Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/jRu9H5ZO5p3JDPIIccsAyhlsNMg.roa
File:                     jRu9H5ZO5p3JDPIIccsAyhlsNMg.roa (raw, json)
Hash identifier:          6B117uU5534EcpaF3tfc5RobbgnYjSPOnOz98qCL15k=
Subject key identifier:   8D:1B:BD:1F:96:4E:E6:9D:C9:0C:F2:08:71:CB:00:CA:19:6C:34:C8
Certificate issuer:       /CN=18101772248996b87d90840c2d27d62549458173
Certificate serial:       018876CE00E8FD629D17BCFC47ACF7F748EC
Authority key identifier: 18:10:17:72:24:89:96:B8:7D:90:84:0C:2D:27:D6:25:49:45:81:73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GBAXciSJlrh9kIQMLSfWJUlFgXM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/jRu9H5ZO5p3JDPIIccsAyhlsNMg.roa
Signing time:             Thu 01 Jun 2023 11:53:12 +0000
ROA not before:           Thu 01 Jun 2023 11:53:12 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     52035
IP address blocks:        158.41.24.0/21 maxlen: 24
                          45.146.232.0/22 maxlen: 22
                          45.141.168.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Fri 28 Jul 2023 14:25:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:76:ce:00:e8:fd:62:9d:17:bc:fc:47:ac:f7:f7:48:ec
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18101772248996b87d90840c2d27d62549458173
        Validity
            Not Before: Jun  1 11:53:12 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8d1bbd1f964ee69dc90cf20871cb00ca196c34c8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:c5:e6:ce:0b:be:68:8e:64:8a:34:6e:2d:1d:
                    de:21:e6:2d:aa:96:21:32:80:11:ba:93:ae:9d:f7:
                    25:2c:16:e5:9c:d3:c8:e5:36:a4:28:65:79:25:6c:
                    af:ce:3c:5a:d9:9a:11:e3:72:da:f3:69:60:07:78:
                    35:b3:20:0b:1c:d3:b8:30:1e:cc:ce:18:62:ad:24:
                    0e:69:14:d0:3d:17:5a:d0:91:bd:0f:02:6c:bc:96:
                    77:18:36:1d:d0:fa:86:a8:50:da:44:f5:5f:7b:a6:
                    14:9e:1e:bd:e9:59:49:9d:6d:01:df:9c:16:aa:9b:
                    b8:8f:7e:b6:dd:10:6f:2e:e5:a5:f2:42:eb:a4:ce:
                    0a:96:d8:5d:0c:be:1c:76:84:39:5e:cd:42:a7:0e:
                    f3:90:f8:7a:74:89:f0:cc:fd:dc:ce:d9:55:51:d2:
                    11:be:5b:f2:d1:af:2e:2e:fe:7f:bd:44:83:73:7a:
                    a1:a9:af:b3:92:71:ba:f8:73:de:c6:f2:3a:2e:2c:
                    aa:4f:bd:ea:4e:ca:46:29:13:39:95:75:db:22:fc:
                    2f:4c:fa:6b:d8:16:18:8e:7c:d3:b1:4f:58:56:5e:
                    07:e1:32:2f:6a:4d:9e:75:1f:ce:ed:d7:0f:8b:73:
                    7f:8e:50:45:1f:8f:ab:67:be:94:89:7a:c0:c0:b3:
                    4d:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:1B:BD:1F:96:4E:E6:9D:C9:0C:F2:08:71:CB:00:CA:19:6C:34:C8
            X509v3 Authority Key Identifier:
                keyid:18:10:17:72:24:89:96:B8:7D:90:84:0C:2D:27:D6:25:49:45:81:73

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GBAXciSJlrh9kIQMLSfWJUlFgXM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/jRu9H5ZO5p3JDPIIccsAyhlsNMg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/GBAXciSJlrh9kIQMLSfWJUlFgXM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.141.168.0/22
                  45.146.232.0/22
                  158.41.24.0/21

    Signature Algorithm: sha256WithRSAEncryption
         71:c5:37:48:ea:7b:3a:c5:38:0b:ae:97:c1:71:c7:67:13:d1:
         f9:27:03:a7:40:61:80:dd:f3:27:53:18:ff:cb:cf:e2:ed:5f:
         8a:d3:e3:68:a2:bd:c8:49:75:d0:fe:04:db:fc:9b:48:81:77:
         40:fc:da:ad:12:76:8e:82:01:47:de:e9:6d:1c:6b:18:c5:77:
         69:25:e9:d0:c9:51:8e:cb:59:bb:89:55:e1:ab:18:d9:d5:00:
         65:f2:9d:54:b4:1e:aa:4d:cb:06:88:ce:84:2c:45:fe:af:a3:
         b2:da:0f:be:9c:33:72:6a:6e:f5:18:a5:57:bb:80:99:3f:f2:
         b0:be:f2:72:ad:c8:99:6b:88:7c:c0:3a:1e:e8:2c:7c:4a:c8:
         b7:70:93:64:77:2a:88:6e:1c:c5:1d:7a:25:db:fc:c8:5b:0e:
         b9:56:08:14:4f:05:69:04:91:d0:b9:7c:d5:3a:59:8d:7d:c6:
         fb:a1:cf:d2:2c:4f:5c:62:94:72:a2:f7:f8:5c:68:36:f8:85:
         47:fe:3d:76:b0:b2:79:21:9b:e9:fd:66:bc:ef:cb:80:d8:5b:
         f3:0f:07:f7:36:4b:d3:e4:c9:7a:ba:0d:50:9f:61:48:cd:ec:
         c8:c5:07:55:be:eb:8c:ab:89:6e:19:25:97:6e:d7:cc:5a:d1:
         c2:3e:28:25
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYh2zgDo/WKdF7z8R6z390jsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4MTAxNzcyMjQ4OTk2Yjg3ZDkwODQwYzJkMjdkNjI1NDk0
NTgxNzMwHhcNMjMwNjAxMTE1MzEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDFiYmQxZjk2NGVlNjlkYzkwY2YyMDg3MWNiMDBjYTE5NmMzNGM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkcXmzgu+aI5kijRuLR3eIeYtqpYh
MoARupOunfclLBblnNPI5TakKGV5JWyvzjxa2ZoR43La82lgB3g1syALHNO4MB7M
zhhirSQOaRTQPRda0JG9DwJsvJZ3GDYd0PqGqFDaRPVfe6YUnh696VlJnW0B35wW
qpu4j3623RBvLuWl8kLrpM4KlthdDL4cdoQ5Xs1Cpw7zkPh6dInwzP3cztlVUdIR
vlvy0a8uLv5/vUSDc3qhqa+zknG6+HPexvI6LiyqT73qTspGKRM5lXXbIvwvTPpr
2BYYjnzTsU9YVl4H4TIvak2edR/O7dcPi3N/jlBFH4+rZ76UiXrAwLNNSwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFI0bvR+WTuadyQzyCHHLAMoZbDTIMB8GA1UdIwQY
MBaAFBgQF3IkiZa4fZCEDC0n1iVJRYFzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0JBWGNpU0pscmg5a0lRTUxTZldKVWxGZ1hNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8yMGE1YTUtMGJhMi00MDUyLWJlYjQt
M2NjODVhZDNjMTkwLzEvalJ1OUg1Wk81cDNKRFBJSWNjc0F5aGxzTk1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8yMGE1YTUtMGJhMi00MDUyLWJlYjQtM2NjODVhZDNjMTkw
LzEvR0JBWGNpU0pscmg5a0lRTUxTZldKVWxGZ1hNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLY2oAwQC
LZLoAwQDnikYMA0GCSqGSIb3DQEBCwUAA4IBAQBxxTdI6ns6xTgLrpfBccdnE9H5
JwOnQGGA3fMnUxj/y8/i7V+K0+Noor3ISXXQ/gTb/JtIgXdA/NqtEnaOggFH3ult
HGsYxXdpJenQyVGOy1m7iVXhqxjZ1QBl8p1UtB6qTcsGiM6ELEX+r6Oy2g++nDNy
am71GKVXu4CZP/KwvvJyrciZa4h8wDoe6Cx8Ssi3cJNkdyqIbhzFHXol2/zIWw65
VggUTwVpBJHQuXzVOlmNfcb7oc/SLE9cYpRyovf4XGg2+IVH/j12sLJ5IZvp/Wa8
78uA2FvzDwf3NkvT5Ml6ug1Qn2FIzezIxQdVvuuMq4luGSWXbtfMWtHCPigl
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:59 2024 by rpki-client on console-fra.rpki-client.org