Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/0ee921-a721-4f09-80f2-7113fc1b865b/1/PyO0SmQhyFua9-qgVjp83nmCUfk.roa
File:                     PyO0SmQhyFua9-qgVjp83nmCUfk.roa (raw, json)
Hash identifier:          d8k6SEdaCQzdOMe3T61RvvvOflDcPVn79WRbwejNgDU=
Subject key identifier:   3F:23:B4:4A:64:21:C8:5B:9A:F7:EA:A0:56:3A:7C:DE:79:82:51:F9
Certificate issuer:       /CN=bc8a3bc47d13c83f7d1cf72a137e0066f83d0608
Certificate serial:       0187E74688337C4374FE56EA42840DD63796
Authority key identifier: BC:8A:3B:C4:7D:13:C8:3F:7D:1C:F7:2A:13:7E:00:66:F8:3D:06:08
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vIo7xH0TyD99HPcqE34AZvg9Bgg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e3/0ee921-a721-4f09-80f2-7113fc1b865b/1/PyO0SmQhyFua9-qgVjp83nmCUfk.roa
Signing time:             Thu 04 May 2023 14:59:31 +0000
ROA not before:           Thu 04 May 2023 14:59:31 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     9076
IP address blocks:        212.104.1.0/24 maxlen: 24
                          212.104.10.0/24 maxlen: 24
                          212.104.14.0/24 maxlen: 24
                          212.104.43.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:30:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:e7:46:88:33:7c:43:74:fe:56:ea:42:84:0d:d6:37:96
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bc8a3bc47d13c83f7d1cf72a137e0066f83d0608
        Validity
            Not Before: May  4 14:59:31 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3f23b44a6421c85b9af7eaa0563a7cde798251f9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:0f:16:2f:9c:5b:4c:c6:94:ac:23:3f:71:c1:
                    26:ea:4d:7f:54:1d:0a:a3:12:3a:e0:f7:30:23:92:
                    77:c6:03:0e:5c:e9:7e:89:95:e7:9e:e7:0a:94:6d:
                    ac:6e:e4:56:bc:66:3f:db:0a:07:13:4d:3a:26:53:
                    1a:3b:41:ca:3b:0b:52:22:a3:ce:08:d0:1a:60:b7:
                    46:91:bc:45:be:f2:cf:5f:20:6d:88:06:9d:8e:a9:
                    45:b6:73:94:17:af:91:a3:fe:6e:63:52:8d:1a:6c:
                    6d:95:89:75:fd:ec:14:67:b3:5b:94:1b:d5:05:57:
                    a6:e0:68:b5:2f:29:ba:95:9c:37:85:3e:c1:eb:be:
                    a2:c7:bd:8d:4c:68:bc:de:31:8d:67:ef:64:8a:9c:
                    dc:6b:f0:c3:a2:93:9a:f5:dc:ea:af:c0:ad:df:50:
                    77:cb:02:ee:33:81:7d:9b:fb:1c:b3:14:f0:43:9c:
                    63:0d:96:92:6c:9d:8b:73:ae:7e:6e:fe:3b:5c:41:
                    a4:68:e7:78:c1:71:40:45:70:bb:eb:d8:16:7c:2d:
                    28:e9:94:5d:85:6a:10:a7:1d:f3:76:14:eb:e3:ed:
                    ca:95:c2:2b:30:53:50:b9:86:c7:7b:2d:95:39:05:
                    a4:c1:e3:4e:a2:a0:f6:79:fa:46:cb:58:8a:2e:da:
                    58:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:23:B4:4A:64:21:C8:5B:9A:F7:EA:A0:56:3A:7C:DE:79:82:51:F9
            X509v3 Authority Key Identifier:
                keyid:BC:8A:3B:C4:7D:13:C8:3F:7D:1C:F7:2A:13:7E:00:66:F8:3D:06:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vIo7xH0TyD99HPcqE34AZvg9Bgg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/0ee921-a721-4f09-80f2-7113fc1b865b/1/PyO0SmQhyFua9-qgVjp83nmCUfk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/0ee921-a721-4f09-80f2-7113fc1b865b/1/vIo7xH0TyD99HPcqE34AZvg9Bgg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.104.1.0/24
                  212.104.10.0/24
                  212.104.14.0/24
                  212.104.43.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1d:50:41:4e:25:9c:7c:e7:13:a1:15:58:e9:4c:28:b7:8a:69:
         fe:4e:0f:54:2c:fc:5e:66:8c:03:9b:4a:7d:e9:82:03:d9:b1:
         3c:13:a3:af:bd:8f:7e:93:6b:c3:13:5b:e8:09:44:27:fd:67:
         a5:9c:2c:21:df:c1:14:8b:b1:1b:ad:e9:6c:9b:c0:e3:11:ea:
         17:dd:f7:66:ec:d4:a2:1f:0b:cc:2e:c1:b5:2e:d6:fe:c9:ab:
         20:13:54:54:40:82:82:bb:3c:17:69:aa:c4:da:e3:ee:22:f2:
         36:9b:38:a2:b9:f8:ae:7c:9a:e3:de:8d:31:80:34:f7:93:73:
         e3:b6:15:6b:94:d8:8f:93:33:90:80:76:86:d8:38:8b:2c:57:
         b2:12:d6:48:11:6d:c8:2c:f0:56:69:d9:41:0b:81:c0:12:dc:
         8f:1c:9f:cc:83:08:e2:ca:57:1d:c5:e6:45:b4:c6:7e:e6:84:
         69:fb:82:f4:64:9f:2d:62:42:f1:cc:2d:48:b0:7d:93:43:44:
         a7:12:22:9c:14:56:be:28:83:bc:10:cf:52:13:5d:9f:c1:75:
         fb:d9:ae:60:ed:ac:23:f8:2a:48:57:56:99:91:86:c7:ce:63:
         64:6c:37:38:62:91:4b:11:3b:39:b6:ce:e9:48:1d:0f:42:24:
         90:52:6f:fa
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYfnRogzfEN0/lbqQoQN1jeWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjOGEzYmM0N2QxM2M4M2Y3ZDFjZjcyYTEzN2UwMDY2Zjgz
ZDA2MDgwHhcNMjMwNTA0MTQ1OTMxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjIzYjQ0YTY0MjFjODViOWFmN2VhYTA1NjNhN2NkZTc5ODI1MWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqg8WL5xbTMaUrCM/ccEm6k1/VB0K
oxI64PcwI5J3xgMOXOl+iZXnnucKlG2sbuRWvGY/2woHE006JlMaO0HKOwtSIqPO
CNAaYLdGkbxFvvLPXyBtiAadjqlFtnOUF6+Ro/5uY1KNGmxtlYl1/ewUZ7NblBvV
BVem4Gi1Lym6lZw3hT7B676ix72NTGi83jGNZ+9kipzca/DDopOa9dzqr8Ct31B3
ywLuM4F9m/scsxTwQ5xjDZaSbJ2Lc65+bv47XEGkaOd4wXFARXC769gWfC0o6ZRd
hWoQpx3zdhTr4+3KlcIrMFNQuYbHey2VOQWkweNOoqD2efpGy1iKLtpYMwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFD8jtEpkIchbmvfqoFY6fN55glH5MB8GA1UdIwQY
MBaAFLyKO8R9E8g/fRz3KhN+AGb4PQYIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdklvN3hIMFR5RDk5SFBjcUUzNEFadmc5QmdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy8wZWU5MjEtYTcyMS00ZjA5LTgwZjIt
NzExM2ZjMWI4NjViLzEvUHlPMFNtUWh5RnVhOS1xZ1ZqcDgzbm1DVWZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy8wZWU5MjEtYTcyMS00ZjA5LTgwZjItNzExM2ZjMWI4NjVi
LzEvdklvN3hIMFR5RDk5SFBjcUUzNEFadmc5QmdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQA1GgBAwQA
1GgKAwQA1GgOAwQA1GgrMA0GCSqGSIb3DQEBCwUAA4IBAQAdUEFOJZx85xOhFVjp
TCi3imn+Tg9ULPxeZowDm0p96YID2bE8E6OvvY9+k2vDE1voCUQn/WelnCwh38EU
i7Ebrelsm8DjEeoX3fdm7NSiHwvMLsG1Ltb+yasgE1RUQIKCuzwXaarE2uPuIvI2
mziiufiufJrj3o0xgDT3k3PjthVrlNiPkzOQgHaG2DiLLFeyEtZIEW3ILPBWadlB
C4HAEtyPHJ/MgwjiylcdxeZFtMZ+5oRp+4L0ZJ8tYkLxzC1IsH2TQ0SnEiKcFFa+
KIO8EM9SE12fwXX72a5g7awj+CpIV1aZkYbHzmNkbDc4YpFLETs5ts7pSB0PQiSQ
Um/6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:15 2024 by rpki-client on console-fra.rpki-client.org