Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/JVaUPj2kAQKXmD9UNLwuG5P38zo.roa
File:                     JVaUPj2kAQKXmD9UNLwuG5P38zo.roa (raw, json)
Hash identifier:          kBl2owt3QJUkDZPd8lBDKagAv8sQATC7wsbIbYsG3/c=
Subject key identifier:   25:56:94:3E:3D:A4:01:02:97:98:3F:54:34:BC:2E:1B:93:F7:F3:3A
Certificate issuer:       /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial:       018F291BDC965A693FDBA7DF51D8360E5139
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/JVaUPj2kAQKXmD9UNLwuG5P38zo.roa
Signing time:             Mon 29 Apr 2024 09:07:22 +0000
ROA not before:           Mon 29 Apr 2024 09:07:22 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     7018
IP address blocks:        79.175.95.0/24 maxlen: 24
                          79.175.96.0/24 maxlen: 24
                          109.121.0.0/19 maxlen: 24
                          109.121.33.0/24 maxlen: 24
                          109.121.36.0/24 maxlen: 24
                          109.121.37.0/24 maxlen: 24
                          109.121.38.0/24 maxlen: 24
                          109.121.39.0/24 maxlen: 24
                          109.121.40.0/24 maxlen: 24
                          109.121.41.0/24 maxlen: 24
                          109.121.42.0/24 maxlen: 24
                          109.121.43.0/24 maxlen: 24
                          109.121.45.0/24 maxlen: 24
                          109.121.47.0/24 maxlen: 24
                          109.233.184.0/24 maxlen: 24
                          109.233.185.0/24 maxlen: 24
                          178.253.237.0/24 maxlen: 24
                          188.255.212.0/24 maxlen: 24
                          212.69.11.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 22 May 2024 18:14:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:29:1b:dc:96:5a:69:3f:db:a7:df:51:d8:36:0e:51:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
        Validity
            Not Before: Apr 29 09:07:22 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=2556943e3da4010297983f5434bc2e1b93f7f33a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:c5:d4:82:a6:ee:e1:0d:1c:43:51:8f:ea:65:
                    88:f2:08:f9:8d:74:28:bc:91:ea:38:28:fa:f1:45:
                    b1:4e:0b:2c:a0:51:3f:23:93:4b:83:4f:a0:39:43:
                    2e:10:ee:26:51:7c:c3:c3:14:6e:f5:76:3b:8e:1c:
                    a0:a0:f4:2b:22:e7:e7:07:54:d9:19:65:42:89:76:
                    92:38:52:59:c6:60:77:b1:5d:41:30:08:a5:b6:60:
                    17:b8:a2:02:96:89:47:f4:0e:f3:d9:b9:ba:d1:13:
                    39:0b:ff:03:9c:29:73:a6:a6:de:b0:38:0c:4b:48:
                    15:56:0d:e2:47:6c:48:57:f3:64:16:a7:3b:4f:bd:
                    51:97:c3:78:04:7b:16:92:eb:25:70:dd:75:a5:75:
                    f8:09:54:cd:cb:ee:27:9f:ce:5b:c3:de:3e:7c:d9:
                    0d:d9:49:56:ba:d7:0c:d8:22:0d:b9:ff:6d:f0:5d:
                    43:ff:b8:70:1b:24:12:40:4d:04:06:c9:9c:6f:f8:
                    6e:db:7f:c9:4d:bd:a7:ac:8d:b4:ed:20:59:e0:e3:
                    d0:64:b1:72:37:cc:b4:3a:bc:52:37:68:77:36:ad:
                    82:71:be:60:fd:0e:cb:72:10:03:37:38:33:44:b7:
                    b9:2a:d4:0d:96:68:ff:6a:64:27:98:79:a5:5d:e8:
                    f9:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:56:94:3E:3D:A4:01:02:97:98:3F:54:34:BC:2E:1B:93:F7:F3:3A
            X509v3 Authority Key Identifier:
                keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/JVaUPj2kAQKXmD9UNLwuG5P38zo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  79.175.95.0-79.175.96.255
                  109.121.0.0/19
                  109.121.33.0/24
                  109.121.36.0-109.121.43.255
                  109.121.45.0/24
                  109.121.47.0/24
                  109.233.184.0/23
                  178.253.237.0/24
                  188.255.212.0/24
                  212.69.11.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2b:14:b4:fc:b3:f4:42:d0:41:0a:6f:4a:fc:16:cb:b6:84:af:
         84:a9:c7:fd:09:a3:d7:91:00:f8:bd:66:a5:90:ba:da:96:16:
         18:c1:21:c6:c5:1a:93:ed:a2:dd:87:3c:e4:fe:59:8c:cd:b9:
         ab:40:50:be:d3:41:a5:f8:6e:69:2f:8c:68:c8:4b:54:00:90:
         83:fc:b9:a7:4e:db:0c:90:75:15:68:e9:3a:db:e8:6b:8a:74:
         16:e2:07:5a:36:10:9d:69:7e:12:6f:c8:f0:16:df:da:8d:84:
         4f:f9:53:3f:f7:cd:98:72:f9:64:f1:00:7a:cc:55:8d:ab:72:
         39:3d:7d:5e:eb:6a:a1:63:c6:79:9f:51:b0:f7:d3:ba:8b:93:
         28:98:ff:94:ec:7e:c7:3f:c1:8b:c6:25:3f:28:88:3c:92:43:
         16:df:07:2e:04:4b:66:c7:52:f7:5f:9e:9f:f8:b1:50:8e:97:
         09:a1:c2:9f:2c:b8:d2:73:30:ed:38:95:a9:f1:aa:71:5f:8c:
         af:d4:9c:ae:24:c2:f4:d1:8f:58:45:5b:c1:96:78:95:2a:6e:
         5f:58:20:f0:f2:c0:9f:ab:8f:9d:bb:fb:d1:c1:02:16:30:92:
         7d:c9:b3:ba:3c:e7:f9:d0:3c:67:66:54:8d:88:5b:de:7b:e2:
         8f:59:14:e9
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAY8pG9yWWmk/26ffUdg2DlE5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjQwNDI5MDkwNzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTU2OTQzZTNkYTQwMTAyOTc5ODNmNTQzNGJjMmUxYjkzZjdmMzNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0sXUgqbu4Q0cQ1GP6mWI8gj5jXQo
vJHqOCj68UWxTgssoFE/I5NLg0+gOUMuEO4mUXzDwxRu9XY7jhygoPQrIufnB1TZ
GWVCiXaSOFJZxmB3sV1BMAiltmAXuKIClolH9A7z2bm60RM5C/8DnClzpqbesDgM
S0gVVg3iR2xIV/NkFqc7T71Rl8N4BHsWkuslcN11pXX4CVTNy+4nn85bw94+fNkN
2UlWutcM2CINuf9t8F1D/7hwGyQSQE0EBsmcb/hu23/JTb2nrI207SBZ4OPQZLFy
N8y0OrxSN2h3Nq2Ccb5g/Q7LchADNzgzRLe5KtQNlmj/amQnmHmlXej5oQIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFCVWlD49pAECl5g/VDS8LhuT9/M6MB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvSlZhVVBqMmtBUUtYbUQ5VU5Md3VHNVAzOHpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAATBMMAwDBABPr18D
BABPr2ADBAVteQADBABteSEwDAMEAm15JAMEAm15KAMEAG15LQMEAG15LwMEAW3p
uAMEALL97QMEALz/1AMEANRFCzANBgkqhkiG9w0BAQsFAAOCAQEAKxS0/LP0QtBB
Cm9K/BbLtoSvhKnH/Qmj15EA+L1mpZC62pYWGMEhxsUak+2i3Yc85P5ZjM25q0BQ
vtNBpfhuaS+MaMhLVACQg/y5p07bDJB1FWjpOtvoa4p0FuIHWjYQnWl+Em/I8Bbf
2o2ET/lTP/fNmHL5ZPEAesxVjatyOT19XutqoWPGeZ9RsPfTuouTKJj/lOx+xz/B
i8YlPyiIPJJDFt8HLgRLZsdS91+en/ixUI6XCaHCnyy40nMw7TiVqfGqcV+Mr9Sc
riTC9NGPWEVbwZZ4lSpuX1gg8PLAn6uPnbv70cECFjCSfcmzujzn+dA8Z2ZUjYhb
3nvij1kU6Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:04 2024 by rpki-client on console-ams.rpki-client.org