Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/699292-3da0-4772-af82-8334e362236d/1/jrqjH6O_PSLZQLUe3gwOWQZEVh0.roa
File:                     jrqjH6O_PSLZQLUe3gwOWQZEVh0.roa (raw, json)
Hash identifier:          OSf55sQyNOy+g0ZhqNnjhgEy6jDbD6YE0uccYf8nqcc=
Subject key identifier:   8E:BA:A3:1F:A3:BF:3D:22:D9:40:B5:1E:DE:0C:0E:59:06:44:56:1D
Certificate issuer:       /CN=8ceb23e2c5d9f2c734488904505835ef2809fb3b
Certificate serial:       018A93B46E4D12DBB1BEBE6BA38FF40732F4
Authority key identifier: 8C:EB:23:E2:C5:D9:F2:C7:34:48:89:04:50:58:35:EF:28:09:FB:3B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jOsj4sXZ8sc0SIkEUFg17ygJ-zs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/699292-3da0-4772-af82-8334e362236d/1/jrqjH6O_PSLZQLUe3gwOWQZEVh0.roa
Signing time:             Thu 14 Sep 2023 12:39:50 +0000
ROA not before:           Thu 14 Sep 2023 12:39:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     49813
IP address blocks:        109.105.128.0/20 maxlen: 20
                          109.105.137.0/24 maxlen: 24
                          109.105.139.0/24 maxlen: 24
                          109.105.138.0/24 maxlen: 24
                          109.105.133.0/24 maxlen: 24
                          109.105.144.0/23 maxlen: 24
                          109.105.144.0/24 maxlen: 24
                          109.105.144.0/21 maxlen: 24
                          109.105.146.0/24 maxlen: 24
                          109.105.147.0/24 maxlen: 24
                          5.63.132.0/24 maxlen: 24
                          5.63.128.0/21 maxlen: 21

Validation:               Failed, certificate revoked on Wed 20 Sep 2023 12:39:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:93:b4:6e:4d:12:db:b1:be:be:6b:a3:8f:f4:07:32:f4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8ceb23e2c5d9f2c734488904505835ef2809fb3b
        Validity
            Not Before: Sep 14 12:39:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8ebaa31fa3bf3d22d940b51ede0c0e590644561d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:7b:01:e0:20:ab:ae:57:71:dd:1b:59:70:94:
                    b1:7b:f4:0e:f7:aa:de:92:83:d8:38:8b:52:97:c3:
                    31:97:cb:e3:a3:a1:13:ff:1d:56:1f:53:60:3f:d8:
                    0b:97:37:a6:a8:27:3c:02:21:89:25:7f:26:86:f2:
                    ee:f3:dd:47:7e:04:bf:de:1e:5f:30:34:f2:db:7f:
                    27:b0:e9:6d:7e:e5:71:80:08:7a:54:ac:a5:f2:48:
                    bd:27:df:32:3e:02:00:d8:b0:0b:1f:0d:39:e7:9d:
                    5f:5a:64:3b:e3:20:55:61:a0:57:11:d3:51:67:dc:
                    89:55:10:07:ed:81:88:61:0b:20:3d:68:5d:5c:b6:
                    96:08:40:da:7e:67:c8:96:f5:c5:1e:db:31:ef:f2:
                    54:c4:4d:48:d7:58:68:77:38:7a:22:1a:54:6c:c7:
                    1c:5f:01:fe:ba:86:53:9a:f9:2f:60:12:fc:c7:c4:
                    0b:2d:74:ff:ac:c4:a1:55:7a:15:8e:93:1b:30:a6:
                    a9:24:f1:8b:53:ab:88:75:55:8e:28:bb:8a:b7:fe:
                    ac:7d:15:f8:bb:f5:45:32:89:af:9f:55:f5:d5:00:
                    c0:ae:4d:10:c4:a4:c5:9f:74:c8:84:3d:d6:3a:a6:
                    6c:f4:78:3f:6c:b0:0d:19:83:31:dc:89:74:cd:e7:
                    cd:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:BA:A3:1F:A3:BF:3D:22:D9:40:B5:1E:DE:0C:0E:59:06:44:56:1D
            X509v3 Authority Key Identifier:
                keyid:8C:EB:23:E2:C5:D9:F2:C7:34:48:89:04:50:58:35:EF:28:09:FB:3B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jOsj4sXZ8sc0SIkEUFg17ygJ-zs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/699292-3da0-4772-af82-8334e362236d/1/jrqjH6O_PSLZQLUe3gwOWQZEVh0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/699292-3da0-4772-af82-8334e362236d/1/jOsj4sXZ8sc0SIkEUFg17ygJ-zs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.63.128.0/21
                  109.105.128.0-109.105.151.255

    Signature Algorithm: sha256WithRSAEncryption
         b0:3f:b8:72:ad:e2:51:3e:69:a8:5f:22:a4:59:6f:1f:22:43:
         2a:02:dd:ef:77:b3:b7:f5:e8:e2:ae:59:97:54:62:d2:18:9d:
         47:34:a9:3c:16:0f:d7:56:e6:d0:c9:bc:0b:24:2c:3c:ac:24:
         b1:64:64:11:9c:b9:56:58:dd:8d:84:fe:d6:56:a4:64:df:1f:
         84:c1:f3:82:88:26:4a:03:24:1f:2a:5e:00:94:57:3c:5f:ab:
         ae:3f:90:49:43:5a:b1:22:68:20:b9:26:20:36:2c:9d:9f:29:
         41:9c:64:f3:be:9b:0c:80:de:b4:35:d6:8d:f9:d8:62:0b:a6:
         70:6b:40:14:ae:89:72:58:52:c1:58:ce:d4:e9:6e:dd:0f:50:
         22:35:48:f5:68:80:78:bc:4e:b7:de:f5:aa:0a:4f:04:4c:d9:
         1e:c9:b8:41:7f:54:f3:c4:dc:cb:57:ee:24:58:4e:16:0a:6b:
         b0:98:9a:1d:fd:43:ae:88:4e:44:65:43:f1:03:04:5c:33:d4:
         04:2a:7d:fa:94:59:a2:e5:39:5d:e2:c3:9c:07:f9:cd:44:7d:
         97:e8:9e:11:96:51:7f:8b:01:ca:68:51:77:29:75:6e:ba:86:
         30:7c:02:71:9a:52:c8:75:5f:f7:9f:ff:42:fd:47:8b:8d:8b:
         6e:02:ee:e1
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYqTtG5NEtuxvr5ro4/0BzL0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjZWIyM2UyYzVkOWYyYzczNDQ4ODkwNDUwNTgzNWVmMjgw
OWZiM2IwHhcNMjMwOTE0MTIzOTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZWJhYTMxZmEzYmYzZDIyZDk0MGI1MWVkZTBjMGU1OTA2NDQ1NjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlXsB4CCrrldx3RtZcJSxe/QO96re
koPYOItSl8Mxl8vjo6ET/x1WH1NgP9gLlzemqCc8AiGJJX8mhvLu891HfgS/3h5f
MDTy238nsOltfuVxgAh6VKyl8ki9J98yPgIA2LALHw05551fWmQ74yBVYaBXEdNR
Z9yJVRAH7YGIYQsgPWhdXLaWCEDafmfIlvXFHtsx7/JUxE1I11hodzh6IhpUbMcc
XwH+uoZTmvkvYBL8x8QLLXT/rMShVXoVjpMbMKapJPGLU6uIdVWOKLuKt/6sfRX4
u/VFMomvn1X11QDArk0QxKTFn3TIhD3WOqZs9Hg/bLANGYMx3Il0zefNCwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFI66ox+jvz0i2UC1Ht4MDlkGRFYdMB8GA1UdIwQY
MBaAFIzrI+LF2fLHNEiJBFBYNe8oCfs7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvak9zajRzWFo4c2MwU0lrRVVGZzE3eWdKLXpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82OTkyOTItM2RhMC00NzcyLWFmODIt
ODMzNGUzNjIyMzZkLzEvanJxakg2T19QU0xaUUxVZTNnd09XUVpFVmgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82OTkyOTItM2RhMC00NzcyLWFmODItODMzNGUzNjIyMzZk
LzEvak9zajRzWFo4c2MwU0lrRVVGZzE3eWdKLXpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQDBT+AMAwD
BAdtaYADBANtaZAwDQYJKoZIhvcNAQELBQADggEBALA/uHKt4lE+aahfIqRZbx8i
QyoC3e93s7f16OKuWZdUYtIYnUc0qTwWD9dW5tDJvAskLDysJLFkZBGcuVZY3Y2E
/tZWpGTfH4TB84KIJkoDJB8qXgCUVzxfq64/kElDWrEiaCC5JiA2LJ2fKUGcZPO+
mwyA3rQ11o352GILpnBrQBSuiXJYUsFYztTpbt0PUCI1SPVogHi8Trfe9aoKTwRM
2R7JuEF/VPPE3MtX7iRYThYKa7CYmh39Q66ITkRlQ/EDBFwz1AQqffqUWaLlOV3i
w5wH+c1EfZfonhGWUX+LAcpoUXcpdW66hjB8AnGaUsh1X/ef/0L9R4uNi24C7uE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:20 2024 by rpki-client on console-ams.rpki-client.org