Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/jKqiMBvkcVT7Dt-M82mj8BZgjNQ.roa
File:                     jKqiMBvkcVT7Dt-M82mj8BZgjNQ.roa (raw, json)
Hash identifier:          DPnjC7sKT51vjWvcrfgYtc1hxyAKNEKPORBps9zbHu4=
Subject key identifier:   8C:AA:A2:30:1B:E4:71:54:FB:0E:DF:8C:F3:69:A3:F0:16:60:8C:D4
Certificate issuer:       /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial:       0189FE6D431F909F26C12D7CB1A27E7AB4A8
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/jKqiMBvkcVT7Dt-M82mj8BZgjNQ.roa
Signing time:             Wed 16 Aug 2023 12:58:40 +0000
ROA not before:           Wed 16 Aug 2023 12:58:40 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     38136
IP address blocks:        185.248.184.0/22 maxlen: 24
                          185.220.236.0/22 maxlen: 24
                          5.226.48.0/22 maxlen: 24
                          185.36.192.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Tue 29 Aug 2023 10:47:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:fe:6d:43:1f:90:9f:26:c1:2d:7c:b1:a2:7e:7a:b4:a8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
        Validity
            Not Before: Aug 16 12:58:40 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8caaa2301be47154fb0edf8cf369a3f016608cd4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:5f:11:a6:5d:30:98:d3:2e:e9:e0:46:ef:d2:
                    48:e9:70:3c:7d:db:25:95:6c:c8:d3:17:9a:10:e5:
                    ee:13:ce:84:e0:96:de:5e:a1:a6:71:a6:71:71:9e:
                    7b:61:41:83:d9:72:e4:c0:b9:6c:ea:5f:7d:4b:3e:
                    ed:80:19:70:0b:75:37:41:db:e3:e4:ae:81:87:c0:
                    ed:8e:03:b9:13:22:cf:e9:b7:bd:59:f0:2c:f6:35:
                    6d:d0:0e:06:fa:11:4a:d0:1a:ab:7e:45:a9:28:47:
                    bd:2f:68:c2:4c:32:dd:fc:1f:c9:65:56:4d:22:c2:
                    1e:48:a0:32:48:67:05:ec:3d:ea:06:5b:a8:b7:a2:
                    1b:cf:60:f3:6a:a1:5d:8e:de:e5:f6:d9:2a:11:2f:
                    bf:32:8f:92:25:cd:f9:44:df:04:01:0b:88:c5:97:
                    6c:23:b9:21:8a:e0:0d:58:a5:9d:ef:da:f8:31:7c:
                    05:0a:4b:97:a3:2a:a1:30:8c:d2:0f:a4:3f:53:a4:
                    e1:83:a9:c3:d7:5d:28:0a:af:39:a8:c5:bd:05:5f:
                    92:15:c8:96:66:ac:8a:e3:b7:c6:5b:2a:c5:f9:ee:
                    0b:09:06:90:70:ce:da:a4:04:73:73:06:6c:67:ce:
                    66:43:1e:a2:cb:1b:eb:45:0f:ff:74:85:82:22:34:
                    93:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:AA:A2:30:1B:E4:71:54:FB:0E:DF:8C:F3:69:A3:F0:16:60:8C:D4
            X509v3 Authority Key Identifier:
                keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/jKqiMBvkcVT7Dt-M82mj8BZgjNQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.226.48.0/22
                  185.36.192.0/22
                  185.220.236.0/22
                  185.248.184.0/22

    Signature Algorithm: sha256WithRSAEncryption
         0a:ec:22:1f:19:15:5a:9f:9c:32:f2:61:ef:2b:b2:22:70:44:
         3f:42:15:30:6c:93:f4:2a:36:95:81:4f:54:1a:8b:27:53:5b:
         b9:0e:7b:34:f5:40:a7:b3:00:08:06:df:44:3f:e8:ad:fc:72:
         09:fa:67:26:01:7c:30:6b:34:d6:4f:40:39:6e:da:54:5f:89:
         5f:43:6e:76:85:f0:7a:28:a3:df:f1:d7:cf:da:21:88:5c:1a:
         0a:61:53:15:83:10:45:71:0f:15:82:66:b1:33:14:c7:fa:9f:
         a8:17:15:a2:47:1d:09:bc:f7:0e:06:07:9f:5e:4d:72:49:db:
         dd:0f:76:82:64:10:68:a1:1e:1e:b0:99:d5:83:42:8f:9c:75:
         ea:70:38:29:74:6b:9d:cb:74:47:86:d4:ce:21:1f:89:ef:12:
         f6:81:3c:a7:96:43:23:1c:e3:ca:a9:e1:78:dd:84:45:cf:23:
         28:46:99:56:f0:d3:e3:81:cc:0c:90:4d:bf:39:55:98:8e:b6:
         53:71:64:82:85:e6:3a:80:94:56:d7:be:51:49:34:5d:0a:93:
         91:ae:41:c7:33:d6:3a:1d:90:4a:1a:4d:9e:df:a7:60:02:a7:
         3e:2c:e5:e1:3d:6d:bd:b9:cd:44:07:b6:b5:fd:4b:db:88:0e:
         18:f8:40:69
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYn+bUMfkJ8mwS18saJ+erSoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjMwODE2MTI1ODQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Y2FhYTIzMDFiZTQ3MTU0ZmIwZWRmOGNmMzY5YTNmMDE2NjA4Y2Q0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg18Rpl0wmNMu6eBG79JI6XA8fdsl
lWzI0xeaEOXuE86E4JbeXqGmcaZxcZ57YUGD2XLkwLls6l99Sz7tgBlwC3U3Qdvj
5K6Bh8DtjgO5EyLP6be9WfAs9jVt0A4G+hFK0BqrfkWpKEe9L2jCTDLd/B/JZVZN
IsIeSKAySGcF7D3qBluot6Ibz2DzaqFdjt7l9tkqES+/Mo+SJc35RN8EAQuIxZds
I7khiuANWKWd79r4MXwFCkuXoyqhMIzSD6Q/U6Thg6nD110oCq85qMW9BV+SFciW
ZqyK47fGWyrF+e4LCQaQcM7apARzcwZsZ85mQx6iyxvrRQ//dIWCIjSTnwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIyqojAb5HFU+w7fjPNpo/AWYIzUMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvaktxaU1CdmtjVlQ3RHQtTTgybWo4Qlpnak5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCBeIwAwQC
uSTAAwQCudzsAwQCufi4MA0GCSqGSIb3DQEBCwUAA4IBAQAK7CIfGRVan5wy8mHv
K7IicEQ/QhUwbJP0KjaVgU9UGosnU1u5Dns09UCnswAIBt9EP+it/HIJ+mcmAXww
azTWT0A5btpUX4lfQ252hfB6KKPf8dfP2iGIXBoKYVMVgxBFcQ8VgmaxMxTH+p+o
FxWiRx0JvPcOBgefXk1ySdvdD3aCZBBooR4esJnVg0KPnHXqcDgpdGudy3RHhtTO
IR+J7xL2gTynlkMjHOPKqeF43YRFzyMoRplW8NPjgcwMkE2/OVWYjrZTcWSCheY6
gJRW175RSTRdCpORrkHHM9Y6HZBKGk2e36dgAqc+LOXhPW29uc1EB7a1/UvbiA4Y
+EBp
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:35 2024 by rpki-client on console-fra.rpki-client.org