Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/rf5DcbLjpqsHC7RX3V2YtO639Ac.roa
File:                     rf5DcbLjpqsHC7RX3V2YtO639Ac.roa (raw, json)
Hash identifier:          5e/fcVG6myNJZAu7lfqVEu8V3Xk4F7Tbva6ErFQ+DnA=
Subject key identifier:   AD:FE:43:71:B2:E3:A6:AB:07:0B:B4:57:DD:5D:98:B4:EE:B7:F4:07
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       0189EF83CD4BE836BB7CAAA91D8BBF2BA85A
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/rf5DcbLjpqsHC7RX3V2YtO639Ac.roa
Signing time:             Sun 13 Aug 2023 15:28:59 +0000
ROA not before:           Sun 13 Aug 2023 15:28:59 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     199614
IP address blocks:        109.176.212.0/23 maxlen: 24
                          109.176.214.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Thu 17 Aug 2023 06:52:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:ef:83:cd:4b:e8:36:bb:7c:aa:a9:1d:8b:bf:2b:a8:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Aug 13 15:28:59 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=adfe4371b2e3a6ab070bb457dd5d98b4eeb7f407
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:54:80:db:4b:9d:2c:09:4d:90:61:28:52:f0:
                    d4:71:f2:e7:86:03:39:6a:d4:d1:07:f9:f8:29:e3:
                    56:28:bb:6b:4b:53:c5:88:a9:26:3e:75:52:e5:73:
                    91:71:bc:32:78:1a:b8:64:28:79:7b:d9:43:e7:c5:
                    81:fa:07:7c:43:95:ec:1e:1e:ea:e1:b1:e5:17:e7:
                    ae:3f:d3:90:af:06:a9:13:f2:88:0d:23:bf:a4:8a:
                    02:0e:88:6b:1a:92:40:99:8f:85:b9:46:a2:cb:54:
                    96:65:cf:df:be:db:76:ba:7d:4e:72:89:5d:a0:95:
                    55:4d:35:a4:68:a7:22:ee:30:6d:98:9f:ad:47:4d:
                    44:76:cf:ec:14:cd:a5:32:b5:d9:94:f1:89:51:65:
                    da:08:65:3a:0d:45:bc:24:51:24:ab:47:09:12:f8:
                    ee:3a:e7:40:ef:8a:19:86:c5:a5:c6:f9:39:ff:db:
                    26:00:81:28:69:58:1d:df:77:e0:4b:36:b0:6b:ce:
                    53:a6:e9:86:93:2a:c4:72:b7:df:8d:f5:1f:0c:ea:
                    34:16:27:b8:46:3d:4f:a7:2e:07:7e:78:80:ac:de:
                    5a:e3:ca:93:04:8c:f3:d4:54:0d:35:b6:47:4a:ca:
                    16:da:94:8a:3c:d1:5d:b0:d5:46:ae:44:a8:2b:d8:
                    76:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:FE:43:71:B2:E3:A6:AB:07:0B:B4:57:DD:5D:98:B4:EE:B7:F4:07
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/rf5DcbLjpqsHC7RX3V2YtO639Ac.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.176.212.0/22

    Signature Algorithm: sha256WithRSAEncryption
         a9:9d:66:ea:9e:f2:98:78:24:61:29:63:4c:53:89:3b:a5:1f:
         d0:2e:85:fe:ea:bf:a1:15:c4:d3:1b:bf:53:cd:97:3f:0c:f7:
         08:ec:63:91:a1:5f:67:fe:91:87:9d:67:cd:23:3d:00:ef:d9:
         88:e3:f7:3e:ea:f8:a5:e3:77:47:b8:51:29:cd:d5:c1:08:10:
         c1:79:fd:74:7d:b6:99:2b:66:a0:75:30:88:3d:63:66:2e:2c:
         2e:ec:11:d5:10:d6:7b:dd:25:f0:7c:ba:13:09:35:11:ca:41:
         c6:38:c6:52:e6:15:99:93:eb:e7:af:28:ad:cb:2a:e4:80:65:
         cb:de:c7:f5:6a:8c:36:26:56:97:78:d7:6c:a2:12:3d:70:13:
         0a:19:53:b8:fa:fb:35:30:f0:32:21:c0:8d:f4:86:5c:81:dd:
         a0:c6:9e:02:0d:4c:a8:08:a1:43:6d:4b:cf:95:9e:4c:74:4f:
         eb:8b:6a:6f:ea:dc:9d:e5:93:be:6c:cf:c1:f8:dc:4d:ae:77:
         b1:9c:84:cf:0a:4b:4c:7a:2d:81:8d:15:7b:23:c4:f4:ec:66:
         13:2d:c6:f6:b8:21:46:39:1e:69:60:8c:37:92:90:81:79:1a:
         56:1d:2b:62:31:41:02:3e:64:f9:24:b3:42:89:f1:aa:9d:ad:
         76:18:1b:ed
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYnvg81L6Da7fKqpHYu/K6haMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwODEzMTUyODU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGZlNDM3MWIyZTNhNmFiMDcwYmI0NTdkZDVkOThiNGVlYjdmNDA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw1SA20udLAlNkGEoUvDUcfLnhgM5
atTRB/n4KeNWKLtrS1PFiKkmPnVS5XORcbwyeBq4ZCh5e9lD58WB+gd8Q5XsHh7q
4bHlF+euP9OQrwapE/KIDSO/pIoCDohrGpJAmY+FuUaiy1SWZc/fvtt2un1Ocold
oJVVTTWkaKci7jBtmJ+tR01Eds/sFM2lMrXZlPGJUWXaCGU6DUW8JFEkq0cJEvju
OudA74oZhsWlxvk5/9smAIEoaVgd33fgSzawa85TpumGkyrEcrffjfUfDOo0Fie4
Rj1Ppy4HfniArN5a48qTBIzz1FQNNbZHSsoW2pSKPNFdsNVGrkSoK9h2OQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK3+Q3Gy46arBwu0V91dmLTut/QHMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvcmY1RGNiTGpwcXNIQzdSWDNWMll0TzYzOUFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCbbDUMA0G
CSqGSIb3DQEBCwUAA4IBAQCpnWbqnvKYeCRhKWNMU4k7pR/QLoX+6r+hFcTTG79T
zZc/DPcI7GORoV9n/pGHnWfNIz0A79mI4/c+6vil43dHuFEpzdXBCBDBef10fbaZ
K2agdTCIPWNmLiwu7BHVENZ73SXwfLoTCTURykHGOMZS5hWZk+vnryityyrkgGXL
3sf1aow2JlaXeNdsohI9cBMKGVO4+vs1MPAyIcCN9IZcgd2gxp4CDUyoCKFDbUvP
lZ5MdE/ri2pv6tyd5ZO+bM/B+NxNrnexnITPCktMei2BjRV7I8T07GYTLcb2uCFG
OR5pYIw3kpCBeRpWHStiMUECPmT5JLNCifGqna12GBvt
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:18 2024 by rpki-client on console-fra.rpki-client.org