Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/a00be2-877d-40e7-8a8a-af2cfa622d18/1/j-9MU_85sLVgjzUahP5sLow4JJI.roa
File:                     j-9MU_85sLVgjzUahP5sLow4JJI.roa (raw, json)
Hash identifier:          ZRkxm4L7YArdRgut+t+xWRI7FmNQ10KPFZ+L/nOnRVA=
Subject key identifier:   8F:EF:4C:53:FF:39:B0:B5:60:8F:35:1A:84:FE:6C:2E:8C:38:24:92
Certificate issuer:       /CN=c89c2cc489ebe48f490584ac866fe362c4117e75
Certificate serial:       018F242D6A58E4F2C214B52C42797F60FD3C
Authority key identifier: C8:9C:2C:C4:89:EB:E4:8F:49:05:84:AC:86:6F:E3:62:C4:11:7E:75
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yJwsxInr5I9JBYSshm_jYsQRfnU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/44/a00be2-877d-40e7-8a8a-af2cfa622d18/1/j-9MU_85sLVgjzUahP5sLow4JJI.roa
Signing time:             Sun 28 Apr 2024 10:08:27 +0000
ROA not before:           Sun 28 Apr 2024 10:08:27 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     47376
IP address blocks:        46.148.41.0/24 maxlen: 24
                          46.148.43.0/24 maxlen: 24
                          46.148.44.0/24 maxlen: 24
                          46.148.46.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 20 May 2024 09:08:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:24:2d:6a:58:e4:f2:c2:14:b5:2c:42:79:7f:60:fd:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c89c2cc489ebe48f490584ac866fe362c4117e75
        Validity
            Not Before: Apr 28 10:08:27 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=8fef4c53ff39b0b5608f351a84fe6c2e8c382492
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:44:3a:4a:e7:f9:5e:ae:e8:2f:21:77:68:f7:
                    33:09:84:c7:eb:71:c5:98:e1:fb:a0:17:36:85:51:
                    31:4a:2a:ab:8f:cc:23:bd:e6:5a:4b:47:6b:f4:fc:
                    c5:31:69:35:44:62:f1:4e:c2:cf:c9:d7:e3:32:0a:
                    ac:ab:e5:6f:d5:f8:00:dd:a4:37:24:c8:2d:60:a1:
                    ae:6b:9a:c2:f1:fa:d3:12:c6:7b:90:82:86:03:a2:
                    85:90:07:36:8c:f1:e4:cc:03:20:d1:41:7c:ed:66:
                    8d:8f:00:11:c8:bf:ba:27:08:90:0e:33:4c:23:ab:
                    90:b2:95:fc:b0:78:e7:b7:35:a7:80:fd:50:7d:ad:
                    91:74:ac:5b:0c:41:c3:df:84:3b:0c:c3:62:81:aa:
                    46:e0:7a:dc:2c:1c:c3:44:56:89:c7:1c:48:63:af:
                    7a:a0:96:f5:7e:cd:0e:93:82:d9:6d:c7:89:72:c1:
                    c7:27:d0:dc:37:a2:b7:eb:39:7a:46:93:5d:0c:09:
                    4a:7b:a3:4a:08:11:9a:71:1d:97:17:b6:05:c4:df:
                    b9:2f:44:1b:6c:b1:d8:dc:15:d7:68:bf:d8:44:7b:
                    c9:c1:79:9f:d3:a4:9f:51:24:38:c5:b1:b7:13:5d:
                    f2:08:55:e7:8a:57:02:d1:dc:74:55:0d:aa:6f:81:
                    f4:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:EF:4C:53:FF:39:B0:B5:60:8F:35:1A:84:FE:6C:2E:8C:38:24:92
            X509v3 Authority Key Identifier:
                keyid:C8:9C:2C:C4:89:EB:E4:8F:49:05:84:AC:86:6F:E3:62:C4:11:7E:75

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yJwsxInr5I9JBYSshm_jYsQRfnU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/a00be2-877d-40e7-8a8a-af2cfa622d18/1/j-9MU_85sLVgjzUahP5sLow4JJI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/44/a00be2-877d-40e7-8a8a-af2cfa622d18/1/yJwsxInr5I9JBYSshm_jYsQRfnU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.148.41.0/24
                  46.148.43.0-46.148.44.255
                  46.148.46.0/24

    Signature Algorithm: sha256WithRSAEncryption
         43:20:03:a8:27:87:1d:97:2b:f5:d7:6e:b2:a2:b5:43:dc:13:
         83:ce:d1:cc:ec:03:d9:e4:b8:a0:38:0a:9f:a8:44:2c:e9:f0:
         f5:8b:b5:f8:4c:f7:bd:7c:2a:db:77:4c:45:a5:13:94:63:2d:
         f3:68:4f:7d:82:85:eb:f2:bd:f7:ad:4c:b8:40:eb:0a:d9:91:
         0a:69:a4:53:c3:96:b6:1b:ca:e0:2a:12:c3:7f:f9:5a:f4:e5:
         bf:38:4c:4c:87:48:91:d1:aa:31:d7:8e:ff:eb:77:ad:f8:c7:
         a5:92:a2:04:4e:eb:94:98:bd:22:45:6e:9a:93:c7:e6:56:48:
         7e:51:25:04:e6:05:58:3c:82:af:3e:7d:f1:8d:d9:c2:f7:74:
         d7:e0:f1:d7:ea:6f:11:a5:12:24:b1:75:f7:bc:d0:44:bf:08:
         7b:e7:14:24:5c:a3:9e:45:4a:ac:b8:87:c8:5f:f3:7d:85:75:
         de:ae:2d:06:e3:39:c1:3e:8c:5f:1d:fa:df:4d:91:88:db:32:
         ed:0b:2c:92:7a:c4:a0:7a:4d:21:3c:14:83:08:95:bf:b8:71:
         19:7f:77:c3:91:41:45:1f:a8:00:76:99:64:48:9e:23:df:3b:
         a1:40:3f:45:0c:f6:29:60:29:80:cf:e8:83:c9:21:08:97:4d:
         7b:9e:d5:9a
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAY8kLWpY5PLCFLUsQnl/YP08MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4OWMyY2M0ODllYmU0OGY0OTA1ODRhYzg2NmZlMzYyYzQx
MTdlNzUwHhcNMjQwNDI4MTAwODI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZmVmNGM1M2ZmMzliMGI1NjA4ZjM1MWE4NGZlNmMyZThjMzgyNDkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm0Q6Suf5Xq7oLyF3aPczCYTH63HF
mOH7oBc2hVExSiqrj8wjveZaS0dr9PzFMWk1RGLxTsLPydfjMgqsq+Vv1fgA3aQ3
JMgtYKGua5rC8frTEsZ7kIKGA6KFkAc2jPHkzAMg0UF87WaNjwARyL+6JwiQDjNM
I6uQspX8sHjntzWngP1Qfa2RdKxbDEHD34Q7DMNigapG4HrcLBzDRFaJxxxIY696
oJb1fs0Ok4LZbceJcsHHJ9DcN6K36zl6RpNdDAlKe6NKCBGacR2XF7YFxN+5L0Qb
bLHY3BXXaL/YRHvJwXmf06SfUSQ4xbG3E13yCFXnilcC0dx0VQ2qb4H08QIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFI/vTFP/ObC1YI81GoT+bC6MOCSSMB8GA1UdIwQY
MBaAFMicLMSJ6+SPSQWErIZv42LEEX51MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUp3c3hJbnI1STlKQllTc2htX2pZc1FSZm5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC9hMDBiZTItODc3ZC00MGU3LThhOGEt
YWYyY2ZhNjIyZDE4LzEvai05TVVfODVzTFZnanpVYWhQNXNMb3c0SkpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC9hMDBiZTItODc3ZC00MGU3LThhOGEtYWYyY2ZhNjIyZDE4
LzEveUp3c3hJbnI1STlKQllTc2htX2pZc1FSZm5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQALpQpMAwD
BAAulCsDBAAulCwDBAAulC4wDQYJKoZIhvcNAQELBQADggEBAEMgA6gnhx2XK/XX
brKitUPcE4PO0czsA9nkuKA4Cp+oRCzp8PWLtfhM9718Ktt3TEWlE5RjLfNoT32C
hevyvfetTLhA6wrZkQpppFPDlrYbyuAqEsN/+Vr05b84TEyHSJHRqjHXjv/rd634
x6WSogRO65SYvSJFbpqTx+ZWSH5RJQTmBVg8gq8+ffGN2cL3dNfg8dfqbxGlEiSx
dfe80ES/CHvnFCRco55FSqy4h8hf832Fdd6uLQbjOcE+jF8d+t9NkYjbMu0LLJJ6
xKB6TSE8FIMIlb+4cRl/d8ORQUUfqAB2mWRIniPfO6FAP0UM9ilgKYDP6IPJIQiX
TXue1Zo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:21 2024 by rpki-client on console-fra.rpki-client.org