Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/gr7q7o8lar5BzsQCMbPNBiHUh4Q.roa
File:                     gr7q7o8lar5BzsQCMbPNBiHUh4Q.roa (raw, json)
Hash identifier:          oSb7TDLNTfSITnUbuvKRqBb6/1z6zAwr1Kerfwt4pX4=
Subject key identifier:   82:BE:EA:EE:8F:25:6A:BE:41:CE:C4:02:31:B3:CD:06:21:D4:87:84
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018C679720B5D981997CE71C26CFD203A69A
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/gr7q7o8lar5BzsQCMbPNBiHUh4Q.roa
Signing time:             Thu 14 Dec 2023 09:10:06 +0000
ROA not before:           Thu 14 Dec 2023 09:10:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     393449
IP address blocks:        109.176.253.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:30:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:67:97:20:b5:d9:81:99:7c:e7:1c:26:cf:d2:03:a6:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Dec 14 09:10:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=82beeaee8f256abe41cec40231b3cd0621d48784
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:bf:f8:3c:62:de:72:f2:85:91:b9:d6:17:1d:
                    b9:32:bf:20:8d:5e:13:05:ee:1d:43:dc:fe:aa:77:
                    68:4a:51:5f:27:6f:8f:3d:8a:cc:c0:44:79:47:5d:
                    d7:fc:1f:ad:fa:cf:7a:2b:5c:c6:d8:6c:08:b8:85:
                    b1:4e:16:2d:02:f4:ad:4b:7b:f1:dd:c0:59:fa:89:
                    4c:ab:e6:b4:47:8b:33:47:5a:80:28:fd:39:0c:17:
                    00:49:69:3c:f6:9f:bc:d5:20:43:cf:de:3c:5a:99:
                    a8:be:31:c9:6c:ca:9b:5a:4e:f8:34:8f:73:b6:60:
                    9b:e3:f6:3f:f9:e5:57:3c:ba:dd:78:a8:db:db:a6:
                    a2:63:a3:25:2a:d1:58:85:e7:0e:72:9e:7f:39:d4:
                    63:6e:45:32:55:c9:ef:e7:71:d1:2d:78:6a:62:91:
                    a1:01:48:38:59:9d:cd:a3:65:31:ab:4b:f9:e2:92:
                    41:6b:3a:f2:7d:9b:2c:9e:db:c2:71:3e:fb:66:a2:
                    7e:14:c6:83:84:f6:5c:6b:cf:ff:c7:a3:dd:70:0d:
                    3e:f9:f4:b9:53:b2:c7:a0:75:9b:2a:3f:ce:7b:fe:
                    e1:35:f6:26:9b:c3:e8:7e:8e:04:02:10:a9:c9:ac:
                    10:ed:1b:fc:77:13:df:4c:65:a8:cb:b2:fc:f6:7a:
                    a6:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:BE:EA:EE:8F:25:6A:BE:41:CE:C4:02:31:B3:CD:06:21:D4:87:84
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/gr7q7o8lar5BzsQCMbPNBiHUh4Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.176.253.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a3:85:cc:6c:e8:e9:e1:12:d4:54:0d:68:68:ce:5e:c8:56:41:
         d7:38:d7:b2:94:e7:0f:8d:47:b7:47:89:0c:db:29:99:07:8b:
         9f:3d:d9:8a:72:95:35:81:a3:3d:d6:63:0d:69:29:d7:23:77:
         df:01:b4:df:60:e5:44:02:c2:28:cb:70:2e:d1:76:b5:f5:88:
         b9:f4:18:47:4c:ea:76:37:1d:d2:d3:04:88:e9:da:88:d4:23:
         56:c0:bb:93:5b:df:e2:ae:b7:41:1a:50:96:a0:79:7f:b0:19:
         07:a2:f5:9f:f7:bb:75:58:7d:77:1b:b1:5d:1c:5e:c9:4c:5c:
         cf:f9:04:de:ec:2b:92:bf:4f:d8:f5:e5:a7:bf:d7:72:19:64:
         9e:21:31:69:06:0d:fa:7c:be:7f:21:51:9d:14:c5:d7:76:10:
         d5:4a:1c:31:02:58:46:57:79:fd:73:0a:d7:51:9d:ff:08:fd:
         18:99:a8:34:dc:a9:49:36:82:f5:f9:28:b5:3a:6b:48:94:1e:
         c8:54:7a:2e:06:ca:fc:f0:31:c6:57:c7:b7:3d:1b:8e:f1:5f:
         9f:0c:00:f3:22:a0:40:81:3f:16:c9:43:82:c9:85:d6:af:b2:
         e1:78:f2:21:86:fd:10:2a:ec:84:56:f5:14:15:f2:1b:2f:50:
         38:47:a6:7a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYxnlyC12YGZfOccJs/SA6aaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMxMjE0MDkxMDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmJlZWFlZThmMjU2YWJlNDFjZWM0MDIzMWIzY2QwNjIxZDQ4Nzg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqL/4PGLecvKFkbnWFx25Mr8gjV4T
Be4dQ9z+qndoSlFfJ2+PPYrMwER5R13X/B+t+s96K1zG2GwIuIWxThYtAvStS3vx
3cBZ+olMq+a0R4szR1qAKP05DBcASWk89p+81SBDz948WpmovjHJbMqbWk74NI9z
tmCb4/Y/+eVXPLrdeKjb26aiY6MlKtFYhecOcp5/OdRjbkUyVcnv53HRLXhqYpGh
AUg4WZ3No2Uxq0v54pJBazryfZssntvCcT77ZqJ+FMaDhPZca8//x6PdcA0++fS5
U7LHoHWbKj/Oe/7hNfYmm8Pofo4EAhCpyawQ7Rv8dxPfTGWoy7L89nqmowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIK+6u6PJWq+Qc7EAjGzzQYh1IeEMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvZ3I3cTdvOGxhcjVCenNRQ01iUE5CaUhVaDRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbbD9MA0G
CSqGSIb3DQEBCwUAA4IBAQCjhcxs6OnhEtRUDWhozl7IVkHXONeylOcPjUe3R4kM
2ymZB4ufPdmKcpU1gaM91mMNaSnXI3ffAbTfYOVEAsIoy3Au0Xa19Yi59BhHTOp2
Nx3S0wSI6dqI1CNWwLuTW9/irrdBGlCWoHl/sBkHovWf97t1WH13G7FdHF7JTFzP
+QTe7CuSv0/Y9eWnv9dyGWSeITFpBg36fL5/IVGdFMXXdhDVShwxAlhGV3n9cwrX
UZ3/CP0Ymag03KlJNoL1+Si1OmtIlB7IVHouBsr88DHGV8e3PRuO8V+fDADzIqBA
gT8WyUOCyYXWr7LhePIhhv0QKuyEVvUUFfIbL1A4R6Z6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:17 2024 by rpki-client on console-fra.rpki-client.org