Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/4c5c3d-21b0-4058-89fd-6c1b4471f7ee/1/JaU__2DiouSKpYLTor4couqdJfs.roa
File:                     JaU__2DiouSKpYLTor4couqdJfs.roa (raw, json)
Hash identifier:          d3CX4II1FVJEyo3yfm1boYDRzWnzDEVxESpdFzKigPY=
Subject key identifier:   25:A5:3F:FF:60:E2:A2:E4:8A:A5:82:D3:A2:BE:1C:A2:EA:9D:25:FB
Certificate issuer:       /CN=c784128505f7f99c7570442980adeb8af90cc270
Certificate serial:       01856DA651F0EEBD843CBF67EF6798A82593
Authority key identifier: C7:84:12:85:05:F7:F9:9C:75:70:44:29:80:AD:EB:8A:F9:0C:C2:70
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/x4QShQX3-Zx1cEQpgK3rivkMwnA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/4c5c3d-21b0-4058-89fd-6c1b4471f7ee/1/JaU__2DiouSKpYLTor4couqdJfs.roa
Signing time:             Sun 01 Jan 2023 14:04:54 +0000
ROA not before:           Sun 01 Jan 2023 14:04:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61273
IP address blocks:        185.151.204.0/24 maxlen: 24
                          185.151.205.0/24 maxlen: 24
                          185.151.206.0/24 maxlen: 24
                          185.151.207.0/24 maxlen: 24
                          185.230.39.0/24 maxlen: 24
                          185.255.24.0/22 maxlen: 24
                          2a0b:14c0:2::/48 maxlen: 48
                          2a0b:14c0:4::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:32:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:a6:51:f0:ee:bd:84:3c:bf:67:ef:67:98:a8:25:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c784128505f7f99c7570442980adeb8af90cc270
        Validity
            Not Before: Jan  1 14:04:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=25a53fff60e2a2e48aa582d3a2be1ca2ea9d25fb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:a7:b6:9d:00:94:9c:0e:c2:7b:dc:66:55:7b:
                    00:87:d4:0d:3a:79:4a:df:b6:67:15:4a:85:31:f2:
                    05:5c:2f:33:e1:69:f2:59:b2:d2:28:5e:06:5d:08:
                    d3:7f:99:20:a3:9a:01:33:62:12:63:e8:59:0e:af:
                    39:cc:8d:d7:62:94:61:00:6b:78:ca:b2:85:cc:51:
                    e0:d7:ba:b3:ba:3b:4c:e1:47:71:80:ac:bc:d2:79:
                    c4:6a:71:b3:65:92:f3:24:a5:15:e6:b5:b2:e4:7e:
                    44:79:d9:a8:c4:d4:7a:da:a7:0e:0c:a9:c3:57:d4:
                    07:bb:42:be:fb:de:84:7e:fd:a2:11:16:71:40:b4:
                    52:c2:e0:f2:9a:3a:86:38:f7:c6:f5:7b:0c:48:03:
                    b5:49:82:59:c5:16:d0:d5:2a:e9:d6:40:e0:19:ac:
                    81:b7:a4:d7:cb:6f:9c:e9:98:de:88:d6:81:24:5e:
                    7e:5c:47:44:39:c4:3f:04:44:bc:db:a2:11:ba:64:
                    7b:95:00:a7:65:6c:63:22:83:b3:ef:41:4a:91:cf:
                    cd:1b:bb:1b:be:5b:22:9f:74:e1:da:b6:58:6a:3f:
                    4c:d6:9e:13:44:3d:39:1b:11:14:fb:70:7e:95:f7:
                    0f:ba:ee:a6:05:d8:ea:07:b6:be:d0:fb:7e:0a:31:
                    01:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:A5:3F:FF:60:E2:A2:E4:8A:A5:82:D3:A2:BE:1C:A2:EA:9D:25:FB
            X509v3 Authority Key Identifier:
                keyid:C7:84:12:85:05:F7:F9:9C:75:70:44:29:80:AD:EB:8A:F9:0C:C2:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x4QShQX3-Zx1cEQpgK3rivkMwnA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/4c5c3d-21b0-4058-89fd-6c1b4471f7ee/1/JaU__2DiouSKpYLTor4couqdJfs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/4c5c3d-21b0-4058-89fd-6c1b4471f7ee/1/x4QShQX3-Zx1cEQpgK3rivkMwnA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.151.204.0/22
                  185.230.39.0/24
                  185.255.24.0/22
                IPv6:
                  2a0b:14c0:2::/48
                  2a0b:14c0:4::/48

    Signature Algorithm: sha256WithRSAEncryption
         a2:f5:fe:e6:ea:ac:ee:81:9e:87:04:7c:28:a1:fc:04:da:50:
         6b:11:45:6d:f1:46:9c:b9:50:ae:d1:d6:47:32:d5:b5:dd:80:
         4b:0d:1c:96:4f:e8:bc:a0:14:77:ff:eb:fb:e8:50:dc:3b:15:
         0e:13:e1:90:30:75:52:3e:00:d4:8f:17:a8:06:a4:ac:49:71:
         61:59:78:87:6d:80:3c:aa:8b:b5:ce:d4:50:9a:d7:92:c7:5e:
         f1:dd:d6:59:f1:b0:9b:31:4f:a6:b4:64:d4:6f:da:94:c9:25:
         c7:fa:a7:35:e5:a6:76:e8:a1:8e:1a:d3:14:3c:33:15:9d:c0:
         50:01:91:ef:ee:b3:99:dd:47:b4:20:e2:7f:9a:e2:05:40:17:
         c4:20:13:1f:d6:c8:ad:8f:25:6c:38:de:8c:90:ae:1f:74:a4:
         61:4f:80:84:63:80:7c:c7:71:d6:7a:ed:55:00:e4:db:fc:75:
         93:9d:8c:a6:14:ee:f1:56:2d:a4:d9:47:70:87:48:06:8c:24:
         50:5d:1b:1b:17:01:24:3a:fc:9e:4c:e7:50:14:22:5e:e7:48:
         cc:8f:1c:91:64:24:37:96:53:e5:93:5c:aa:c1:c4:cd:85:89:
         c2:3c:8e:58:bb:f2:22:05:06:fa:7f:30:8f:4c:39:4a:47:0d:
         e5:83:e6:27
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYVtplHw7r2EPL9n72eYqCWTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3ODQxMjg1MDVmN2Y5OWM3NTcwNDQyOTgwYWRlYjhhZjkw
Y2MyNzAwHhcNMjMwMTAxMTQwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWE1M2ZmZjYwZTJhMmU0OGFhNTgyZDNhMmJlMWNhMmVhOWQyNWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmqe2nQCUnA7Ce9xmVXsAh9QNOnlK
37ZnFUqFMfIFXC8z4WnyWbLSKF4GXQjTf5kgo5oBM2ISY+hZDq85zI3XYpRhAGt4
yrKFzFHg17qzujtM4UdxgKy80nnEanGzZZLzJKUV5rWy5H5EedmoxNR62qcODKnD
V9QHu0K++96Efv2iERZxQLRSwuDymjqGOPfG9XsMSAO1SYJZxRbQ1Srp1kDgGayB
t6TXy2+c6ZjeiNaBJF5+XEdEOcQ/BES826IRumR7lQCnZWxjIoOz70FKkc/NG7sb
vlsin3Th2rZYaj9M1p4TRD05GxEU+3B+lfcPuu6mBdjqB7a+0Pt+CjEBNQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFCWlP/9g4qLkiqWC06K+HKLqnSX7MB8GA1UdIwQY
MBaAFMeEEoUF9/mcdXBEKYCt64r5DMJwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDRRU2hRWDMtWngxY0VRcGdLM3JpdmtNd25BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC80YzVjM2QtMjFiMC00MDU4LTg5ZmQt
NmMxYjQ0NzFmN2VlLzEvSmFVX18yRGlvdVNLcFlMVG9yNGNvdXFkSmZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC80YzVjM2QtMjFiMC00MDU4LTg5ZmQtNmMxYjQ0NzFmN2Vl
LzEveDRRU2hRWDMtWngxY0VRcGdLM3JpdmtNd25BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAYBAIAATASAwQCuZfMAwQA
ueYnAwQCuf8YMBgEAgACMBIDBwAqCxTAAAIDBwAqCxTAAAQwDQYJKoZIhvcNAQEL
BQADggEBAKL1/ubqrO6BnocEfCih/ATaUGsRRW3xRpy5UK7R1kcy1bXdgEsNHJZP
6LygFHf/6/voUNw7FQ4T4ZAwdVI+ANSPF6gGpKxJcWFZeIdtgDyqi7XO1FCa15LH
XvHd1lnxsJsxT6a0ZNRv2pTJJcf6pzXlpnbooY4a0xQ8MxWdwFABke/us5ndR7Qg
4n+a4gVAF8QgEx/WyK2PJWw43oyQrh90pGFPgIRjgHzHcdZ67VUA5Nv8dZOdjKYU
7vFWLaTZR3CHSAaMJFBdGxsXASQ6/J5M51AUIl7nSMyPHJFkJDeWU+WTXKrBxM2F
icI8jli78iIFBvp/MI9MOUpHDeWD5ic=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:24 2024 by rpki-client on console-ams.rpki-client.org