Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/jfxNrmciB-kk5XUUfmrM-p0E_IE.roa
File:                     jfxNrmciB-kk5XUUfmrM-p0E_IE.roa (raw, json)
Hash identifier:          ylHEQn4KlVMIsWkoa0Ebu4KLJEfT/NXFxl36BQSOkxM=
Subject key identifier:   8D:FC:4D:AE:67:22:07:E9:24:E5:75:14:7E:6A:CC:FA:9D:04:FC:81
Certificate issuer:       /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial:       018ECC4A07FD7648DFBAAEDFC91865E9DC73
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/jfxNrmciB-kk5XUUfmrM-p0E_IE.roa
Signing time:             Thu 11 Apr 2024 08:33:07 +0000
ROA not before:           Thu 11 Apr 2024 08:33:07 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     62240
IP address blocks:        31.41.253.0/24 maxlen: 24
                          45.87.124.0/24 maxlen: 24
                          45.87.125.0/24 maxlen: 24
                          45.87.127.0/24 maxlen: 24
                          45.128.124.0/24 maxlen: 24
                          45.128.128.0/24 maxlen: 24
                          62.3.7.0/24 maxlen: 24
                          62.3.31.0/24 maxlen: 24
                          77.72.83.0/24 maxlen: 24
                          77.72.84.0/24 maxlen: 24
                          84.252.69.0/24 maxlen: 24
                          88.218.184.0/24 maxlen: 24
                          88.218.185.0/24 maxlen: 24
                          88.218.186.0/24 maxlen: 24
                          88.218.187.0/24 maxlen: 24
                          91.190.158.0/24 maxlen: 24
                          91.209.31.0/24 maxlen: 24
                          91.212.169.0/24 maxlen: 24
                          91.228.215.0/24 maxlen: 24
                          91.239.212.0/24 maxlen: 24
                          91.239.213.0/24 maxlen: 24
                          146.19.120.0/24 maxlen: 24
                          146.255.186.0/24 maxlen: 24
                          176.116.17.0/24 maxlen: 24
                          176.126.102.0/24 maxlen: 24
                          185.128.224.0/24 maxlen: 24
                          185.209.50.0/24 maxlen: 24
                          185.211.171.0/24 maxlen: 24
                          185.214.164.0/24 maxlen: 24
                          185.214.165.0/24 maxlen: 24
                          185.214.167.0/24 maxlen: 24
                          193.0.62.0/24 maxlen: 24
                          193.228.129.0/24 maxlen: 24
                          194.59.222.0/24 maxlen: 24
                          194.60.76.0/24 maxlen: 24
                          195.64.103.0/24 maxlen: 24
                          212.107.25.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 15 Apr 2024 19:59:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:cc:4a:07:fd:76:48:df:ba:ae:df:c9:18:65:e9:dc:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
        Validity
            Not Before: Apr 11 08:33:07 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=8dfc4dae672207e924e575147e6accfa9d04fc81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:36:c4:bc:49:ab:51:30:71:14:07:2e:e8:34:
                    99:16:77:49:ab:10:18:04:c0:74:16:5a:50:21:7e:
                    22:3d:17:66:59:7b:44:2b:c9:ca:8d:b8:26:ad:66:
                    53:3c:84:c7:11:6c:ec:e2:84:7d:f6:67:56:26:bd:
                    99:24:c9:28:fa:69:4a:a8:27:39:f6:e1:de:3c:37:
                    2d:6a:27:e6:f3:45:37:6e:fe:e4:38:02:80:2b:7e:
                    f3:65:dc:0d:7b:84:5e:c6:10:57:d7:ea:c6:51:1c:
                    8a:a2:04:00:c6:d5:b3:10:5f:ec:14:92:ec:70:fa:
                    d1:19:27:0f:21:88:93:df:e4:4f:72:17:54:06:99:
                    71:ea:34:6d:16:db:6c:73:a3:71:42:ca:83:41:a6:
                    b8:64:c9:63:cf:3c:86:90:2f:63:2c:f1:91:66:1a:
                    f1:5a:3d:e9:10:c3:1a:77:53:1d:82:ab:c6:d9:5c:
                    e4:f5:30:e9:50:cd:f0:5e:c9:1e:41:d1:91:96:e1:
                    bb:fe:5b:24:e7:a0:f9:11:fc:ea:8b:75:72:a6:b3:
                    e2:93:c4:8b:5d:5d:fc:4a:53:9a:e7:e0:f2:c9:ea:
                    db:77:7a:2a:3b:fe:36:8a:92:ca:c7:0f:c2:fe:49:
                    3b:6d:78:ba:1a:f6:fd:d7:0b:22:c0:73:99:1c:17:
                    71:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:FC:4D:AE:67:22:07:E9:24:E5:75:14:7E:6A:CC:FA:9D:04:FC:81
            X509v3 Authority Key Identifier:
                keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/jfxNrmciB-kk5XUUfmrM-p0E_IE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.41.253.0/24
                  45.87.124.0/23
                  45.87.127.0/24
                  45.128.124.0/24
                  45.128.128.0/24
                  62.3.7.0/24
                  62.3.31.0/24
                  77.72.83.0-77.72.84.255
                  84.252.69.0/24
                  88.218.184.0/22
                  91.190.158.0/24
                  91.209.31.0/24
                  91.212.169.0/24
                  91.228.215.0/24
                  91.239.212.0/23
                  146.19.120.0/24
                  146.255.186.0/24
                  176.116.17.0/24
                  176.126.102.0/24
                  185.128.224.0/24
                  185.209.50.0/24
                  185.211.171.0/24
                  185.214.164.0/23
                  185.214.167.0/24
                  193.0.62.0/24
                  193.228.129.0/24
                  194.59.222.0/24
                  194.60.76.0/24
                  195.64.103.0/24
                  212.107.25.0/24

    Signature Algorithm: sha256WithRSAEncryption
         30:10:af:15:f7:f0:ae:3f:01:67:58:e4:42:24:3c:81:c9:c8:
         9b:77:71:1f:1c:b4:e6:2a:4d:02:ea:93:61:23:9f:fc:d5:53:
         fb:b0:bc:58:ed:0c:65:c2:88:38:b0:02:14:70:32:c4:1c:2f:
         f9:e0:b0:4d:a9:cf:94:08:08:3f:27:e3:4f:1b:aa:ed:cc:71:
         7f:1e:e6:df:a7:c6:4c:bd:73:12:aa:f3:90:32:59:0b:85:de:
         20:30:7a:19:86:81:68:93:9f:4d:48:b8:4e:52:e9:25:2b:fc:
         2a:e4:71:61:30:e7:81:8c:88:e3:4b:ff:e3:c9:e3:f2:17:ea:
         1f:bf:48:74:ec:14:1f:d7:fc:63:57:7d:e1:0d:ed:a3:e5:f6:
         6e:c6:e3:f2:d2:37:a9:8b:91:c3:b1:76:3b:90:30:7a:bc:13:
         02:f6:8e:30:5e:05:10:18:5b:58:c0:ec:cb:7b:94:0f:4f:25:
         84:69:f1:a7:17:b1:a7:37:76:a9:5e:75:ce:3f:82:23:f1:09:
         a8:dd:1f:8a:37:3c:27:bd:3a:78:41:3e:52:09:ef:a8:b1:b9:
         2b:3a:06:f4:44:4b:e7:e8:96:af:c6:33:46:ee:6f:3e:bb:9c:
         21:39:39:0b:8d:98:8f:21:98:01:10:c4:f9:64:c3:c4:34:44:
         e0:25:58:7f
-----BEGIN CERTIFICATE-----
MIIFuDCCBKCgAwIBAgISAY7MSgf9dkjfuq7fyRhl6dxzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjQwNDExMDgzMzA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGZjNGRhZTY3MjIwN2U5MjRlNTc1MTQ3ZTZhY2NmYTlkMDRmYzgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtjbEvEmrUTBxFAcu6DSZFndJqxAY
BMB0FlpQIX4iPRdmWXtEK8nKjbgmrWZTPITHEWzs4oR99mdWJr2ZJMko+mlKqCc5
9uHePDctaifm80U3bv7kOAKAK37zZdwNe4RexhBX1+rGURyKogQAxtWzEF/sFJLs
cPrRGScPIYiT3+RPchdUBplx6jRtFttsc6NxQsqDQaa4ZMljzzyGkC9jLPGRZhrx
Wj3pEMMad1MdgqvG2Vzk9TDpUM3wXskeQdGRluG7/lsk56D5Efzqi3VyprPik8SL
XV38SlOa5+Dyyerbd3oqO/42ipLKxw/C/kk7bXi6Gvb91wsiwHOZHBdx3QIDAQAB
o4ICxDCCAsAwHQYDVR0OBBYEFI38Ta5nIgfpJOV1FH5qzPqdBPyBMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvamZ4TnJtY2lCLWtrNVhVVWZtck0tcDBFX0lFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHZBggrBgEFBQcBBwEB/wSByTCBxjCBwwQCAAEwgbwDBAAf
Kf0DBAEtV3wDBAAtV38DBAAtgHwDBAAtgIADBAA+AwcDBAA+Ax8wDAMEAE1IUwME
AE1IVAMEAFT8RQMEAljauAMEAFu+ngMEAFvRHwMEAFvUqQMEAFvk1wMEAVvv1AME
AJITeAMEAJL/ugMEALB0EQMEALB+ZgMEALmA4AMEALnRMgMEALnTqwMEAbnWpAME
ALnWpwMEAMEAPgMEAMHkgQMEAMI73gMEAMI8TAMEAMNAZwMEANRrGTANBgkqhkiG
9w0BAQsFAAOCAQEAMBCvFffwrj8BZ1jkQiQ8gcnIm3dxHxy05ipNAuqTYSOf/NVT
+7C8WO0MZcKIOLACFHAyxBwv+eCwTanPlAgIPyfjTxuq7cxxfx7m36fGTL1zEqrz
kDJZC4XeIDB6GYaBaJOfTUi4TlLpJSv8KuRxYTDngYyI40v/48nj8hfqH79IdOwU
H9f8Y1d94Q3to+X2bsbj8tI3qYuRw7F2O5AwerwTAvaOMF4FEBhbWMDsy3uUD08l
hGnxpxexpzd2qV51zj+CI/EJqN0fijc8J706eEE+UgnvqLG5KzoG9ERL5+iWr8Yz
Ru5vPrucITk5C42YjyGYARDE+WTDxDRE4CVYfw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:08 2024 by rpki-client on console-fra.rpki-client.org