Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/9856ee-699f-4fed-bb98-e06fd0cd3b77/1/JP1kOVXg8IEZhZ3swboGBzMpqkU.roa
File:                     JP1kOVXg8IEZhZ3swboGBzMpqkU.roa (raw, json)
Hash identifier:          Ij2eEmlF8V4oNt1AsUtRTo6K1daLV3bFMW8nyzvgSUM=
Subject key identifier:   24:FD:64:39:55:E0:F0:81:19:85:9D:EC:C1:BA:06:07:33:29:AA:45
Certificate issuer:       /CN=2ba38933358cf66cff3b6ce3f7bc2517fdd47421
Certificate serial:       0189F2FCC308C644403C0DBD942A69A46369
Authority key identifier: 2B:A3:89:33:35:8C:F6:6C:FF:3B:6C:E3:F7:BC:25:17:FD:D4:74:21
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/K6OJMzWM9mz_O2zj97wlF_3UdCE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/44/9856ee-699f-4fed-bb98-e06fd0cd3b77/1/JP1kOVXg8IEZhZ3swboGBzMpqkU.roa
Signing time:             Mon 14 Aug 2023 07:39:58 +0000
ROA not before:           Mon 14 Aug 2023 07:39:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     57224
IP address blocks:        91.198.60.0/24 maxlen: 24
                          185.40.116.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 22:31:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:f2:fc:c3:08:c6:44:40:3c:0d:bd:94:2a:69:a4:63:69
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2ba38933358cf66cff3b6ce3f7bc2517fdd47421
        Validity
            Not Before: Aug 14 07:39:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=24fd643955e0f08119859decc1ba06073329aa45
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:70:4b:b9:0e:90:9c:97:65:32:c3:3d:dd:76:
                    68:bf:9b:90:f0:a3:ef:ee:8c:86:df:57:54:07:ae:
                    e2:6d:49:32:f9:36:ea:f2:53:7b:9d:e9:02:ba:22:
                    ea:74:55:10:10:0d:c2:0c:30:b1:a9:fe:5b:ee:5b:
                    58:fe:cd:ae:36:bc:fb:11:c5:52:e1:56:6a:87:d6:
                    a7:fb:42:4b:53:cd:be:a0:38:b0:1d:47:43:c1:0f:
                    20:61:5a:89:91:75:66:96:4c:e7:ae:01:19:4a:5c:
                    94:7e:3c:74:e8:93:f3:eb:f0:0c:9b:a6:c5:a2:67:
                    f2:45:ec:e9:fb:6a:ab:ae:1a:41:77:be:d9:9d:d4:
                    1f:ea:80:a9:21:e2:dd:f9:f3:27:b9:d4:a2:b4:35:
                    2a:92:c3:02:e6:80:59:13:67:82:b1:a5:eb:b1:37:
                    da:63:88:e0:ef:dc:01:6a:f4:d6:44:bc:80:dd:a9:
                    fb:af:4a:c7:39:2f:84:57:d8:da:a5:20:c5:80:8f:
                    0e:9e:1f:e7:49:23:9a:93:c4:a6:8e:2b:fd:48:20:
                    86:d2:59:66:24:c5:63:c6:24:0d:5d:9e:cd:d0:f6:
                    12:a8:7f:5c:ed:d1:b5:9f:f6:5a:a3:32:1d:d5:ee:
                    02:ff:1e:47:ba:c1:e1:da:9a:ce:c5:cf:2b:0f:42:
                    f9:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:FD:64:39:55:E0:F0:81:19:85:9D:EC:C1:BA:06:07:33:29:AA:45
            X509v3 Authority Key Identifier:
                keyid:2B:A3:89:33:35:8C:F6:6C:FF:3B:6C:E3:F7:BC:25:17:FD:D4:74:21

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K6OJMzWM9mz_O2zj97wlF_3UdCE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/9856ee-699f-4fed-bb98-e06fd0cd3b77/1/JP1kOVXg8IEZhZ3swboGBzMpqkU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/44/9856ee-699f-4fed-bb98-e06fd0cd3b77/1/K6OJMzWM9mz_O2zj97wlF_3UdCE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.198.60.0/24
                  185.40.116.0/22

    Signature Algorithm: sha256WithRSAEncryption
         87:6e:5b:45:36:fc:58:f1:67:bf:8c:c6:6f:30:f5:73:df:25:
         e6:09:3e:09:6f:60:47:f8:c8:c4:a1:15:c6:fb:22:a4:51:f0:
         b4:7d:bc:91:ad:5b:f9:c7:ae:75:29:7a:49:1b:3d:4d:fd:f6:
         18:11:00:a1:2d:5b:ed:7c:6d:96:5e:95:5c:36:1b:3f:33:7d:
         a3:fd:5e:2d:b1:27:b2:64:a4:45:25:b5:64:b8:c6:10:a7:60:
         6e:80:88:fd:d4:88:9e:81:af:42:ab:c4:8b:fa:54:02:8a:9a:
         67:ae:67:36:a2:21:b4:f4:a9:2d:a1:c0:96:13:1c:59:49:27:
         76:15:e1:c5:18:5a:d1:87:78:99:f2:04:41:f4:0b:42:e5:40:
         e5:a3:76:f1:e7:58:0e:59:21:99:0b:27:92:02:2d:00:dc:82:
         a2:0e:1d:42:f9:be:b9:13:c4:54:26:10:63:92:f5:49:81:f9:
         92:ad:c4:f9:e8:15:a8:41:c4:be:a1:a8:f0:bc:e9:1e:25:f1:
         f4:9f:cd:bd:00:be:76:1c:9c:61:c5:f1:a7:ed:3d:66:0a:0c:
         f1:09:b2:d7:c5:ec:4e:fe:ba:58:fc:3e:1f:fb:37:21:7d:27:
         02:f6:08:81:4e:50:e8:ec:3a:f7:0d:89:56:d4:a6:3b:7d:4e:
         92:92:06:88
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYny/MMIxkRAPA29lCpppGNpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiYTM4OTMzMzU4Y2Y2NmNmZjNiNmNlM2Y3YmMyNTE3ZmRk
NDc0MjEwHhcNMjMwODE0MDczOTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGZkNjQzOTU1ZTBmMDgxMTk4NTlkZWNjMWJhMDYwNzMzMjlhYTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr3BLuQ6QnJdlMsM93XZov5uQ8KPv
7oyG31dUB67ibUky+Tbq8lN7nekCuiLqdFUQEA3CDDCxqf5b7ltY/s2uNrz7EcVS
4VZqh9an+0JLU82+oDiwHUdDwQ8gYVqJkXVmlkznrgEZSlyUfjx06JPz6/AMm6bF
omfyRezp+2qrrhpBd77ZndQf6oCpIeLd+fMnudSitDUqksMC5oBZE2eCsaXrsTfa
Y4jg79wBavTWRLyA3an7r0rHOS+EV9japSDFgI8Onh/nSSOak8Smjiv9SCCG0llm
JMVjxiQNXZ7N0PYSqH9c7dG1n/ZaozId1e4C/x5HusHh2prOxc8rD0L5bwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCT9ZDlV4PCBGYWd7MG6BgczKapFMB8GA1UdIwQY
MBaAFCujiTM1jPZs/zts4/e8JRf91HQhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzZPSk16V005bXpfTzJ6ajk3d2xGXzNVZENFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC85ODU2ZWUtNjk5Zi00ZmVkLWJiOTgt
ZTA2ZmQwY2QzYjc3LzEvSlAxa09WWGc4SUVaaFozc3dib0dCek1wcWtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC85ODU2ZWUtNjk5Zi00ZmVkLWJiOTgtZTA2ZmQwY2QzYjc3
LzEvSzZPSk16V005bXpfTzJ6ajk3d2xGXzNVZENFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW8Y8AwQC
uSh0MA0GCSqGSIb3DQEBCwUAA4IBAQCHbltFNvxY8We/jMZvMPVz3yXmCT4Jb2BH
+MjEoRXG+yKkUfC0fbyRrVv5x651KXpJGz1N/fYYEQChLVvtfG2WXpVcNhs/M32j
/V4tsSeyZKRFJbVkuMYQp2BugIj91Iiega9Cq8SL+lQCippnrmc2oiG09KktocCW
ExxZSSd2FeHFGFrRh3iZ8gRB9AtC5UDlo3bx51gOWSGZCyeSAi0A3IKiDh1C+b65
E8RUJhBjkvVJgfmSrcT56BWoQcS+oajwvOkeJfH0n829AL52HJxhxfGn7T1mCgzx
CbLXxexO/rpY/D4f+zchfScC9giBTlDo7Dr3DYlW1KY7fU6SkgaI
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:47 2024 by rpki-client on console-ams.rpki-client.org