Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/iTXjSrA6Fq_JQyBWLPY0kC_kx2k.roa
File:                     iTXjSrA6Fq_JQyBWLPY0kC_kx2k.roa (raw, json)
Hash identifier:          Z8wdj8YwYLHUE+a7MN9LIrIIJXFbjksSL+XB6JWirr8=
Subject key identifier:   89:35:E3:4A:B0:3A:16:AF:C9:43:20:56:2C:F6:34:90:2F:E4:C7:69
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018E9DC74223BA2DA4475320B057A28806F5
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/iTXjSrA6Fq_JQyBWLPY0kC_kx2k.roa
Signing time:             Tue 02 Apr 2024 07:47:45 +0000
ROA not before:           Tue 02 Apr 2024 07:47:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     210164
IP address blocks:        109.176.24.0/24 maxlen: 24
                          213.218.236.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 29 Apr 2024 07:08:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:9d:c7:42:23:ba:2d:a4:47:53:20:b0:57:a2:88:06:f5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Apr  2 07:47:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=8935e34ab03a16afc94320562cf634902fe4c769
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:66:c0:3e:c2:09:72:da:f8:29:09:40:a1:1b:
                    d1:b7:d3:a9:07:55:7a:57:d5:1b:2d:f5:85:c4:48:
                    a8:55:34:e4:3e:d8:7a:87:32:b1:d3:f6:e5:8b:d8:
                    10:8a:04:9c:43:62:95:2e:30:a4:b8:2e:52:0a:70:
                    32:ae:c8:28:ec:1c:5c:50:87:d6:1a:58:6a:8c:16:
                    d5:a3:d8:07:0b:da:7b:fd:55:62:3e:b5:bd:f3:b3:
                    50:7f:99:b2:69:b8:6d:e4:31:c2:0e:42:fe:6c:ee:
                    bd:6e:4c:6c:77:b8:a0:16:81:fe:f7:c7:5f:a7:0f:
                    e6:76:5b:12:a3:ff:8d:d9:5b:b4:06:60:36:28:cf:
                    8b:ae:df:0e:76:54:f7:01:5e:bc:cd:59:35:3f:be:
                    e2:65:42:fb:d8:83:df:72:1e:b5:48:b6:1b:8b:51:
                    06:29:42:ec:ae:b1:9a:87:7a:6c:d5:a5:5e:39:01:
                    ff:30:c3:1f:40:92:9d:5b:93:48:e6:35:84:0d:f7:
                    00:cc:a0:a4:dc:43:31:ca:47:de:0c:db:e0:88:4b:
                    13:39:25:4c:a8:23:e5:1a:ef:b5:65:81:ff:a7:a3:
                    a6:0b:64:e0:14:f2:e7:79:3c:39:9c:cf:3d:5b:46:
                    72:fa:cb:e1:a9:66:23:bb:5d:b4:fd:b0:9c:d3:3f:
                    8e:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:35:E3:4A:B0:3A:16:AF:C9:43:20:56:2C:F6:34:90:2F:E4:C7:69
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/iTXjSrA6Fq_JQyBWLPY0kC_kx2k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.176.24.0/24
                  213.218.236.0/24

    Signature Algorithm: sha256WithRSAEncryption
         17:6e:02:54:d2:7e:01:2b:02:ec:29:02:94:ca:68:72:f5:50:
         53:67:fb:30:d9:e7:ec:e2:fb:d4:b7:cf:fd:7d:b7:e0:63:70:
         df:73:90:8b:1c:e1:d5:e1:e7:96:bc:21:12:f6:33:16:e2:d6:
         17:cb:f7:63:9c:47:b6:62:d3:de:dc:47:12:a3:f5:3f:19:62:
         f8:82:69:c5:32:7f:19:35:68:c2:3f:1c:e5:c3:94:85:ee:a8:
         51:90:ec:cc:65:fe:43:c5:fd:11:69:0e:95:42:d0:29:16:18:
         97:0d:a4:d9:a0:78:cb:4d:72:c2:5d:10:a3:a2:ae:27:ab:0e:
         d3:a7:f0:91:d4:27:25:53:0c:b9:c3:91:02:cd:be:bb:26:d6:
         be:38:98:8c:d5:c4:01:6c:1e:70:f0:72:48:d4:7b:bf:4a:6f:
         18:e5:ab:3e:85:43:31:ed:02:e0:0d:5a:4d:5f:33:61:bb:86:
         32:b1:57:8c:92:de:02:f1:6e:69:f9:b7:23:74:63:07:32:cd:
         8b:fa:d4:06:d9:1c:80:f1:ee:c0:db:59:91:db:71:bb:7d:b3:
         99:87:08:2d:f9:ae:71:73:a2:ff:ff:78:e8:7a:ec:a5:e5:fa:
         f2:ff:f0:3f:b5:3b:45:db:e7:78:ee:11:a4:9a:b2:8c:a4:16:
         65:b9:bd:b3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY6dx0Ijui2kR1MgsFeiiAb1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNDAyMDc0NzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTM1ZTM0YWIwM2ExNmFmYzk0MzIwNTYyY2Y2MzQ5MDJmZTRjNzY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh2bAPsIJctr4KQlAoRvRt9OpB1V6
V9UbLfWFxEioVTTkPth6hzKx0/bli9gQigScQ2KVLjCkuC5SCnAyrsgo7BxcUIfW
GlhqjBbVo9gHC9p7/VViPrW987NQf5myabht5DHCDkL+bO69bkxsd7igFoH+98df
pw/mdlsSo/+N2Vu0BmA2KM+Lrt8OdlT3AV68zVk1P77iZUL72IPfch61SLYbi1EG
KULsrrGah3ps1aVeOQH/MMMfQJKdW5NI5jWEDfcAzKCk3EMxykfeDNvgiEsTOSVM
qCPlGu+1ZYH/p6OmC2TgFPLneTw5nM89W0Zy+svhqWYju120/bCc0z+O1QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIk140qwOhavyUMgViz2NJAv5MdpMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvaVRYalNyQTZGcV9KUXlCV0xQWTBrQ19reDJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAbbAYAwQA
1drsMA0GCSqGSIb3DQEBCwUAA4IBAQAXbgJU0n4BKwLsKQKUymhy9VBTZ/sw2efs
4vvUt8/9fbfgY3Dfc5CLHOHV4eeWvCES9jMW4tYXy/djnEe2YtPe3EcSo/U/GWL4
gmnFMn8ZNWjCPxzlw5SF7qhRkOzMZf5Dxf0RaQ6VQtApFhiXDaTZoHjLTXLCXRCj
oq4nqw7Tp/CR1CclUwy5w5ECzb67Jta+OJiM1cQBbB5w8HJI1Hu/Sm8Y5as+hUMx
7QLgDVpNXzNhu4YysVeMkt4C8W5p+bcjdGMHMs2L+tQG2RyA8e7A21mR23G7fbOZ
hwgt+a5xc6L//3joeuyl5fry//A/tTtF2+d47hGkmrKMpBZlub2z
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:30 2024 by rpki-client on console-ams.rpki-client.org