Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/1c60ac-ba3f-440b-868b-ea12ef9422ec/1/mJ3TFZQMAiGuDP4RWwZK9FvuIEg.roa
File:                     mJ3TFZQMAiGuDP4RWwZK9FvuIEg.roa (raw, json)
Hash identifier:          QXrGkBPcQFSvtQf5CSC3gWf/MnNixyjesnCWtKB9C6Y=
Subject key identifier:   98:9D:D3:15:94:0C:02:21:AE:0C:FE:11:5B:06:4A:F4:5B:EE:20:48
Certificate issuer:       /CN=7222c5ab7db3dd3966192faafe07f3115b0c8ee5
Certificate serial:       018F46E4E3E698D9B733FD0A0959C60901BB
Authority key identifier: 72:22:C5:AB:7D:B3:DD:39:66:19:2F:AA:FE:07:F3:11:5B:0C:8E:E5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ciLFq32z3TlmGS-q_gfzEVsMjuU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6c/1c60ac-ba3f-440b-868b-ea12ef9422ec/1/mJ3TFZQMAiGuDP4RWwZK9FvuIEg.roa
Signing time:             Sun 05 May 2024 03:55:56 +0000
ROA not before:           Sun 05 May 2024 03:55:56 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     49872
IP address blocks:        109.122.192.0/24 maxlen: 24
                          109.122.193.0/24 maxlen: 24
                          109.122.194.0/24 maxlen: 24
                          109.122.195.0/24 maxlen: 24
                          109.122.196.0/24 maxlen: 24
                          109.122.197.0/24 maxlen: 24
                          109.122.198.0/24 maxlen: 24
                          109.122.199.0/24 maxlen: 24
                          109.122.200.0/24 maxlen: 24
                          109.122.201.0/24 maxlen: 24
                          109.122.202.0/24 maxlen: 24
                          109.122.203.0/24 maxlen: 24
                          109.122.204.0/24 maxlen: 24
                          109.122.205.0/24 maxlen: 24
                          109.122.206.0/24 maxlen: 24
                          109.122.207.0/24 maxlen: 24
                          109.122.208.0/24 maxlen: 24
                          109.122.209.0/24 maxlen: 24
                          109.122.210.0/24 maxlen: 24
                          109.122.211.0/24 maxlen: 24
                          109.122.212.0/24 maxlen: 24
                          109.122.213.0/24 maxlen: 24
                          109.122.214.0/24 maxlen: 24
                          109.122.215.0/24 maxlen: 24
                          109.122.216.0/24 maxlen: 24
                          109.122.217.0/24 maxlen: 24
                          109.122.218.0/24 maxlen: 24
                          109.122.219.0/24 maxlen: 24
                          109.122.220.0/24 maxlen: 24
                          109.122.221.0/24 maxlen: 24
                          109.122.222.0/24 maxlen: 24
                          109.122.223.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 05 May 2024 11:11:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:46:e4:e3:e6:98:d9:b7:33:fd:0a:09:59:c6:09:01:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7222c5ab7db3dd3966192faafe07f3115b0c8ee5
        Validity
            Not Before: May  5 03:55:56 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=989dd315940c0221ae0cfe115b064af45bee2048
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:d5:82:bc:01:8b:92:4d:c8:15:cd:a3:a1:d2:
                    e2:41:58:8a:26:08:9b:55:66:4b:b1:4d:4b:ec:5b:
                    00:87:23:93:23:1e:69:3a:d6:54:63:90:43:78:b2:
                    82:d8:7d:0d:0b:0d:5f:c0:3e:13:27:57:ad:9b:dd:
                    e3:a9:9b:e2:e3:8d:f2:d0:f1:d3:94:81:23:be:b1:
                    23:5f:3f:c6:8b:d5:32:af:a1:4c:69:62:92:2e:b2:
                    2c:9d:0c:83:f0:93:53:a7:12:3a:71:b4:94:60:55:
                    3c:17:dc:ac:f7:df:f3:5a:3d:99:1a:83:71:ad:e1:
                    9d:96:a0:58:02:f2:da:81:85:a1:6d:53:04:b6:df:
                    90:c6:7e:fd:26:3b:93:75:b7:45:fd:3d:ec:ec:f6:
                    59:36:f2:ab:07:11:b8:2d:07:80:e5:c0:8e:1b:43:
                    f1:85:f9:52:8b:b6:7f:53:0d:55:5c:c7:b5:db:bd:
                    36:8e:89:c1:53:36:9d:24:da:45:8b:40:b8:b6:bc:
                    96:26:39:a5:d4:0b:59:b7:89:ed:f5:71:69:f5:28:
                    80:96:4b:3b:49:7e:da:ea:f6:13:15:2b:67:ad:40:
                    be:f7:5d:25:9b:5c:11:85:34:b7:c4:63:48:04:ea:
                    c6:29:b3:67:cf:40:2c:27:63:60:61:3b:42:62:0a:
                    fa:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:9D:D3:15:94:0C:02:21:AE:0C:FE:11:5B:06:4A:F4:5B:EE:20:48
            X509v3 Authority Key Identifier:
                keyid:72:22:C5:AB:7D:B3:DD:39:66:19:2F:AA:FE:07:F3:11:5B:0C:8E:E5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ciLFq32z3TlmGS-q_gfzEVsMjuU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/1c60ac-ba3f-440b-868b-ea12ef9422ec/1/mJ3TFZQMAiGuDP4RWwZK9FvuIEg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/1c60ac-ba3f-440b-868b-ea12ef9422ec/1/ciLFq32z3TlmGS-q_gfzEVsMjuU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.122.192.0/19

    Signature Algorithm: sha256WithRSAEncryption
         77:14:ff:15:e6:26:1c:d5:19:9d:62:fd:7c:dd:59:68:1c:c8:
         3f:3c:14:74:6f:f2:e9:f7:7a:de:99:ae:37:e9:7c:57:e3:db:
         b6:b7:13:c3:04:ab:f6:5e:6a:aa:5a:13:a3:3c:74:63:f8:01:
         cd:4f:c6:f6:65:78:b7:8b:04:6f:18:ce:5b:9c:49:ab:dc:62:
         bf:bd:d0:e6:9d:a5:3e:00:99:ce:00:52:8d:a7:32:a3:03:7a:
         b4:87:0d:5c:e8:7f:3e:52:4e:58:97:b5:1a:93:76:03:8b:7c:
         3e:59:73:18:df:89:9e:49:dc:38:85:60:6a:a1:28:42:53:9c:
         a6:5b:b7:67:c0:41:bc:c8:e6:74:08:5e:f7:06:39:1f:68:6a:
         08:75:3b:34:f9:8f:23:fb:ff:64:3a:57:86:e9:d6:91:4c:7b:
         01:c0:03:07:e1:74:38:bd:da:e4:b1:5a:07:18:7d:ae:e7:fc:
         64:fd:0a:f8:c7:95:f4:50:33:e7:3e:7f:7d:be:15:4e:b9:5f:
         d4:ac:0e:58:42:61:bc:28:a6:3e:64:f6:ee:23:56:0c:b9:5d:
         2f:27:9f:6c:28:fe:98:da:fa:41:63:98:05:ff:2b:80:9b:92:
         67:cd:ec:cb:dd:2a:02:78:2f:5f:32:61:ec:7d:59:a2:cf:13:
         98:39:6b:ad
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY9G5OPmmNm3M/0KCVnGCQG7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMjJjNWFiN2RiM2RkMzk2NjE5MmZhYWZlMDdmMzExNWIw
YzhlZTUwHhcNMjQwNTA1MDM1NTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODlkZDMxNTk0MGMwMjIxYWUwY2ZlMTE1YjA2NGFmNDViZWUyMDQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsdWCvAGLkk3IFc2jodLiQViKJgib
VWZLsU1L7FsAhyOTIx5pOtZUY5BDeLKC2H0NCw1fwD4TJ1etm93jqZvi443y0PHT
lIEjvrEjXz/Gi9Uyr6FMaWKSLrIsnQyD8JNTpxI6cbSUYFU8F9ys99/zWj2ZGoNx
reGdlqBYAvLagYWhbVMEtt+Qxn79JjuTdbdF/T3s7PZZNvKrBxG4LQeA5cCOG0Px
hflSi7Z/Uw1VXMe12702jonBUzadJNpFi0C4tryWJjml1AtZt4nt9XFp9SiAlks7
SX7a6vYTFStnrUC+910lm1wRhTS3xGNIBOrGKbNnz0AsJ2NgYTtCYgr6TwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJid0xWUDAIhrgz+EVsGSvRb7iBIMB8GA1UdIwQY
MBaAFHIixat9s905Zhkvqv4H8xFbDI7lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2lMRnEzMnozVGxtR1MtcV9nZnpFVnNNanVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy8xYzYwYWMtYmEzZi00NDBiLTg2OGIt
ZWExMmVmOTQyMmVjLzEvbUozVEZaUU1BaUd1RFA0Uld3Wks5RnZ1SUVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy8xYzYwYWMtYmEzZi00NDBiLTg2OGItZWExMmVmOTQyMmVj
LzEvY2lMRnEzMnozVGxtR1MtcV9nZnpFVnNNanVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFbXrAMA0G
CSqGSIb3DQEBCwUAA4IBAQB3FP8V5iYc1RmdYv183VloHMg/PBR0b/Lp93rema43
6XxX49u2txPDBKv2XmqqWhOjPHRj+AHNT8b2ZXi3iwRvGM5bnEmr3GK/vdDmnaU+
AJnOAFKNpzKjA3q0hw1c6H8+Uk5Yl7Uak3YDi3w+WXMY34meSdw4hWBqoShCU5ym
W7dnwEG8yOZ0CF73BjkfaGoIdTs0+Y8j+/9kOleG6daRTHsBwAMH4XQ4vdrksVoH
GH2u5/xk/Qr4x5X0UDPnPn99vhVOuV/UrA5YQmG8KKY+ZPbuI1YMuV0vJ59sKP6Y
2vpBY5gF/yuAm5JnzezL3SoCeC9fMmHsfVmizxOYOWut
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:27 2024 by rpki-client on console-ams.rpki-client.org