Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/ad4e57-d901-4485-98d2-9196ce446527/1/9JKZBH1gxG_C9isBlPMeie9TGMA.roa
File:                     9JKZBH1gxG_C9isBlPMeie9TGMA.roa (raw, json)
Hash identifier:          +R8y3KRFcgSi6jaJ6kS1la+Ao6w593PtWdFUdByAY2U=
Subject key identifier:   F4:92:99:04:7D:60:C4:6F:C2:F6:2B:01:94:F3:1E:89:EF:53:18:C0
Certificate issuer:       /CN=ef3e71b96992da3d91c88dd74ef41f9b95b9485b
Certificate serial:       0187C23F4F611E28A18DF1697895DF3DD795
Authority key identifier: EF:3E:71:B9:69:92:DA:3D:91:C8:8D:D7:4E:F4:1F:9B:95:B9:48:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7z5xuWmS2j2RyI3XTvQfm5W5SFs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/ad4e57-d901-4485-98d2-9196ce446527/1/9JKZBH1gxG_C9isBlPMeie9TGMA.roa
Signing time:             Thu 27 Apr 2023 10:25:41 +0000
ROA not before:           Thu 27 Apr 2023 10:25:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     12541
IP address blocks:        213.9.128.0/17 maxlen: 17
                          213.9.144.0/24 maxlen: 24
                          213.9.142.0/23 maxlen: 23
                          213.9.162.0/23 maxlen: 23
                          212.49.189.0/24 maxlen: 24
                          213.9.240.0/23 maxlen: 23
                          213.9.246.0/24 maxlen: 24
                          213.9.245.0/24 maxlen: 24
                          213.9.244.0/24 maxlen: 24
                          213.9.247.0/24 maxlen: 24
                          213.9.248.0/24 maxlen: 24
                          213.9.182.0/24 maxlen: 24
                          213.9.186.0/24 maxlen: 24
                          213.9.185.0/24 maxlen: 24
                          213.9.190.0/23 maxlen: 23
                          213.9.217.0/24 maxlen: 24
                          212.163.185.0/24 maxlen: 24
                          212.163.193.0/24 maxlen: 24
                          212.163.92.0/24 maxlen: 24
                          212.163.94.0/24 maxlen: 24
                          212.163.130.0/24 maxlen: 24
                          212.49.129.0/24 maxlen: 24
                          212.49.128.0/18 maxlen: 18
                          212.163.216.0/22 maxlen: 22
                          212.163.220.0/22 maxlen: 22
                          212.163.225.0/24 maxlen: 24
                          212.163.226.0/24 maxlen: 24
                          212.163.227.0/24 maxlen: 24
                          212.163.235.0/24 maxlen: 24
                          185.66.60.0/22 maxlen: 22
                          185.66.60.0/24 maxlen: 24
                          185.66.62.0/24 maxlen: 24
                          185.66.61.0/24 maxlen: 24
                          212.163.240.0/20 maxlen: 20
                          84.18.0.0/19 maxlen: 19
                          213.192.216.0/21 maxlen: 21
                          213.192.224.0/22 maxlen: 22
                          213.192.228.0/23 maxlen: 23
                          213.192.232.0/22 maxlen: 22
                          213.192.235.0/24 maxlen: 24
                          213.192.239.0/24 maxlen: 24
                          213.192.238.0/24 maxlen: 24
                          213.192.240.0/24 maxlen: 24
                          213.192.241.0/24 maxlen: 24
                          213.192.242.0/23 maxlen: 23
                          213.192.246.0/24 maxlen: 24
                          213.192.244.0/23 maxlen: 23
                          213.192.252.0/23 maxlen: 23
                          213.192.253.0/24 maxlen: 24
                          213.192.251.0/24 maxlen: 24
                          213.192.248.0/21 maxlen: 21
                          213.192.249.0/24 maxlen: 24
                          213.192.247.0/24 maxlen: 24
                          213.192.255.0/24 maxlen: 24
                          213.192.254.0/24 maxlen: 24
                          212.163.48.0/24 maxlen: 24
                          212.163.91.0/24 maxlen: 24
                          212.163.1.0/24 maxlen: 24
                          212.163.5.0/24 maxlen: 24
                          212.163.0.0/16 maxlen: 16
                          212.163.31.0/24 maxlen: 24
                          92.60.160.0/20 maxlen: 20
                          92.60.170.0/24 maxlen: 24
                          92.60.174.0/24 maxlen: 24
                          92.60.173.0/24 maxlen: 24
                          213.192.193.0/24 maxlen: 24
                          213.192.192.0/18 maxlen: 18
                          213.192.200.0/22 maxlen: 22
                          213.192.203.0/24 maxlen: 24
                          213.192.206.0/23 maxlen: 23
                          213.192.212.0/22 maxlen: 22
                          213.192.213.0/24 maxlen: 24
                          2001:ac0:30fd::/48 maxlen: 48
                          2001:ac0::/32 maxlen: 32
                          2001:ac0:c0c0::/44 maxlen: 44
                          2001:ac0:c040::/44 maxlen: 44
                          2001:ac0:c880::/44 maxlen: 44

Validation:               Failed, certificate revoked on Thu 27 Apr 2023 15:03:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:c2:3f:4f:61:1e:28:a1:8d:f1:69:78:95:df:3d:d7:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ef3e71b96992da3d91c88dd74ef41f9b95b9485b
        Validity
            Not Before: Apr 27 10:25:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f49299047d60c46fc2f62b0194f31e89ef5318c0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:54:92:c1:3f:53:04:a3:95:8e:66:7c:a9:a5:
                    70:76:97:53:aa:d6:73:29:06:59:cb:54:98:a1:b1:
                    b0:5c:cb:1a:13:d3:f4:dc:0b:e8:bc:ed:50:f3:83:
                    e4:98:68:94:00:e4:86:2a:ce:ed:47:3b:b3:14:84:
                    cc:73:1b:56:92:a3:a1:d8:fd:d1:f2:dd:d2:d9:c0:
                    9a:3c:b8:66:8a:3f:0b:73:ae:39:55:d2:56:81:49:
                    b5:af:b5:e8:5e:40:92:9d:a0:e4:2d:91:7d:6a:a7:
                    ee:85:fb:b1:9c:3d:4e:2e:b5:e2:d3:4e:87:1a:1b:
                    c8:18:a5:58:8a:15:e6:fa:40:3a:03:83:0e:83:40:
                    d7:29:72:b0:61:ee:2e:7f:3e:72:c6:61:af:ba:4b:
                    c9:e3:d1:4e:cd:54:6b:ec:38:29:86:ab:38:03:32:
                    df:fd:b2:68:d1:f3:e8:18:43:74:f2:d9:72:2d:73:
                    02:68:9d:62:5b:30:f4:c3:68:d4:f1:f1:d6:b7:b1:
                    9f:37:8a:11:db:fb:a5:2e:18:e3:45:b2:90:d2:e9:
                    5e:88:96:34:bd:c0:d1:c1:cb:81:df:03:72:04:9a:
                    10:0b:3f:bd:d0:c9:09:80:44:ab:ed:c1:0e:18:fe:
                    12:47:79:90:2e:de:bb:39:66:dd:6e:c5:d5:50:56:
                    a8:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:92:99:04:7D:60:C4:6F:C2:F6:2B:01:94:F3:1E:89:EF:53:18:C0
            X509v3 Authority Key Identifier:
                keyid:EF:3E:71:B9:69:92:DA:3D:91:C8:8D:D7:4E:F4:1F:9B:95:B9:48:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7z5xuWmS2j2RyI3XTvQfm5W5SFs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/ad4e57-d901-4485-98d2-9196ce446527/1/9JKZBH1gxG_C9isBlPMeie9TGMA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/ad4e57-d901-4485-98d2-9196ce446527/1/7z5xuWmS2j2RyI3XTvQfm5W5SFs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.18.0.0/19
                  92.60.160.0/20
                  185.66.60.0/22
                  212.49.128.0/18
                  212.163.0.0/16
                  213.9.128.0/17
                  213.192.192.0/18
                IPv6:
                  2001:ac0::/32

    Signature Algorithm: sha256WithRSAEncryption
         b6:54:05:bc:4e:49:09:3e:e6:b1:df:7d:40:2d:38:7f:57:98:
         eb:cb:d5:8c:57:ef:5c:49:53:26:5f:84:e4:56:8b:6e:a7:a9:
         ab:66:8e:63:02:47:45:d9:f5:ca:ee:e2:7c:55:22:43:1e:58:
         76:73:bb:6c:76:f1:ef:23:e5:e9:df:c2:e0:05:24:a8:ee:7c:
         60:ee:76:2c:18:a9:0c:06:ce:ba:2e:9c:82:14:a9:d5:62:b8:
         56:80:6b:59:0f:8c:62:6b:55:77:61:57:e2:24:e7:5f:3f:b5:
         cd:60:55:a1:82:7a:c0:8f:7b:72:8d:de:fd:14:59:d2:94:81:
         ad:30:20:51:58:b5:39:68:01:b2:cf:31:a3:a7:68:74:3d:eb:
         d9:47:45:b2:b7:4e:8b:9f:31:e0:02:ae:7b:a4:2f:90:7b:69:
         71:2d:2c:ec:c3:b6:8b:2e:36:47:15:aa:ab:94:16:80:80:5a:
         95:93:3d:09:f1:65:8d:c7:23:d9:e5:c6:6b:be:1c:0f:af:93:
         3c:fd:98:0f:5a:02:71:63:c9:4b:1b:c2:3f:67:e0:a0:e4:1e:
         f5:57:14:1a:2f:7f:b8:d7:69:cc:e3:92:04:3a:9c:78:ec:8e:
         31:0e:4a:15:1c:1a:c3:5e:13:b8:f2:04:2d:6b:ac:83:0f:b8:
         4a:45:2f:02
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYfCP09hHiihjfFpeJXfPdeVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmM2U3MWI5Njk5MmRhM2Q5MWM4OGRkNzRlZjQxZjliOTVi
OTQ4NWIwHhcNMjMwNDI3MTAyNTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDkyOTkwNDdkNjBjNDZmYzJmNjJiMDE5NGYzMWU4OWVmNTMxOGMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApFSSwT9TBKOVjmZ8qaVwdpdTqtZz
KQZZy1SYobGwXMsaE9P03AvovO1Q84PkmGiUAOSGKs7tRzuzFITMcxtWkqOh2P3R
8t3S2cCaPLhmij8Lc645VdJWgUm1r7XoXkCSnaDkLZF9aqfuhfuxnD1OLrXi006H
GhvIGKVYihXm+kA6A4MOg0DXKXKwYe4ufz5yxmGvukvJ49FOzVRr7Dgphqs4AzLf
/bJo0fPoGEN08tlyLXMCaJ1iWzD0w2jU8fHWt7GfN4oR2/ulLhjjRbKQ0uleiJY0
vcDRwcuB3wNyBJoQCz+90MkJgESr7cEOGP4SR3mQLt67OWbdbsXVUFaoJQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFPSSmQR9YMRvwvYrAZTzHonvUxjAMB8GA1UdIwQY
MBaAFO8+cblpkto9kciN1070H5uVuUhbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3o1eHVXbVMyajJSeUkzWFR2UWZtNVc1U0ZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9hZDRlNTctZDkwMS00NDg1LTk4ZDIt
OTE5NmNlNDQ2NTI3LzEvOUpLWkJIMWd4R19DOWlzQmxQTWVpZTlUR01BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9hZDRlNTctZDkwMS00NDg1LTk4ZDItOTE5NmNlNDQ2NTI3
LzEvN3o1eHVXbVMyajJSeUkzWFR2UWZtNVc1U0ZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDAvBAIAATApAwQFVBIAAwQE
XDygAwQCuUI8AwQG1DGAAwMA1KMDBAfVCYADBAbVwMAwDQQCAAIwBwMFACABCsAw
DQYJKoZIhvcNAQELBQADggEBALZUBbxOSQk+5rHffUAtOH9XmOvL1YxX71xJUyZf
hORWi26nqatmjmMCR0XZ9cru4nxVIkMeWHZzu2x28e8j5enfwuAFJKjufGDudiwY
qQwGzrounIIUqdViuFaAa1kPjGJrVXdhV+Ik518/tc1gVaGCesCPe3KN3v0UWdKU
ga0wIFFYtTloAbLPMaOnaHQ969lHRbK3ToufMeACrnukL5B7aXEtLOzDtosuNkcV
qquUFoCAWpWTPQnxZY3HI9nlxmu+HA+vkzz9mA9aAnFjyUsbwj9n4KDkHvVXFBov
f7jXaczjkgQ6nHjsjjEOShUcGsNeE7jyBC1rrIMPuEpFLwI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:57 2024 by rpki-client on console-ams.rpki-client.org