Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/JxnRcanX4TdLJO755y1w8NWDzdM.roa
File:                     JxnRcanX4TdLJO755y1w8NWDzdM.roa (raw, json)
Hash identifier:          RwSWbUnkNzlYO9F2bisiKZwb7+sRL1B86yWft6CVVUI=
Subject key identifier:   27:19:D1:71:A9:D7:E1:37:4B:24:EE:F9:E7:2D:70:F0:D5:83:CD:D3
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       0187D7E3CFDABA68E8CE3EB61588BB203560
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/JxnRcanX4TdLJO755y1w8NWDzdM.roa
Signing time:             Mon 01 May 2023 15:17:23 +0000
ROA not before:           Mon 01 May 2023 15:17:23 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     200131
IP address blocks:        87.120.68.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Tue 02 May 2023 07:29:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:d7:e3:cf:da:ba:68:e8:ce:3e:b6:15:88:bb:20:35:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: May  1 15:17:23 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2719d171a9d7e1374b24eef9e72d70f0d583cdd3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:4d:57:b9:fb:ec:20:30:cd:fb:77:66:03:3d:
                    6e:a6:cc:d3:8f:48:d3:81:22:7c:54:ee:42:65:33:
                    d7:09:ee:4a:a4:48:e0:25:89:65:e6:65:0f:e8:57:
                    d9:8e:38:f4:65:4d:db:d3:43:7b:45:96:7c:36:4a:
                    eb:b6:ad:b1:65:07:54:48:d5:af:ec:70:a5:02:9d:
                    d1:bf:a3:80:ba:d5:51:fa:ce:6e:aa:cf:c0:d9:9f:
                    95:0d:3e:ca:21:29:3d:36:41:fb:2f:2a:60:c4:7c:
                    40:11:d3:aa:b0:79:43:1d:57:43:d8:15:f5:9d:25:
                    08:3e:8f:21:6d:be:ba:90:3c:b2:16:28:af:53:53:
                    9c:e3:6d:2f:97:76:b9:2d:12:a1:0d:38:84:46:e0:
                    ee:f9:7f:4d:7a:11:ad:3b:31:51:05:49:67:90:1e:
                    aa:a5:26:ba:e2:1b:5e:d0:83:5a:c9:cd:75:96:3b:
                    14:74:f6:de:0d:a9:e0:76:f3:96:47:18:6f:c6:1d:
                    a9:95:c7:28:e3:91:3e:78:52:2b:e6:f7:ae:ac:17:
                    b5:4a:a4:96:f4:bd:29:45:d6:6f:63:dd:0a:f0:68:
                    1c:19:f9:fc:93:73:9d:ec:66:ef:57:c1:1f:e7:55:
                    63:b2:27:29:db:3e:32:c1:ae:97:3a:4b:e3:7e:95:
                    8a:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:19:D1:71:A9:D7:E1:37:4B:24:EE:F9:E7:2D:70:F0:D5:83:CD:D3
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/JxnRcanX4TdLJO755y1w8NWDzdM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  87.120.68.0/23

    Signature Algorithm: sha256WithRSAEncryption
         92:05:9c:a2:50:41:d7:ed:81:f8:db:60:2e:5e:b7:16:73:27:
         aa:dc:85:16:1e:31:66:68:da:46:f8:60:a7:74:7b:6e:7c:48:
         20:da:ea:ed:33:86:f9:ab:b4:7f:e2:d9:41:11:57:2d:cb:04:
         23:e4:01:bd:cc:61:77:22:e2:a8:34:61:ae:10:75:f0:44:b7:
         ed:2f:9c:94:93:77:27:c4:42:8e:db:b8:9b:33:27:b4:81:f2:
         96:fa:b1:1d:03:e7:00:61:fd:92:17:cf:19:7f:24:cf:86:16:
         69:49:cd:15:60:41:ac:76:9a:c1:79:89:b6:13:13:ab:f0:40:
         05:bf:63:ce:58:4c:67:7b:98:8e:81:53:80:85:98:ce:18:92:
         ac:6c:46:4a:fc:75:08:27:23:73:6e:3a:57:2d:60:83:1c:94:
         99:01:1b:f4:79:2e:23:96:4e:99:e9:9b:ba:ee:ce:15:21:ae:
         24:bd:98:86:7a:66:a1:1d:1d:b1:a8:ad:2f:e5:86:23:cc:14:
         2e:f8:c6:0f:84:34:92:5d:94:39:22:22:72:34:04:5a:60:71:
         12:17:87:10:b7:73:32:d5:1e:fd:a1:14:b7:90:a0:54:58:13:
         92:54:53:9a:47:22:fd:04:af:43:39:26:66:01:78:73:a1:f2:
         8d:3e:d3:0f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYfX48/aumjozj62FYi7IDVgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNTAxMTUxNzIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzE5ZDE3MWE5ZDdlMTM3NGIyNGVlZjllNzJkNzBmMGQ1ODNjZGQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgE1XufvsIDDN+3dmAz1upszTj0jT
gSJ8VO5CZTPXCe5KpEjgJYll5mUP6FfZjjj0ZU3b00N7RZZ8Nkrrtq2xZQdUSNWv
7HClAp3Rv6OAutVR+s5uqs/A2Z+VDT7KISk9NkH7LypgxHxAEdOqsHlDHVdD2BX1
nSUIPo8hbb66kDyyFiivU1Oc420vl3a5LRKhDTiERuDu+X9NehGtOzFRBUlnkB6q
pSa64hte0INayc11ljsUdPbeDangdvOWRxhvxh2plcco45E+eFIr5veurBe1SqSW
9L0pRdZvY90K8GgcGfn8k3Od7GbvV8Ef51Vjsicp2z4ywa6XOkvjfpWKpQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCcZ0XGp1+E3SyTu+ectcPDVg83TMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvSnhuUmNhblg0VGRMSk83NTV5MXc4TldEemRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBV3hEMA0G
CSqGSIb3DQEBCwUAA4IBAQCSBZyiUEHX7YH422AuXrcWcyeq3IUWHjFmaNpG+GCn
dHtufEgg2urtM4b5q7R/4tlBEVctywQj5AG9zGF3IuKoNGGuEHXwRLftL5yUk3cn
xEKO27ibMye0gfKW+rEdA+cAYf2SF88ZfyTPhhZpSc0VYEGsdprBeYm2ExOr8EAF
v2POWExne5iOgVOAhZjOGJKsbEZK/HUIJyNzbjpXLWCDHJSZARv0eS4jlk6Z6Zu6
7s4VIa4kvZiGemahHR2xqK0v5YYjzBQu+MYPhDSSXZQ5IiJyNARaYHESF4cQt3My
1R79oRS3kKBUWBOSVFOaRyL9BK9DOSZmAXhzofKNPtMP
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:04 2024 by rpki-client on console-fra.rpki-client.org