Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/JaVnUGLiDfa41jIOptQBeI3MhMQ.roa
File:                     JaVnUGLiDfa41jIOptQBeI3MhMQ.roa (raw, json)
Hash identifier:          LacuBMG+R4qmp9wyFpM75QM2mhZsw/V6GOLl/9+6vIo=
Subject key identifier:   25:A5:67:50:62:E2:0D:F6:B8:D6:32:0E:A6:D4:01:78:8D:CC:84:C4
Certificate issuer:       /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial:       0186746BF55FF46C9D2082FF70998EA3CAAA
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/JaVnUGLiDfa41jIOptQBeI3MhMQ.roa
Signing time:             Tue 21 Feb 2023 14:41:17 +0000
ROA not before:           Tue 21 Feb 2023 14:41:17 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     21700
IP address blocks:        213.176.92.0/22 maxlen: 24
                          213.176.24.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Wed 22 Feb 2023 16:50:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:74:6b:f5:5f:f4:6c:9d:20:82:ff:70:99:8e:a3:ca:aa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
        Validity
            Not Before: Feb 21 14:41:17 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=25a5675062e20df6b8d6320ea6d401788dcc84c4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:ac:f7:77:04:6d:cc:78:12:73:3b:25:78:d7:
                    3d:57:85:c7:b3:e4:41:b3:89:c2:5f:33:6f:d1:e2:
                    a6:d2:c2:13:01:19:a7:bc:71:92:97:8f:2f:13:66:
                    ea:9b:14:f0:48:d9:ec:d8:e8:5a:32:9a:b5:a7:f9:
                    ba:79:ec:8b:e4:63:6b:16:3e:37:f0:e6:81:c4:fb:
                    73:77:f0:9d:dd:d1:32:dd:17:ea:fc:ae:5d:a0:6b:
                    ed:e5:2b:91:a4:e5:fa:f6:64:f3:3c:95:ae:d3:81:
                    f4:76:85:b3:e9:9b:e7:87:4d:7b:30:07:28:87:96:
                    26:a3:74:e5:d9:8a:f5:5f:cf:73:15:d4:be:fa:e0:
                    8d:23:f3:04:61:91:87:8e:d8:fc:f1:47:0e:bf:fb:
                    d2:e8:bf:31:c9:fa:ec:2c:0f:71:24:e3:07:4e:f5:
                    6b:a5:e0:21:7e:b1:6e:02:ed:8d:5d:74:27:bd:41:
                    91:71:76:0b:4b:a4:96:ce:93:56:8e:c1:ac:4d:13:
                    24:18:00:c1:50:77:15:a2:9b:49:f2:a1:9c:1b:42:
                    9a:92:06:ab:11:15:b4:62:a9:f2:8d:19:5d:60:f8:
                    21:3f:76:70:ea:25:c0:95:d8:5d:5f:e1:e4:c3:4c:
                    97:de:37:16:92:36:56:6a:aa:a9:89:7a:ea:6b:62:
                    6c:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:A5:67:50:62:E2:0D:F6:B8:D6:32:0E:A6:D4:01:78:8D:CC:84:C4
            X509v3 Authority Key Identifier:
                keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/JaVnUGLiDfa41jIOptQBeI3MhMQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.176.24.0/22
                  213.176.92.0/22

    Signature Algorithm: sha256WithRSAEncryption
         c7:80:4b:9a:f7:50:22:0e:ec:ce:42:0e:c5:fc:5e:87:01:47:
         0c:04:d5:13:b9:59:5c:2e:17:af:1b:02:13:94:9a:20:c5:6e:
         d9:a1:a3:10:6d:9d:79:39:a1:6e:76:2e:e8:fb:dc:72:fb:f3:
         66:a0:d1:3a:f4:99:06:07:38:fd:c8:aa:73:e0:aa:16:66:ce:
         9f:f9:e7:d2:40:c0:cf:71:bd:b4:6f:d6:f1:79:ef:fe:5b:67:
         e3:38:78:a5:01:2c:ac:9e:7c:51:9d:5e:c8:da:a8:0a:95:db:
         76:19:29:7e:04:2c:ee:f5:d5:92:45:85:4e:10:7b:34:e7:12:
         3f:d5:71:1c:73:0d:47:f2:4a:fa:6c:f2:b5:1c:f3:17:ec:b6:
         35:2e:19:bb:1a:61:7c:ab:5d:40:52:77:ff:a0:b2:f0:df:37:
         66:c8:01:4f:a4:e7:17:9e:26:f5:0a:64:ba:de:ee:a4:fa:ef:
         c2:4e:c0:cd:e1:23:b3:fa:eb:8f:e3:72:2d:7d:30:32:4c:ae:
         06:3c:b3:d5:87:d0:6c:ae:63:ad:14:68:63:4a:2a:43:d6:6a:
         b0:9e:ad:b7:a1:a2:75:2c:9c:13:42:20:e4:d1:95:c3:46:37:
         0c:2b:76:2e:32:20:12:93:23:7a:ed:26:ec:be:3b:f5:4f:f9:
         1b:9a:71:2a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYZ0a/Vf9GydIIL/cJmOo8qqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjMwMjIxMTQ0MTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWE1Njc1MDYyZTIwZGY2YjhkNjMyMGVhNmQ0MDE3ODhkY2M4NGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhaz3dwRtzHgSczsleNc9V4XHs+RB
s4nCXzNv0eKm0sITARmnvHGSl48vE2bqmxTwSNns2OhaMpq1p/m6eeyL5GNrFj43
8OaBxPtzd/Cd3dEy3Rfq/K5doGvt5SuRpOX69mTzPJWu04H0doWz6Zvnh017MAco
h5Ymo3Tl2Yr1X89zFdS++uCNI/MEYZGHjtj88UcOv/vS6L8xyfrsLA9xJOMHTvVr
peAhfrFuAu2NXXQnvUGRcXYLS6SWzpNWjsGsTRMkGADBUHcVoptJ8qGcG0Kakgar
ERW0YqnyjRldYPghP3Zw6iXAldhdX+Hkw0yX3jcWkjZWaqqpiXrqa2JsCwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCWlZ1Bi4g32uNYyDqbUAXiNzITEMB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvSmFWblVHTGlEZmE0MWpJT3B0UUJlSTNNaE1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQC1bAYAwQC
1bBcMA0GCSqGSIb3DQEBCwUAA4IBAQDHgEua91AiDuzOQg7F/F6HAUcMBNUTuVlc
LhevGwITlJogxW7ZoaMQbZ15OaFudi7o+9xy+/NmoNE69JkGBzj9yKpz4KoWZs6f
+efSQMDPcb20b9bxee/+W2fjOHilASysnnxRnV7I2qgKldt2GSl+BCzu9dWSRYVO
EHs05xI/1XEccw1H8kr6bPK1HPMX7LY1Lhm7GmF8q11AUnf/oLLw3zdmyAFPpOcX
nib1CmS63u6k+u/CTsDN4SOz+uuP43ItfTAyTK4GPLPVh9BsrmOtFGhjSipD1mqw
nq23oaJ1LJwTQiDk0ZXDRjcMK3YuMiASkyN67Sbsvjv1T/kbmnEq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:39 2024 by rpki-client on console-fra.rpki-client.org