Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/JjsKVX4GPuqAScUfLooQNa-rh8k.roa
File:                     JjsKVX4GPuqAScUfLooQNa-rh8k.roa (raw, json)
Hash identifier:          Ws60+0ubjusFXI8ZpNn0b8XLkbxRI/AqdKSKQYb/wCk=
Subject key identifier:   26:3B:0A:55:7E:06:3E:EA:80:49:C5:1F:2E:8A:10:35:AF:AB:87:C9
Certificate issuer:       /CN=9aee15c33de358938d6900a1b3c14480a389e85b
Certificate serial:       018BFADC943E7C2445A04ABE7DC824FA8E93
Authority key identifier: 9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/JjsKVX4GPuqAScUfLooQNa-rh8k.roa
Signing time:             Thu 23 Nov 2023 06:27:21 +0000
ROA not before:           Thu 23 Nov 2023 06:27:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     62240
IP address blocks:        185.111.27.0/24 maxlen: 24
                          185.73.219.0/24 maxlen: 24
                          185.73.218.0/24 maxlen: 24
                          185.110.131.0/24 maxlen: 24
                          185.110.130.0/24 maxlen: 24
                          185.110.129.0/24 maxlen: 24
                          185.110.128.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 23 Dec 2023 12:44:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:fa:dc:94:3e:7c:24:45:a0:4a:be:7d:c8:24:fa:8e:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9aee15c33de358938d6900a1b3c14480a389e85b
        Validity
            Not Before: Nov 23 06:27:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=263b0a557e063eea8049c51f2e8a1035afab87c9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:74:25:be:d4:cd:3e:d7:e7:fc:78:f4:d9:50:
                    b0:02:42:ca:be:7b:00:e7:9e:f1:a8:35:ed:9c:63:
                    6b:0d:24:82:fe:22:62:6f:28:81:48:8b:be:02:19:
                    87:4c:48:e4:60:4d:d1:ae:c6:e6:5e:bb:d9:f5:55:
                    d7:2c:88:3b:a0:12:a3:96:a4:49:b6:13:dc:0a:66:
                    a9:1b:74:92:96:a2:9a:c0:b9:77:37:87:4a:94:e1:
                    20:a2:4c:63:90:88:92:e3:25:6f:5a:0c:6d:68:dd:
                    ae:c9:0f:b0:4a:a2:f1:00:5d:e2:ec:2f:e0:78:e8:
                    2b:89:ee:af:e1:d7:4d:bd:87:a5:08:eb:89:f2:2c:
                    02:6d:34:76:36:2f:95:a6:da:e5:0e:cf:01:a2:55:
                    e8:fe:80:11:23:fa:db:41:2a:db:00:65:7e:2d:f8:
                    5a:92:a4:a1:36:bd:e5:97:f1:bd:04:81:8f:eb:5c:
                    61:fa:92:6d:fb:94:30:1f:85:a7:c0:a7:fb:84:04:
                    8e:7c:7f:be:ee:70:00:8d:c6:5b:39:c2:8d:bc:62:
                    7b:c3:7e:cc:6b:1b:71:7d:04:3b:60:23:9f:b6:16:
                    c1:92:d7:28:91:a2:6a:42:94:a6:a3:c5:72:5d:09:
                    32:9c:22:66:34:9b:42:d1:65:f2:ff:64:d4:2c:9c:
                    1c:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:3B:0A:55:7E:06:3E:EA:80:49:C5:1F:2E:8A:10:35:AF:AB:87:C9
            X509v3 Authority Key Identifier:
                keyid:9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/JjsKVX4GPuqAScUfLooQNa-rh8k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.73.218.0/23
                  185.110.128.0/22
                  185.111.27.0/24

    Signature Algorithm: sha256WithRSAEncryption
         08:99:84:92:11:0b:ec:42:c5:a9:30:88:df:0a:d5:b0:9f:2a:
         65:a3:98:a8:95:b4:bf:fa:74:65:ba:c7:50:60:ee:c4:49:4c:
         e3:a3:e6:0f:7f:59:16:43:4f:69:d5:87:fe:32:5f:70:a7:e7:
         16:df:5e:37:48:be:08:a0:19:a3:04:32:1c:f9:95:b9:b3:59:
         f2:04:9e:47:65:39:40:7c:f7:17:c0:b1:0b:4e:3d:a3:0b:36:
         b4:3d:35:7d:0b:3b:bf:d3:e0:e7:34:b5:93:08:68:08:74:9d:
         4b:a6:37:24:e6:60:c7:5f:fc:29:66:b0:4e:53:20:2d:d8:22:
         b3:41:58:c7:a2:0f:f3:e7:1d:58:dd:62:f7:d1:13:c4:5c:c2:
         1a:a5:11:63:d3:5c:84:a7:6e:ad:e4:81:af:50:c3:9b:5d:e5:
         8c:05:f3:ce:c4:f1:51:e8:2c:96:8f:9a:dd:63:01:f4:4e:43:
         9f:79:7b:7d:12:0c:75:db:64:9f:15:f9:22:8d:69:29:55:cf:
         d3:0b:3c:86:8d:60:86:67:d9:a2:23:9e:d6:4a:4b:e0:e8:1b:
         73:ec:a3:41:2a:6d:9e:47:c5:c4:a2:7b:0a:9d:94:d2:d8:52:
         26:21:73:86:b8:f0:43:35:01:aa:3a:83:78:2c:c6:dc:f4:f2:
         60:c2:2d:f4
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYv63JQ+fCRFoEq+fcgk+o6TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZWUxNWMzM2RlMzU4OTM4ZDY5MDBhMWIzYzE0NDgwYTM4
OWU4NWIwHhcNMjMxMTIzMDYyNzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjNiMGE1NTdlMDYzZWVhODA0OWM1MWYyZThhMTAzNWFmYWI4N2M5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjnQlvtTNPtfn/Hj02VCwAkLKvnsA
557xqDXtnGNrDSSC/iJibyiBSIu+AhmHTEjkYE3RrsbmXrvZ9VXXLIg7oBKjlqRJ
thPcCmapG3SSlqKawLl3N4dKlOEgokxjkIiS4yVvWgxtaN2uyQ+wSqLxAF3i7C/g
eOgrie6v4ddNvYelCOuJ8iwCbTR2Ni+VptrlDs8BolXo/oARI/rbQSrbAGV+Lfha
kqShNr3ll/G9BIGP61xh+pJt+5QwH4WnwKf7hASOfH++7nAAjcZbOcKNvGJ7w37M
axtxfQQ7YCOfthbBktcokaJqQpSmo8VyXQkynCJmNJtC0WXy/2TULJwcTQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCY7ClV+Bj7qgEnFHy6KEDWvq4fJMB8GA1UdIwQY
MBaAFJruFcM941iTjWkAobPBRICjiehbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjIt
NmVlNTM0ZDkyZTUyLzEvSmpzS1ZYNEdQdXFBU2NVZkxvb1FOYS1yaDhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjItNmVlNTM0ZDkyZTUy
LzEvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBuUnaAwQC
uW6AAwQAuW8bMA0GCSqGSIb3DQEBCwUAA4IBAQAImYSSEQvsQsWpMIjfCtWwnypl
o5iolbS/+nRlusdQYO7ESUzjo+YPf1kWQ09p1Yf+Ml9wp+cW3143SL4IoBmjBDIc
+ZW5s1nyBJ5HZTlAfPcXwLELTj2jCza0PTV9Czu/0+DnNLWTCGgIdJ1Lpjck5mDH
X/wpZrBOUyAt2CKzQVjHog/z5x1Y3WL30RPEXMIapRFj01yEp26t5IGvUMObXeWM
BfPOxPFR6CyWj5rdYwH0TkOfeXt9Egx122SfFfkijWkpVc/TCzyGjWCGZ9miI57W
Skvg6Btz7KNBKm2eR8XEonsKnZTS2FImIXOGuPBDNQGqOoN4LMbc9PJgwi30
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:59 2024 by rpki-client on console-fra.rpki-client.org