Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/dv7GgZipwMHVrf5PCVypQw-ejOo.roa
File:                     dv7GgZipwMHVrf5PCVypQw-ejOo.roa (raw, json)
Hash identifier:          JxbcPL5B/CzQ6VH4OwncREp4yM7S+g4+or4KnZuo/YE=
Subject key identifier:   76:FE:C6:81:98:A9:C0:C1:D5:AD:FE:4F:09:5C:A9:43:0F:9E:8C:EA
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       0189B7035E7CE004858A66F422A84DA29B35
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/dv7GgZipwMHVrf5PCVypQw-ejOo.roa
Signing time:             Wed 02 Aug 2023 16:09:58 +0000
ROA not before:           Wed 02 Aug 2023 16:09:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     197644
IP address blocks:        109.176.215.0/24 maxlen: 24
                          109.176.216.0/24 maxlen: 24
                          109.176.218.0/24 maxlen: 24
                          109.176.220.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 07 Aug 2023 07:20:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:b7:03:5e:7c:e0:04:85:8a:66:f4:22:a8:4d:a2:9b:35
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Aug  2 16:09:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=76fec68198a9c0c1d5adfe4f095ca9430f9e8cea
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:fa:b4:fe:ea:70:e8:a8:69:a6:6e:8a:9e:fc:32:
                    a1:1f:ee:6f:24:74:36:b6:64:12:15:6b:b3:92:aa:
                    7f:94:9d:7f:73:63:a8:e6:98:e4:99:d7:2f:44:12:
                    6c:f1:84:77:db:02:ef:3a:52:e9:f6:ce:c4:27:a8:
                    e2:bc:4f:43:b1:f4:7e:5d:91:7e:4a:4c:73:3e:64:
                    d9:15:a3:aa:c9:44:08:f2:d1:93:88:f7:fa:51:e7:
                    93:58:3d:82:e7:fe:e2:11:23:b8:ff:e3:79:0e:7d:
                    55:e4:fa:c1:40:b2:6c:84:b3:bb:28:94:91:2d:86:
                    3b:67:f6:f7:43:d5:7d:6c:9b:ff:db:e4:f8:a9:2e:
                    70:35:47:14:50:35:8b:d6:f8:5f:5e:07:88:2c:57:
                    8e:cf:d5:90:4f:16:42:b2:e7:d7:ac:f6:54:19:1a:
                    47:bc:72:77:60:e5:fe:8b:a2:28:e8:60:2f:b5:8b:
                    b5:1c:2a:8c:1e:24:3b:1f:31:3d:0f:e1:24:46:1b:
                    94:34:0d:cc:7c:a6:24:eb:eb:92:cb:7e:a8:c2:a8:
                    b1:cf:e9:ef:90:10:43:01:60:4d:a7:1a:fd:03:b2:
                    84:e1:7f:cb:dc:a0:bb:3e:56:88:91:1c:81:c3:ec:
                    95:15:63:d4:03:ce:26:db:54:de:d4:4b:f5:a0:7d:
                    01:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:FE:C6:81:98:A9:C0:C1:D5:AD:FE:4F:09:5C:A9:43:0F:9E:8C:EA
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/dv7GgZipwMHVrf5PCVypQw-ejOo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.176.215.0-109.176.216.255
                  109.176.218.0/24
                  109.176.220.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6f:97:88:b7:36:d5:bc:2d:54:6b:e0:1a:7b:2e:f0:d7:29:e3:
         77:fa:54:54:6b:1c:48:46:06:4e:25:93:84:3c:41:b0:79:36:
         e4:52:b5:6e:3a:b1:ae:3b:eb:c9:ac:28:cb:59:11:6e:96:2e:
         a9:0f:74:b4:c6:65:48:f9:7b:33:58:ab:9b:45:6c:77:8b:40:
         31:ae:e6:04:23:c1:13:43:b7:2d:88:39:02:44:ad:96:87:c1:
         e1:06:63:5e:0d:61:0a:24:fd:e2:38:37:4d:34:f9:4a:2a:36:
         99:67:1c:d1:ac:54:cc:bc:8d:67:69:b2:f7:0b:5e:4e:d6:10:
         6e:ca:38:ff:0b:40:dc:59:46:d9:8d:08:fc:29:6d:93:4c:1e:
         cd:3a:7a:35:20:ce:6f:44:92:d5:68:33:15:13:11:85:1e:d6:
         3e:aa:43:f0:db:d4:10:a1:d3:ac:e5:fd:f2:8b:03:f8:62:ca:
         40:98:41:95:04:73:b9:4d:ea:22:5e:2b:0c:52:c3:24:b5:e8:
         75:09:d0:d5:26:2b:66:11:c5:31:9e:87:49:8a:e9:03:5f:17:
         de:00:1a:da:21:f9:76:ea:e4:78:74:e0:1e:6e:7e:73:df:f8:
         6b:c8:59:69:0c:c3:03:81:a9:ab:e5:ef:27:b2:30:ac:32:45:
         60:f4:81:5c
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYm3A1584ASFimb0IqhNops1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwODAyMTYwOTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmZlYzY4MTk4YTljMGMxZDVhZGZlNGYwOTVjYTk0MzBmOWU4Y2VhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+rT+6nDoqGmmboqe/DKhH+5vJHQ2
tmQSFWuzkqp/lJ1/c2Oo5pjkmdcvRBJs8YR32wLvOlLp9s7EJ6jivE9DsfR+XZF+
SkxzPmTZFaOqyUQI8tGTiPf6UeeTWD2C5/7iESO4/+N5Dn1V5PrBQLJshLO7KJSR
LYY7Z/b3Q9V9bJv/2+T4qS5wNUcUUDWL1vhfXgeILFeOz9WQTxZCsufXrPZUGRpH
vHJ3YOX+i6Io6GAvtYu1HCqMHiQ7HzE9D+EkRhuUNA3MfKYk6+uSy36owqixz+nv
kBBDAWBNpxr9A7KE4X/L3KC7PlaIkRyBw+yVFWPUA84m21Te1Ev1oH0BUwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFHb+xoGYqcDB1a3+TwlcqUMPnozqMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvZHY3R2daaXB3TUhWcmY1UENWeXBRdy1lak9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBABtsNcD
BABtsNgDBABtsNoDBABtsNwwDQYJKoZIhvcNAQELBQADggEBAG+XiLc21bwtVGvg
Gnsu8Ncp43f6VFRrHEhGBk4lk4Q8QbB5NuRStW46sa4768msKMtZEW6WLqkPdLTG
ZUj5ezNYq5tFbHeLQDGu5gQjwRNDty2IOQJErZaHweEGY14NYQok/eI4N000+Uoq
NplnHNGsVMy8jWdpsvcLXk7WEG7KOP8LQNxZRtmNCPwpbZNMHs06ejUgzm9EktVo
MxUTEYUe1j6qQ/Db1BCh06zl/fKLA/hiykCYQZUEc7lN6iJeKwxSwyS16HUJ0NUm
K2YRxTGeh0mK6QNfF94AGtoh+Xbq5Hh04B5ufnPf+GvIWWkMwwOBqavl7yeyMKwy
RWD0gVw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:17 2024 by rpki-client on console-fra.rpki-client.org