Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/DJ3JjPJ6hsltvP67tej1LAtpFkc.roa
File:                     DJ3JjPJ6hsltvP67tej1LAtpFkc.roa (raw, json)
Hash identifier:          LlhFNKEg8cXYApazGYl2QfwZ6OC5pZYSvRxX142aknk=
Subject key identifier:   0C:9D:C9:8C:F2:7A:86:C9:6D:BC:FE:BB:B5:E8:F5:2C:0B:69:16:47
Certificate issuer:       /CN=cd108c225f2478cd4230179890d07284be1636cd
Certificate serial:       018CA6FBA3BBB863085571FC49A48986F6AC
Authority key identifier: CD:10:8C:22:5F:24:78:CD:42:30:17:98:90:D0:72:84:BE:16:36:CD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zRCMIl8keM1CMBeYkNByhL4WNs0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/DJ3JjPJ6hsltvP67tej1LAtpFkc.roa
Signing time:             Tue 26 Dec 2023 16:35:58 +0000
ROA not before:           Tue 26 Dec 2023 16:35:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     136038
IP address blocks:        2.59.155.0/24 maxlen: 24
                          45.142.152.0/24 maxlen: 24
                          193.239.150.0/24 maxlen: 24
                          194.126.202.0/24 maxlen: 24
                          45.91.226.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 27 Dec 2023 06:35:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:a6:fb:a3:bb:b8:63:08:55:71:fc:49:a4:89:86:f6:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cd108c225f2478cd4230179890d07284be1636cd
        Validity
            Not Before: Dec 26 16:35:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0c9dc98cf27a86c96dbcfebbb5e8f52c0b691647
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:53:eb:73:06:30:ab:9b:61:83:87:a2:9a:d5:
                    b2:10:9c:33:bb:6a:ae:ea:77:fc:d0:39:ce:aa:ae:
                    93:da:1f:ae:93:bf:f4:ca:b6:f8:27:76:2d:b5:12:
                    21:c3:99:1b:f3:91:1d:e0:94:cc:a5:c3:9b:4d:6a:
                    a8:1f:5e:d4:84:89:eb:81:f6:e6:30:29:77:2b:27:
                    4f:b6:33:ec:bd:05:90:52:a7:48:8b:df:90:dd:59:
                    e9:a0:a0:db:6a:ef:25:98:09:ee:c5:15:ee:25:7f:
                    ad:29:82:d4:5a:7e:fd:dc:9c:c9:c4:66:d3:93:ea:
                    0c:0a:d7:07:ad:ce:8d:35:2c:cb:35:a8:00:48:32:
                    7f:8c:d8:3b:d1:24:58:a4:cf:48:fc:bc:15:79:33:
                    83:f0:29:a8:e2:1a:29:38:c1:96:a1:3b:4e:12:06:
                    02:25:d1:8d:79:9a:ff:32:92:b5:9b:06:9f:f6:11:
                    bf:18:f8:76:17:a1:03:d9:2e:a0:29:fc:59:e3:f0:
                    e0:8c:9d:54:0b:f9:a0:66:50:65:0d:97:da:9e:6a:
                    cd:d7:04:6c:a9:34:78:ca:17:c2:e5:0b:76:1c:9b:
                    1f:c5:2c:b3:51:d9:4f:75:25:23:e5:93:33:c9:ae:
                    2c:74:f8:3d:35:d4:22:65:1f:ed:ae:e6:04:6a:fb:
                    8a:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:9D:C9:8C:F2:7A:86:C9:6D:BC:FE:BB:B5:E8:F5:2C:0B:69:16:47
            X509v3 Authority Key Identifier:
                keyid:CD:10:8C:22:5F:24:78:CD:42:30:17:98:90:D0:72:84:BE:16:36:CD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zRCMIl8keM1CMBeYkNByhL4WNs0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/DJ3JjPJ6hsltvP67tej1LAtpFkc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/zRCMIl8keM1CMBeYkNByhL4WNs0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.59.155.0/24
                  45.91.226.0/24
                  45.142.152.0/24
                  193.239.150.0/24
                  194.126.202.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4b:fa:36:16:cd:c2:75:ac:fa:ce:67:d1:ba:21:c8:0c:99:76:
         e2:c1:8d:8f:b0:2c:df:0f:a5:7c:8a:27:e9:57:63:58:46:83:
         3b:82:6d:3f:81:7f:bd:97:db:a5:68:99:3b:0d:01:38:55:35:
         a7:73:e1:f2:37:77:35:42:a8:52:55:e7:c8:e2:2a:48:df:54:
         52:ae:d0:d9:d6:91:4f:94:d7:a4:7b:66:92:10:52:c8:1f:57:
         d8:29:92:63:3d:6b:a4:3f:f9:74:86:a5:51:d5:58:32:39:97:
         e3:59:33:b8:d3:b6:c8:47:32:72:b6:fd:61:10:c4:e6:23:fd:
         12:a8:ad:cb:bc:77:e7:9b:4e:3f:a3:c8:8e:10:c4:8e:a4:74:
         ed:64:21:40:43:7f:b5:e3:48:11:5b:18:8e:ae:4c:e7:26:26:
         36:43:e7:46:b7:31:9f:ad:73:6b:77:35:db:4d:40:62:09:32:
         c7:44:d5:5f:b8:2a:93:87:44:39:73:4c:e8:d0:c1:7e:a9:d4:
         3c:34:25:33:9b:e0:9a:70:fe:98:21:7f:4e:a6:b5:5a:ef:29:
         29:ec:fa:2e:d5:d7:2f:c6:ec:88:a0:2c:c5:0a:fd:27:c4:7c:
         96:79:58:4b:22:dc:b5:c8:29:47:cf:1c:63:95:33:40:d3:16:
         a1:1d:b0:3b
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYym+6O7uGMIVXH8SaSJhvasMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkMTA4YzIyNWYyNDc4Y2Q0MjMwMTc5ODkwZDA3Mjg0YmUx
NjM2Y2QwHhcNMjMxMjI2MTYzNTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzlkYzk4Y2YyN2E4NmM5NmRiY2ZlYmJiNWU4ZjUyYzBiNjkxNjQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv1PrcwYwq5thg4eimtWyEJwzu2qu
6nf80DnOqq6T2h+uk7/0yrb4J3YttRIhw5kb85Ed4JTMpcObTWqoH17UhInrgfbm
MCl3KydPtjPsvQWQUqdIi9+Q3VnpoKDbau8lmAnuxRXuJX+tKYLUWn793JzJxGbT
k+oMCtcHrc6NNSzLNagASDJ/jNg70SRYpM9I/LwVeTOD8Cmo4hopOMGWoTtOEgYC
JdGNeZr/MpK1mwaf9hG/GPh2F6ED2S6gKfxZ4/DgjJ1UC/mgZlBlDZfanmrN1wRs
qTR4yhfC5Qt2HJsfxSyzUdlPdSUj5ZMzya4sdPg9NdQiZR/truYEavuKUQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFAydyYzyeobJbbz+u7Xo9SwLaRZHMB8GA1UdIwQY
MBaAFM0QjCJfJHjNQjAXmJDQcoS+FjbNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelJDTUlsOGtlTTFDTUJlWWtOQnloTDRXTnMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8zNDhjZTUtY2EyMC00ODQ4LTg4NDQt
YWU1MDI3MzY4MWE3LzEvREozSmpQSjZoc2x0dlA2N3RlajFMQXRwRmtjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8zNDhjZTUtY2EyMC00ODQ4LTg4NDQtYWU1MDI3MzY4MWE3
LzEvelJDTUlsOGtlTTFDTUJlWWtOQnloTDRXTnMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAAjubAwQA
LVviAwQALY6YAwQAwe+WAwQAwn7KMA0GCSqGSIb3DQEBCwUAA4IBAQBL+jYWzcJ1
rPrOZ9G6IcgMmXbiwY2PsCzfD6V8iifpV2NYRoM7gm0/gX+9l9ulaJk7DQE4VTWn
c+HyN3c1QqhSVefI4ipI31RSrtDZ1pFPlNeke2aSEFLIH1fYKZJjPWukP/l0hqVR
1VgyOZfjWTO407bIRzJytv1hEMTmI/0SqK3LvHfnm04/o8iOEMSOpHTtZCFAQ3+1
40gRWxiOrkznJiY2Q+dGtzGfrXNrdzXbTUBiCTLHRNVfuCqTh0Q5c0zo0MF+qdQ8
NCUzm+CacP6YIX9OprVa7ykp7Pou1dcvxuyIoCzFCv0nxHyWeVhLIty1yClHzxxj
lTNA0xahHbA7
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:02 2024 by rpki-client on console-ams.rpki-client.org