Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/JxL4Sg2Scv1whHjNwcOcW_ixvVo.roa
File:                     JxL4Sg2Scv1whHjNwcOcW_ixvVo.roa (raw, json)
Hash identifier:          VnGgo7Zs1nCfQeYYLCJGGJ2OhY129EFUL5CpLD93LEg=
Subject key identifier:   27:12:F8:4A:0D:92:72:FD:70:84:78:CD:C1:C3:9C:5B:F8:B1:BD:5A
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       018C9623839C8355DEC95974EE9BC3A70CB3
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/JxL4Sg2Scv1whHjNwcOcW_ixvVo.roa
Signing time:             Sat 23 Dec 2023 10:05:59 +0000
ROA not before:           Sat 23 Dec 2023 10:05:59 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     1
IP address blocks:        84.54.49.0/24 maxlen: 24
                          45.66.229.0/24 maxlen: 24
                          87.121.100.0/24 maxlen: 24
                          87.121.101.0/24 maxlen: 24
                          194.59.30.0/24 maxlen: 24
                          88.218.76.0/22 maxlen: 24
                          84.21.173.0/24 maxlen: 24
                          87.120.64.0/23 maxlen: 24
                          87.120.89.0/24 maxlen: 24
                          94.103.126.0/24 maxlen: 24
                          87.121.57.0/24 maxlen: 24
                          87.121.56.0/24 maxlen: 24
                          194.169.174.0/24 maxlen: 24
                          87.120.220.0/23 maxlen: 24
                          82.115.211.0/24 maxlen: 24
                          94.156.78.0/24 maxlen: 24
                          87.120.35.0/24 maxlen: 24
                          87.120.34.0/24 maxlen: 24
                          87.120.32.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 28 Dec 2023 13:37:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:96:23:83:9c:83:55:de:c9:59:74:ee:9b:c3:a7:0c:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: Dec 23 10:05:59 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2712f84a0d9272fd708478cdc1c39c5bf8b1bd5a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:d5:79:48:31:49:f0:e2:67:ad:f2:b8:36:2b:
                    55:f3:fa:cd:03:12:9a:66:1d:ee:c8:32:a9:20:a1:
                    16:01:c7:98:c2:30:a9:2b:af:49:29:f1:60:63:15:
                    d7:32:55:1d:38:9d:e9:7c:96:37:db:6a:61:00:9a:
                    f5:2b:74:20:99:7a:16:b9:fe:47:1c:0f:32:86:b6:
                    45:a4:1a:92:c1:af:c5:2c:bf:df:58:7d:f5:0e:cb:
                    ae:35:ef:de:c6:ea:94:84:5d:de:32:d7:fe:17:17:
                    d9:a6:0d:9f:aa:ca:1c:69:e2:5b:08:a1:cb:dc:b4:
                    d5:63:30:d1:71:0a:9c:70:e7:01:7e:57:bf:c9:a8:
                    0e:67:75:09:93:e4:7e:8c:10:f4:ee:5d:35:46:c7:
                    a9:19:32:df:e5:5c:5e:02:4a:b6:fe:08:98:10:7f:
                    9c:64:62:79:d6:42:0b:c6:b3:bc:f0:a9:fa:aa:33:
                    a5:c1:7c:6b:03:5c:92:c1:1d:15:f5:9a:98:a1:9b:
                    8e:b9:00:b5:ac:8d:c6:90:b7:4e:33:3e:05:bc:1f:
                    65:78:5a:0b:d7:ca:9e:c6:44:83:70:0b:09:cf:e1:
                    d4:60:9d:bd:55:e8:00:6d:a4:cf:2e:91:43:49:b1:
                    72:5f:17:b2:06:02:38:ec:a5:d6:90:6f:df:e1:42:
                    5e:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:12:F8:4A:0D:92:72:FD:70:84:78:CD:C1:C3:9C:5B:F8:B1:BD:5A
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/JxL4Sg2Scv1whHjNwcOcW_ixvVo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.66.229.0/24
                  82.115.211.0/24
                  84.21.173.0/24
                  84.54.49.0/24
                  87.120.32.0/24
                  87.120.34.0/23
                  87.120.64.0/23
                  87.120.89.0/24
                  87.120.220.0/23
                  87.121.56.0/23
                  87.121.100.0/23
                  88.218.76.0/22
                  94.103.126.0/24
                  94.156.78.0/24
                  194.59.30.0/24
                  194.169.174.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8d:b6:b4:aa:14:29:4a:88:55:62:ed:aa:76:02:a2:a1:54:78:
         92:53:b7:12:78:c1:d3:f9:3b:77:2f:8c:85:3e:05:e6:36:c7:
         95:0f:30:d8:51:16:72:c1:81:05:7b:3b:16:a6:ac:e8:74:89:
         cb:05:5f:6a:ee:c8:04:45:bd:dc:61:08:6b:83:02:db:4c:03:
         bf:40:d1:7b:fb:ba:f8:ac:e0:55:8e:4a:ec:70:ec:ec:07:54:
         3a:99:fb:57:29:1b:ea:0c:6d:e3:a9:4e:9b:0f:9d:8e:ba:11:
         f4:0a:f7:70:1d:c7:51:c8:14:e9:ce:b9:e5:a8:db:8c:cf:33:
         13:87:ae:84:c4:11:12:95:26:69:b4:9f:49:a4:d0:00:d8:cb:
         1d:ca:ed:34:92:bc:22:27:47:0c:4b:83:87:8e:6a:de:ed:bb:
         22:b9:c5:50:51:90:c7:23:4f:30:b8:8f:51:b3:af:bc:82:c1:
         44:22:e4:bc:a7:59:10:54:9a:ed:0b:93:f2:6c:dc:42:cd:27:
         4b:02:c5:6d:cc:f1:01:01:88:76:f8:18:a9:de:c0:a8:64:15:
         b6:38:bb:b4:25:bf:05:49:41:a5:b5:61:33:76:2d:34:5f:89:
         42:6c:fa:ea:0f:4a:c9:1c:f1:82:d7:08:04:1c:8e:60:5b:62:
         8c:a5:4a:bd
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAYyWI4Ocg1XeyVl07pvDpwyzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMjIzMTAwNTU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzEyZjg0YTBkOTI3MmZkNzA4NDc4Y2RjMWMzOWM1YmY4YjFiZDVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6dV5SDFJ8OJnrfK4NitV8/rNAxKa
Zh3uyDKpIKEWAceYwjCpK69JKfFgYxXXMlUdOJ3pfJY322phAJr1K3QgmXoWuf5H
HA8yhrZFpBqSwa/FLL/fWH31DsuuNe/exuqUhF3eMtf+FxfZpg2fqsocaeJbCKHL
3LTVYzDRcQqccOcBfle/yagOZ3UJk+R+jBD07l01RsepGTLf5VxeAkq2/giYEH+c
ZGJ51kILxrO88Kn6qjOlwXxrA1ySwR0V9ZqYoZuOuQC1rI3GkLdOMz4FvB9leFoL
18qexkSDcAsJz+HUYJ29VegAbaTPLpFDSbFyXxeyBgI47KXWkG/f4UJeowIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFCcS+EoNknL9cIR4zcHDnFv4sb1aMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvSnhMNFNnMlNjdjF3aEhqTndjT2NXX2l4dlZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBmBAIAATBgAwQALULlAwQA
UnPTAwQAVBWtAwQAVDYxAwQAV3ggAwQBV3giAwQBV3hAAwQAV3hZAwQBV3jcAwQB
V3k4AwQBV3lkAwQCWNpMAwQAXmd+AwQAXpxOAwQAwjseAwQAwqmuMA0GCSqGSIb3
DQEBCwUAA4IBAQCNtrSqFClKiFVi7ap2AqKhVHiSU7cSeMHT+Tt3L4yFPgXmNseV
DzDYURZywYEFezsWpqzodInLBV9q7sgERb3cYQhrgwLbTAO/QNF7+7r4rOBVjkrs
cOzsB1Q6mftXKRvqDG3jqU6bD52OuhH0CvdwHcdRyBTpzrnlqNuMzzMTh66ExBES
lSZptJ9JpNAA2Msdyu00krwiJ0cMS4OHjmre7bsiucVQUZDHI08wuI9Rs6+8gsFE
IuS8p1kQVJrtC5PybNxCzSdLAsVtzPEBAYh2+Bip3sCoZBW2OLu0Jb8FSUGltWEz
di00X4lCbPrqD0rJHPGC1wgEHI5gW2KMpUq9
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:04 2024 by rpki-client on console-fra.rpki-client.org