Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82ed9c-7c13-48b9-a886-cd66ad534812/1/vzydrfwgQ5hbNiR6FDmz1X3cCkI.roa
File:                     vzydrfwgQ5hbNiR6FDmz1X3cCkI.roa (raw, json)
Hash identifier:          Hsnu5ikwrd4abRxFmeDh12Dplzb4BuvCoj3S0g6ZjhI=
Subject key identifier:   BF:3C:9D:AD:FC:20:43:98:5B:36:24:7A:14:39:B3:D5:7D:DC:0A:42
Certificate issuer:       /CN=39247f77a3ae0af71eac03256449f5d292cffd74
Certificate serial:       018C8DAE47B8954BF7D3BC921382514C6CA6
Authority key identifier: 39:24:7F:77:A3:AE:0A:F7:1E:AC:03:25:64:49:F5:D2:92:CF:FD:74
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OSR_d6OuCvcerAMlZEn10pLP_XQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ff/82ed9c-7c13-48b9-a886-cd66ad534812/1/vzydrfwgQ5hbNiR6FDmz1X3cCkI.roa
Signing time:             Thu 21 Dec 2023 18:40:58 +0000
ROA not before:           Thu 21 Dec 2023 18:40:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     273134
IP address blocks:        109.70.132.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:30:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:8d:ae:47:b8:95:4b:f7:d3:bc:92:13:82:51:4c:6c:a6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=39247f77a3ae0af71eac03256449f5d292cffd74
        Validity
            Not Before: Dec 21 18:40:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=bf3c9dadfc2043985b36247a1439b3d57ddc0a42
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:1b:c6:35:4e:ed:41:80:fa:6f:00:b0:7b:66:
                    fc:19:ed:87:26:87:7e:f1:07:6a:f2:8a:31:c8:ff:
                    3a:19:c4:a4:ce:69:c6:b0:29:ba:e7:cc:49:10:e0:
                    85:4f:d1:4f:dc:67:f9:32:d8:0c:23:5b:54:0c:99:
                    70:92:12:3c:6c:9e:29:e1:98:22:db:6d:dd:bc:d3:
                    8f:51:06:4f:bd:f3:c0:01:d7:ae:fc:1a:70:7a:55:
                    4b:0b:8e:b2:dc:5a:b3:7b:64:3c:56:07:05:4d:4f:
                    f6:08:c9:51:17:ba:84:02:72:91:67:58:8a:91:37:
                    43:a6:fb:3e:bc:c9:c4:03:6a:51:cc:fa:dd:ab:88:
                    8f:83:50:75:42:00:57:7c:1e:ae:06:a5:d0:23:f5:
                    84:39:09:fa:5e:c5:e3:1f:5c:e7:be:f5:42:b9:9e:
                    1f:5a:cb:8c:95:29:cd:eb:34:a8:d1:37:d6:f8:15:
                    95:5b:2b:e3:20:2d:42:74:de:b1:46:f9:e7:03:eb:
                    3f:0c:88:79:a4:dc:26:fa:ad:72:40:f6:a9:0f:11:
                    a7:a5:11:23:a1:5a:29:e1:18:cc:bd:bd:8f:12:08:
                    6e:e9:ba:17:a7:ec:13:7d:1d:80:b2:e4:cb:a9:21:
                    e4:0d:90:cc:da:5e:29:08:d3:bf:f0:30:99:04:51:
                    7e:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:3C:9D:AD:FC:20:43:98:5B:36:24:7A:14:39:B3:D5:7D:DC:0A:42
            X509v3 Authority Key Identifier:
                keyid:39:24:7F:77:A3:AE:0A:F7:1E:AC:03:25:64:49:F5:D2:92:CF:FD:74

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OSR_d6OuCvcerAMlZEn10pLP_XQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82ed9c-7c13-48b9-a886-cd66ad534812/1/vzydrfwgQ5hbNiR6FDmz1X3cCkI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82ed9c-7c13-48b9-a886-cd66ad534812/1/OSR_d6OuCvcerAMlZEn10pLP_XQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.70.132.0/22

    Signature Algorithm: sha256WithRSAEncryption
         73:5c:ba:14:2a:79:d9:8a:03:d4:61:23:ae:4c:05:bf:cc:26:
         5d:f1:fa:ee:34:ac:4b:00:63:95:44:0b:46:a3:28:cf:19:f9:
         3d:0a:15:51:bd:27:a8:af:e2:68:9a:8c:00:c0:f7:1e:22:1d:
         1b:58:37:c1:10:b0:17:c2:de:d4:45:6a:7a:fc:23:08:59:3f:
         73:f6:19:dd:00:ee:fd:cc:3e:c1:09:6f:e1:3c:7e:81:7e:c4:
         c0:26:3a:63:59:08:4b:0c:7f:1f:d1:4d:c0:bc:63:9f:f5:fb:
         c8:71:82:8d:84:b5:ed:d1:6f:80:74:b5:a3:dc:12:2c:a6:5d:
         8d:e0:0f:62:27:6b:8f:8a:b7:51:ae:07:c1:5c:64:54:46:57:
         51:ac:90:07:49:8f:67:9e:b3:d5:82:ea:c5:a2:92:94:49:50:
         eb:12:93:0e:a5:11:9d:59:50:38:03:55:d0:a6:b9:46:89:ee:
         3b:d5:0f:f5:1a:fd:49:e0:50:13:87:13:09:3b:35:5c:8f:bf:
         39:a4:a4:98:d6:66:fd:db:89:d3:72:77:89:07:5a:2a:b9:cf:
         67:86:89:26:a7:41:c1:4a:6a:c8:85:2b:05:f2:31:3f:17:5a:
         33:0e:38:94:cb:29:a6:5b:3e:db:b2:c6:a9:8d:6b:9d:d5:f0:
         6a:03:08:ec
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYyNrke4lUv307ySE4JRTGymMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MjQ3Zjc3YTNhZTBhZjcxZWFjMDMyNTY0NDlmNWQyOTJj
ZmZkNzQwHhcNMjMxMjIxMTg0MDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjNjOWRhZGZjMjA0Mzk4NWIzNjI0N2ExNDM5YjNkNTdkZGMwYTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAixvGNU7tQYD6bwCwe2b8Ge2HJod+
8Qdq8ooxyP86GcSkzmnGsCm658xJEOCFT9FP3Gf5MtgMI1tUDJlwkhI8bJ4p4Zgi
223dvNOPUQZPvfPAAdeu/BpwelVLC46y3Fqze2Q8VgcFTU/2CMlRF7qEAnKRZ1iK
kTdDpvs+vMnEA2pRzPrdq4iPg1B1QgBXfB6uBqXQI/WEOQn6XsXjH1znvvVCuZ4f
WsuMlSnN6zSo0TfW+BWVWyvjIC1CdN6xRvnnA+s/DIh5pNwm+q1yQPapDxGnpREj
oVop4RjMvb2PEghu6boXp+wTfR2AsuTLqSHkDZDM2l4pCNO/8DCZBFF+1QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL88na38IEOYWzYkehQ5s9V93ApCMB8GA1UdIwQY
MBaAFDkkf3ejrgr3HqwDJWRJ9dKSz/10MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1NSX2Q2T3VDdmNlckFNbFpFbjEwcExQX1hRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmVkOWMtN2MxMy00OGI5LWE4ODYt
Y2Q2NmFkNTM0ODEyLzEvdnp5ZHJmd2dRNWhiTmlSNkZEbXoxWDNjQ2tJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmVkOWMtN2MxMy00OGI5LWE4ODYtY2Q2NmFkNTM0ODEy
LzEvT1NSX2Q2T3VDdmNlckFNbFpFbjEwcExQX1hRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCbUaEMA0G
CSqGSIb3DQEBCwUAA4IBAQBzXLoUKnnZigPUYSOuTAW/zCZd8fruNKxLAGOVRAtG
oyjPGfk9ChVRvSeor+JomowAwPceIh0bWDfBELAXwt7URWp6/CMIWT9z9hndAO79
zD7BCW/hPH6BfsTAJjpjWQhLDH8f0U3AvGOf9fvIcYKNhLXt0W+AdLWj3BIspl2N
4A9iJ2uPirdRrgfBXGRURldRrJAHSY9nnrPVgurFopKUSVDrEpMOpRGdWVA4A1XQ
prlGie471Q/1Gv1J4FAThxMJOzVcj785pKSY1mb924nTcneJB1oquc9nhokmp0HB
SmrIhSsF8jE/F1ozDjiUyymmWz7bssapjWud1fBqAwjs
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:49 2024 by rpki-client on console-ams.rpki-client.org