Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/JU4FtU5SA1NGkmYQhHVdP97Y8dc.roa
File:                     JU4FtU5SA1NGkmYQhHVdP97Y8dc.roa (raw, json)
Hash identifier:          5hoLVM9rNY2b0uEYzcaQD9DxhJzCD/HYJjHmJnmfWQ0=
Subject key identifier:   25:4E:05:B5:4E:52:03:53:46:92:66:10:84:75:5D:3F:DE:D8:F1:D7
Certificate issuer:       /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial:       018776C346D084B216BD5488794DEE8D96D7
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/JU4FtU5SA1NGkmYQhHVdP97Y8dc.roa
Signing time:             Wed 12 Apr 2023 18:38:41 +0000
ROA not before:           Wed 12 Apr 2023 18:38:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     41957
IP address blocks:        185.191.213.0/24 maxlen: 24
                          194.147.89.0/24 maxlen: 24
                          185.21.141.0/24 maxlen: 24
                          194.93.59.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 07 Aug 2023 20:17:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:76:c3:46:d0:84:b2:16:bd:54:88:79:4d:ee:8d:96:d7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
        Validity
            Not Before: Apr 12 18:38:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=254e05b54e5203534692661084755d3fded8f1d7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f5:af:41:b6:90:ef:4b:47:65:17:a2:85:b4:17:
                    af:15:22:a2:83:7d:44:9d:f7:01:96:ee:fc:0b:73:
                    b6:2c:fa:4d:03:f6:f7:0c:cc:0b:bd:29:f9:c2:eb:
                    0b:da:87:3e:6e:3c:0d:e8:81:00:f5:7e:12:7a:e3:
                    85:8a:9c:e5:d1:0d:19:06:3a:b4:6f:fc:2b:b0:91:
                    dd:34:9a:69:32:7f:92:2f:3c:c4:3e:08:d9:51:3d:
                    33:9f:9a:7d:03:44:a5:1a:ed:41:31:a3:b4:72:00:
                    f2:25:b5:5a:be:af:32:a2:15:02:47:2b:a4:4f:16:
                    c5:b6:86:4f:1b:f3:0e:46:76:04:c2:8c:6e:07:1b:
                    be:7f:89:0d:9a:9e:59:7c:4b:5b:34:16:b3:2b:f3:
                    45:95:b5:c8:f5:31:24:94:3d:d1:00:66:93:8c:57:
                    f2:aa:75:aa:50:22:ff:96:9c:a3:ac:a0:30:a5:85:
                    d4:ec:59:ae:68:44:da:2e:6a:11:ae:f0:ba:39:4b:
                    fd:ef:60:bc:d9:76:4e:4b:5b:cd:32:8c:3b:e2:56:
                    10:e7:9c:5d:85:f3:93:43:87:39:5b:68:54:4c:e2:
                    5d:c3:a3:c8:64:2a:d0:56:1d:3a:31:0d:d5:37:50:
                    3d:b5:33:0c:b0:82:74:6f:93:74:c1:98:af:00:7b:
                    c8:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:4E:05:B5:4E:52:03:53:46:92:66:10:84:75:5D:3F:DE:D8:F1:D7
            X509v3 Authority Key Identifier:
                keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/JU4FtU5SA1NGkmYQhHVdP97Y8dc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.21.141.0/24
                  185.191.213.0/24
                  194.93.59.0/24
                  194.147.89.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a2:a8:97:4a:03:c1:b0:9c:7f:5e:63:bd:40:29:19:49:ec:87:
         ba:4d:1a:eb:e9:62:61:69:c5:88:c6:fe:74:13:16:2b:a6:21:
         5d:70:52:ca:79:4c:68:c0:5c:02:f3:aa:f2:59:71:fc:f1:43:
         61:a6:90:97:2f:0a:fe:df:a6:60:c2:c2:1e:d3:13:60:9b:b6:
         db:19:a0:72:08:77:3f:7b:da:15:9d:b0:61:3d:1d:f5:78:d5:
         2f:75:07:e6:d9:9c:5f:c3:52:75:4e:d4:2d:01:df:7e:c6:8c:
         b3:6d:23:5c:9c:15:77:65:cd:c1:ac:aa:e3:a3:f1:8a:af:b2:
         30:fe:ab:9d:98:1f:cf:9c:7d:f5:9a:78:a5:4a:92:12:6d:29:
         c7:ce:6d:ad:bc:25:d8:09:d8:1d:81:c2:28:6b:e4:a8:ce:8f:
         f9:ba:b1:c8:fb:9b:49:e3:cf:a0:1d:62:19:21:f2:17:61:e4:
         cc:6a:51:a4:79:ac:d3:bc:0f:d4:45:b8:82:9f:a9:2b:81:dc:
         0e:a7:34:b8:81:34:6e:79:7e:d4:7c:e7:4a:99:24:06:f2:bc:
         ef:89:ec:55:45:19:0a:0b:6c:f8:d7:aa:9b:89:fe:62:c1:06:
         a2:ab:2d:bb:03:f8:f0:ba:4b:f7:e7:56:c1:d3:65:ef:50:eb:
         9d:8c:be:ba
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYd2w0bQhLIWvVSIeU3ujZbXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjMwNDEyMTgzODQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTRlMDViNTRlNTIwMzUzNDY5MjY2MTA4NDc1NWQzZmRlZDhmMWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9a9BtpDvS0dlF6KFtBevFSKig31E
nfcBlu78C3O2LPpNA/b3DMwLvSn5wusL2oc+bjwN6IEA9X4SeuOFipzl0Q0ZBjq0
b/wrsJHdNJppMn+SLzzEPgjZUT0zn5p9A0SlGu1BMaO0cgDyJbVavq8yohUCRyuk
TxbFtoZPG/MORnYEwoxuBxu+f4kNmp5ZfEtbNBazK/NFlbXI9TEklD3RAGaTjFfy
qnWqUCL/lpyjrKAwpYXU7FmuaETaLmoRrvC6OUv972C82XZOS1vNMow74lYQ55xd
hfOTQ4c5W2hUTOJdw6PIZCrQVh06MQ3VN1A9tTMMsIJ0b5N0wZivAHvIQwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCVOBbVOUgNTRpJmEIR1XT/e2PHXMB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvSlU0RnRVNVNBMU5Ha21ZUWhIVmRQOTdZOGRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAuRWNAwQA
ub/VAwQAwl07AwQAwpNZMA0GCSqGSIb3DQEBCwUAA4IBAQCiqJdKA8GwnH9eY71A
KRlJ7Ie6TRrr6WJhacWIxv50ExYrpiFdcFLKeUxowFwC86ryWXH88UNhppCXLwr+
36ZgwsIe0xNgm7bbGaByCHc/e9oVnbBhPR31eNUvdQfm2Zxfw1J1TtQtAd9+xoyz
bSNcnBV3Zc3BrKrjo/GKr7Iw/qudmB/PnH31mnilSpISbSnHzm2tvCXYCdgdgcIo
a+Sozo/5urHI+5tJ48+gHWIZIfIXYeTMalGkeazTvA/URbiCn6krgdwOpzS4gTRu
eX7UfOdKmSQG8rzviexVRRkKC2z416qbif5iwQaiqy27A/jwukv351bB02XvUOud
jL66
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:04 2024 by rpki-client on console-ams.rpki-client.org