Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/jZEYlputPKzV4I5a2UP6mYScURg.roa
File:                     jZEYlputPKzV4I5a2UP6mYScURg.roa (raw, json)
Hash identifier:          bko9R7MPI+T9hk2kA76PbpjSupn3IoM5qMfCeG3jxTo=
Subject key identifier:   8D:91:18:96:9B:AD:3C:AC:D5:E0:8E:5A:D9:43:FA:99:84:9C:51:18
Certificate issuer:       /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial:       018CC6B7B76FE1E5B0B8747462E21E1595B5
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/jZEYlputPKzV4I5a2UP6mYScURg.roa
Signing time:             Mon 01 Jan 2024 20:29:37 +0000
ROA not before:           Mon 01 Jan 2024 20:29:37 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     61317
IP address blocks:        45.141.196.0/24 maxlen: 24
                          213.139.228.0/24 maxlen: 24
                          91.191.186.0/24 maxlen: 24
                          85.209.105.0/24 maxlen: 24
                          85.209.107.0/24 maxlen: 24
                          85.209.106.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 22:17:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c6:b7:b7:6f:e1:e5:b0:b8:74:74:62:e2:1e:15:95:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
        Validity
            Not Before: Jan  1 20:29:37 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=8d9118969bad3cacd5e08e5ad943fa99849c5118
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:6b:ba:9b:21:dc:21:2c:dd:28:48:f5:38:2c:
                    2c:73:63:b8:a1:88:c2:fb:73:3e:b0:b7:ab:af:42:
                    6b:7e:ef:0a:f9:dc:2c:52:2a:73:a5:87:7c:f7:34:
                    9c:14:96:43:9a:24:7f:8d:45:dc:3d:99:de:00:2c:
                    cd:2e:18:1a:3a:64:0a:85:f0:67:85:03:fb:49:4b:
                    a4:e6:70:61:a3:8d:b3:c5:d9:7a:f9:23:62:91:de:
                    a2:8e:c3:5d:8a:0b:fe:f5:55:80:6b:5f:8e:96:11:
                    da:e4:d4:8d:15:4d:1f:81:18:e9:d7:06:2b:e7:62:
                    27:15:07:10:02:76:80:0e:39:f4:81:40:f5:74:91:
                    c1:f4:dd:d0:3f:23:fe:7e:17:04:da:df:9b:66:f0:
                    c5:b1:4c:49:ab:b5:5f:84:fa:34:f0:c2:24:1b:6f:
                    43:e1:a4:25:7f:97:05:bd:c7:8e:eb:74:9d:02:49:
                    ce:38:64:4f:0b:3d:bb:b9:e6:b5:0c:57:c7:5e:25:
                    ad:12:fa:6a:9a:c5:bc:e7:e5:c2:ac:2f:07:c7:c5:
                    4f:22:54:4c:f7:48:96:29:69:68:7c:56:f1:ab:f8:
                    3b:e1:8a:44:d3:94:f7:b5:a8:a7:d1:ac:3b:a0:61:
                    0a:ef:b9:58:4f:2e:80:35:b1:09:f4:e4:4e:b0:ab:
                    f0:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:91:18:96:9B:AD:3C:AC:D5:E0:8E:5A:D9:43:FA:99:84:9C:51:18
            X509v3 Authority Key Identifier:
                keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/jZEYlputPKzV4I5a2UP6mYScURg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.141.196.0/24
                  85.209.105.0-85.209.107.255
                  91.191.186.0/24
                  213.139.228.0/24

    Signature Algorithm: sha256WithRSAEncryption
         65:ee:7b:66:c1:ca:13:5e:d4:7c:14:d1:52:cd:6a:ec:2b:30:
         3e:0e:7f:2d:7d:cf:cb:49:dc:a3:bc:ac:76:e4:e4:21:12:7a:
         0a:b9:10:b8:02:90:d8:28:b8:5e:e1:80:4f:4c:66:65:1e:93:
         ce:b7:c2:2d:fc:84:8a:91:8d:57:ec:65:05:2b:d8:e9:31:5c:
         f0:cb:20:b5:1c:e2:e6:78:50:c9:8b:c1:4a:d9:f4:f1:d2:ca:
         60:c4:6c:ae:c9:fb:32:c4:dc:59:d9:95:84:c4:71:76:b6:89:
         d9:bb:12:cb:1e:74:4a:aa:01:50:1c:73:cf:d5:50:91:d5:06:
         49:f9:7f:eb:b9:81:9f:67:30:db:99:7d:6a:bc:81:4c:e7:7f:
         94:56:02:4a:50:b9:59:5d:4b:11:b5:d3:e0:cb:7e:64:65:5c:
         0b:f3:ce:fd:b6:61:d6:92:72:3b:a6:ea:74:36:11:18:f8:3e:
         4e:0a:0f:73:93:b6:4a:53:43:ec:bd:95:bd:b3:bd:53:ae:8d:
         75:af:68:6a:27:d6:24:36:ca:f4:7e:67:3e:66:0b:70:d0:7b:
         c9:ad:29:e5:f0:6e:6e:91:d7:8e:51:35:5e:47:a2:01:82:cc:
         73:9d:8b:0f:1d:07:71:2d:1d:f2:c7:1b:62:3c:89:97:cd:8c:
         06:54:23:e7
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzGt7dv4eWwuHR0YuIeFZW1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjQwMTAxMjAyOTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDkxMTg5NjliYWQzY2FjZDVlMDhlNWFkOTQzZmE5OTg0OWM1MTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Gu6myHcISzdKEj1OCwsc2O4oYjC
+3M+sLerr0Jrfu8K+dwsUipzpYd89zScFJZDmiR/jUXcPZneACzNLhgaOmQKhfBn
hQP7SUuk5nBho42zxdl6+SNikd6ijsNdigv+9VWAa1+OlhHa5NSNFU0fgRjp1wYr
52InFQcQAnaADjn0gUD1dJHB9N3QPyP+fhcE2t+bZvDFsUxJq7VfhPo08MIkG29D
4aQlf5cFvceO63SdAknOOGRPCz27uea1DFfHXiWtEvpqmsW85+XCrC8Hx8VPIlRM
90iWKWlofFbxq/g74YpE05T3tain0aw7oGEK77lYTy6ANbEJ9OROsKvwTwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFI2RGJabrTys1eCOWtlD+pmEnFEYMB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvalpFWWxwdXRQS3pWNEk1YTJVUDZtWVNjVVJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQALY3EMAwD
BABV0WkDBAJV0WgDBABbv7oDBADVi+QwDQYJKoZIhvcNAQELBQADggEBAGXue2bB
yhNe1HwU0VLNauwrMD4Ofy19z8tJ3KO8rHbk5CESegq5ELgCkNgouF7hgE9MZmUe
k863wi38hIqRjVfsZQUr2OkxXPDLILUc4uZ4UMmLwUrZ9PHSymDEbK7J+zLE3FnZ
lYTEcXa2idm7EssedEqqAVAcc8/VUJHVBkn5f+u5gZ9nMNuZfWq8gUznf5RWAkpQ
uVldSxG10+DLfmRlXAvzzv22YdaScjum6nQ2ERj4Pk4KD3OTtkpTQ+y9lb2zvVOu
jXWvaGon1iQ2yvR+Zz5mC3DQe8mtKeXwbm6R145RNV5HogGCzHOdiw8dB3EtHfLH
G2I8iZfNjAZUI+c=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:00 2024 by rpki-client on console-fra.rpki-client.org