Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/66650a-598a-4389-941f-534b8cd652e9/1/M9J_JYRNSBdvzr2gEYsoH-HlnDk.roa
File:                     M9J_JYRNSBdvzr2gEYsoH-HlnDk.roa (raw, json)
Hash identifier:          ln8gdm4IGIv1VR3bBlF2WppfExKn29Y/iJzJ9JvYF4I=
Subject key identifier:   33:D2:7F:25:84:4D:48:17:6F:CE:BD:A0:11:8B:28:1F:E1:E5:9C:39
Certificate issuer:       /CN=1bf268175c5a09a7afd0d87851824e1db73f7e7b
Certificate serial:       018EF070772249C6A363572180F7AC252F8A
Authority key identifier: 1B:F2:68:17:5C:5A:09:A7:AF:D0:D8:78:51:82:4E:1D:B7:3F:7E:7B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/G_JoF1xaCaev0Nh4UYJOHbc_fns.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/56/66650a-598a-4389-941f-534b8cd652e9/1/M9J_JYRNSBdvzr2gEYsoH-HlnDk.roa
Signing time:             Thu 18 Apr 2024 09:01:26 +0000
ROA not before:           Thu 18 Apr 2024 09:01:26 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     43581
IP address blocks:        46.253.143.0/24 maxlen: 24
                          91.211.115.0/24 maxlen: 24
                          193.17.92.0/24 maxlen: 24
                          2a11:1940::/29 maxlen: 29
                          2a13:a500::/32 maxlen: 32
                          2a13:a502::/32 maxlen: 32

Validation:               Failed, certificate revoked on Sat 07 Sep 2024 14:25:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:f0:70:77:22:49:c6:a3:63:57:21:80:f7:ac:25:2f:8a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1bf268175c5a09a7afd0d87851824e1db73f7e7b
        Validity
            Not Before: Apr 18 09:01:26 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=33d27f25844d48176fcebda0118b281fe1e59c39
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:6a:25:97:a9:a7:33:c5:a4:13:53:b6:6e:e2:
                    8e:5c:f2:2c:9d:4c:40:79:17:79:f2:e3:07:0a:1e:
                    3d:34:f2:46:35:28:3f:6e:8d:e8:c1:8f:f0:0b:37:
                    8e:33:ec:e7:3e:39:81:d3:cb:18:bb:db:2a:de:95:
                    c3:7c:88:11:5f:c2:04:d5:d5:68:24:3c:96:11:d0:
                    3e:4d:93:63:c7:72:99:77:b4:8d:81:5f:63:0b:9f:
                    b2:35:3a:6a:5c:ab:5f:41:92:be:3e:24:6a:7e:aa:
                    1d:b7:84:32:b1:db:7b:ae:81:f8:66:bf:dd:a3:7e:
                    dc:29:d2:51:d8:d0:1f:44:95:19:65:cb:8e:8a:94:
                    1a:fa:b8:48:91:80:e0:9a:e3:c5:a3:30:81:c7:89:
                    e3:f1:b8:8c:29:73:c1:4f:66:32:8d:4a:e8:1d:91:
                    ed:89:40:3f:88:15:3f:1f:13:c5:b0:e4:58:ca:c8:
                    d7:ca:7d:f6:d2:b9:6d:b4:13:43:9c:a7:57:3f:88:
                    0f:58:f9:06:40:1b:2f:0b:07:d5:ce:3d:d1:ee:91:
                    4d:7d:1c:b1:87:97:15:a1:8c:62:32:cd:30:07:fa:
                    11:0e:99:4d:5b:95:c0:ae:e3:c9:1d:56:2f:45:9a:
                    0f:9c:04:72:75:08:8f:bc:62:3c:46:31:14:83:31:
                    03:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:D2:7F:25:84:4D:48:17:6F:CE:BD:A0:11:8B:28:1F:E1:E5:9C:39
            X509v3 Authority Key Identifier:
                keyid:1B:F2:68:17:5C:5A:09:A7:AF:D0:D8:78:51:82:4E:1D:B7:3F:7E:7B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G_JoF1xaCaev0Nh4UYJOHbc_fns.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/66650a-598a-4389-941f-534b8cd652e9/1/M9J_JYRNSBdvzr2gEYsoH-HlnDk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/56/66650a-598a-4389-941f-534b8cd652e9/1/G_JoF1xaCaev0Nh4UYJOHbc_fns.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.253.143.0/24
                  91.211.115.0/24
                  193.17.92.0/24
                IPv6:
                  2a11:1940::/29
                  2a13:a500::/32
                  2a13:a502::/32

    Signature Algorithm: sha256WithRSAEncryption
         84:fb:55:7f:e3:1e:2c:5a:83:c1:0b:a9:45:7d:55:ac:ba:52:
         f1:f8:09:96:ca:15:a3:e9:11:ea:dd:94:4d:18:10:a2:ab:d5:
         a6:34:90:73:c9:94:c5:fb:a9:2b:10:3c:ac:8b:39:80:22:55:
         be:13:7e:e7:f1:17:0a:53:dc:71:f3:b8:16:b7:bd:5a:37:fc:
         eb:33:2e:31:e3:66:38:25:ba:98:1b:b1:00:2e:a6:b5:86:15:
         ed:8d:85:33:ad:c5:75:56:39:bd:64:f1:94:af:6f:a3:69:c4:
         9c:41:43:43:4a:63:d6:a7:84:9c:97:6e:a7:26:49:8a:be:ae:
         0b:c2:54:46:fb:a5:a2:49:08:17:4a:8e:93:d2:95:9c:bf:df:
         2f:80:29:4d:7f:1d:95:54:b7:84:dd:b9:68:cf:bd:73:fd:30:
         2f:74:2f:65:e9:40:43:2e:8b:5c:61:27:5f:87:2a:16:a2:3d:
         1f:f4:09:19:b3:e9:01:ac:a5:ef:fc:e3:0a:f6:98:7e:02:1c:
         ab:c1:2d:0b:2f:ca:cb:8d:8a:7a:75:a3:98:da:2c:9c:85:bc:
         a8:54:c4:c9:b2:51:e6:c2:2d:d0:3a:ad:a5:95:49:51:2f:5e:
         30:9d:3b:fa:01:1a:64:a1:1e:d6:8c:c3:17:84:e8:51:85:1f:
         a0:6f:bc:c7
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAY7wcHciScajY1chgPesJS+KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiZjI2ODE3NWM1YTA5YTdhZmQwZDg3ODUxODI0ZTFkYjcz
ZjdlN2IwHhcNMjQwNDE4MDkwMTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2QyN2YyNTg0NGQ0ODE3NmZjZWJkYTAxMThiMjgxZmUxZTU5YzM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlWoll6mnM8WkE1O2buKOXPIsnUxA
eRd58uMHCh49NPJGNSg/bo3owY/wCzeOM+znPjmB08sYu9sq3pXDfIgRX8IE1dVo
JDyWEdA+TZNjx3KZd7SNgV9jC5+yNTpqXKtfQZK+PiRqfqodt4Qysdt7roH4Zr/d
o37cKdJR2NAfRJUZZcuOipQa+rhIkYDgmuPFozCBx4nj8biMKXPBT2YyjUroHZHt
iUA/iBU/HxPFsORYysjXyn320rlttBNDnKdXP4gPWPkGQBsvCwfVzj3R7pFNfRyx
h5cVoYxiMs0wB/oRDplNW5XAruPJHVYvRZoPnARydQiPvGI8RjEUgzEDAwIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFDPSfyWETUgXb869oBGLKB/h5Zw5MB8GA1UdIwQY
MBaAFBvyaBdcWgmnr9DYeFGCTh23P357MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR19Kb0YxeGFDYWV2ME5oNFVZSk9IYmNfZm5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni82NjY1MGEtNTk4YS00Mzg5LTk0MWYt
NTM0YjhjZDY1MmU5LzEvTTlKX0pZUk5TQmR2enIyZ0VZc29ILUhsbkRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni82NjY1MGEtNTk4YS00Mzg5LTk0MWYtNTM0YjhjZDY1MmU5
LzEvR19Kb0YxeGFDYWV2ME5oNFVZSk9IYmNfZm5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAYBAIAATASAwQALv2PAwQA
W9NzAwQAwRFcMBsEAgACMBUDBQMqERlAAwUAKhOlAAMFACoTpQIwDQYJKoZIhvcN
AQELBQADggEBAIT7VX/jHixag8ELqUV9Vay6UvH4CZbKFaPpEerdlE0YEKKr1aY0
kHPJlMX7qSsQPKyLOYAiVb4TfufxFwpT3HHzuBa3vVo3/OszLjHjZjglupgbsQAu
prWGFe2NhTOtxXVWOb1k8ZSvb6NpxJxBQ0NKY9anhJyXbqcmSYq+rgvCVEb7paJJ
CBdKjpPSlZy/3y+AKU1/HZVUt4TduWjPvXP9MC90L2XpQEMui1xhJ1+HKhaiPR/0
CRmz6QGspe/84wr2mH4CHKvBLQsvysuNinp1o5jaLJyFvKhUxMmyUebCLdA6raWV
SVEvXjCdO/oBGmShHtaMwxeE6FGFH6BvvMc=
-----END CERTIFICATE-----
Generated at Sat Sep 7 15:48:35 2024 by rpki-client on console-fra.rpki-client.org