Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/w9h4VKozXn0YCWsg4JsqmZIWLf8.roa
File:                     w9h4VKozXn0YCWsg4JsqmZIWLf8.roa (raw, json)
Hash identifier:          sED68Exg5vE09/lQHDmcqUkCBkVJplxm5pdab76GQ8w=
Subject key identifier:   C3:D8:78:54:AA:33:5E:7D:18:09:6B:20:E0:9B:2A:99:92:16:2D:FF
Certificate issuer:       /CN=411dea53467b6c7143eb23d284569a8183b2e82f
Certificate serial:       018DD126A99C37F1479EB242CE860B26B3A4
Authority key identifier: 41:1D:EA:53:46:7B:6C:71:43:EB:23:D2:84:56:9A:81:83:B2:E8:2F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QR3qU0Z7bHFD6yPShFaagYOy6C8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/w9h4VKozXn0YCWsg4JsqmZIWLf8.roa
Signing time:             Thu 22 Feb 2024 14:09:48 +0000
ROA not before:           Thu 22 Feb 2024 14:09:48 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     174
IP address blocks:        84.239.5.0/24 maxlen: 24
                          84.239.18.0/24 maxlen: 24
                          84.239.29.0/24 maxlen: 24
                          84.239.30.0/24 maxlen: 24
                          84.239.43.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 25 Mar 2024 10:36:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:d1:26:a9:9c:37:f1:47:9e:b2:42:ce:86:0b:26:b3:a4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=411dea53467b6c7143eb23d284569a8183b2e82f
        Validity
            Not Before: Feb 22 14:09:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=c3d87854aa335e7d18096b20e09b2a9992162dff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:11:a1:40:1f:e4:75:cd:09:84:c8:03:50:ed:
                    f0:8f:b6:12:a1:75:ad:a6:4d:28:9c:e4:6b:3f:dd:
                    2b:a0:f8:db:cf:2a:1f:15:d7:f4:41:c0:27:02:a9:
                    95:4a:8d:5c:e4:01:14:ad:e4:fd:60:43:98:97:21:
                    cc:79:f2:8e:a1:26:69:e7:20:05:61:cb:da:86:f7:
                    f7:d2:36:f1:c8:9c:b1:7e:54:9e:13:3b:37:c8:9f:
                    53:16:85:04:3c:48:c9:e2:a6:78:78:3d:1a:37:9e:
                    6d:2c:ee:a6:ef:0e:2d:21:1c:52:3e:69:b0:77:39:
                    56:6c:6e:ad:ee:50:8f:fc:83:8b:9e:52:7c:09:b8:
                    ee:82:d2:fe:49:c6:d8:1e:78:ee:9c:65:20:e3:af:
                    36:83:1d:44:61:0b:2a:b6:24:11:b6:96:16:c9:d7:
                    fc:95:6a:69:91:5b:22:43:f7:40:5e:d4:fb:bc:23:
                    8c:0b:97:2a:23:08:df:2b:9f:d4:1e:b4:98:bf:01:
                    7b:70:b0:35:1e:7e:7b:7d:0a:6e:aa:dc:84:0d:78:
                    ce:9b:32:63:bc:36:b9:c5:e3:e2:7b:bf:78:b9:3e:
                    3c:45:be:6d:24:7e:4c:30:77:21:87:b1:5e:e4:11:
                    57:43:1f:9c:bf:57:25:26:b2:66:67:2e:2a:eb:b9:
                    2d:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:D8:78:54:AA:33:5E:7D:18:09:6B:20:E0:9B:2A:99:92:16:2D:FF
            X509v3 Authority Key Identifier:
                keyid:41:1D:EA:53:46:7B:6C:71:43:EB:23:D2:84:56:9A:81:83:B2:E8:2F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QR3qU0Z7bHFD6yPShFaagYOy6C8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/w9h4VKozXn0YCWsg4JsqmZIWLf8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/QR3qU0Z7bHFD6yPShFaagYOy6C8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.239.5.0/24
                  84.239.18.0/24
                  84.239.29.0-84.239.30.255
                  84.239.43.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0f:f4:87:fe:39:be:bf:74:9b:fb:1c:49:5a:5e:ae:ab:17:6b:
         dc:c6:77:74:70:e1:6d:a2:f5:c8:ee:aa:21:db:81:2f:d1:fd:
         a3:c7:c6:24:e6:27:08:32:0a:d7:ae:8e:59:98:23:1b:4b:fb:
         5a:43:7d:b9:8a:5e:e6:2c:81:b8:41:98:5a:70:c8:dd:57:f1:
         c8:c6:14:82:9d:89:b9:53:6b:e9:ec:31:b7:cc:c0:88:87:63:
         76:b3:d2:de:5c:b2:c0:a1:cd:0d:29:eb:38:b7:c4:ec:d3:c3:
         f1:35:03:12:34:b1:47:fc:ce:73:c4:72:df:95:8c:2c:6f:87:
         e6:6c:ab:c4:a0:54:1a:6e:cf:18:7a:d4:4a:72:d0:b6:c3:81:
         c9:6c:68:ca:7c:de:ad:6b:22:de:5e:ae:3e:bc:6b:ee:a3:fc:
         b9:d1:42:e4:f6:88:1f:de:a5:28:87:82:0e:17:57:6b:b4:70:
         62:21:93:ac:1d:d3:56:61:17:29:ae:49:38:b7:49:d8:77:e8:
         99:56:f8:a3:f3:a3:b4:f7:8b:c9:ce:f7:17:3a:17:c4:0f:3c:
         74:f1:40:98:39:1c:6f:2e:35:e8:ac:d2:b1:5f:8b:a1:2b:84:
         31:6f:6c:96:b6:5d:53:29:dc:9c:cc:e1:51:09:c0:a9:61:d4:
         5b:90:70:ac
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAY3RJqmcN/FHnrJCzoYLJrOkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMWRlYTUzNDY3YjZjNzE0M2ViMjNkMjg0NTY5YTgxODNi
MmU4MmYwHhcNMjQwMjIyMTQwOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjM2Q4Nzg1NGFhMzM1ZTdkMTgwOTZiMjBlMDliMmE5OTkyMTYyZGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyhGhQB/kdc0JhMgDUO3wj7YSoXWt
pk0onORrP90roPjbzyofFdf0QcAnAqmVSo1c5AEUreT9YEOYlyHMefKOoSZp5yAF
Ycvahvf30jbxyJyxflSeEzs3yJ9TFoUEPEjJ4qZ4eD0aN55tLO6m7w4tIRxSPmmw
dzlWbG6t7lCP/IOLnlJ8CbjugtL+ScbYHnjunGUg4682gx1EYQsqtiQRtpYWydf8
lWppkVsiQ/dAXtT7vCOMC5cqIwjfK5/UHrSYvwF7cLA1Hn57fQpuqtyEDXjOmzJj
vDa5xePie794uT48Rb5tJH5MMHchh7Fe5BFXQx+cv1clJrJmZy4q67kt2QIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFMPYeFSqM159GAlrIOCbKpmSFi3/MB8GA1UdIwQY
MBaAFEEd6lNGe2xxQ+sj0oRWmoGDsugvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVIzcVUwWjdiSEZENnlQU2hGYWFnWU95NkM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9lYWNjZTUtZTRkZC00ZDlmLThlYzEt
NDcxMjBiOTA2OWI3LzEvdzloNFZLb3pYbjBZQ1dzZzRKc3FtWklXTGY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9lYWNjZTUtZTRkZC00ZDlmLThlYzEtNDcxMjBiOTA2OWI3
LzEvUVIzcVUwWjdiSEZENnlQU2hGYWFnWU95NkM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAVO8FAwQA
VO8SMAwDBABU7x0DBABU7x4DBABU7yswDQYJKoZIhvcNAQELBQADggEBAA/0h/45
vr90m/scSVperqsXa9zGd3Rw4W2i9cjuqiHbgS/R/aPHxiTmJwgyCteujlmYIxtL
+1pDfbmKXuYsgbhBmFpwyN1X8cjGFIKdiblTa+nsMbfMwIiHY3az0t5cssChzQ0p
6zi3xOzTw/E1AxI0sUf8znPEct+VjCxvh+Zsq8SgVBpuzxh61Epy0LbDgclsaMp8
3q1rIt5erj68a+6j/LnRQuT2iB/epSiHgg4XV2u0cGIhk6wd01ZhFymuSTi3Sdh3
6JlW+KPzo7T3i8nO9xc6F8QPPHTxQJg5HG8uNeis0rFfi6ErhDFvbJa2XVMp3JzM
4VEJwKlh1FuQcKw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:02 2024 by rpki-client on console-fra.rpki-client.org