Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/a1c6c0-e754-479e-851d-0d0da0d10432/1/jaUXv0bL_B52GwT5SChEBDD-rPo.roa
File:                     jaUXv0bL_B52GwT5SChEBDD-rPo.roa (raw, json)
Hash identifier:          F6LoX+9kw+ts4u5dJfcDlFZFhknxoQWjhG0vDd7kWfw=
Subject key identifier:   8D:A5:17:BF:46:CB:FC:1E:76:1B:04:F9:48:28:44:04:30:FE:AC:FA
Certificate issuer:       /CN=c1bf8f3e609072889e74dd0fb4e27f9bac47b3b0
Certificate serial:       0191DC8FFA70C4F2D50B2DBFF30DD3C78729
Authority key identifier: C1:BF:8F:3E:60:90:72:88:9E:74:DD:0F:B4:E2:7F:9B:AC:47:B3:B0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wb-PPmCQcoiedN0PtOJ_m6xHs7A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2a/a1c6c0-e754-479e-851d-0d0da0d10432/1/jaUXv0bL_B52GwT5SChEBDD-rPo.roa
Signing time:             Tue 10 Sep 2024 15:31:48 +0000
ROA not before:           Tue 10 Sep 2024 15:31:48 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     34187
IP address blocks:        78.26.128.0/18 maxlen: 18
                          78.26.128.0/19 maxlen: 19
                          78.26.128.0/24 maxlen: 24
                          78.26.129.0/24 maxlen: 24
                          78.26.130.0/24 maxlen: 24
                          78.26.140.0/22 maxlen: 22
                          78.26.151.0/24 maxlen: 24
                          78.26.160.0/19 maxlen: 19
                          78.26.161.0/24 maxlen: 24
                          78.26.180.0/23 maxlen: 23
                          78.26.192.0/18 maxlen: 18
                          78.26.192.0/19 maxlen: 19
                          78.26.192.0/20 maxlen: 20
                          78.26.224.0/19 maxlen: 19
                          185.70.108.0/22 maxlen: 22
                          185.70.108.0/23 maxlen: 23
                          185.70.110.0/23 maxlen: 23
                          195.245.118.0/23 maxlen: 23
                          195.245.118.0/24 maxlen: 24
                          195.245.119.0/24 maxlen: 24
                          2a03:1240::/48 maxlen: 48
Validation:               Failed, certificate revoked on Thu 10 Oct 2024 12:57:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:91:dc:8f:fa:70:c4:f2:d5:0b:2d:bf:f3:0d:d3:c7:87:29
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c1bf8f3e609072889e74dd0fb4e27f9bac47b3b0
        Validity
            Not Before: Sep 10 15:31:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=8da517bf46cbfc1e761b04f94828440430feacfa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:af:38:96:c5:cb:87:18:9e:ee:aa:e1:8f:b9:
                    85:b9:ee:5c:b9:b0:81:fc:08:7b:07:d1:da:ab:e9:
                    77:51:64:5b:d6:05:60:5d:1d:80:7a:58:a4:64:e5:
                    9f:66:bc:57:69:36:f1:e9:03:1b:ef:3b:d7:26:cc:
                    32:8c:3d:d8:d6:54:6b:cc:0f:e9:91:79:ee:66:37:
                    5f:c0:70:91:79:a4:81:8a:30:a1:cb:9a:da:fd:4a:
                    ea:d4:3d:a4:1b:dc:11:3c:a6:0f:41:79:34:2b:9e:
                    11:12:a2:e8:c8:70:55:1a:a2:cf:db:fc:e1:b6:b5:
                    9b:25:1b:4b:90:ba:51:fa:2e:9d:0a:e2:77:de:52:
                    5a:df:91:75:31:2d:f0:a6:0d:ee:23:98:99:76:b6:
                    92:55:f3:1b:c5:b5:69:49:7d:45:48:da:ed:5f:71:
                    7d:2f:a5:b1:a3:a1:43:56:a4:c8:ed:03:85:7c:01:
                    2a:ab:e8:e1:95:57:6b:e4:fa:96:cc:df:84:85:0f:
                    41:fa:75:4d:93:6d:31:05:d1:35:b1:fc:70:ff:48:
                    82:6b:1b:e9:56:c3:43:23:72:14:c2:df:31:30:cb:
                    2f:e5:06:b0:b3:5e:88:3f:b0:76:38:70:8d:b9:f9:
                    d4:a3:83:e6:f7:73:89:c2:95:66:1d:3c:bd:60:e8:
                    03:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:A5:17:BF:46:CB:FC:1E:76:1B:04:F9:48:28:44:04:30:FE:AC:FA
            X509v3 Authority Key Identifier:
                keyid:C1:BF:8F:3E:60:90:72:88:9E:74:DD:0F:B4:E2:7F:9B:AC:47:B3:B0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wb-PPmCQcoiedN0PtOJ_m6xHs7A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/a1c6c0-e754-479e-851d-0d0da0d10432/1/jaUXv0bL_B52GwT5SChEBDD-rPo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/a1c6c0-e754-479e-851d-0d0da0d10432/1/wb-PPmCQcoiedN0PtOJ_m6xHs7A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  78.26.128.0/17
                  185.70.108.0/22
                  195.245.118.0/23
                IPv6:
                  2a03:1240::/48

    Signature Algorithm: sha256WithRSAEncryption
         88:52:13:98:fd:e3:49:79:c1:de:a1:e2:7b:d6:d1:1f:71:df:
         e0:db:e2:5f:fe:e1:ca:fe:72:07:f7:f5:49:4c:bc:89:b6:7c:
         51:54:3e:36:20:04:4b:26:05:d5:81:30:9b:12:5b:35:01:e7:
         6c:2c:be:8a:7c:5e:17:e0:cd:b8:17:be:36:e8:6a:94:0e:ca:
         5d:ec:9c:fc:e9:df:6f:5e:39:db:c3:d7:b5:f6:3d:05:18:87:
         a5:94:18:3b:e6:25:23:a4:46:c2:0b:c8:d9:4a:9f:ff:1b:72:
         d4:a5:06:75:ac:77:46:29:19:c0:07:2a:4e:ba:98:63:81:05:
         b3:2c:29:d6:46:92:31:6d:98:e1:0c:43:f2:20:72:40:1a:03:
         b0:69:dc:d0:91:1f:09:dc:5b:4a:64:64:84:6d:af:fc:e2:c7:
         dc:76:30:5c:db:dc:a5:ed:70:df:35:07:b1:94:c3:dc:1b:b6:
         ef:2e:83:81:78:85:15:8b:e6:8b:fe:7b:8e:7b:bf:d1:71:5b:
         aa:af:25:6d:97:99:cf:2d:93:74:1d:8c:65:ea:68:6c:fb:a2:
         48:ca:a2:78:59:bc:53:58:7c:a9:1c:c5:9a:57:a7:6f:c9:61:
         0a:de:ca:16:fa:92:1c:c1:54:a9:cc:e9:11:1f:32:52:14:0f:
         6c:15:c3:da
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZHcj/pwxPLVCy2/8w3Tx4cpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxYmY4ZjNlNjA5MDcyODg5ZTc0ZGQwZmI0ZTI3ZjliYWM0
N2IzYjAwHhcNMjQwOTEwMTUzMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGE1MTdiZjQ2Y2JmYzFlNzYxYjA0Zjk0ODI4NDQwNDMwZmVhY2ZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvq84lsXLhxie7qrhj7mFue5cubCB
/Ah7B9Haq+l3UWRb1gVgXR2AelikZOWfZrxXaTbx6QMb7zvXJswyjD3Y1lRrzA/p
kXnuZjdfwHCReaSBijChy5ra/Urq1D2kG9wRPKYPQXk0K54REqLoyHBVGqLP2/zh
trWbJRtLkLpR+i6dCuJ33lJa35F1MS3wpg3uI5iZdraSVfMbxbVpSX1FSNrtX3F9
L6Wxo6FDVqTI7QOFfAEqq+jhlVdr5PqWzN+EhQ9B+nVNk20xBdE1sfxw/0iCaxvp
VsNDI3IUwt8xMMsv5Qaws16IP7B2OHCNufnUo4Pm93OJwpVmHTy9YOgDaQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFI2lF79Gy/wedhsE+UgoRAQw/qz6MB8GA1UdIwQY
MBaAFMG/jz5gkHKInnTdD7Tif5usR7OwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2ItUFBtQ1Fjb2llZE4wUHRPSl9tNnhIczdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9hMWM2YzAtZTc1NC00NzllLTg1MWQt
MGQwZGEwZDEwNDMyLzEvamFVWHYwYkxfQjUyR3dUNVNDaEVCREQtclBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9hMWM2YzAtZTc1NC00NzllLTg1MWQtMGQwZGEwZDEwNDMy
LzEvd2ItUFBtQ1Fjb2llZE4wUHRPSl9tNnhIczdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQHThqAAwQC
uUZsAwQBw/V2MA8EAgACMAkDBwAqAxJAAAAwDQYJKoZIhvcNAQELBQADggEBAIhS
E5j940l5wd6h4nvW0R9x3+Db4l/+4cr+cgf39UlMvIm2fFFUPjYgBEsmBdWBMJsS
WzUB52wsvop8XhfgzbgXvjboapQOyl3snPzp329eOdvD17X2PQUYh6WUGDvmJSOk
RsILyNlKn/8bctSlBnWsd0YpGcAHKk66mGOBBbMsKdZGkjFtmOEMQ/IgckAaA7Bp
3NCRHwncW0pkZIRtr/zix9x2MFzb3KXtcN81B7GUw9wbtu8ug4F4hRWL5ov+e457
v9FxW6qvJW2Xmc8tk3QdjGXqaGz7okjKonhZvFNYfKkcxZpXp2/JYQreyhb6khzB
VKnM6REfMlIUD2wVw9o=
-----END CERTIFICATE-----