Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/466119-873f-4cfd-91a6-b1e313d79893/1/jrMNmQgyD5HY5KVsYvkpC7P2nMA.roa
File:                     jrMNmQgyD5HY5KVsYvkpC7P2nMA.roa (raw, json)
Hash identifier:          AfDsKDzOrI5mtFmsXDCI8z/Qvlz2Wmmkm59kcpNWyMQ=
Subject key identifier:   8E:B3:0D:99:08:32:0F:91:D8:E4:A5:6C:62:F9:29:0B:B3:F6:9C:C0
Certificate issuer:       /CN=e0afb160a97338ab21114840addc6180a5ba42b1
Certificate serial:       01874BC32AF4E152B2A335ABD71D3DCFC619
Authority key identifier: E0:AF:B1:60:A9:73:38:AB:21:11:48:40:AD:DC:61:80:A5:BA:42:B1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4K-xYKlzOKshEUhArdxhgKW6QrE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6b/466119-873f-4cfd-91a6-b1e313d79893/1/jrMNmQgyD5HY5KVsYvkpC7P2nMA.roa
Signing time:             Tue 04 Apr 2023 10:14:54 +0000
ROA not before:           Tue 04 Apr 2023 10:14:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     203318
IP address blocks:        45.153.84.0/22 maxlen: 24
                          2a05:b000::/32 maxlen: 32

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:29:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:4b:c3:2a:f4:e1:52:b2:a3:35:ab:d7:1d:3d:cf:c6:19
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e0afb160a97338ab21114840addc6180a5ba42b1
        Validity
            Not Before: Apr  4 10:14:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8eb30d9908320f91d8e4a56c62f9290bb3f69cc0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:ce:f9:00:fd:02:ce:19:3e:39:7a:fc:0e:72:
                    ef:51:72:f4:14:4e:e2:4c:95:0c:b2:b5:a0:d1:d7:
                    8e:cb:4b:35:45:b7:21:71:4e:76:33:d3:91:a2:91:
                    a9:88:7a:09:e9:8a:51:f1:44:61:97:93:41:f6:8d:
                    4e:e5:d8:e9:c7:bc:15:1f:2f:fb:0b:cc:b2:b7:fb:
                    d0:68:35:29:53:cd:0b:9c:fc:d6:13:04:d8:a4:ac:
                    a9:0a:76:2c:9d:c9:8f:15:57:09:da:44:8b:92:c8:
                    6f:5c:fa:e4:77:36:1f:67:4a:69:29:8c:dc:c4:a8:
                    50:ce:19:bc:85:05:d2:88:59:21:79:88:10:3a:db:
                    57:d1:e3:06:43:e8:ab:61:6a:77:95:14:08:f2:8d:
                    f8:14:db:1a:49:ef:82:ba:2e:9a:c5:80:fb:55:ea:
                    64:28:5a:dc:62:20:1a:e2:51:ab:ef:15:e6:49:e1:
                    1a:68:ca:bd:fd:66:62:55:aa:d2:fb:53:ee:91:50:
                    64:98:b3:53:17:55:9e:d9:35:0a:8f:2c:ea:14:00:
                    fb:4d:cb:09:67:51:e5:de:ee:da:4b:62:3c:e4:3b:
                    6f:ef:34:c2:0c:7f:3d:45:3c:3e:20:6a:30:40:e8:
                    1d:ea:56:79:fe:cd:2b:88:c5:34:6e:80:6b:88:2e:
                    80:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:B3:0D:99:08:32:0F:91:D8:E4:A5:6C:62:F9:29:0B:B3:F6:9C:C0
            X509v3 Authority Key Identifier:
                keyid:E0:AF:B1:60:A9:73:38:AB:21:11:48:40:AD:DC:61:80:A5:BA:42:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4K-xYKlzOKshEUhArdxhgKW6QrE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/466119-873f-4cfd-91a6-b1e313d79893/1/jrMNmQgyD5HY5KVsYvkpC7P2nMA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/466119-873f-4cfd-91a6-b1e313d79893/1/4K-xYKlzOKshEUhArdxhgKW6QrE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.153.84.0/22
                IPv6:
                  2a05:b000::/32

    Signature Algorithm: sha256WithRSAEncryption
         85:fd:67:4a:09:59:c9:b7:3e:d1:05:33:96:f9:12:16:cb:d6:
         57:72:b6:a3:e0:63:99:47:de:3b:10:fe:50:39:b9:9d:f4:bc:
         09:8f:cb:b6:35:91:06:83:e8:e2:5d:e6:0c:c3:d2:9c:f1:28:
         32:47:1b:73:17:05:32:98:5a:ac:36:c8:63:ee:a4:dc:87:1f:
         85:5c:da:5a:b6:81:c0:71:1c:55:c6:60:54:6c:5f:cf:e6:51:
         5f:db:36:56:5c:18:a0:51:85:22:01:8a:ea:96:e2:65:e0:20:
         b1:8d:02:29:18:58:c3:76:46:cb:ba:11:de:d6:8e:4c:04:7d:
         43:86:eb:6f:22:cb:b7:17:ff:72:87:69:e7:11:56:d9:18:c1:
         6a:0c:f3:25:3b:e4:57:af:e3:7e:e0:d0:13:82:6c:61:6d:a5:
         b9:6b:24:05:16:29:77:08:88:af:bd:ee:4c:74:69:e1:b4:95:
         f7:e4:3f:b7:b4:f1:98:29:92:d9:3d:4a:f3:17:39:57:06:43:
         5b:23:16:e5:b3:d6:5d:c2:6f:9e:fb:21:93:b7:1d:98:ab:bb:
         44:be:26:91:6b:00:9c:8c:b6:72:f5:6d:4d:34:3f:fc:b8:83:
         ed:8a:20:84:82:12:ca:87:c5:8b:df:d8:43:25:e5:b1:6a:c9:
         e0:d9:e4:d9
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYdLwyr04VKyozWr1x09z8YZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwYWZiMTYwYTk3MzM4YWIyMTExNDg0MGFkZGM2MTgwYTVi
YTQyYjEwHhcNMjMwNDA0MTAxNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZWIzMGQ5OTA4MzIwZjkxZDhlNGE1NmM2MmY5MjkwYmIzZjY5Y2MwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuc75AP0Czhk+OXr8DnLvUXL0FE7i
TJUMsrWg0deOy0s1RbchcU52M9ORopGpiHoJ6YpR8URhl5NB9o1O5djpx7wVHy/7
C8yyt/vQaDUpU80LnPzWEwTYpKypCnYsncmPFVcJ2kSLkshvXPrkdzYfZ0ppKYzc
xKhQzhm8hQXSiFkheYgQOttX0eMGQ+irYWp3lRQI8o34FNsaSe+Cui6axYD7Vepk
KFrcYiAa4lGr7xXmSeEaaMq9/WZiVarS+1PukVBkmLNTF1We2TUKjyzqFAD7TcsJ
Z1Hl3u7aS2I85Dtv7zTCDH89RTw+IGowQOgd6lZ5/s0riMU0boBriC6A7QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFI6zDZkIMg+R2OSlbGL5KQuz9pzAMB8GA1UdIwQY
MBaAFOCvsWCpczirIRFIQK3cYYClukKxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEsteFlLbHpPS3NoRVVoQXJkeGhnS1c2UXJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi80NjYxMTktODczZi00Y2ZkLTkxYTYt
YjFlMzEzZDc5ODkzLzEvanJNTm1RZ3lENUhZNUtWc1l2a3BDN1Aybk1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi80NjYxMTktODczZi00Y2ZkLTkxYTYtYjFlMzEzZDc5ODkz
LzEvNEsteFlLbHpPS3NoRVVoQXJkeGhnS1c2UXJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLZlUMA0E
AgACMAcDBQAqBbAAMA0GCSqGSIb3DQEBCwUAA4IBAQCF/WdKCVnJtz7RBTOW+RIW
y9ZXcraj4GOZR947EP5QObmd9LwJj8u2NZEGg+jiXeYMw9Kc8SgyRxtzFwUymFqs
Nshj7qTchx+FXNpatoHAcRxVxmBUbF/P5lFf2zZWXBigUYUiAYrqluJl4CCxjQIp
GFjDdkbLuhHe1o5MBH1DhutvIsu3F/9yh2nnEVbZGMFqDPMlO+RXr+N+4NATgmxh
baW5ayQFFil3CIivve5MdGnhtJX35D+3tPGYKZLZPUrzFzlXBkNbIxbls9Zdwm+e
+yGTtx2Yq7tEviaRawCcjLZy9W1NND/8uIPtiiCEghLKh8WL39hDJeWxasng2eTZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:52 2024 by rpki-client on console-fra.rpki-client.org