Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/jp-Ecqdp8fXhljw5UsE27_VSmuc.roa
File:                     jp-Ecqdp8fXhljw5UsE27_VSmuc.roa (raw, json)
Hash identifier:          02ADM5xzyrx/5fpPUj7xbLgSZuwpdpsvsQG/K+qHTsc=
Subject key identifier:   8E:9F:84:72:A7:69:F1:F5:E1:96:3C:39:52:C1:36:EF:F5:52:9A:E7
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       0185AFD3C0D661247A75163D8A0D35F31795
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/jp-Ecqdp8fXhljw5UsE27_VSmuc.roa
Signing time:             Sat 14 Jan 2023 10:29:28 +0000
ROA not before:           Sat 14 Jan 2023 10:29:28 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2118
IP address blocks:        193.124.3.0/24 maxlen: 24
                          193.124.6.0/24 maxlen: 24
                          193.124.8.0/24 maxlen: 24
                          62.76.231.0/24 maxlen: 24
                          194.87.6.0/24 maxlen: 24
                          193.124.18.0/24 maxlen: 24
                          194.87.7.0/24 maxlen: 24
                          194.87.24.0/22 maxlen: 24
                          194.87.27.0/24 maxlen: 24
                          193.124.47.0/24 maxlen: 24
                          194.87.104.0/24 maxlen: 24
                          194.87.115.0/24 maxlen: 24
                          194.87.116.0/24 maxlen: 24
                          194.87.118.0/24 maxlen: 24
                          194.87.114.0/24 maxlen: 24
                          194.87.123.0/24 maxlen: 24
                          193.124.133.0/24 maxlen: 24
                          194.87.138.0/23 maxlen: 23
                          194.87.136.0/24 maxlen: 24
                          194.87.56.0/24 maxlen: 24
                          194.87.76.0/24 maxlen: 24
                          194.87.82.0/24 maxlen: 24
                          194.87.83.0/24 maxlen: 24
                          195.133.86.0/24 maxlen: 24
                          195.133.94.0/24 maxlen: 24
                          195.133.12.0/24 maxlen: 24
                          195.133.55.0/24 maxlen: 24
                          195.133.194.0/24 maxlen: 24
                          195.133.195.0/24 maxlen: 24
                          212.193.12.0/24 maxlen: 24
                          194.58.38.0/24 maxlen: 24
                          194.58.39.0/24 maxlen: 24
                          194.58.42.0/24 maxlen: 24
                          194.58.46.0/23 maxlen: 24
                          194.58.45.0/24 maxlen: 24
                          195.58.50.0/24 maxlen: 24
                          194.58.47.0/24 maxlen: 24
                          195.58.52.0/22 maxlen: 22
                          195.58.58.0/24 maxlen: 24
                          195.58.56.0/21 maxlen: 24
                          195.58.61.0/24 maxlen: 24
                          194.58.59.0/24 maxlen: 24
                          195.58.62.0/24 maxlen: 24
                          212.193.0.0/24 maxlen: 24
                          194.58.155.0/24 maxlen: 24
                          194.87.202.0/24 maxlen: 24
                          194.87.208.0/23 maxlen: 24
                          194.87.222.0/23 maxlen: 24
                          194.87.233.0/24 maxlen: 24
                          212.192.0.0/23 maxlen: 24
                          194.87.149.0/24 maxlen: 24
                          192.124.172.0/24 maxlen: 24
                          194.87.165.0/24 maxlen: 24
                          194.87.163.0/24 maxlen: 24
                          192.124.178.0/24 maxlen: 24
                          192.124.181.0/24 maxlen: 24
                          192.124.180.0/22 maxlen: 24
                          192.124.182.0/23 maxlen: 24
                          194.87.171.0/24 maxlen: 24
                          212.192.30.0/24 maxlen: 24
                          192.124.190.0/24 maxlen: 24
                          194.87.176.0/24 maxlen: 24
                          193.124.203.0/24 maxlen: 24
                          194.87.190.0/24 maxlen: 24
                          194.87.198.0/24 maxlen: 24
                          193.124.207.0/24 maxlen: 24
                          194.87.199.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 15 Jan 2023 14:45:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:af:d3:c0:d6:61:24:7a:75:16:3d:8a:0d:35:f3:17:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Jan 14 10:29:28 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8e9f8472a769f1f5e1963c3952c136eff5529ae7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:67:af:ad:68:9a:27:8f:28:cd:de:67:5c:e5:
                    b8:71:6f:f8:a6:04:e8:7d:60:90:6d:5d:c2:24:f4:
                    14:a6:b5:73:a8:77:01:76:a6:91:b3:c0:7b:e6:6a:
                    4b:87:8e:ec:c4:aa:f9:9a:ba:87:ac:cc:70:85:47:
                    e6:79:9b:a3:9b:3a:f6:dc:aa:a1:c5:d9:9b:5c:d1:
                    e8:d5:a9:61:d7:49:b7:1b:31:cd:2f:ab:64:df:ae:
                    ba:de:e9:4e:90:c9:8e:8c:36:9e:5d:c5:70:78:bc:
                    12:37:c7:ea:0c:9d:a2:1e:58:d5:8e:bc:f7:17:b1:
                    07:5e:57:23:c9:f3:f5:31:b0:9d:2a:2b:b4:e8:c4:
                    b7:18:79:b1:47:17:49:68:1d:3c:e2:2a:c1:90:68:
                    cc:d5:5c:b9:f2:72:db:38:28:51:ca:35:34:ce:ac:
                    fe:4f:75:5f:9e:b6:fb:fd:0f:bd:9f:2a:5e:67:2c:
                    d8:30:f6:3e:0f:22:37:28:6b:fe:c7:88:0c:97:9b:
                    a1:6e:50:cf:12:ce:1b:ec:de:81:21:d9:51:c5:8c:
                    03:43:27:bc:ae:be:35:89:5f:a6:fe:19:15:1b:3b:
                    89:77:c2:c9:0c:31:6b:5e:7d:55:5f:10:89:5a:d7:
                    80:a9:24:24:5f:d9:cc:c0:b0:13:da:e9:1a:ea:2d:
                    fd:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:9F:84:72:A7:69:F1:F5:E1:96:3C:39:52:C1:36:EF:F5:52:9A:E7
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/jp-Ecqdp8fXhljw5UsE27_VSmuc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.76.231.0/24
                  192.124.172.0/24
                  192.124.178.0/24
                  192.124.180.0/22
                  192.124.190.0/24
                  193.124.3.0/24
                  193.124.6.0/24
                  193.124.8.0/24
                  193.124.18.0/24
                  193.124.47.0/24
                  193.124.133.0/24
                  193.124.203.0/24
                  193.124.207.0/24
                  194.58.38.0/23
                  194.58.42.0/24
                  194.58.45.0-194.58.47.255
                  194.58.59.0/24
                  194.58.155.0/24
                  194.87.6.0/23
                  194.87.24.0/22
                  194.87.56.0/24
                  194.87.76.0/24
                  194.87.82.0/23
                  194.87.104.0/24
                  194.87.114.0-194.87.116.255
                  194.87.118.0/24
                  194.87.123.0/24
                  194.87.136.0/24
                  194.87.138.0/23
                  194.87.149.0/24
                  194.87.163.0/24
                  194.87.165.0/24
                  194.87.171.0/24
                  194.87.176.0/24
                  194.87.190.0/24
                  194.87.198.0/23
                  194.87.202.0/24
                  194.87.208.0/23
                  194.87.222.0/23
                  194.87.233.0/24
                  195.58.50.0/24
                  195.58.52.0-195.58.63.255
                  195.133.12.0/24
                  195.133.55.0/24
                  195.133.86.0/24
                  195.133.94.0/24
                  195.133.194.0/23
                  212.192.0.0/23
                  212.192.30.0/24
                  212.193.0.0/24
                  212.193.12.0/24

    Signature Algorithm: sha256WithRSAEncryption
         96:81:ed:1c:01:40:61:6d:7c:cb:f1:10:ce:95:aa:32:c6:ad:
         ca:f2:0b:32:08:bb:f8:9a:13:7d:10:c6:4f:bf:42:8f:52:59:
         3b:05:b4:72:4f:dd:10:7b:8a:14:c8:03:6e:cd:91:0b:f5:16:
         e3:c3:d3:1e:94:05:fe:65:ef:31:25:4d:59:ae:2d:dd:c2:4b:
         83:a7:39:ce:b3:4a:c1:c0:87:d4:1e:4f:88:a7:7e:c9:44:3c:
         c2:d0:23:5f:c3:ad:1e:e0:41:6f:20:00:67:f7:bd:2f:ad:ba:
         4c:7f:1a:c0:1b:da:3d:38:ef:d1:73:28:c7:c9:d9:69:dd:3c:
         77:2d:38:4b:55:b6:47:52:f9:d1:12:ef:fd:3e:b0:4d:cd:e7:
         7d:1a:ad:9b:76:43:97:91:43:19:dd:c1:f9:03:90:14:0a:73:
         1a:20:a2:67:2e:78:c3:81:06:f0:6a:ec:90:89:16:62:1e:ac:
         10:9f:cd:05:12:8d:1e:c6:c5:06:98:17:da:33:c7:c7:d0:26:
         eb:57:4c:80:20:66:5c:7b:d3:53:e2:b3:2e:37:5f:c4:8a:1d:
         fc:7c:47:e2:6e:a6:e8:75:b1:a7:c9:6b:54:a7:6e:de:15:da:
         38:30:14:af:ea:c2:f1:3e:fd:08:34:ee:9d:42:e5:88:9a:91:
         bb:1a:3e:ac
-----BEGIN CERTIFICATE-----
MIIGSzCCBTOgAwIBAgISAYWv08DWYSR6dRY9ig018xeVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTE0MTAyOTI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTlmODQ3MmE3NjlmMWY1ZTE5NjNjMzk1MmMxMzZlZmY1NTI5YWU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgWevrWiaJ48ozd5nXOW4cW/4pgTo
fWCQbV3CJPQUprVzqHcBdqaRs8B75mpLh47sxKr5mrqHrMxwhUfmeZujmzr23Kqh
xdmbXNHo1alh10m3GzHNL6tk36663ulOkMmOjDaeXcVweLwSN8fqDJ2iHljVjrz3
F7EHXlcjyfP1MbCdKiu06MS3GHmxRxdJaB084irBkGjM1Vy58nLbOChRyjU0zqz+
T3Vfnrb7/Q+9nypeZyzYMPY+DyI3KGv+x4gMl5uhblDPEs4b7N6BIdlRxYwDQye8
rr41iV+m/hkVGzuJd8LJDDFrXn1VXxCJWteAqSQkX9nMwLAT2uka6i39TQIDAQAB
o4IDVzCCA1MwHQYDVR0OBBYEFI6fhHKnafH14ZY8OVLBNu/1UprnMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvanAtRWNxZHA4ZlhobGp3NVVzRTI3X1ZTbXVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBawYIKwYBBQUHAQcBAf8EggFaMIIBVjCCAVIEAgABMIIB
SgMEAD5M5wMEAMB8rAMEAMB8sgMEAsB8tAMEAMB8vgMEAMF8AwMEAMF8BgMEAMF8
CAMEAMF8EgMEAMF8LwMEAMF8hQMEAMF8ywMEAMF8zwMEAcI6JgMEAMI6KjAMAwQA
wjotAwQEwjogAwQAwjo7AwQAwjqbAwQBwlcGAwQCwlcYAwQAwlc4AwQAwldMAwQB
wldSAwQAwldoMAwDBAHCV3IDBADCV3QDBADCV3YDBADCV3sDBADCV4gDBAHCV4oD
BADCV5UDBADCV6MDBADCV6UDBADCV6sDBADCV7ADBADCV74DBAHCV8YDBADCV8oD
BAHCV9ADBAHCV94DBADCV+kDBADDOjIwDAMEAsM6NAMEBsM6AAMEAMOFDAMEAMOF
NwMEAMOFVgMEAMOFXgMEAcOFwgMEAdTAAAMEANTAHgMEANTBAAMEANTBDDANBgkq
hkiG9w0BAQsFAAOCAQEAloHtHAFAYW18y/EQzpWqMsatyvILMgi7+JoTfRDGT79C
j1JZOwW0ck/dEHuKFMgDbs2RC/UW48PTHpQF/mXvMSVNWa4t3cJLg6c5zrNKwcCH
1B5PiKd+yUQ8wtAjX8OtHuBBbyAAZ/e9L626TH8awBvaPTjv0XMox8nZad08dy04
S1W2R1L50RLv/T6wTc3nfRqtm3ZDl5FDGd3B+QOQFApzGiCiZy54w4EG8GrskIkW
Yh6sEJ/NBRKNHsbFBpgX2jPHx9Am61dMgCBmXHvTU+KzLjdfxIod/HxH4m6m6HWx
p8lrVKdu3hXaODAUr+rC8T79CDTunULliJqRuxo+rA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:24 2024 by rpki-client on console-fra.rpki-client.org