Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/a34c1e-1881-4d6c-aad6-5070258dbf2f/1/4JmAXUFd9tHGAUjNrFxPmVvVkl0.roa
File:                     4JmAXUFd9tHGAUjNrFxPmVvVkl0.roa (raw, json)
Hash identifier:          xmQVT1EyIGyv5dQoLH9zm9caCorfIQr9hOaY4YPGpJA=
Subject key identifier:   E0:99:80:5D:41:5D:F6:D1:C6:01:48:CD:AC:5C:4F:99:5B:D5:92:5D
Certificate issuer:       /CN=27189ab53f32eff65726fd49d08d42ff812c6db3
Certificate serial:       0191EB9705F8EF7BFC6CB03F3043D08115C8
Authority key identifier: 27:18:9A:B5:3F:32:EF:F6:57:26:FD:49:D0:8D:42:FF:81:2C:6D:B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JxiatT8y7_ZXJv1J0I1C_4EsbbM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/32/a34c1e-1881-4d6c-aad6-5070258dbf2f/1/4JmAXUFd9tHGAUjNrFxPmVvVkl0.roa
Signing time:             Fri 13 Sep 2024 13:33:48 +0000
ROA not before:           Fri 13 Sep 2024 13:33:48 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     209173
IP address blocks:        2.56.36.0/23 maxlen: 23
                          2.56.38.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Sat 14 Sep 2024 11:59:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:91:eb:97:05:f8:ef:7b:fc:6c:b0:3f:30:43:d0:81:15:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=27189ab53f32eff65726fd49d08d42ff812c6db3
        Validity
            Not Before: Sep 13 13:33:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=e099805d415df6d1c60148cdac5c4f995bd5925d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:05:46:31:16:d2:3f:ae:35:58:26:75:0a:7d:
                    0c:53:28:20:f2:83:24:2f:f6:da:05:88:d1:c4:51:
                    07:30:6a:3f:e6:ac:bb:81:58:14:ab:e2:d4:0d:7b:
                    88:9b:20:c6:de:e3:e9:19:e6:4c:1c:35:22:f8:e5:
                    ee:be:c7:13:ce:63:43:1b:19:5f:34:74:7d:3c:be:
                    89:b8:a9:ba:7b:7a:da:aa:42:8c:e5:53:d6:a4:25:
                    92:48:c1:b3:aa:ca:e7:be:c5:ca:6e:0b:38:ac:49:
                    ca:af:ca:06:65:a1:ea:71:85:0b:48:57:95:80:2a:
                    0d:bf:34:52:00:19:21:39:53:60:37:1c:20:19:f4:
                    d1:a0:ce:1c:2e:bb:bf:ec:c4:cd:22:ab:bf:72:63:
                    05:74:cd:56:94:48:bf:09:38:4c:0a:08:c0:72:e8:
                    cb:bd:70:db:a4:ad:0e:f2:a3:22:fc:b5:c9:48:09:
                    33:50:45:05:ae:39:83:16:2c:b1:00:22:c5:d1:ec:
                    b8:9b:69:f0:40:a8:fc:1c:93:cb:e2:98:f1:24:cf:
                    50:16:f9:33:95:d9:26:bb:8c:11:51:a0:08:25:04:
                    0c:5b:e0:da:6a:40:bb:44:b1:99:1e:00:e9:d4:7d:
                    e3:b2:7b:84:6d:fa:b2:a8:f5:55:3d:b2:50:5b:15:
                    20:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:99:80:5D:41:5D:F6:D1:C6:01:48:CD:AC:5C:4F:99:5B:D5:92:5D
            X509v3 Authority Key Identifier:
                keyid:27:18:9A:B5:3F:32:EF:F6:57:26:FD:49:D0:8D:42:FF:81:2C:6D:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JxiatT8y7_ZXJv1J0I1C_4EsbbM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/a34c1e-1881-4d6c-aad6-5070258dbf2f/1/4JmAXUFd9tHGAUjNrFxPmVvVkl0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/32/a34c1e-1881-4d6c-aad6-5070258dbf2f/1/JxiatT8y7_ZXJv1J0I1C_4EsbbM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.56.36.0/22

    Signature Algorithm: sha256WithRSAEncryption
         31:0a:12:bd:c6:93:51:cb:c1:02:3e:3a:41:03:53:5d:37:3a:
         ad:e5:b6:36:a9:0c:cd:f3:e1:ac:69:90:52:62:e8:eb:9c:8c:
         0f:75:65:74:8a:9a:da:21:e4:da:65:30:3b:6a:cd:2e:0b:d3:
         e4:92:a9:ae:d5:62:e2:4b:d8:87:c0:c0:0e:51:21:1d:f8:c5:
         bb:7a:05:e7:d5:7a:68:9e:e7:6a:21:26:d9:31:3e:44:9c:04:
         b5:26:2d:6c:51:5b:50:1b:4f:04:d5:5b:d4:0e:77:e5:7f:84:
         6f:44:c0:d5:2c:7d:30:01:1f:2d:6f:60:45:c9:5b:f1:49:d6:
         74:46:dc:54:77:72:a9:13:b6:48:a9:b3:df:4f:69:ec:ad:df:
         ca:4d:74:bd:28:51:85:bb:54:63:4b:4f:90:49:c4:10:c5:4d:
         22:01:a6:e5:74:d2:f0:92:b6:6a:19:99:cf:f1:5c:6f:fb:85:
         b0:74:59:3b:cc:d5:0e:d4:3e:5e:10:2e:0b:d4:5f:7f:4a:5d:
         4d:eb:91:a5:8d:93:4d:e2:97:0c:e4:55:bc:f2:2a:1a:9a:46:
         c2:e6:e9:9d:9a:08:82:6e:2c:5a:c0:8f:57:1a:e2:ea:1d:30:
         9e:d5:a7:74:47:12:4b:0d:dc:6b:a9:58:f5:51:5c:38:f2:75:
         38:cb:fb:e4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZHrlwX473v8bLA/MEPQgRXIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3MTg5YWI1M2YzMmVmZjY1NzI2ZmQ0OWQwOGQ0MmZmODEy
YzZkYjMwHhcNMjQwOTEzMTMzMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDk5ODA1ZDQxNWRmNmQxYzYwMTQ4Y2RhYzVjNGY5OTViZDU5MjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxQVGMRbSP641WCZ1Cn0MUygg8oMk
L/baBYjRxFEHMGo/5qy7gVgUq+LUDXuImyDG3uPpGeZMHDUi+OXuvscTzmNDGxlf
NHR9PL6JuKm6e3raqkKM5VPWpCWSSMGzqsrnvsXKbgs4rEnKr8oGZaHqcYULSFeV
gCoNvzRSABkhOVNgNxwgGfTRoM4cLru/7MTNIqu/cmMFdM1WlEi/CThMCgjAcujL
vXDbpK0O8qMi/LXJSAkzUEUFrjmDFiyxACLF0ey4m2nwQKj8HJPL4pjxJM9QFvkz
ldkmu4wRUaAIJQQMW+DaakC7RLGZHgDp1H3jsnuEbfqyqPVVPbJQWxUgKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOCZgF1BXfbRxgFIzaxcT5lb1ZJdMB8GA1UdIwQY
MBaAFCcYmrU/Mu/2Vyb9SdCNQv+BLG2zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSnhpYXRUOHk3X1pYSnYxSjBJMUNfNEVzYmJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi9hMzRjMWUtMTg4MS00ZDZjLWFhZDYt
NTA3MDI1OGRiZjJmLzEvNEptQVhVRmQ5dEhHQVVqTnJGeFBtVnZWa2wwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi9hMzRjMWUtMTg4MS00ZDZjLWFhZDYtNTA3MDI1OGRiZjJm
LzEvSnhpYXRUOHk3X1pYSnYxSjBJMUNfNEVzYmJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCAjgkMA0G
CSqGSIb3DQEBCwUAA4IBAQAxChK9xpNRy8ECPjpBA1NdNzqt5bY2qQzN8+GsaZBS
YujrnIwPdWV0ipraIeTaZTA7as0uC9Pkkqmu1WLiS9iHwMAOUSEd+MW7egXn1Xpo
nudqISbZMT5EnAS1Ji1sUVtQG08E1VvUDnflf4RvRMDVLH0wAR8tb2BFyVvxSdZ0
RtxUd3KpE7ZIqbPfT2nsrd/KTXS9KFGFu1RjS0+QScQQxU0iAabldNLwkrZqGZnP
8Vxv+4WwdFk7zNUO1D5eEC4L1F9/Sl1N65GljZNN4pcM5FW88ioamkbC5umdmgiC
bixawI9XGuLqHTCe1ad0RxJLDdxrqVj1UVw48nU4y/vk
-----END CERTIFICATE-----
Generated at Sat Sep 14 13:22:19 2024 by rpki-client on console-fra.rpki-client.org