Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/tMBEOy3_GF7cpqphqc6fS2XW_fk.roa
File:                     tMBEOy3_GF7cpqphqc6fS2XW_fk.roa (raw, json)
Hash identifier:          w6UfrGWQTjz6+/EJm33z3mZbLECZY1yqjq/2FN0DiiI=
Subject key identifier:   B4:C0:44:3B:2D:FF:18:5E:DC:A6:AA:61:A9:CE:9F:4B:65:D6:FD:F9
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018D35F8AA96B06B85A2DEEB59E59D4FA4E8
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/tMBEOy3_GF7cpqphqc6fS2XW_fk.roa
Signing time:             Tue 23 Jan 2024 10:58:25 +0000
ROA not before:           Tue 23 Jan 2024 10:58:25 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     215732
IP address blocks:        109.176.253.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 11 May 2024 21:06:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:35:f8:aa:96:b0:6b:85:a2:de:eb:59:e5:9d:4f:a4:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jan 23 10:58:25 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=b4c0443b2dff185edca6aa61a9ce9f4b65d6fdf9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:93:70:f6:0d:cc:8d:da:53:2e:2a:36:4e:1d:
                    5d:1e:84:2a:79:cb:10:fa:36:42:21:32:a3:63:a4:
                    64:35:2e:30:c0:71:34:ae:65:83:11:aa:0a:bd:e4:
                    83:47:08:43:d6:9d:e9:0d:43:eb:e1:78:9f:d8:59:
                    4f:43:7c:e5:26:51:8e:91:e6:1f:54:b2:3a:4a:63:
                    34:93:25:d8:9d:d0:aa:1a:54:2f:13:da:08:06:a8:
                    9f:ec:61:e1:86:41:27:6c:7a:31:77:1a:49:8e:74:
                    02:6d:4b:f0:b9:fd:55:07:b0:f3:16:fe:ea:d1:d5:
                    c7:2c:2f:08:63:3b:f7:03:ad:39:bb:b2:dd:70:90:
                    48:04:8f:cf:9f:de:be:cb:5c:71:eb:31:62:e0:6a:
                    af:38:4a:f3:86:fe:e6:18:da:d3:6d:57:58:58:4a:
                    d8:ff:44:8e:8d:91:f9:ca:05:7c:24:fb:a2:38:5b:
                    7f:ee:ea:47:a4:c1:30:a3:0c:a2:90:6f:1f:24:13:
                    d7:0a:a7:5c:1c:2c:ba:fa:46:f2:95:41:4b:c7:53:
                    98:e0:c2:24:03:d1:e1:c4:cd:91:39:2d:ef:ed:89:
                    f8:a2:ab:ec:de:a7:f4:3f:c7:5d:57:08:ce:aa:3c:
                    2c:63:55:03:a4:75:e5:6c:36:19:6e:cd:3c:4d:b0:
                    51:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:C0:44:3B:2D:FF:18:5E:DC:A6:AA:61:A9:CE:9F:4B:65:D6:FD:F9
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/tMBEOy3_GF7cpqphqc6fS2XW_fk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.176.253.0/24

    Signature Algorithm: sha256WithRSAEncryption
         11:72:74:30:46:b8:7d:58:0a:74:95:8d:58:f6:0c:f4:66:d3:
         1a:e1:ca:47:7e:a7:33:21:38:99:73:20:bb:2c:f7:ff:8f:bb:
         e3:e8:1c:47:63:d4:6c:cd:6a:c3:bf:d3:15:22:0b:a6:1a:52:
         ac:68:3c:b8:a6:bb:35:6f:33:7e:79:73:5a:62:76:11:51:de:
         11:44:dd:8a:12:9f:69:51:4e:1a:64:23:2b:1c:c2:0b:87:69:
         7f:49:e8:77:c6:6a:43:d5:18:74:b4:71:13:c6:76:cc:63:a5:
         3b:bc:d5:d7:90:f0:a0:38:02:cf:0c:79:bc:5c:29:ef:78:e0:
         06:1b:f4:1f:5a:4f:23:a1:7b:ab:b2:e6:a0:42:4c:ec:6f:46:
         fb:d7:2e:32:96:0b:78:dc:5d:25:33:10:e8:78:dc:6d:bf:41:
         65:a7:33:6a:67:c8:33:6e:29:a2:58:89:56:b2:6d:de:3e:95:
         0e:72:4e:cf:2e:4e:41:c4:67:47:ba:6a:17:66:5c:2d:c3:d4:
         74:b3:57:f9:d7:a5:d4:ff:85:a0:7b:fb:58:64:5b:89:dd:9a:
         c5:e0:21:2c:ec:4d:ac:98:6c:0a:c3:2a:8e:ce:9e:33:be:8a:
         a5:ef:25:ff:f2:6b:75:a3:8b:dc:66:39:0c:bc:a5:1d:66:d8:
         f8:b9:89:b6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY01+KqWsGuFot7rWeWdT6ToMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMTIzMTA1ODI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGMwNDQzYjJkZmYxODVlZGNhNmFhNjFhOWNlOWY0YjY1ZDZmZGY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoZNw9g3MjdpTLio2Th1dHoQqecsQ
+jZCITKjY6RkNS4wwHE0rmWDEaoKveSDRwhD1p3pDUPr4Xif2FlPQ3zlJlGOkeYf
VLI6SmM0kyXYndCqGlQvE9oIBqif7GHhhkEnbHoxdxpJjnQCbUvwuf1VB7DzFv7q
0dXHLC8IYzv3A605u7LdcJBIBI/Pn96+y1xx6zFi4GqvOErzhv7mGNrTbVdYWErY
/0SOjZH5ygV8JPuiOFt/7upHpMEwowyikG8fJBPXCqdcHCy6+kbylUFLx1OY4MIk
A9HhxM2ROS3v7Yn4oqvs3qf0P8ddVwjOqjwsY1UDpHXlbDYZbs08TbBRAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLTARDst/xhe3KaqYanOn0tl1v35MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvdE1CRU95M19HRjdjcHFwaHFjNmZTMlhXX2ZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbbD9MA0G
CSqGSIb3DQEBCwUAA4IBAQARcnQwRrh9WAp0lY1Y9gz0ZtMa4cpHfqczITiZcyC7
LPf/j7vj6BxHY9RszWrDv9MVIgumGlKsaDy4prs1bzN+eXNaYnYRUd4RRN2KEp9p
UU4aZCMrHMILh2l/Seh3xmpD1Rh0tHETxnbMY6U7vNXXkPCgOALPDHm8XCnveOAG
G/QfWk8joXursuagQkzsb0b71y4ylgt43F0lMxDoeNxtv0FlpzNqZ8gzbimiWIlW
sm3ePpUOck7PLk5BxGdHumoXZlwtw9R0s1f516XU/4Wge/tYZFuJ3ZrF4CEs7E2s
mGwKwyqOzp4zvoql7yX/8mt1o4vcZjkMvKUdZtj4uYm2
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:18 2024 by rpki-client on console-fra.rpki-client.org