Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/898741-eda4-4c5d-af9f-8d68eb20fbdd/1/dv8zZK3VmgMTTfA7VC2XEUMN0UQ.roa
File:                     dv8zZK3VmgMTTfA7VC2XEUMN0UQ.roa (raw, json)
Hash identifier:          oNnaCfuxUm6yiW629tDRnN32HSp1I1L3qbgwRn4vkjM=
Subject key identifier:   76:FF:33:64:AD:D5:9A:03:13:4D:F0:3B:54:2D:97:11:43:0D:D1:44
Certificate issuer:       /CN=9fb4a8b93af9ea9cf18aaca4e73f116ec26eb357
Certificate serial:       018C5E5C86BEE35E1281C418EA783A9C0631
Authority key identifier: 9F:B4:A8:B9:3A:F9:EA:9C:F1:8A:AC:A4:E7:3F:11:6E:C2:6E:B3:57
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/n7SouTr56pzxiqyk5z8RbsJus1c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c8/898741-eda4-4c5d-af9f-8d68eb20fbdd/1/dv8zZK3VmgMTTfA7VC2XEUMN0UQ.roa
Signing time:             Tue 12 Dec 2023 14:09:31 +0000
ROA not before:           Tue 12 Dec 2023 14:09:31 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     43060
IP address blocks:        91.196.76.0/23 maxlen: 24
                          185.196.216.0/22 maxlen: 22
                          94.158.48.0/21 maxlen: 21
                          94.158.48.0/20 maxlen: 20
                          94.158.56.0/24 maxlen: 24
                          94.158.57.0/24 maxlen: 24
                          94.158.58.0/24 maxlen: 24
                          94.158.60.0/24 maxlen: 24
                          94.158.61.0/24 maxlen: 24
                          94.158.62.0/24 maxlen: 24
                          94.158.63.0/24 maxlen: 24
                          94.158.59.0/24 maxlen: 24
                          2a04:1b80::/32 maxlen: 36

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 08:30:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:5e:5c:86:be:e3:5e:12:81:c4:18:ea:78:3a:9c:06:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9fb4a8b93af9ea9cf18aaca4e73f116ec26eb357
        Validity
            Not Before: Dec 12 14:09:31 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=76ff3364add59a03134df03b542d9711430dd144
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:eb:96:f2:5d:76:01:20:ce:b5:86:5c:a9:09:
                    d3:a7:53:19:c3:63:2f:fe:14:38:47:35:8b:0d:f7:
                    ac:70:7a:21:55:20:58:c3:f6:17:aa:09:20:b4:44:
                    e9:55:5a:37:5b:05:d1:eb:4d:88:a0:5a:47:50:4a:
                    01:28:cb:f5:4b:b4:16:84:91:78:60:77:52:27:a1:
                    27:5b:54:7f:c2:dc:23:d4:a1:01:2c:ef:7c:b4:6d:
                    4f:8e:5c:2b:e6:9c:ad:83:e8:ca:c6:e9:c0:ca:44:
                    ac:af:af:47:b5:f7:8c:fc:73:bf:6f:0a:ec:67:44:
                    b9:a1:f4:c8:fe:e0:2b:04:ad:be:72:20:3d:0f:b3:
                    3c:f1:19:bf:0c:f8:c9:68:0b:af:ce:d8:f6:93:9f:
                    6d:a3:5f:12:25:50:f6:e5:28:fb:d1:be:93:2a:9c:
                    d1:5b:ca:16:9f:af:13:27:4c:98:40:1c:12:02:02:
                    d7:ed:e2:4a:59:ca:e8:63:e3:e5:66:0c:d8:15:9f:
                    d2:93:a8:d0:62:a9:72:16:e9:f1:80:bd:13:82:0e:
                    69:51:10:c4:14:45:7f:fd:f9:64:b7:7a:90:33:0f:
                    ec:5d:d8:f3:6b:c3:a3:31:20:1d:2d:9a:11:d8:77:
                    d3:11:a4:83:81:71:f8:a6:78:af:51:b2:32:f9:2b:
                    eb:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:FF:33:64:AD:D5:9A:03:13:4D:F0:3B:54:2D:97:11:43:0D:D1:44
            X509v3 Authority Key Identifier:
                keyid:9F:B4:A8:B9:3A:F9:EA:9C:F1:8A:AC:A4:E7:3F:11:6E:C2:6E:B3:57

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n7SouTr56pzxiqyk5z8RbsJus1c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/898741-eda4-4c5d-af9f-8d68eb20fbdd/1/dv8zZK3VmgMTTfA7VC2XEUMN0UQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/898741-eda4-4c5d-af9f-8d68eb20fbdd/1/n7SouTr56pzxiqyk5z8RbsJus1c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.196.76.0/23
                  94.158.48.0/20
                  185.196.216.0/22
                IPv6:
                  2a04:1b80::/32

    Signature Algorithm: sha256WithRSAEncryption
         63:76:00:d2:1f:9b:7e:21:f4:b7:a6:e4:f9:46:20:05:9a:e8:
         6e:03:8e:61:48:c2:ee:8b:fc:5e:5f:26:42:00:90:30:4f:f7:
         f6:d6:65:b7:61:ed:e5:d1:1e:f6:73:30:a3:ee:bf:32:8f:2a:
         f9:15:f6:40:f4:ec:74:ee:e3:2a:69:68:9d:44:0a:8e:4d:85:
         ca:d3:49:f1:9f:13:63:8b:4c:9f:ff:28:8f:25:7c:ed:d2:29:
         cf:10:60:6c:04:ee:7e:d6:bf:00:7f:b0:84:e5:a8:6f:93:17:
         ec:d3:55:97:d9:c5:4e:d7:a5:9b:ba:15:4a:df:f0:23:22:f1:
         7c:dd:6c:2e:96:53:1f:25:8e:d5:9c:79:1f:ee:73:7d:d9:8d:
         25:78:15:f8:8d:4b:34:e5:57:7b:9a:6e:22:3e:bd:11:f0:14:
         f6:ff:5d:60:b5:7d:b1:3a:f7:ce:fb:ae:27:f7:6e:57:7b:3d:
         45:2c:a8:12:31:e1:ef:9b:55:52:49:ca:5f:df:cc:cc:cd:58:
         5a:56:00:04:cf:3e:ad:eb:ee:02:64:1a:c4:c7:af:67:e1:6c:
         6f:fc:4d:a5:a9:2e:12:01:13:86:b7:ad:bd:65:43:b7:93:8e:
         bf:29:4d:68:aa:14:ab:00:79:94:eb:50:4d:f8:91:f1:7c:d6:
         dd:6b:f1:f5
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYxeXIa+414SgcQY6ng6nAYxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmYjRhOGI5M2FmOWVhOWNmMThhYWNhNGU3M2YxMTZlYzI2
ZWIzNTcwHhcNMjMxMjEyMTQwOTMxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmZmMzM2NGFkZDU5YTAzMTM0ZGYwM2I1NDJkOTcxMTQzMGRkMTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjuuW8l12ASDOtYZcqQnTp1MZw2Mv
/hQ4RzWLDfescHohVSBYw/YXqgkgtETpVVo3WwXR602IoFpHUEoBKMv1S7QWhJF4
YHdSJ6EnW1R/wtwj1KEBLO98tG1Pjlwr5pytg+jKxunAykSsr69HtfeM/HO/bwrs
Z0S5ofTI/uArBK2+ciA9D7M88Rm/DPjJaAuvztj2k59to18SJVD25Sj70b6TKpzR
W8oWn68TJ0yYQBwSAgLX7eJKWcroY+PlZgzYFZ/Sk6jQYqlyFunxgL0Tgg5pURDE
FEV//flkt3qQMw/sXdjza8OjMSAdLZoR2HfTEaSDgXH4pnivUbIy+Svr1QIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFHb/M2St1ZoDE03wO1QtlxFDDdFEMB8GA1UdIwQY
MBaAFJ+0qLk6+eqc8YqspOc/EW7CbrNXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbjdTb3VUcjU2cHp4aXF5azV6OFJic0p1czFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC84OTg3NDEtZWRhNC00YzVkLWFmOWYt
OGQ2OGViMjBmYmRkLzEvZHY4elpLM1ZtZ01UVGZBN1ZDMlhFVU1OMFVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC84OTg3NDEtZWRhNC00YzVkLWFmOWYtOGQ2OGViMjBmYmRk
LzEvbjdTb3VUcjU2cHp4aXF5azV6OFJic0p1czFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQBW8RMAwQE
Xp4wAwQCucTYMA0EAgACMAcDBQAqBBuAMA0GCSqGSIb3DQEBCwUAA4IBAQBjdgDS
H5t+IfS3puT5RiAFmuhuA45hSMLui/xeXyZCAJAwT/f21mW3Ye3l0R72czCj7r8y
jyr5FfZA9Ox07uMqaWidRAqOTYXK00nxnxNji0yf/yiPJXzt0inPEGBsBO5+1r8A
f7CE5ahvkxfs01WX2cVO16WbuhVK3/AjIvF83WwullMfJY7VnHkf7nN92Y0leBX4
jUs05Vd7mm4iPr0R8BT2/11gtX2xOvfO+64n925Xez1FLKgSMeHvm1VSScpf38zM
zVhaVgAEzz6t6+4CZBrEx69n4Wxv/E2lqS4SAROGt629ZUO3k46/KU1oqhSrAHmU
61BN+JHxfNbda/H1
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:34 2024 by rpki-client on console-fra.rpki-client.org