Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/JhcmmziwnOUAiM7PMmUfXnrnlA8.roa
File:                     JhcmmziwnOUAiM7PMmUfXnrnlA8.roa (raw, json)
Hash identifier:          BZyGnA3FIBbkR6gmpb649WXqpCbeKH/KW4bFoSxGFF8=
Subject key identifier:   26:17:26:9B:38:B0:9C:E5:00:88:CE:CF:32:65:1F:5E:7A:E7:94:0F
Certificate issuer:       /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial:       018EF5196518010F7DC4147A91C706219C68
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/JhcmmziwnOUAiM7PMmUfXnrnlA8.roa
Signing time:             Fri 19 Apr 2024 06:44:25 +0000
ROA not before:           Fri 19 Apr 2024 06:44:25 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     39690
IP address blocks:        45.86.16.0/21 maxlen: 23
                          45.143.44.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Mon 24 Jun 2024 15:30:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:f5:19:65:18:01:0f:7d:c4:14:7a:91:c7:06:21:9c:68
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
        Validity
            Not Before: Apr 19 06:44:25 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=2617269b38b09ce50088cecf32651f5e7ae7940f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:a9:80:25:84:da:dc:c0:5e:35:e0:73:be:98:
                    98:14:81:d2:b4:48:64:5f:6b:7f:23:b2:7b:a5:5f:
                    ce:8e:01:fa:1a:21:b8:f0:b8:74:58:fb:f1:01:32:
                    84:07:aa:31:09:c7:8d:0f:90:82:ec:e9:8c:95:4c:
                    72:eb:04:5e:77:f0:52:16:50:31:fc:32:7a:a3:a1:
                    09:b3:b3:24:d0:be:62:e9:e4:8c:82:38:99:55:51:
                    23:b4:f7:a3:ba:23:ed:0c:d2:c2:af:4b:c1:dd:bc:
                    fc:82:d5:75:8c:b9:bb:9f:e5:81:2b:b6:fa:8a:dc:
                    c7:55:d6:86:a8:15:20:a1:60:82:71:48:61:47:8b:
                    81:06:6b:f4:1c:c2:3a:25:ea:4d:12:da:63:ca:b0:
                    e1:4e:50:46:1c:85:d5:c5:ea:07:b5:be:66:8e:a5:
                    88:42:2d:03:aa:60:f9:f5:18:2e:84:60:31:48:06:
                    fb:f4:a8:1a:82:9c:e7:be:ee:a7:e8:58:62:c6:7b:
                    23:b1:f3:52:f0:5a:b0:d3:7e:1f:75:2c:74:67:f1:
                    8d:ac:38:8f:9c:95:7b:ca:a8:b8:0f:a1:eb:1f:19:
                    23:a6:b1:43:23:07:1d:39:ea:50:b1:7b:ae:7f:00:
                    56:e3:22:56:0a:0b:5f:78:79:41:74:27:3c:b4:bb:
                    88:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:17:26:9B:38:B0:9C:E5:00:88:CE:CF:32:65:1F:5E:7A:E7:94:0F
            X509v3 Authority Key Identifier:
                keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/JhcmmziwnOUAiM7PMmUfXnrnlA8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.86.16.0/21
                  45.143.44.0/22

    Signature Algorithm: sha256WithRSAEncryption
         6a:29:d1:56:69:13:ff:b8:f1:c4:97:58:8c:db:ba:79:62:74:
         ff:3a:fc:f7:0a:c5:68:52:0d:11:dd:b7:5e:f6:b9:86:a4:5d:
         31:6e:8b:b4:16:b1:9c:3f:35:a4:ea:f0:12:bd:ba:66:17:a4:
         39:1f:9b:6a:68:eb:c0:d9:02:e8:dd:59:fb:70:5d:9d:db:e6:
         76:6b:a8:cf:eb:fd:97:cc:fb:86:2b:d9:77:22:67:b8:6c:60:
         c3:78:a1:b0:0c:19:41:ad:11:15:59:63:32:43:87:b8:74:c1:
         62:83:95:0a:44:b9:72:f9:74:1d:95:6f:b8:2a:12:28:b5:be:
         4f:42:48:6a:ee:3a:75:9f:c5:43:23:30:ab:0e:e4:37:c0:63:
         95:30:d8:22:82:5a:0c:fc:7d:43:d6:9c:2b:22:75:40:b3:46:
         e9:5d:93:89:9d:be:7c:ce:80:73:c2:eb:01:2f:d9:bf:d8:00:
         9f:48:d2:0d:5d:c5:04:a4:79:4a:ac:43:bc:78:d8:71:fa:c3:
         46:ee:b0:56:56:12:88:62:8c:8f:c8:80:93:83:26:d0:7b:c5:
         5f:4c:0e:58:46:ab:1d:97:9f:fe:41:7d:9e:c2:2a:1b:5a:a5:
         81:aa:b2:79:2e:9c:d9:06:8a:76:25:f5:c6:36:77:f1:da:e0:
         0e:f1:c5:09
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY71GWUYAQ99xBR6kccGIZxoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjQwNDE5MDY0NDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjE3MjY5YjM4YjA5Y2U1MDA4OGNlY2YzMjY1MWY1ZTdhZTc5NDBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjKmAJYTa3MBeNeBzvpiYFIHStEhk
X2t/I7J7pV/OjgH6GiG48Lh0WPvxATKEB6oxCceND5CC7OmMlUxy6wRed/BSFlAx
/DJ6o6EJs7Mk0L5i6eSMgjiZVVEjtPejuiPtDNLCr0vB3bz8gtV1jLm7n+WBK7b6
itzHVdaGqBUgoWCCcUhhR4uBBmv0HMI6JepNEtpjyrDhTlBGHIXVxeoHtb5mjqWI
Qi0DqmD59RguhGAxSAb79Kgagpznvu6n6FhixnsjsfNS8Fqw034fdSx0Z/GNrDiP
nJV7yqi4D6HrHxkjprFDIwcdOepQsXuufwBW4yJWCgtfeHlBdCc8tLuI9wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCYXJps4sJzlAIjOzzJlH15655QPMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvSmhjbW16aXduT1VBaU03UE1tVWZYbnJubEE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDLVYQAwQC
LY8sMA0GCSqGSIb3DQEBCwUAA4IBAQBqKdFWaRP/uPHEl1iM27p5YnT/Ovz3CsVo
Ug0R3bde9rmGpF0xbou0FrGcPzWk6vASvbpmF6Q5H5tqaOvA2QLo3Vn7cF2d2+Z2
a6jP6/2XzPuGK9l3Ime4bGDDeKGwDBlBrREVWWMyQ4e4dMFig5UKRLly+XQdlW+4
KhIotb5PQkhq7jp1n8VDIzCrDuQ3wGOVMNgigloM/H1D1pwrInVAs0bpXZOJnb58
zoBzwusBL9m/2ACfSNINXcUEpHlKrEO8eNhx+sNG7rBWVhKIYoyPyICTgybQe8Vf
TA5YRqsdl5/+QX2ewiobWqWBqrJ5LpzZBop2JfXGNnfx2uAO8cUJ
-----END CERTIFICATE-----
Generated at Mon Jun 24 20:20:29 2024 by rpki-client on console-ams.rpki-client.org