Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/pwiCH1ZPlJR2xT8XZDF17n_Rxk8.roa
File:                     pwiCH1ZPlJR2xT8XZDF17n_Rxk8.roa (raw, json)
Hash identifier:          Um1REQuAFM5QZXJVW3/aLRg6Vrvt3X9pO96osVFHsUc=
Subject key identifier:   A7:08:82:1F:56:4F:94:94:76:C5:3F:17:64:31:75:EE:7F:D1:C6:4F
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018F86785A3E670CEDF6C1C7CED598DD0B2A
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/pwiCH1ZPlJR2xT8XZDF17n_Rxk8.roa
Signing time:             Fri 17 May 2024 12:13:05 +0000
ROA not before:           Fri 17 May 2024 12:13:05 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     43260
IP address blocks:        109.176.253.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 27 May 2024 08:48:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:86:78:5a:3e:67:0c:ed:f6:c1:c7:ce:d5:98:dd:0b:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: May 17 12:13:05 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=a708821f564f949476c53f17643175ee7fd1c64f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:6f:e0:a9:54:c6:0f:d4:2b:49:36:b9:30:82:
                    ed:0e:bc:34:ef:c4:d2:6d:bf:6e:1a:01:de:93:94:
                    50:81:1b:38:cf:20:4c:49:f9:2e:a8:9f:c0:c9:bb:
                    4e:96:be:07:5c:d5:f0:2a:91:9f:d7:27:a7:3d:0c:
                    91:d7:37:23:35:c3:a2:83:07:e6:ac:13:cb:bd:8f:
                    e9:dd:d3:d9:0f:f3:84:88:cc:a9:40:9a:05:41:08:
                    2e:1b:1f:e4:a2:9f:32:34:d8:4a:d1:3d:e6:ae:a0:
                    8b:39:86:5e:ff:12:96:11:3b:bd:5a:73:4e:84:f1:
                    9a:6d:b8:cb:8e:80:c8:73:67:3a:0e:ee:3e:0f:d6:
                    50:98:d1:2c:73:fe:cf:9a:cb:0b:4e:a8:1b:cb:79:
                    b1:d9:f2:f7:cb:9c:08:8e:fc:9c:e7:38:4a:69:89:
                    02:93:59:00:c4:8d:b8:37:8f:15:99:38:6a:73:8c:
                    13:73:e0:f9:56:1e:63:30:9e:e1:7b:96:9c:e2:e5:
                    31:48:b3:14:9c:21:11:42:6a:98:c8:bf:b6:95:1e:
                    2f:01:bd:85:c6:95:48:2a:de:92:4c:9c:57:d7:6f:
                    8a:f5:5b:82:29:71:57:18:c5:48:39:88:49:2a:77:
                    b9:86:96:9b:e9:28:ee:f1:3c:f7:5e:7c:77:9d:44:
                    e2:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:08:82:1F:56:4F:94:94:76:C5:3F:17:64:31:75:EE:7F:D1:C6:4F
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/pwiCH1ZPlJR2xT8XZDF17n_Rxk8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.176.253.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2f:a2:84:d8:6a:8d:a7:b7:2f:92:08:dd:83:af:0f:9e:26:b1:
         d3:1c:37:eb:cc:50:f6:29:c8:10:7f:e0:a1:54:05:81:53:e6:
         e8:87:06:4b:25:bf:d6:21:cc:59:95:3a:3e:3b:97:38:c4:7f:
         e0:28:2e:7e:ff:72:c3:bf:45:d6:91:65:6f:98:91:b8:be:09:
         49:b4:66:61:b1:a9:28:1c:20:7d:5c:71:a5:88:a4:ed:8c:55:
         e3:45:5f:cd:de:82:39:96:48:6e:4f:b3:df:b9:19:14:bb:09:
         a2:79:c8:08:3d:94:60:58:8d:04:63:a8:c6:55:15:c0:36:2b:
         4a:ef:cf:c8:e9:9f:7a:f5:91:1d:6d:12:16:18:db:f2:75:be:
         9e:b1:11:10:77:ab:99:e6:a9:9e:8d:74:fe:8f:c2:28:da:e6:
         57:7f:36:0d:d3:92:b1:bc:9c:bb:48:73:29:3b:0a:4e:12:6d:
         b4:9d:af:a7:5b:cc:24:d8:fe:be:20:72:f5:a0:86:fb:82:7d:
         53:7f:91:5d:9c:05:77:c2:81:fe:d1:27:2f:97:15:e2:aa:f9:
         8c:f0:52:ad:8f:ef:86:d9:c0:e7:9a:ba:fa:d1:a8:b6:31:86:
         57:1e:48:5b:cb:bc:1a:b8:d0:05:7e:64:59:f1:4f:2d:51:ad:
         4f:08:5b:f6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY+GeFo+Zwzt9sHHztWY3QsqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNTE3MTIxMzA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzA4ODIxZjU2NGY5NDk0NzZjNTNmMTc2NDMxNzVlZTdmZDFjNjRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvW/gqVTGD9QrSTa5MILtDrw078TS
bb9uGgHek5RQgRs4zyBMSfkuqJ/AybtOlr4HXNXwKpGf1yenPQyR1zcjNcOigwfm
rBPLvY/p3dPZD/OEiMypQJoFQQguGx/kop8yNNhK0T3mrqCLOYZe/xKWETu9WnNO
hPGabbjLjoDIc2c6Du4+D9ZQmNEsc/7PmssLTqgby3mx2fL3y5wIjvyc5zhKaYkC
k1kAxI24N48VmThqc4wTc+D5Vh5jMJ7he5ac4uUxSLMUnCERQmqYyL+2lR4vAb2F
xpVIKt6STJxX12+K9VuCKXFXGMVIOYhJKne5hpab6Sju8Tz3Xnx3nUTiuwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKcIgh9WT5SUdsU/F2Qxde5/0cZPMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvcHdpQ0gxWlBsSlIyeFQ4WFpERjE3bl9SeGs4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbbD9MA0G
CSqGSIb3DQEBCwUAA4IBAQAvooTYao2nty+SCN2Drw+eJrHTHDfrzFD2KcgQf+Ch
VAWBU+bohwZLJb/WIcxZlTo+O5c4xH/gKC5+/3LDv0XWkWVvmJG4vglJtGZhsako
HCB9XHGliKTtjFXjRV/N3oI5lkhuT7PfuRkUuwmiecgIPZRgWI0EY6jGVRXANitK
78/I6Z969ZEdbRIWGNvydb6esREQd6uZ5qmejXT+j8Io2uZXfzYN05KxvJy7SHMp
OwpOEm20na+nW8wk2P6+IHL1oIb7gn1Tf5FdnAV3woH+0ScvlxXiqvmM8FKtj++G
2cDnmrr60ai2MYZXHkhby7wauNAFfmRZ8U8tUa1PCFv2
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:31 2024 by rpki-client on console-ams.rpki-client.org