Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/c7ee9e-b5bf-4c2d-a983-dee3ed497aee/1/92WYtWvhngCXyU0sYllZFMDwDpU.roa
File:                     92WYtWvhngCXyU0sYllZFMDwDpU.roa (raw, json)
Hash identifier:          6C03zijzv8RySmsnspAc+Q+G4B8ExOdWd2pZe7Boefk=
Subject key identifier:   F7:65:98:B5:6B:E1:9E:00:97:C9:4D:2C:62:59:59:14:C0:F0:0E:95
Certificate issuer:       /CN=05e9fca0a8584feb1c12319071423061b08fe456
Certificate serial:       018EE607129A0AE4E0988D5F71647BD8CBCC
Authority key identifier: 05:E9:FC:A0:A8:58:4F:EB:1C:12:31:90:71:42:30:61:B0:8F:E4:56
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ben8oKhYT-scEjGQcUIwYbCP5FY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bd/c7ee9e-b5bf-4c2d-a983-dee3ed497aee/1/92WYtWvhngCXyU0sYllZFMDwDpU.roa
Signing time:             Tue 16 Apr 2024 08:30:06 +0000
ROA not before:           Tue 16 Apr 2024 08:30:06 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     216024
IP address blocks:        109.107.171.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 09 Aug 2024 10:30:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:e6:07:12:9a:0a:e4:e0:98:8d:5f:71:64:7b:d8:cb:cc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=05e9fca0a8584feb1c12319071423061b08fe456
        Validity
            Not Before: Apr 16 08:30:06 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=f76598b56be19e0097c94d2c62595914c0f00e95
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:1b:8f:07:20:8e:c1:a2:1d:86:1d:90:31:d8:
                    be:db:c9:cc:cb:2f:4d:e9:b8:ff:e1:43:2e:58:e1:
                    76:9c:da:83:e5:95:b4:c9:71:f1:6f:4e:d7:34:d5:
                    66:92:be:20:8b:8f:dc:c2:58:24:81:eb:7a:1a:d4:
                    3c:06:b0:4e:14:5c:90:4b:86:4d:6e:32:01:91:d8:
                    b3:3f:fc:16:2e:93:4b:73:f4:18:33:09:38:6e:7c:
                    4f:71:db:b4:c4:4b:78:34:0e:43:76:ba:3b:c6:61:
                    9e:84:7b:fd:0e:5a:33:45:28:d5:f0:d2:33:e9:d1:
                    98:eb:f5:c0:e8:84:80:34:76:f0:57:11:f5:40:30:
                    0b:40:60:a4:02:6c:38:3c:a8:85:c5:7f:35:93:7f:
                    58:86:16:e9:ce:a6:dc:2b:e0:68:06:19:ad:cf:6e:
                    2a:35:2a:f3:e8:4a:4a:f9:3d:f9:ba:13:f4:73:6c:
                    ee:d3:fb:35:4b:ce:91:dc:fc:fd:5d:fb:71:e5:3e:
                    c2:5b:9a:1e:b5:5d:4b:2c:67:8b:05:63:e4:29:f0:
                    a3:f9:0e:b6:b1:b9:58:f1:ad:c3:e0:b3:42:33:ad:
                    39:ee:34:21:96:7f:9f:d7:a3:19:e1:da:bb:da:43:
                    5c:b1:d3:23:ab:7d:77:57:9f:2d:8c:2e:d1:ed:3a:
                    09:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:65:98:B5:6B:E1:9E:00:97:C9:4D:2C:62:59:59:14:C0:F0:0E:95
            X509v3 Authority Key Identifier:
                keyid:05:E9:FC:A0:A8:58:4F:EB:1C:12:31:90:71:42:30:61:B0:8F:E4:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ben8oKhYT-scEjGQcUIwYbCP5FY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/c7ee9e-b5bf-4c2d-a983-dee3ed497aee/1/92WYtWvhngCXyU0sYllZFMDwDpU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/c7ee9e-b5bf-4c2d-a983-dee3ed497aee/1/Ben8oKhYT-scEjGQcUIwYbCP5FY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.107.171.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5d:8f:a4:ed:50:c9:9f:cc:33:28:f0:3f:1c:4b:16:44:29:c4:
         be:b2:f1:83:1e:32:b6:7d:81:ec:0c:0f:cb:8d:95:9f:6b:58:
         68:66:31:ec:52:37:fa:ca:a6:22:12:dc:27:0e:39:e2:30:b1:
         78:8a:eb:a8:fe:c4:e1:48:43:bf:4e:17:68:b8:96:ff:45:26:
         f5:6f:02:00:88:1f:92:41:88:8e:19:96:c0:fd:29:b5:b6:77:
         ff:31:1a:b4:9e:c7:50:26:95:56:5e:b9:26:d0:10:6f:3e:9b:
         a3:0e:63:aa:2c:2d:02:53:67:b1:6e:60:40:7a:23:89:66:6b:
         d2:dd:17:75:db:5d:45:61:e9:c0:33:9d:84:3e:2f:c5:09:8e:
         21:5b:cf:7a:3c:b0:fe:e8:45:8d:dd:61:0f:51:c9:a8:8e:82:
         bf:34:f1:e7:27:15:b2:6c:00:4a:92:a6:cf:2b:1e:b2:7c:24:
         58:90:80:2f:6c:0d:c0:a5:6f:56:69:d8:a7:5c:5f:29:41:5f:
         08:b4:20:d9:12:00:9c:93:4e:2f:10:01:84:58:5a:40:86:a7:
         71:a0:9b:cc:8b:6c:8c:ec:5e:2f:e1:23:cc:98:08:1d:de:7c:
         85:51:62:57:4f:d5:9b:4a:82:00:f9:af:9c:44:8d:e5:86:2f:
         b4:9b:24:14
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY7mBxKaCuTgmI1fcWR72MvMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1ZTlmY2EwYTg1ODRmZWIxYzEyMzE5MDcxNDIzMDYxYjA4
ZmU0NTYwHhcNMjQwNDE2MDgzMDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzY1OThiNTZiZTE5ZTAwOTdjOTRkMmM2MjU5NTkxNGMwZjAwZTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmxuPByCOwaIdhh2QMdi+28nMyy9N
6bj/4UMuWOF2nNqD5ZW0yXHxb07XNNVmkr4gi4/cwlgkget6GtQ8BrBOFFyQS4ZN
bjIBkdizP/wWLpNLc/QYMwk4bnxPcdu0xEt4NA5Ddro7xmGehHv9DlozRSjV8NIz
6dGY6/XA6ISANHbwVxH1QDALQGCkAmw4PKiFxX81k39YhhbpzqbcK+BoBhmtz24q
NSrz6EpK+T35uhP0c2zu0/s1S86R3Pz9Xftx5T7CW5oetV1LLGeLBWPkKfCj+Q62
sblY8a3D4LNCM6057jQhln+f16MZ4dq72kNcsdMjq313V58tjC7R7ToJ2QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPdlmLVr4Z4Al8lNLGJZWRTA8A6VMB8GA1UdIwQY
MBaAFAXp/KCoWE/rHBIxkHFCMGGwj+RWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmVuOG9LaFlULXNjRWpHUWNVSXdZYkNQNUZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9jN2VlOWUtYjViZi00YzJkLWE5ODMt
ZGVlM2VkNDk3YWVlLzEvOTJXWXRXdmhuZ0NYeVUwc1lsbFpGTUR3RHBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9jN2VlOWUtYjViZi00YzJkLWE5ODMtZGVlM2VkNDk3YWVl
LzEvQmVuOG9LaFlULXNjRWpHUWNVSXdZYkNQNUZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbWurMA0G
CSqGSIb3DQEBCwUAA4IBAQBdj6TtUMmfzDMo8D8cSxZEKcS+svGDHjK2fYHsDA/L
jZWfa1hoZjHsUjf6yqYiEtwnDjniMLF4iuuo/sThSEO/ThdouJb/RSb1bwIAiB+S
QYiOGZbA/Sm1tnf/MRq0nsdQJpVWXrkm0BBvPpujDmOqLC0CU2exbmBAeiOJZmvS
3Rd1211FYenAM52EPi/FCY4hW896PLD+6EWN3WEPUcmojoK/NPHnJxWybABKkqbP
Kx6yfCRYkIAvbA3ApW9WadinXF8pQV8ItCDZEgCck04vEAGEWFpAhqdxoJvMi2yM
7F4v4SPMmAgd3nyFUWJXT9WbSoIA+a+cRI3lhi+0myQU
-----END CERTIFICATE-----
Generated at Fri Aug 9 13:17:21 2024 by rpki-client on console-ams.rpki-client.org