Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/J1OYSePp0H27gVi9_B0RQZ8_iMI.roa
File:                     J1OYSePp0H27gVi9_B0RQZ8_iMI.roa (raw, json)
Hash identifier:          zDfiFsP+XdDub97ld+W8r01rEgUl0FpVDakhXdCpUkk=
Subject key identifier:   27:53:98:49:E3:E9:D0:7D:BB:81:58:BD:FC:1D:11:41:9F:3F:88:C2
Certificate issuer:       /CN=9cb25ce550e4d9bda05bd5d45c8b6ba37430bbba
Certificate serial:       018AD41826CFD13590BA19D0EA0B2AB3CA1C
Authority key identifier: 9C:B2:5C:E5:50:E4:D9:BD:A0:5B:D5:D4:5C:8B:6B:A3:74:30:BB:BA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nLJc5VDk2b2gW9XUXItro3Qwu7o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/J1OYSePp0H27gVi9_B0RQZ8_iMI.roa
Signing time:             Wed 27 Sep 2023 00:44:27 +0000
ROA not before:           Wed 27 Sep 2023 00:44:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     9009
IP address blocks:        45.94.136.0/24 maxlen: 24
                          45.94.139.0/24 maxlen: 24
                          5.253.184.0/23 maxlen: 23
                          185.114.204.0/24 maxlen: 24
                          5.253.187.0/24 maxlen: 24
                          193.135.220.0/22 maxlen: 22
                          88.214.0.0/24 maxlen: 24
                          88.214.1.0/24 maxlen: 24
                          88.214.2.0/24 maxlen: 24
                          88.214.3.0/24 maxlen: 24
                          88.218.196.0/22 maxlen: 22
                          185.219.160.0/24 maxlen: 24
                          185.219.163.0/24 maxlen: 24
                          45.81.161.0/24 maxlen: 24
                          45.81.162.0/24 maxlen: 24
                          45.81.163.0/24 maxlen: 24
                          45.130.33.0/24 maxlen: 24
                          45.130.34.0/23 maxlen: 23
                          193.111.184.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Mon 02 Oct 2023 11:41:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:d4:18:26:cf:d1:35:90:ba:19:d0:ea:0b:2a:b3:ca:1c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9cb25ce550e4d9bda05bd5d45c8b6ba37430bbba
        Validity
            Not Before: Sep 27 00:44:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=27539849e3e9d07dbb8158bdfc1d11419f3f88c2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:0a:9c:a2:8b:82:6e:81:e5:69:f3:60:ba:f9:
                    9c:06:e8:82:e4:3e:82:57:bb:d5:d5:63:9d:cd:9b:
                    bd:e6:03:51:be:70:d7:5e:9e:74:b0:c4:a2:4d:2f:
                    d0:62:39:d8:17:09:38:14:fe:c1:90:b0:1a:49:c7:
                    25:0b:55:af:ee:c3:d8:99:74:2f:4c:67:f2:15:4e:
                    fa:02:ef:40:f8:28:b4:54:b2:48:92:62:5c:31:1f:
                    9a:57:f1:4f:5c:da:00:4c:37:5d:f0:49:01:f3:f7:
                    a0:91:5b:a6:c0:61:bc:c8:eb:b4:23:58:a4:4c:1d:
                    04:53:85:a9:18:59:82:4d:32:dc:fb:f6:cf:0d:8d:
                    d9:26:16:5e:7d:0e:64:14:88:50:21:bc:bc:d3:9f:
                    ed:a5:cf:3d:e6:55:b7:8c:36:06:92:90:9b:56:d2:
                    67:8c:62:e3:6c:6a:77:f1:be:6a:7f:9f:09:50:24:
                    c7:f7:ad:63:99:d8:ab:2d:d1:63:f9:3e:49:8f:b6:
                    9b:41:3a:43:2e:98:de:17:3c:35:5d:da:53:b5:2f:
                    36:73:49:f5:33:2c:5e:07:cf:19:ab:76:24:9f:02:
                    83:1c:e0:e2:95:51:55:59:b2:b4:65:e9:a0:62:6d:
                    db:a5:2b:47:7a:73:c1:a3:34:02:2f:c1:a3:79:4b:
                    56:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:53:98:49:E3:E9:D0:7D:BB:81:58:BD:FC:1D:11:41:9F:3F:88:C2
            X509v3 Authority Key Identifier:
                keyid:9C:B2:5C:E5:50:E4:D9:BD:A0:5B:D5:D4:5C:8B:6B:A3:74:30:BB:BA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nLJc5VDk2b2gW9XUXItro3Qwu7o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/J1OYSePp0H27gVi9_B0RQZ8_iMI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/nLJc5VDk2b2gW9XUXItro3Qwu7o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.253.184.0/23
                  5.253.187.0/24
                  45.81.161.0-45.81.163.255
                  45.94.136.0/24
                  45.94.139.0/24
                  45.130.33.0-45.130.35.255
                  88.214.0.0/22
                  88.218.196.0/22
                  185.114.204.0/24
                  185.219.160.0/24
                  185.219.163.0/24
                  193.111.184.0/22
                  193.135.220.0/22

    Signature Algorithm: sha256WithRSAEncryption
         7b:fa:f6:43:c6:b5:dc:d9:40:62:76:f5:c7:c5:c7:19:ba:52:
         d3:b2:5d:0d:7c:10:3a:f5:8a:f1:fb:c8:be:8e:c8:92:a8:20:
         b0:21:5f:e0:d2:38:c5:b7:69:7f:a3:b1:02:3c:88:cc:b8:ef:
         57:37:01:55:77:4c:18:f2:98:5f:97:02:bc:6a:ac:af:68:b9:
         a7:91:9e:2d:81:1c:00:35:8e:ff:d0:71:b3:55:34:95:6c:cc:
         02:40:b3:7a:3c:9f:68:65:c7:51:25:2c:9d:27:13:aa:64:1c:
         31:8b:c4:f5:27:00:bc:2e:0c:a4:22:19:95:5f:66:43:61:83:
         38:b1:5b:3a:75:fa:2f:a5:6e:17:60:78:23:21:da:34:cc:d6:
         5d:40:c9:17:71:e0:cc:23:6d:c4:51:f9:87:80:e5:0d:d4:de:
         1c:f9:b4:0e:39:a5:c4:99:50:42:77:4b:71:01:f5:10:83:a1:
         12:4e:f9:bc:19:2b:46:55:c1:9e:92:62:58:99:05:7f:2d:89:
         15:a5:74:3a:5c:cb:62:23:85:f4:9c:3e:50:bd:c7:4d:d8:62:
         c5:c5:20:83:0b:ab:93:d2:cd:e2:73:c1:0b:6e:25:9f:38:21:
         b9:ca:ce:ad:30:7a:fc:ce:41:81:63:c9:51:16:8f:fa:9a:4b:
         ce:84:ec:4d
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAYrUGCbP0TWQuhnQ6gsqs8ocMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljYjI1Y2U1NTBlNGQ5YmRhMDViZDVkNDVjOGI2YmEzNzQz
MGJiYmEwHhcNMjMwOTI3MDA0NDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzUzOTg0OWUzZTlkMDdkYmI4MTU4YmRmYzFkMTE0MTlmM2Y4OGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQqcoouCboHlafNguvmcBuiC5D6C
V7vV1WOdzZu95gNRvnDXXp50sMSiTS/QYjnYFwk4FP7BkLAaScclC1Wv7sPYmXQv
TGfyFU76Au9A+Ci0VLJIkmJcMR+aV/FPXNoATDdd8EkB8/egkVumwGG8yOu0I1ik
TB0EU4WpGFmCTTLc+/bPDY3ZJhZefQ5kFIhQIby805/tpc895lW3jDYGkpCbVtJn
jGLjbGp38b5qf58JUCTH961jmdirLdFj+T5Jj7abQTpDLpjeFzw1XdpTtS82c0n1
MyxeB88Zq3YknwKDHODilVFVWbK0ZemgYm3bpStHenPBozQCL8GjeUtWMwIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFCdTmEnj6dB9u4FYvfwdEUGfP4jCMB8GA1UdIwQY
MBaAFJyyXOVQ5Nm9oFvV1FyLa6N0MLu6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkxKYzVWRGsyYjJnVzlYVVhJdHJvM1F3dTdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS80ZjMzNmItNGE3OS00NDI1LTk1NTYt
YmU0NWYwZDJhYmJiLzEvSjFPWVNlUHAwSDI3Z1ZpOV9CMFJRWjhfaU1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS80ZjMzNmItNGE3OS00NDI1LTk1NTYtYmU0NWYwZDJhYmJi
LzEvbkxKYzVWRGsyYjJnVzlYVVhJdHJvM1F3dTdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjBkBAIAATBeAwQBBf24AwQA
Bf27MAwDBAAtUaEDBAItUaADBAAtXogDBAAtXoswDAMEAC2CIQMEAi2CIAMEAljW
AAMEAljaxAMEALlyzAMEALnboAMEALnbowMEAsFvuAMEAsGH3DANBgkqhkiG9w0B
AQsFAAOCAQEAe/r2Q8a13NlAYnb1x8XHGbpS07JdDXwQOvWK8fvIvo7IkqggsCFf
4NI4xbdpf6OxAjyIzLjvVzcBVXdMGPKYX5cCvGqsr2i5p5GeLYEcADWO/9Bxs1U0
lWzMAkCzejyfaGXHUSUsnScTqmQcMYvE9ScAvC4MpCIZlV9mQ2GDOLFbOnX6L6Vu
F2B4IyHaNMzWXUDJF3HgzCNtxFH5h4DlDdTeHPm0DjmlxJlQQndLcQH1EIOhEk75
vBkrRlXBnpJiWJkFfy2JFaV0OlzLYiOF9Jw+UL3HTdhixcUggwurk9LN4nPBC24l
nzghucrOrTB6/M5BgWPJURaP+ppLzoTsTQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:16 2024 by rpki-client on console-fra.rpki-client.org