Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/86fb46-d712-4602-9cce-3aa7daa9d3ec/1/2_JKIjcVsIApL9HmblznmPWfu2U.roa
File:                     2_JKIjcVsIApL9HmblznmPWfu2U.roa (raw, json)
Hash identifier:          n2a/xwIAgKu8EeN1RO0uEPY0clc/TiXOHTKoWzGSY2g=
Subject key identifier:   DB:F2:4A:22:37:15:B0:80:29:2F:D1:E6:6E:5C:E7:98:F5:9F:BB:65
Certificate issuer:       /CN=5c892aed3833e6100f5e0cf12271fd80b755c361
Certificate serial:       018EA8C096469A434DBEBD2C8298207C891C
Authority key identifier: 5C:89:2A:ED:38:33:E6:10:0F:5E:0C:F1:22:71:FD:80:B7:55:C3:61
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XIkq7Tgz5hAPXgzxInH9gLdVw2E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5f/86fb46-d712-4602-9cce-3aa7daa9d3ec/1/2_JKIjcVsIApL9HmblznmPWfu2U.roa
Signing time:             Thu 04 Apr 2024 10:56:17 +0000
ROA not before:           Thu 04 Apr 2024 10:56:17 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     834
IP address blocks:        88.218.42.0/24 maxlen: 24
                          103.76.128.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 08 Apr 2024 07:34:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:a8:c0:96:46:9a:43:4d:be:bd:2c:82:98:20:7c:89:1c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5c892aed3833e6100f5e0cf12271fd80b755c361
        Validity
            Not Before: Apr  4 10:56:17 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=dbf24a223715b080292fd1e66e5ce798f59fbb65
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:3a:7b:b8:98:a1:6f:f3:18:59:d7:9a:96:78:
                    40:c5:d1:ca:d7:ac:ae:8a:e3:60:d2:47:d7:4d:40:
                    91:21:07:6f:55:3c:d0:5e:fb:9e:cc:0a:21:e3:6a:
                    4b:7a:3d:9c:90:be:ea:df:36:c1:0f:70:e8:88:ed:
                    a6:97:57:38:9b:a1:74:b8:ce:5c:93:49:11:89:bb:
                    ff:34:d6:d1:98:2f:b3:c7:4f:e3:4b:ca:a3:c5:e6:
                    fa:6d:ee:f1:17:99:6f:a5:b7:a3:23:ac:03:8c:87:
                    5e:27:a2:d2:7e:c4:1c:15:a9:cf:a7:f7:ab:2b:86:
                    dc:ef:00:6c:fb:6d:af:f8:67:91:50:e3:72:7e:15:
                    c9:e1:d5:80:c6:8b:46:71:ee:b1:77:c3:be:c9:f2:
                    aa:78:ad:9b:03:1f:8f:a3:ec:7b:7b:ac:bb:8f:5e:
                    8c:86:20:1d:d9:66:91:9d:41:cd:34:e9:c7:4f:c9:
                    ae:d7:a0:b8:e2:13:d8:8e:de:3f:84:6d:3e:7e:d0:
                    da:54:a9:b5:e1:07:8d:8e:18:68:da:c2:be:ee:b9:
                    b4:99:9a:3e:65:e1:ae:2e:72:3e:19:42:25:c3:c0:
                    3f:22:3a:4c:35:83:6b:a5:d8:1c:e8:c8:b3:6b:94:
                    93:c8:9d:dd:9e:51:9a:b0:df:a5:1c:c5:7d:e1:33:
                    13:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:F2:4A:22:37:15:B0:80:29:2F:D1:E6:6E:5C:E7:98:F5:9F:BB:65
            X509v3 Authority Key Identifier:
                keyid:5C:89:2A:ED:38:33:E6:10:0F:5E:0C:F1:22:71:FD:80:B7:55:C3:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XIkq7Tgz5hAPXgzxInH9gLdVw2E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/86fb46-d712-4602-9cce-3aa7daa9d3ec/1/2_JKIjcVsIApL9HmblznmPWfu2U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/86fb46-d712-4602-9cce-3aa7daa9d3ec/1/XIkq7Tgz5hAPXgzxInH9gLdVw2E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  88.218.42.0/24
                  103.76.128.0/24

    Signature Algorithm: sha256WithRSAEncryption
         54:d8:85:92:01:a2:35:a9:8f:da:09:68:58:f8:fc:b4:28:cc:
         3a:e2:32:d3:24:14:9c:71:40:2f:67:90:92:61:0b:44:aa:9b:
         fb:5a:82:df:45:85:ac:81:2e:b6:a9:90:0c:df:4f:ea:94:d2:
         0a:e8:9e:d6:9d:2b:6b:2b:9c:26:0a:0a:15:5f:91:17:0b:a5:
         ea:6e:b6:80:7d:5f:57:bf:98:29:be:a0:0a:9c:ba:e9:dd:33:
         5b:0b:bf:a7:59:97:8d:0b:02:8a:d0:b9:ff:e8:23:23:1e:83:
         b1:53:c0:ce:cc:d3:e6:82:87:27:80:6c:9a:33:84:93:c3:f5:
         c3:3b:da:6b:97:01:90:28:3e:83:e9:41:bf:cb:c7:bb:b2:ea:
         3b:1d:a9:f1:83:aa:2b:15:c7:df:e6:55:66:06:ca:bb:93:52:
         a9:54:0f:24:e0:d3:86:50:54:56:81:b6:7f:8d:3d:29:56:a4:
         6f:d3:aa:a6:b7:b1:ba:3e:75:ed:9d:55:23:bd:8b:2f:44:0a:
         4d:df:92:79:32:27:1d:83:ff:7d:5b:86:47:90:8e:9c:81:d1:
         32:bf:a9:4e:33:a5:a6:6b:6e:56:5d:fe:6a:2c:e7:8b:bc:26:
         87:cc:6a:e6:dc:4f:02:be:ba:dd:38:cd:56:52:c8:26:4b:cd:
         8f:f9:b1:98
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY6owJZGmkNNvr0sgpggfIkcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjODkyYWVkMzgzM2U2MTAwZjVlMGNmMTIyNzFmZDgwYjc1
NWMzNjEwHhcNMjQwNDA0MTA1NjE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmYyNGEyMjM3MTViMDgwMjkyZmQxZTY2ZTVjZTc5OGY1OWZiYjY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAozp7uJihb/MYWdealnhAxdHK16yu
iuNg0kfXTUCRIQdvVTzQXvuezAoh42pLej2ckL7q3zbBD3DoiO2ml1c4m6F0uM5c
k0kRibv/NNbRmC+zx0/jS8qjxeb6be7xF5lvpbejI6wDjIdeJ6LSfsQcFanPp/er
K4bc7wBs+22v+GeRUONyfhXJ4dWAxotGce6xd8O+yfKqeK2bAx+Po+x7e6y7j16M
hiAd2WaRnUHNNOnHT8mu16C44hPYjt4/hG0+ftDaVKm14QeNjhho2sK+7rm0mZo+
ZeGuLnI+GUIlw8A/IjpMNYNrpdgc6Miza5STyJ3dnlGasN+lHMV94TMTJwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNvySiI3FbCAKS/R5m5c55j1n7tlMB8GA1UdIwQY
MBaAFFyJKu04M+YQD14M8SJx/YC3VcNhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWElrcTdUZ3o1aEFQWGd6eEluSDlnTGRWdzJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi84NmZiNDYtZDcxMi00NjAyLTljY2Ut
M2FhN2RhYTlkM2VjLzEvMl9KS0lqY1ZzSUFwTDlIbWJsem5tUFdmdTJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi84NmZiNDYtZDcxMi00NjAyLTljY2UtM2FhN2RhYTlkM2Vj
LzEvWElrcTdUZ3o1aEFQWGd6eEluSDlnTGRWdzJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWNoqAwQA
Z0yAMA0GCSqGSIb3DQEBCwUAA4IBAQBU2IWSAaI1qY/aCWhY+Py0KMw64jLTJBSc
cUAvZ5CSYQtEqpv7WoLfRYWsgS62qZAM30/qlNIK6J7WnStrK5wmCgoVX5EXC6Xq
braAfV9Xv5gpvqAKnLrp3TNbC7+nWZeNCwKK0Ln/6CMjHoOxU8DOzNPmgocngGya
M4STw/XDO9prlwGQKD6D6UG/y8e7suo7Hanxg6orFcff5lVmBsq7k1KpVA8k4NOG
UFRWgbZ/jT0pVqRv06qmt7G6PnXtnVUjvYsvRApN35J5Micdg/99W4ZHkI6cgdEy
v6lOM6Wma25WXf5qLOeLvCaHzGrm3E8CvrrdOM1WUsgmS82P+bGY
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:03 2024 by rpki-client on console-fra.rpki-client.org