Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/8Oc6VO5LlTANpbc6M_RQKGZTsAA.roa
File:                     8Oc6VO5LlTANpbc6M_RQKGZTsAA.roa (raw, json)
Hash identifier:          B7Tv7Z4SsXGqZbfq+2mF8Zxo23pZfP9jNSJCy57pgYI=
Subject key identifier:   F0:E7:3A:54:EE:4B:95:30:0D:A5:B7:3A:33:F4:50:28:66:53:B0:00
Certificate issuer:       /CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Certificate serial:       018EA876A4E75255370C6D9CB6D4010D73EE
Authority key identifier: 44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/8Oc6VO5LlTANpbc6M_RQKGZTsAA.roa
Signing time:             Thu 04 Apr 2024 09:35:31 +0000
ROA not before:           Thu 04 Apr 2024 09:35:31 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     9123
IP address blocks:        109.172.80.0/24 maxlen: 24
                          109.172.81.0/24 maxlen: 24
                          109.172.82.0/24 maxlen: 24
                          109.172.83.0/24 maxlen: 24
                          178.130.132.0/24 maxlen: 24
                          178.130.133.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 16 May 2024 12:37:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:a8:76:a4:e7:52:55:37:0c:6d:9c:b6:d4:01:0d:73:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
        Validity
            Not Before: Apr  4 09:35:31 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=f0e73a54ee4b95300da5b73a33f450286653b000
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:bd:a3:79:2b:d4:94:44:8d:6a:4d:30:9d:fb:
                    03:2e:7d:95:a6:0b:1b:5c:8b:fa:dd:82:8c:16:c8:
                    56:7d:0b:df:ea:a9:d2:ca:ec:ab:ea:0f:e0:f9:6a:
                    4d:50:e7:bc:0a:57:13:5a:a8:96:4d:77:08:a7:97:
                    b6:d5:08:fb:88:59:4d:30:93:9c:b9:52:88:c0:12:
                    00:dc:58:c6:05:f6:5d:de:95:1e:6e:ad:75:ee:ec:
                    6a:0c:b4:5a:11:34:27:39:5f:a0:31:0c:f8:8a:d7:
                    52:ff:9f:27:0b:34:f5:db:ab:ce:7d:7d:77:a0:1c:
                    98:d6:36:60:b8:e3:33:ab:2e:eb:21:f7:f8:e8:b8:
                    fc:69:56:31:d1:09:d5:ab:80:2d:4c:db:78:11:b1:
                    39:d2:4c:22:ce:05:c8:14:6a:03:f9:b5:3c:a0:33:
                    32:4b:fe:f3:3a:99:ea:64:6b:ea:60:fd:a8:7c:28:
                    24:e9:7a:cf:0a:89:21:68:82:76:e8:1e:45:3b:4c:
                    4e:a2:12:13:7c:48:12:d1:24:74:d6:f9:6a:06:38:
                    17:8f:cc:95:24:82:76:93:8f:75:56:a9:c1:f4:76:
                    ae:68:ab:0e:8e:e3:8f:70:86:3d:9b:6c:14:1a:ee:
                    d2:2f:11:01:b7:9c:b5:ab:7b:51:a9:53:d0:5f:f4:
                    8e:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:E7:3A:54:EE:4B:95:30:0D:A5:B7:3A:33:F4:50:28:66:53:B0:00
            X509v3 Authority Key Identifier:
                keyid:44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/8Oc6VO5LlTANpbc6M_RQKGZTsAA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.172.80.0/22
                  178.130.132.0/23

    Signature Algorithm: sha256WithRSAEncryption
         b6:2d:67:c0:6a:da:34:df:84:1f:46:c3:53:4d:47:2e:1b:8e:
         35:54:d7:3a:34:c1:62:2d:0a:65:65:07:a5:42:15:c7:0d:9f:
         b3:64:01:13:a8:7b:8b:88:63:18:12:9e:08:a2:14:7b:77:e9:
         cc:16:e9:b4:16:46:49:2a:12:26:65:23:48:4a:06:39:db:aa:
         65:27:18:b0:9b:ca:57:7f:63:f1:8c:83:76:33:80:a6:f8:58:
         f5:a2:6c:d1:d7:54:ed:ce:be:5b:e7:4b:e7:a9:1d:11:87:23:
         cf:ed:8f:98:9a:70:e6:a8:38:37:a0:22:08:0a:b6:39:99:1a:
         ea:a5:5c:93:d6:2f:c3:07:65:0c:12:a3:3d:5b:a9:8e:12:0d:
         25:ed:d9:58:9d:d9:ef:4f:04:0e:04:ec:b6:72:00:a5:95:0a:
         42:fd:c4:20:3d:d9:c4:1c:30:3b:81:fe:a4:c2:5b:09:fd:e7:
         69:d9:d2:fa:c4:56:ed:ba:3b:ce:62:b6:c6:de:81:a0:07:b2:
         82:5f:96:42:df:a5:57:ac:72:35:06:ce:1f:40:c7:d5:1b:44:
         55:74:60:2d:62:76:dd:47:eb:c2:4f:6d:3f:f1:c0:bc:12:cd:
         f1:fd:13:7c:f5:fd:f2:be:3c:1c:d7:19:87:54:85:26:04:0e:
         9d:0e:67:7d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY6odqTnUlU3DG2cttQBDXPuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTllYzJhNWZkNTM5MDljNTIzOWY0Y2M4ZDZkMzI5YTI3
NzliYjEwHhcNMjQwNDA0MDkzNTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMGU3M2E1NGVlNGI5NTMwMGRhNWI3M2EzM2Y0NTAyODY2NTNiMDAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjr2jeSvUlESNak0wnfsDLn2Vpgsb
XIv63YKMFshWfQvf6qnSyuyr6g/g+WpNUOe8ClcTWqiWTXcIp5e21Qj7iFlNMJOc
uVKIwBIA3FjGBfZd3pUebq117uxqDLRaETQnOV+gMQz4itdS/58nCzT126vOfX13
oByY1jZguOMzqy7rIff46Lj8aVYx0QnVq4AtTNt4EbE50kwizgXIFGoD+bU8oDMy
S/7zOpnqZGvqYP2ofCgk6XrPCokhaIJ26B5FO0xOohITfEgS0SR01vlqBjgXj8yV
JIJ2k491VqnB9HauaKsOjuOPcIY9m2wUGu7SLxEBt5y1q3tRqVPQX/SOBwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPDnOlTuS5UwDaW3OjP0UChmU7AAMB8GA1UdIwQY
MBaAFERZ7Cpf1TkJxSOfTMjW0ymid5uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTkt
NmI0MzcyNjAyMDk2LzEvOE9jNlZPNUxsVEFOcGJjNk1fUlFLR1pUc0FBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTktNmI0MzcyNjAyMDk2
LzEvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCbaxQAwQB
soKEMA0GCSqGSIb3DQEBCwUAA4IBAQC2LWfAato034QfRsNTTUcuG441VNc6NMFi
LQplZQelQhXHDZ+zZAETqHuLiGMYEp4IohR7d+nMFum0FkZJKhImZSNISgY526pl
Jxiwm8pXf2PxjIN2M4Cm+Fj1omzR11Ttzr5b50vnqR0RhyPP7Y+YmnDmqDg3oCII
CrY5mRrqpVyT1i/DB2UMEqM9W6mOEg0l7dlYndnvTwQOBOy2cgCllQpC/cQgPdnE
HDA7gf6kwlsJ/edp2dL6xFbtujvOYrbG3oGgB7KCX5ZC36VXrHI1Bs4fQMfVG0RV
dGAtYnbdR+vCT20/8cC8Es3x/RN89f3yvjwc1xmHVIUmBA6dDmd9
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:58 2024 by rpki-client on console-ams.rpki-client.org