Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/jVS-psEkgmewep4eNpGoff7C6bw.roa
File:                     jVS-psEkgmewep4eNpGoff7C6bw.roa (raw, json)
Hash identifier:          m/zDWJXSK8D+J8qlT8NdO0YS4EWl56lVQMN30+iwzvQ=
Subject key identifier:   8D:54:BE:A6:C1:24:82:67:B0:7A:9E:1E:36:91:A8:7D:FE:C2:E9:BC
Certificate issuer:       /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial:       018ED6C56E8C50233D1982E57432687719C1
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/jVS-psEkgmewep4eNpGoff7C6bw.roa
Signing time:             Sat 13 Apr 2024 09:24:06 +0000
ROA not before:           Sat 13 Apr 2024 09:24:06 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     43260
IP address blocks:        5.181.84.0/24 maxlen: 24
                          5.181.85.0/24 maxlen: 24
                          5.181.87.0/24 maxlen: 24
                          45.94.170.0/24 maxlen: 24
                          85.209.120.0/23 maxlen: 24
                          146.19.125.0/24 maxlen: 24
                          193.30.241.0/24 maxlen: 24
                          195.177.95.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 25 Apr 2024 12:18:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:d6:c5:6e:8c:50:23:3d:19:82:e5:74:32:68:77:19:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
        Validity
            Not Before: Apr 13 09:24:06 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=8d54bea6c1248267b07a9e1e3691a87dfec2e9bc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:2d:68:a2:7f:0e:c2:be:e4:93:ca:7a:5b:3b:
                    99:e7:1e:06:cd:3b:04:47:90:81:60:f1:c8:c5:9d:
                    b6:71:f9:fe:a2:e7:73:44:ab:fb:d4:af:9e:b9:22:
                    62:de:09:2c:29:6a:bb:2e:2d:ba:b9:fe:e4:8e:71:
                    06:eb:13:fe:c0:a8:ef:39:3b:c5:40:41:05:cc:0b:
                    af:43:18:fa:54:19:ee:71:49:cf:c8:68:c3:f3:4a:
                    56:5e:02:3d:d5:f7:6f:8e:40:d1:20:e2:03:9d:54:
                    1f:51:55:ce:1d:cc:5a:fb:ea:e3:52:a9:87:18:4b:
                    b3:fb:91:bd:3a:c2:4c:45:65:a3:8d:23:7a:33:7f:
                    1d:f1:6f:f0:4b:b5:9a:dd:83:1d:c9:37:a4:1b:b6:
                    3f:48:02:d5:56:ee:fa:91:f5:ee:2d:da:ad:b1:09:
                    cc:ff:46:c3:c4:63:4e:01:2b:ce:2c:dd:4d:ad:e4:
                    c1:3f:ac:76:8c:ff:d6:9d:35:bd:90:bd:fb:91:b0:
                    59:1c:e3:ae:d1:c4:75:38:d8:c2:7e:02:02:de:39:
                    da:62:4d:d3:e7:27:31:d0:19:7f:75:c1:3a:69:f1:
                    10:ca:aa:df:6b:b0:7e:fe:73:4a:7d:1a:f1:a3:c5:
                    4b:05:99:53:6c:a2:bc:b1:e4:e7:4b:5c:1d:ca:25:
                    f2:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:54:BE:A6:C1:24:82:67:B0:7A:9E:1E:36:91:A8:7D:FE:C2:E9:BC
            X509v3 Authority Key Identifier:
                keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/jVS-psEkgmewep4eNpGoff7C6bw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.181.84.0/23
                  5.181.87.0/24
                  45.94.170.0/24
                  85.209.120.0/23
                  146.19.125.0/24
                  193.30.241.0/24
                  195.177.95.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b0:6f:f8:32:dc:a5:97:f3:cf:6b:8a:5f:84:e2:5a:a3:4a:2a:
         33:8a:7f:09:80:ca:75:b8:3c:14:42:53:db:13:09:57:ab:25:
         21:f1:fd:77:f5:3a:9d:32:fd:7a:f3:42:68:8c:c4:cd:e4:1d:
         9c:c9:17:8f:76:31:6e:4e:17:38:e7:82:d7:3d:53:58:8f:8e:
         1a:07:84:6b:c6:6d:96:21:61:c3:47:9a:72:e0:3b:39:2e:ad:
         d7:39:37:ab:63:93:77:4a:ac:fd:ba:42:25:dd:44:1d:dd:fe:
         e0:6d:52:78:db:76:c3:ad:1f:db:ee:d1:78:6f:ba:43:8d:f7:
         69:0d:51:cf:62:e9:4e:bd:00:e5:05:1c:e4:75:07:09:a3:c1:
         11:74:4f:37:a4:12:f2:cc:31:1a:ec:c3:b6:34:15:77:16:80:
         7c:1e:92:6a:1a:a5:c8:b5:46:0e:0f:f3:7f:ae:8e:5f:9c:c5:
         a4:3e:9d:bc:d3:d5:1d:d9:66:ce:6f:85:be:6a:96:c5:8f:b6:
         8a:0f:cd:ff:c1:ab:32:08:3b:3e:a2:24:e0:bd:ef:c3:20:c5:
         d6:96:ed:35:cd:1b:cf:b3:fa:53:46:72:c2:1a:87:67:d9:15:
         ff:9c:e3:6b:ee:e6:1e:fd:4f:a4:57:79:84:7a:91:d0:bb:4b:
         3a:10:d7:fa
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY7WxW6MUCM9GYLldDJodxnBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwNDEzMDkyNDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDU0YmVhNmMxMjQ4MjY3YjA3YTllMWUzNjkxYTg3ZGZlYzJlOWJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhy1oon8Owr7kk8p6WzuZ5x4GzTsE
R5CBYPHIxZ22cfn+oudzRKv71K+euSJi3gksKWq7Li26uf7kjnEG6xP+wKjvOTvF
QEEFzAuvQxj6VBnucUnPyGjD80pWXgI91fdvjkDRIOIDnVQfUVXOHcxa++rjUqmH
GEuz+5G9OsJMRWWjjSN6M38d8W/wS7Wa3YMdyTekG7Y/SALVVu76kfXuLdqtsQnM
/0bDxGNOASvOLN1NreTBP6x2jP/WnTW9kL37kbBZHOOu0cR1ONjCfgIC3jnaYk3T
5ycx0Bl/dcE6afEQyqrfa7B+/nNKfRrxo8VLBZlTbKK8seTnS1wdyiXy/wIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFI1UvqbBJIJnsHqeHjaRqH3+wum8MB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvalZTLXBzRWtnbWV3ZXA0ZU5wR29mZjdDNmJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBBbVUAwQA
BbVXAwQALV6qAwQBVdF4AwQAkhN9AwQAwR7xAwQAw7FfMA0GCSqGSIb3DQEBCwUA
A4IBAQCwb/gy3KWX889ril+E4lqjSiozin8JgMp1uDwUQlPbEwlXqyUh8f139Tqd
Mv1680JojMTN5B2cyRePdjFuThc454LXPVNYj44aB4Rrxm2WIWHDR5py4Ds5Lq3X
OTerY5N3Sqz9ukIl3UQd3f7gbVJ423bDrR/b7tF4b7pDjfdpDVHPYulOvQDlBRzk
dQcJo8ERdE83pBLyzDEa7MO2NBV3FoB8HpJqGqXItUYOD/N/ro5fnMWkPp2809Ud
2WbOb4W+apbFj7aKD83/wasyCDs+oiTgve/DIMXWlu01zRvPs/pTRnLCGodn2RX/
nONr7uYe/U+kV3mEepHQu0s6ENf6
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:19 2024 by rpki-client on console-ams.rpki-client.org