Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/0d6375-4765-4e0e-9363-6e8e07d66c9b/1/JEeSjllYifqM_QvNZz7rxo2HQFE.roa
File:                     JEeSjllYifqM_QvNZz7rxo2HQFE.roa (raw, json)
Hash identifier:          2TbyglUFnGmR1OoD3ZM0c0hM7YJV+IxxVlSxeULentg=
Subject key identifier:   24:47:92:8E:59:58:89:FA:8C:FD:0B:CD:67:3E:EB:C6:8D:87:40:51
Certificate issuer:       /CN=a09cd8c71a6e33282c045d8f88c3b378acf41bd9
Certificate serial:       018861267D6CCEC5C2C0A44F44442EBA8834
Authority key identifier: A0:9C:D8:C7:1A:6E:33:28:2C:04:5D:8F:88:C3:B3:78:AC:F4:1B:D9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oJzYxxpuMygsBF2PiMOzeKz0G9k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/0d6375-4765-4e0e-9363-6e8e07d66c9b/1/JEeSjllYifqM_QvNZz7rxo2HQFE.roa
Signing time:             Sun 28 May 2023 06:58:12 +0000
ROA not before:           Sun 28 May 2023 06:58:12 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     21419
IP address blocks:        185.4.3.0/24 maxlen: 24
                          185.4.1.0/24 maxlen: 24
                          185.4.2.0/24 maxlen: 24
                          178.21.164.0/24 maxlen: 24
                          178.21.166.0/24 maxlen: 24
                          178.21.162.0/24 maxlen: 24
                          178.21.160.0/21 maxlen: 21
                          178.21.163.0/24 maxlen: 24
                          178.21.167.0/24 maxlen: 26

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 08:30:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:61:26:7d:6c:ce:c5:c2:c0:a4:4f:44:44:2e:ba:88:34
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a09cd8c71a6e33282c045d8f88c3b378acf41bd9
        Validity
            Not Before: May 28 06:58:12 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2447928e595889fa8cfd0bcd673eebc68d874051
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:c4:d0:97:5f:fd:3b:89:69:a9:c2:29:1b:12:
                    32:cf:61:43:eb:82:05:a7:0a:dc:aa:ea:1b:15:80:
                    b7:7a:48:3d:dd:6f:a7:1a:e6:60:46:55:d9:d1:68:
                    13:07:d1:db:94:74:3c:8d:aa:52:dd:3d:1b:90:b7:
                    b2:de:45:74:54:dd:6c:59:fa:9f:57:7c:f0:a2:fa:
                    b7:d4:18:c5:c2:11:15:ce:ba:04:ec:82:13:a6:b5:
                    49:09:f8:a4:3b:d5:a4:62:bd:cb:fc:b6:ab:26:77:
                    51:35:99:5a:51:d2:83:64:11:af:32:38:5c:9d:8f:
                    92:89:07:ac:a7:ee:c9:cd:bd:35:5d:09:85:98:42:
                    90:b3:32:f2:b2:bb:90:de:c6:ee:5e:93:65:fc:da:
                    75:d5:91:09:91:42:24:dc:24:52:93:cd:c5:47:9c:
                    8f:2f:7b:6b:8d:a6:2e:d1:df:71:19:af:a2:cd:70:
                    2a:89:09:8b:29:94:eb:af:ae:0c:b0:52:6c:74:33:
                    63:71:d9:42:56:4f:47:24:25:05:1f:24:c9:0a:3e:
                    d9:95:cb:7b:a2:02:e6:ab:d2:a6:33:a5:0f:3d:b0:
                    33:dd:99:aa:1d:c6:5c:4d:03:22:b9:63:1a:fb:3b:
                    77:9b:17:ce:21:73:4e:48:85:a7:4d:39:44:31:b8:
                    b7:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:47:92:8E:59:58:89:FA:8C:FD:0B:CD:67:3E:EB:C6:8D:87:40:51
            X509v3 Authority Key Identifier:
                keyid:A0:9C:D8:C7:1A:6E:33:28:2C:04:5D:8F:88:C3:B3:78:AC:F4:1B:D9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oJzYxxpuMygsBF2PiMOzeKz0G9k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/0d6375-4765-4e0e-9363-6e8e07d66c9b/1/JEeSjllYifqM_QvNZz7rxo2HQFE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/0d6375-4765-4e0e-9363-6e8e07d66c9b/1/oJzYxxpuMygsBF2PiMOzeKz0G9k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.21.160.0/21
                  185.4.1.0-185.4.3.255

    Signature Algorithm: sha256WithRSAEncryption
         78:36:d1:c9:14:32:a2:49:f2:d4:24:69:2a:32:f1:2b:19:10:
         42:23:95:39:c1:84:77:8c:57:b5:5f:a2:f7:bf:7e:f7:96:ff:
         c4:75:3a:58:59:76:f7:1c:73:7c:0a:d3:e7:50:75:98:80:1c:
         9f:4c:56:33:54:6d:1b:ae:77:6e:46:22:be:e6:f3:6d:4e:94:
         5b:73:62:f8:d9:b9:35:00:80:b5:31:58:74:b0:1e:42:a4:f5:
         2b:40:14:6a:e8:ea:c2:6c:c6:1c:73:c4:d8:7b:8b:d7:b8:92:
         b9:9e:c2:5d:9e:2c:3f:fd:cd:ba:ea:e4:bb:1f:23:49:a7:ae:
         2e:6d:6e:d0:61:1c:a2:99:98:55:21:1d:60:c5:61:07:9a:9f:
         5b:08:e1:c0:26:25:07:7b:c3:c7:33:92:e2:37:93:e6:a3:bf:
         92:53:a0:bd:7f:c5:3e:31:28:f5:69:9b:c9:ce:3b:23:e7:11:
         8b:a1:38:0e:62:a8:84:ad:9c:25:8c:55:90:4a:5f:6b:a6:60:
         39:be:a4:bf:c1:eb:0c:02:b5:a2:f7:1e:83:67:6d:ca:ed:64:
         3c:e5:cf:1d:88:cd:72:46:51:28:a6:c1:9b:0f:5b:65:5e:21:
         b1:76:19:1e:37:39:b0:75:f6:a4:83:36:c7:e4:13:8f:e1:7a:
         72:bd:13:fc
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYhhJn1szsXCwKRPREQuuog0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwOWNkOGM3MWE2ZTMzMjgyYzA0NWQ4Zjg4YzNiMzc4YWNm
NDFiZDkwHhcNMjMwNTI4MDY1ODEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDQ3OTI4ZTU5NTg4OWZhOGNmZDBiY2Q2NzNlZWJjNjhkODc0MDUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAisTQl1/9O4lpqcIpGxIyz2FD64IF
pwrcquobFYC3ekg93W+nGuZgRlXZ0WgTB9HblHQ8japS3T0bkLey3kV0VN1sWfqf
V3zwovq31BjFwhEVzroE7IITprVJCfikO9WkYr3L/LarJndRNZlaUdKDZBGvMjhc
nY+SiQesp+7Jzb01XQmFmEKQszLysruQ3sbuXpNl/Np11ZEJkUIk3CRSk83FR5yP
L3trjaYu0d9xGa+izXAqiQmLKZTrr64MsFJsdDNjcdlCVk9HJCUFHyTJCj7Zlct7
ogLmq9KmM6UPPbAz3ZmqHcZcTQMiuWMa+zt3mxfOIXNOSIWnTTlEMbi3lwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFCRHko5ZWIn6jP0LzWc+68aNh0BRMB8GA1UdIwQY
MBaAFKCc2McabjMoLARdj4jDs3is9BvZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0p6WXh4cHVNeWdzQkYyUGlNT3plS3owRzlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wZDYzNzUtNDc2NS00ZTBlLTkzNjMt
NmU4ZTA3ZDY2YzliLzEvSkVlU2psbFlpZnFNX1F2Tlp6N3J4bzJIUUZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wZDYzNzUtNDc2NS00ZTBlLTkzNjMtNmU4ZTA3ZDY2Yzli
LzEvb0p6WXh4cHVNeWdzQkYyUGlNT3plS3owRzlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQDshWgMAwD
BAC5BAEDBAK5BAAwDQYJKoZIhvcNAQELBQADggEBAHg20ckUMqJJ8tQkaSoy8SsZ
EEIjlTnBhHeMV7Vfove/fveW/8R1OlhZdvccc3wK0+dQdZiAHJ9MVjNUbRuud25G
Ir7m821OlFtzYvjZuTUAgLUxWHSwHkKk9StAFGro6sJsxhxzxNh7i9e4krmewl2e
LD/9zbrq5LsfI0mnri5tbtBhHKKZmFUhHWDFYQean1sI4cAmJQd7w8czkuI3k+aj
v5JToL1/xT4xKPVpm8nOOyPnEYuhOA5iqIStnCWMVZBKX2umYDm+pL/B6wwCtaL3
HoNnbcrtZDzlzx2IzXJGUSimwZsPW2VeIbF2GR43ObB19qSDNsfkE4/henK9E/w=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:57 2024 by rpki-client on console-ams.rpki-client.org