Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/5AjCZ_2Sw60fRdu73jH7xHZQEPw.roa
File:                     5AjCZ_2Sw60fRdu73jH7xHZQEPw.roa (raw, json)
Hash identifier:          SvTKxMn0VtBqR0+ZrX1xy+ITI0yhG4NhBl+LvSMmhPk=
Subject key identifier:   E4:08:C2:67:FD:92:C3:AD:1F:45:DB:BB:DE:31:FB:C4:76:50:10:FC
Certificate issuer:       /CN=2455d7fee4a499ecaf11d2d3da8e389de323412f
Certificate serial:       01856F14CDF3388672CB6A1EC70C9330CD9C
Authority key identifier: 24:55:D7:FE:E4:A4:99:EC:AF:11:D2:D3:DA:8E:38:9D:E3:23:41:2F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JFXX_uSkmeyvEdLT2o44neMjQS8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/5AjCZ_2Sw60fRdu73jH7xHZQEPw.roa
Signing time:             Sun 01 Jan 2023 20:45:12 +0000
ROA not before:           Sun 01 Jan 2023 20:45:12 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     41956
IP address blocks:        185.6.148.0/24 maxlen: 24
                          185.6.149.0/24 maxlen: 24
                          185.6.150.0/24 maxlen: 24
                          185.6.151.0/24 maxlen: 24
                          212.30.53.0/24 maxlen: 24
                          212.30.54.0/24 maxlen: 24
                          212.30.55.0/24 maxlen: 24
                          212.30.52.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:14:cd:f3:38:86:72:cb:6a:1e:c7:0c:93:30:cd:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2455d7fee4a499ecaf11d2d3da8e389de323412f
        Validity
            Not Before: Jan  1 20:45:12 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e408c267fd92c3ad1f45dbbbde31fbc4765010fc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:ce:61:e0:1a:80:1d:af:37:69:a6:b2:77:0c:
                    26:2f:f5:96:d5:c6:88:4d:40:9a:57:27:a6:3c:97:
                    3a:48:68:4e:9c:8d:8d:29:90:5d:31:48:94:b1:89:
                    e5:df:d8:3d:b6:e1:b4:e8:65:bc:4b:05:20:d1:3d:
                    20:fd:84:62:28:f9:9e:4f:58:74:ab:e0:4b:fc:22:
                    f1:95:86:5c:f1:46:db:31:3c:7d:75:82:5c:4c:f9:
                    f5:c5:6e:ed:95:92:9f:1c:56:94:66:67:06:1a:bc:
                    fd:58:9f:94:f5:5d:49:be:38:c9:18:25:e6:d6:a0:
                    19:74:40:ac:2f:ed:76:46:9f:ee:0d:2b:1f:8b:40:
                    9d:41:db:57:18:86:4c:c0:4a:66:09:50:1e:b5:13:
                    ce:67:b8:2d:6f:bd:ff:62:a1:86:ee:9d:b7:86:2d:
                    69:76:23:91:54:02:9f:5c:08:72:7d:47:78:58:2e:
                    3a:9e:e9:17:c0:4e:54:33:2e:4c:f5:e2:07:60:fd:
                    4d:09:f5:16:a7:65:de:29:ea:34:7e:25:68:6a:b7:
                    78:6a:49:15:30:39:a5:27:50:a6:b6:4e:e3:7a:52:
                    81:55:e8:f5:ae:ad:41:32:c2:30:3a:af:57:9a:78:
                    91:64:6b:36:53:9d:62:db:5a:1b:2f:7f:58:ed:dc:
                    1c:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:08:C2:67:FD:92:C3:AD:1F:45:DB:BB:DE:31:FB:C4:76:50:10:FC
            X509v3 Authority Key Identifier:
                keyid:24:55:D7:FE:E4:A4:99:EC:AF:11:D2:D3:DA:8E:38:9D:E3:23:41:2F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JFXX_uSkmeyvEdLT2o44neMjQS8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/5AjCZ_2Sw60fRdu73jH7xHZQEPw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/JFXX_uSkmeyvEdLT2o44neMjQS8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.6.148.0/22
                  212.30.52.0/22

    Signature Algorithm: sha256WithRSAEncryption
         b6:08:75:fa:d9:e1:ce:e4:b9:08:32:3d:14:b6:31:2b:fb:59:
         6b:04:9e:70:08:26:11:9b:db:a0:e1:37:b5:f0:ab:1c:e9:04:
         b7:f6:41:04:f4:24:58:4d:9d:88:33:61:ea:ec:47:46:c3:30:
         74:33:ee:da:b8:0b:9b:76:d3:0e:6a:10:6a:a5:57:03:bb:4f:
         99:7e:42:0c:e6:2a:13:0c:27:43:4d:f6:b3:78:1b:9b:f1:6a:
         be:dd:b8:ca:05:e4:09:83:f2:d5:36:bb:b0:b1:b4:6c:57:4e:
         91:b3:bd:a3:d9:8c:33:a0:83:af:4d:3b:f0:8c:f5:75:5f:3a:
         1c:14:36:b4:73:98:32:69:42:5a:35:5f:62:e5:9d:0c:3d:35:
         a9:bc:cd:c9:0c:73:84:8d:76:5d:00:cc:c7:bb:95:c7:f4:77:
         9d:b3:52:ec:21:ca:7e:62:f7:d4:19:06:e0:b0:07:51:92:c7:
         9e:f3:91:b8:52:0e:0c:f7:f2:cf:3f:d5:28:24:72:4d:ef:7e:
         a3:50:fb:99:ef:a3:29:b6:65:c4:f7:7c:73:5b:12:08:b2:c9:
         b9:b0:8e:28:85:f2:eb:75:ea:93:ff:c4:72:51:b9:f1:c0:83:
         fc:6a:0c:11:5d:6c:d9:44:45:66:11:18:bc:4b:cb:a4:32:d5:
         ad:6d:6c:48
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvFM3zOIZyy2oexwyTMM2cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0NTVkN2ZlZTRhNDk5ZWNhZjExZDJkM2RhOGUzODlkZTMy
MzQxMmYwHhcNMjMwMTAxMjA0NTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDA4YzI2N2ZkOTJjM2FkMWY0NWRiYmJkZTMxZmJjNDc2NTAxMGZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtM5h4BqAHa83aaaydwwmL/WW1caI
TUCaVyemPJc6SGhOnI2NKZBdMUiUsYnl39g9tuG06GW8SwUg0T0g/YRiKPmeT1h0
q+BL/CLxlYZc8UbbMTx9dYJcTPn1xW7tlZKfHFaUZmcGGrz9WJ+U9V1JvjjJGCXm
1qAZdECsL+12Rp/uDSsfi0CdQdtXGIZMwEpmCVAetRPOZ7gtb73/YqGG7p23hi1p
diORVAKfXAhyfUd4WC46nukXwE5UMy5M9eIHYP1NCfUWp2XeKeo0fiVoard4akkV
MDmlJ1Cmtk7jelKBVej1rq1BMsIwOq9XmniRZGs2U51i21obL39Y7dwcTQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOQIwmf9ksOtH0Xbu94x+8R2UBD8MB8GA1UdIwQY
MBaAFCRV1/7kpJnsrxHS09qOOJ3jI0EvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkZYWF91U2ttZXl2RWRMVDJvNDRuZU1qUVM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy8zZmZiNzYtOTkzMS00OTQyLTlkYTEt
MWUwNDY1NTEzYjYzLzEvNUFqQ1pfMlN3NjBmUmR1NzNqSDd4SFpRRVB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy8zZmZiNzYtOTkzMS00OTQyLTlkYTEtMWUwNDY1NTEzYjYz
LzEvSkZYWF91U2ttZXl2RWRMVDJvNDRuZU1qUVM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuQaUAwQC
1B40MA0GCSqGSIb3DQEBCwUAA4IBAQC2CHX62eHO5LkIMj0UtjEr+1lrBJ5wCCYR
m9ug4Te18Ksc6QS39kEE9CRYTZ2IM2Hq7EdGwzB0M+7auAubdtMOahBqpVcDu0+Z
fkIM5ioTDCdDTfazeBub8Wq+3bjKBeQJg/LVNruwsbRsV06Rs72j2YwzoIOvTTvw
jPV1XzocFDa0c5gyaUJaNV9i5Z0MPTWpvM3JDHOEjXZdAMzHu5XH9Heds1LsIcp+
YvfUGQbgsAdRksee85G4Ug4M9/LPP9UoJHJN736jUPuZ76MptmXE93xzWxIIssm5
sI4ohfLrdeqT/8RyUbnxwIP8agwRXWzZREVmERi8S8ukMtWtbWxI
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:28 2024 by rpki-client on console-ams.rpki-client.org