a:7d:fc:27:8b:cc:b0:10:81:
         54:61:2a:29:7b:e7:65:a3:b1:46:0b:6a:44:1c:d8:03:fb:71:
         05:91:ff:b4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYqUEf93nUpAw822yiyEgOzxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwOTE0MTQyMjAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjlkMGZjYTlmMDAwYWI4YzEzNzQxYWQyYTljM2U0YTA5N2IwMThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkrxas/xERFmQZEY0yfDyCRSKNtv6
dCwzfFTO4CGGt66nNc/qktFXG4ll6O6GdMVT3hQEDRqNaGPNO2ABApQrDJd1rIV7
kRHSK+t3G6RVL4Owt7zIO1Tr8P+wzsRIpa1+MENt8Hlt3P3+VKgENRHrmUVHSs/x
INapYxGQ8fUl+da7Se2ot3kxnp51R9MbbqaFp2aHZtTfwMJZzETVi0seVagAL0K/
aMncDFOM43KriqQtcnEr+B4xjfu2wTYPXODMa0t3Mz6dzSbv5tLi3yCILHmR4kD4
22qbS2Ysv3wrETWV69XQRFv/FLp5X0w1vrscOpp5X/zmtnObC5eDZPJieQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGadD8qfAAq4wTdBrSqcPkoJewGOMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvWnAwUHlwOEFDcmpCTjBHdEtwdy1TZ2w3QVk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbbD2MA0G
CSqGSIb3DQEBCwUAA4IBAQCCHFrPw7Ux1NTbhBGPgZhr7o0yLExx/+7P7R2qEp+G
uAGaXfn+8uc+ybfDYNxxTs8Fnr9r9WJi8XVCuHDmhnDQ6JB/Oa+4L5kOn67ZHiBF
+H1pPJUjtTWFzW+MMZQ1uivo3LAWyoR/qiVFMithfk/zVTzFSY+o7bO03cBavCQb
DWUKqMaLz9+ETGl5lVsLMN+BgwIdXRkfNKyDP1K300A1rLkDwUuNIcGGoxKLtqgY
ylvfn8NzmG+c+dpeCubqrY1T4OQnd2zmNJIBb61kEI3els5eC5WhxRMhS8b4PX9k
3OFaffwni8ywEIFUYSope+dlo7FGC2pEHNgD+3EFkf+0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:16 2024 by rpki-client on console-fra.rpki-client.org