Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/dc4420-4062-4778-9358-0af2e541646c/1/jJOEPS1q3tfTnDSiQ2ZtA5pD4QU.roa
File:                     jJOEPS1q3tfTnDSiQ2ZtA5pD4QU.roa (raw, json)
Hash identifier:          CzMX4MWFWpa87TFOaXAxUWwIGgHnxkvgU6HxmAxUsIQ=
Subject key identifier:   8C:93:84:3D:2D:6A:DE:D7:D3:9C:34:A2:43:66:6D:03:9A:43:E1:05
Certificate issuer:       /CN=72bbd2fa18319639e25ffbf4bdbfa008660158ae
Certificate serial:       0192B0538677466B3EF590E6785AC4EC9211
Authority key identifier: 72:BB:D2:FA:18:31:96:39:E2:5F:FB:F4:BD:BF:A0:08:66:01:58:AE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/crvS-hgxljniX_v0vb-gCGYBWK4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/dc4420-4062-4778-9358-0af2e541646c/1/jJOEPS1q3tfTnDSiQ2ZtA5pD4QU.roa
Signing time:             Mon 21 Oct 2024 18:25:16 +0000
ROA not before:           Mon 21 Oct 2024 18:25:16 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     43458
IP address blocks:        213.159.136.0/24 maxlen: 24
                          213.159.137.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Mon 21 Oct 2024 18:28:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:92:b0:53:86:77:46:6b:3e:f5:90:e6:78:5a:c4:ec:92:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72bbd2fa18319639e25ffbf4bdbfa008660158ae
        Validity
            Not Before: Oct 21 18:25:16 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=8c93843d2d6aded7d39c34a243666d039a43e105
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:11:a3:71:96:2c:20:c1:d6:bf:28:68:90:fc:
                    3c:72:9b:26:32:29:58:ac:ad:49:46:69:8c:a8:06:
                    6b:14:6b:0d:71:4b:29:68:a9:88:14:f0:c6:92:b2:
                    64:6c:f5:17:3f:f8:61:57:78:1b:22:f0:8b:bd:ca:
                    80:5e:62:8e:be:53:e3:94:7d:21:ed:4e:81:58:cc:
                    d4:30:61:56:ea:de:b1:f1:de:00:b5:40:5d:ea:e6:
                    b0:0b:f8:17:5f:2b:4c:c6:f1:d3:a9:f0:b3:90:8b:
                    e0:18:a9:09:59:65:72:1d:7f:8b:3f:f2:00:10:8f:
                    9d:89:a5:a1:62:21:df:ef:be:95:9d:68:5d:8c:c2:
                    d0:a5:4d:b3:3e:d0:6d:11:59:ee:97:74:fc:6e:7b:
                    ad:68:8d:39:ab:9f:2b:85:bb:f8:af:db:5e:9f:ca:
                    96:07:0a:14:14:e3:04:73:e7:39:ed:a8:4e:fc:22:
                    19:15:8d:c2:89:82:60:a2:45:a7:da:cd:0f:2a:20:
                    7e:f1:b8:78:95:34:5c:78:04:63:7d:f1:7d:f4:8a:
                    76:b2:be:eb:35:22:ff:1e:87:3e:d8:d2:c6:a2:f0:
                    97:4e:99:f7:4b:cc:f5:a7:82:81:82:d2:55:a6:6b:
                    b7:3c:c0:f1:20:1d:5f:5a:ed:c2:b5:69:2f:00:25:
                    ea:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:93:84:3D:2D:6A:DE:D7:D3:9C:34:A2:43:66:6D:03:9A:43:E1:05
            X509v3 Authority Key Identifier:
                keyid:72:BB:D2:FA:18:31:96:39:E2:5F:FB:F4:BD:BF:A0:08:66:01:58:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crvS-hgxljniX_v0vb-gCGYBWK4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/dc4420-4062-4778-9358-0af2e541646c/1/jJOEPS1q3tfTnDSiQ2ZtA5pD4QU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/dc4420-4062-4778-9358-0af2e541646c/1/crvS-hgxljniX_v0vb-gCGYBWK4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.159.136.0/23

    Signature Algorithm: sha256WithRSAEncryption
         66:7f:13:ad:dc:f5:1c:ba:aa:92:0e:63:d3:21:ac:ad:45:dc:
         63:8d:5b:86:44:ae:d1:a6:83:bd:e0:83:77:0a:cc:14:a9:0c:
         c0:40:08:9e:3f:34:4e:05:3d:88:a0:cf:12:f0:c4:64:f2:b2:
         4a:f5:5b:a1:91:af:9c:ab:a5:1f:d7:29:69:e2:15:01:64:06:
         c6:de:73:c5:be:14:d0:ea:4d:fb:54:80:0a:90:52:ad:60:56:
         df:e7:40:bb:05:47:dd:38:72:86:ae:3d:89:2f:dd:c2:63:fc:
         b6:7c:8a:b6:ea:37:ca:7a:b9:fd:da:a0:c4:95:20:5d:43:ac:
         1f:49:70:ee:c2:ba:87:ac:eb:26:11:2a:d7:16:bb:91:6d:10:
         e4:7b:42:2c:c4:44:66:51:0a:01:b3:25:06:74:f4:e0:ce:74:
         d1:8a:2a:9f:69:30:ee:ea:1a:c1:88:e8:37:45:58:43:d8:e9:
         8d:2a:bd:76:a2:82:7e:d5:de:e6:b0:8c:2f:0a:44:0b:db:ec:
         c4:0f:89:0e:27:49:10:84:52:bb:ec:ab:3b:8a:10:72:c5:92:
         f4:89:dd:c2:fc:4b:24:41:14:b5:a6:13:11:07:b3:a1:a2:d5:
         23:71:05:cf:83:1b:f2:30:df:cd:5b:8a:29:45:a5:32:4d:5c:
         8d:35:78:f0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZKwU4Z3Rms+9ZDmeFrE7JIRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYmJkMmZhMTgzMTk2MzllMjVmZmJmNGJkYmZhMDA4NjYw
MTU4YWUwHhcNMjQxMDIxMTgyNTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzkzODQzZDJkNmFkZWQ3ZDM5YzM0YTI0MzY2NmQwMzlhNDNlMTA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqBGjcZYsIMHWvyhokPw8cpsmMilY
rK1JRmmMqAZrFGsNcUspaKmIFPDGkrJkbPUXP/hhV3gbIvCLvcqAXmKOvlPjlH0h
7U6BWMzUMGFW6t6x8d4AtUBd6uawC/gXXytMxvHTqfCzkIvgGKkJWWVyHX+LP/IA
EI+diaWhYiHf776VnWhdjMLQpU2zPtBtEVnul3T8bnutaI05q58rhbv4r9ten8qW
BwoUFOMEc+c57ahO/CIZFY3CiYJgokWn2s0PKiB+8bh4lTRceARjffF99Ip2sr7r
NSL/Hoc+2NLGovCXTpn3S8z1p4KBgtJVpmu3PMDxIB1fWu3CtWkvACXqUQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIyThD0tat7X05w0okNmbQOaQ+EFMB8GA1UdIwQY
MBaAFHK70voYMZY54l/79L2/oAhmAViuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3J2Uy1oZ3hsam5pWF92MHZiLWdDR1lCV0s0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi9kYzQ0MjAtNDA2Mi00Nzc4LTkzNTgt
MGFmMmU1NDE2NDZjLzEvakpPRVBTMXEzdGZUbkRTaVEyWnRBNXBENFFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi9kYzQ0MjAtNDA2Mi00Nzc4LTkzNTgtMGFmMmU1NDE2NDZj
LzEvY3J2Uy1oZ3hsam5pWF92MHZiLWdDR1lCV0s0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB1Z+IMA0G
CSqGSIb3DQEBCwUAA4IBAQBmfxOt3PUcuqqSDmPTIaytRdxjjVuGRK7RpoO94IN3
CswUqQzAQAiePzROBT2IoM8S8MRk8rJK9Vuhka+cq6Uf1ylp4hUBZAbG3nPFvhTQ
6k37VIAKkFKtYFbf50C7BUfdOHKGrj2JL93CY/y2fIq26jfKern92qDElSBdQ6wf
SXDuwrqHrOsmESrXFruRbRDke0IsxERmUQoBsyUGdPTgznTRiiqfaTDu6hrBiOg3
RVhD2OmNKr12ooJ+1d7msIwvCkQL2+zED4kOJ0kQhFK77Ks7ihByxZL0id3C/Esk
QRS1phMRB7OhotUjcQXPgxvyMN/NW4opRaUyTVyNNXjw
-----END CERTIFICATE-----
Generated at Wed Jun 11 07:29:40 2025 by rpki-client