Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/qXMVnlPM8OLZssK7MH3HPKya1MU.roa
File:                     qXMVnlPM8OLZssK7MH3HPKya1MU.roa (raw, json)
Hash identifier:          WXpQU4Bp/YKotOXv+geqnLjEUHGHtcKKqLleKnBwqqw=
Subject key identifier:   A9:73:15:9E:53:CC:F0:E2:D9:B2:C2:BB:30:7D:C7:3C:AC:9A:D4:C5
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       0189CEDFC5A8F3CCB116C0B27C4777E5B23C
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/qXMVnlPM8OLZssK7MH3HPKya1MU.roa
Signing time:             Mon 07 Aug 2023 07:21:58 +0000
ROA not before:           Mon 07 Aug 2023 07:21:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     197644
IP address blocks:        109.176.215.0/24 maxlen: 24
                          109.176.216.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 07 Aug 2023 09:31:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:ce:df:c5:a8:f3:cc:b1:16:c0:b2:7c:47:77:e5:b2:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Aug  7 07:21:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a973159e53ccf0e2d9b2c2bb307dc73cac9ad4c5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:26:64:13:94:93:2a:06:90:55:12:79:c1:e7:
                    11:e9:e3:a0:a6:74:c3:aa:7f:a3:ed:f8:00:ae:e2:
                    ee:11:cf:ca:41:bc:02:a0:f7:a3:cf:4f:10:b7:9f:
                    31:3d:43:ea:1c:a7:eb:56:1a:05:76:1a:cf:e5:1b:
                    3d:50:ae:b6:df:80:8c:9a:b1:c9:de:3f:23:2d:ff:
                    05:b0:ed:8b:3c:67:37:11:70:87:de:47:65:cb:c7:
                    1c:f5:68:44:63:36:a8:40:27:10:9c:60:48:c7:f6:
                    46:0c:8a:4b:f9:d6:8a:93:08:1d:cd:ae:26:45:0e:
                    0d:b7:4a:4b:07:78:05:85:90:c4:9f:de:be:62:4b:
                    9c:14:31:44:1c:6b:b8:7c:f5:e8:1b:08:d7:6e:30:
                    a9:12:03:34:af:14:08:d0:c6:c9:b4:b0:68:d8:dc:
                    e3:bf:f8:56:12:24:e1:33:24:db:90:10:c0:54:a0:
                    f6:b8:0d:83:c0:ce:82:17:70:e4:ab:91:f2:ac:82:
                    f1:59:7f:29:b6:ba:c9:22:a0:8b:b9:4f:93:6f:9b:
                    11:8c:9b:c9:40:ce:ab:08:d7:01:3e:39:93:65:7a:
                    2b:ee:20:c8:13:78:64:ef:6f:87:2c:6e:d6:55:18:
                    05:20:df:a9:53:e4:2b:3b:df:a6:d1:41:da:7d:c9:
                    87:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:73:15:9E:53:CC:F0:E2:D9:B2:C2:BB:30:7D:C7:3C:AC:9A:D4:C5
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/qXMVnlPM8OLZssK7MH3HPKya1MU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.176.215.0-109.176.216.255

    Signature Algorithm: sha256WithRSAEncryption
         8a:1e:47:67:eb:02:34:97:5b:18:ac:6b:5b:8e:d8:13:f9:aa:
         62:53:b2:80:6c:c3:11:5d:79:64:3a:4a:19:66:88:a6:67:23:
         e7:85:6c:af:dd:d4:3e:0d:75:fa:7a:b9:7b:d5:3d:fe:1f:8b:
         a4:d6:f3:b5:3c:ca:f5:01:8b:0d:82:17:58:ef:cc:62:8a:2c:
         25:0d:01:ff:ec:23:5c:38:39:4e:28:f0:53:96:ad:53:2a:09:
         1c:19:29:3b:ca:d8:1f:55:53:35:67:9a:21:6a:5f:df:31:a1:
         b3:37:df:98:ae:4d:d1:4b:af:98:8a:c4:91:51:9f:75:5f:c2:
         00:60:dd:21:a3:f8:c8:09:c5:3d:79:5b:af:6b:9f:bb:dd:5f:
         81:26:89:a8:d9:53:26:ac:a5:40:f2:76:a6:b9:50:f3:3a:b2:
         04:bb:4d:98:50:c9:26:cd:00:d9:57:8b:7a:a6:54:f4:25:21:
         ea:83:86:52:4d:a8:f0:dd:14:24:d0:cd:fd:2d:2b:7c:20:c6:
         7b:3c:ce:1a:7f:eb:53:a9:34:da:52:b9:fb:56:22:d7:23:29:
         92:14:1d:b7:5a:2f:37:1a:55:d3:87:6f:2d:0e:9d:e8:5b:d7:
         8b:2f:7c:2e:aa:52:dc:af:46:a1:27:f1:ca:7e:f7:08:09:cd:
         bb:1d:ad:90
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYnO38Wo88yxFsCyfEd35bI8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwODA3MDcyMTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTczMTU5ZTUzY2NmMGUyZDliMmMyYmIzMDdkYzczY2FjOWFkNGM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgCZkE5STKgaQVRJ5wecR6eOgpnTD
qn+j7fgAruLuEc/KQbwCoPejz08Qt58xPUPqHKfrVhoFdhrP5Rs9UK6234CMmrHJ
3j8jLf8FsO2LPGc3EXCH3kdly8cc9WhEYzaoQCcQnGBIx/ZGDIpL+daKkwgdza4m
RQ4Nt0pLB3gFhZDEn96+YkucFDFEHGu4fPXoGwjXbjCpEgM0rxQI0MbJtLBo2Nzj
v/hWEiThMyTbkBDAVKD2uA2DwM6CF3Dkq5HyrILxWX8ptrrJIqCLuU+Tb5sRjJvJ
QM6rCNcBPjmTZXor7iDIE3hk72+HLG7WVRgFIN+pU+QrO9+m0UHafcmHxQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFKlzFZ5TzPDi2bLCuzB9xzysmtTFMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvcVhNVm5sUE04T0xac3NLN01IM0hQS3lhMU1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBABtsNcD
BABtsNgwDQYJKoZIhvcNAQELBQADggEBAIoeR2frAjSXWxisa1uO2BP5qmJTsoBs
wxFdeWQ6ShlmiKZnI+eFbK/d1D4Ndfp6uXvVPf4fi6TW87U8yvUBiw2CF1jvzGKK
LCUNAf/sI1w4OU4o8FOWrVMqCRwZKTvK2B9VUzVnmiFqX98xobM335iuTdFLr5iK
xJFRn3VfwgBg3SGj+MgJxT15W69rn7vdX4EmiajZUyaspUDydqa5UPM6sgS7TZhQ
ySbNANlXi3qmVPQlIeqDhlJNqPDdFCTQzf0tK3wgxns8zhp/61OpNNpSuftWItcj
KZIUHbdaLzcaVdOHby0Onehb14svfC6qUtyvRqEn8cp+9wgJzbsdrZA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:18 2024 by rpki-client on console-fra.rpki-client.org