Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/f0c9e3-1c40-4f33-95ce-98d2fee0f87a/1/jbHtl5rlakQH0S88qYJk1EQGul4.roa
File:                     jbHtl5rlakQH0S88qYJk1EQGul4.roa (raw, json)
Hash identifier:          Xj6+geE2CPicPl2cDlsFbYijjCB2EMAls89/Xlci/yI=
Subject key identifier:   8D:B1:ED:97:9A:E5:6A:44:07:D1:2F:3C:A9:82:64:D4:44:06:BA:5E
Certificate issuer:       /CN=215a409d27b9a69346324004694da11beae02dbb
Certificate serial:       018572D5D229CC1528AA92865C9125BA7B66
Authority key identifier: 21:5A:40:9D:27:B9:A6:93:46:32:40:04:69:4D:A1:1B:EA:E0:2D:BB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IVpAnSe5ppNGMkAEaU2hG-rgLbs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4e/f0c9e3-1c40-4f33-95ce-98d2fee0f87a/1/jbHtl5rlakQH0S88qYJk1EQGul4.roa
Signing time:             Mon 02 Jan 2023 14:14:53 +0000
ROA not before:           Mon 02 Jan 2023 14:14:53 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     31037
IP address blocks:        185.134.179.0/24 maxlen: 24
                          185.134.178.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:29:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:d5:d2:29:cc:15:28:aa:92:86:5c:91:25:ba:7b:66
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=215a409d27b9a69346324004694da11beae02dbb
        Validity
            Not Before: Jan  2 14:14:53 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8db1ed979ae56a4407d12f3ca98264d44406ba5e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:e5:87:1a:33:f2:65:72:3c:62:1c:63:dd:d6:
                    c7:44:0c:af:f3:f7:9a:17:da:39:a5:05:a0:9f:44:
                    dd:90:3d:b4:89:a3:db:63:72:80:9a:d8:af:64:21:
                    11:a4:b6:75:c2:8b:db:24:cc:a0:20:31:ed:c2:fb:
                    bb:e0:25:78:0a:e6:9d:e1:41:f4:77:df:e9:73:12:
                    90:9b:6c:98:59:9a:37:79:b4:26:aa:99:d3:01:d0:
                    85:ce:e4:cb:19:3c:e5:f0:8f:96:cc:60:91:42:76:
                    52:16:bc:38:47:f5:ff:65:ed:ca:2a:3c:33:85:41:
                    8f:c8:72:0b:01:e4:05:7f:c1:69:9e:76:d1:6a:58:
                    ec:5a:36:63:7d:e5:c8:c2:c0:a7:0a:e5:e3:6c:f0:
                    22:06:ce:78:fa:fb:64:c5:a8:9f:7e:ea:5b:4b:cd:
                    64:76:a3:ad:8b:e6:62:ef:b3:99:ea:7c:ce:fc:40:
                    5d:7d:73:ca:9d:ab:27:e0:b0:af:24:34:17:f6:33:
                    ad:be:54:c5:64:3e:7e:5b:a9:91:98:67:ad:c8:17:
                    47:26:0a:e0:24:19:b2:c9:b0:06:9c:b2:8c:84:e9:
                    94:aa:f1:9a:a8:2d:a0:60:d8:a3:69:23:31:ee:25:
                    98:77:8e:b0:5c:f8:cf:46:be:b7:54:02:94:c6:7b:
                    50:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:B1:ED:97:9A:E5:6A:44:07:D1:2F:3C:A9:82:64:D4:44:06:BA:5E
            X509v3 Authority Key Identifier:
                keyid:21:5A:40:9D:27:B9:A6:93:46:32:40:04:69:4D:A1:1B:EA:E0:2D:BB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IVpAnSe5ppNGMkAEaU2hG-rgLbs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/f0c9e3-1c40-4f33-95ce-98d2fee0f87a/1/jbHtl5rlakQH0S88qYJk1EQGul4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/f0c9e3-1c40-4f33-95ce-98d2fee0f87a/1/IVpAnSe5ppNGMkAEaU2hG-rgLbs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.134.178.0/23

    Signature Algorithm: sha256WithRSAEncryption
         6e:88:67:3b:61:0d:fa:5b:55:d4:ef:c1:e7:3f:6d:e2:69:39:
         c7:c1:f0:16:c7:55:b3:52:c7:cc:ae:b2:a7:29:61:c9:b4:22:
         52:e4:9d:14:4c:56:fc:58:d1:bb:4e:9f:ae:c2:7c:b8:5a:f7:
         e2:c7:88:cd:1a:ab:c0:a8:ba:91:3c:2a:32:27:18:b7:5d:0b:
         a2:00:eb:50:31:13:8a:04:59:39:db:5a:f0:d5:2b:ba:f8:86:
         24:d1:4e:b9:c4:09:31:a0:ec:38:fd:24:5c:e7:c4:84:9b:a0:
         b0:f1:f7:8d:1e:11:02:0b:18:76:d0:e6:92:47:ff:48:d4:3d:
         46:cf:29:9d:39:a2:0e:f5:d6:a4:cd:d8:38:81:25:dd:1b:a5:
         1d:8a:e3:b2:0b:e6:8e:23:58:8c:40:2e:50:c4:c0:ca:00:d0:
         32:59:0f:8e:35:fa:6c:bf:f0:1b:e8:d0:93:4c:0d:0d:7f:89:
         e3:46:92:87:ce:4e:27:b7:cf:cd:ba:41:35:c6:aa:6f:6a:ce:
         39:49:c6:df:d7:95:b6:c4:35:5e:21:2a:52:88:14:e2:7d:1c:
         ce:f2:e2:8f:d2:fb:f3:c9:43:a0:54:14:70:0a:98:90:10:81:
         7b:b7:fd:31:51:37:a9:61:fa:1c:b7:5a:cc:8a:3c:a2:14:09:
         b4:d5:e5:25
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVy1dIpzBUoqpKGXJEluntmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxNWE0MDlkMjdiOWE2OTM0NjMyNDAwNDY5NGRhMTFiZWFl
MDJkYmIwHhcNMjMwMTAyMTQxNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGIxZWQ5NzlhZTU2YTQ0MDdkMTJmM2NhOTgyNjRkNDQ0MDZiYTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiuWHGjPyZXI8Yhxj3dbHRAyv8/ea
F9o5pQWgn0TdkD20iaPbY3KAmtivZCERpLZ1wovbJMygIDHtwvu74CV4Cuad4UH0
d9/pcxKQm2yYWZo3ebQmqpnTAdCFzuTLGTzl8I+WzGCRQnZSFrw4R/X/Ze3KKjwz
hUGPyHILAeQFf8FpnnbRaljsWjZjfeXIwsCnCuXjbPAiBs54+vtkxaiffupbS81k
dqOti+Zi77OZ6nzO/EBdfXPKnasn4LCvJDQX9jOtvlTFZD5+W6mRmGetyBdHJgrg
JBmyybAGnLKMhOmUqvGaqC2gYNijaSMx7iWYd46wXPjPRr63VAKUxntQfQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI2x7Zea5WpEB9EvPKmCZNREBrpeMB8GA1UdIwQY
MBaAFCFaQJ0nuaaTRjJABGlNoRvq4C27MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVZwQW5TZTVwcE5HTWtBRWFVMmhHLXJnTGJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9mMGM5ZTMtMWM0MC00ZjMzLTk1Y2Ut
OThkMmZlZTBmODdhLzEvamJIdGw1cmxha1FIMFM4OHFZSmsxRVFHdWw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9mMGM5ZTMtMWM0MC00ZjMzLTk1Y2UtOThkMmZlZTBmODdh
LzEvSVZwQW5TZTVwcE5HTWtBRWFVMmhHLXJnTGJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuYayMA0G
CSqGSIb3DQEBCwUAA4IBAQBuiGc7YQ36W1XU78HnP23iaTnHwfAWx1WzUsfMrrKn
KWHJtCJS5J0UTFb8WNG7Tp+uwny4Wvfix4jNGqvAqLqRPCoyJxi3XQuiAOtQMROK
BFk521rw1Su6+IYk0U65xAkxoOw4/SRc58SEm6Cw8feNHhECCxh20OaSR/9I1D1G
zymdOaIO9dakzdg4gSXdG6UdiuOyC+aOI1iMQC5QxMDKANAyWQ+ONfpsv/Ab6NCT
TA0Nf4njRpKHzk4nt8/NukE1xqpvas45Scbf15W2xDVeISpSiBTifRzO8uKP0vvz
yUOgVBRwCpiQEIF7t/0xUTepYfoct1rMijyiFAm01eUl
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:58 2024 by rpki-client on console-fra.rpki-client.org