Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/jqOmLImlXylbOgC6yMYxB7ci3bc.roa
File:                     jqOmLImlXylbOgC6yMYxB7ci3bc.roa (raw, json)
Hash identifier:          oCiOegL/SXfaHctTWlDnCYuDYiwTPHC8dw8tU7eQvZI=
Subject key identifier:   8E:A3:A6:2C:89:A5:5F:29:5B:3A:00:BA:C8:C6:31:07:B7:22:DD:B7
Certificate issuer:       /CN=18101772248996b87d90840c2d27d62549458173
Certificate serial:       018CC348F47282B137B77178125F19531D19
Authority key identifier: 18:10:17:72:24:89:96:B8:7D:90:84:0C:2D:27:D6:25:49:45:81:73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GBAXciSJlrh9kIQMLSfWJUlFgXM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/jqOmLImlXylbOgC6yMYxB7ci3bc.roa
Signing time:             Mon 01 Jan 2024 04:29:47 +0000
ROA not before:           Mon 01 Jan 2024 04:29:47 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     398465
IP address blocks:        188.64.108.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Mon 22 Jan 2024 07:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:48:f4:72:82:b1:37:b7:71:78:12:5f:19:53:1d:19
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18101772248996b87d90840c2d27d62549458173
        Validity
            Not Before: Jan  1 04:29:47 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=8ea3a62c89a55f295b3a00bac8c63107b722ddb7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:87:ae:bd:82:f7:4b:f1:3c:54:b1:79:1a:ec:
                    40:a8:eb:be:d3:38:99:38:80:6a:7c:b7:2a:04:8e:
                    89:e8:22:22:6c:27:18:3d:ae:aa:14:7f:75:bd:df:
                    93:b4:8f:a8:db:bb:a9:fc:31:af:74:ec:70:a3:6f:
                    88:70:5a:7d:34:35:5b:73:5b:37:09:57:18:8b:90:
                    8c:c1:40:60:80:69:2f:ec:d7:9d:d7:94:8d:1d:56:
                    1d:e2:b5:fd:4d:ab:ce:85:2a:1f:45:15:d9:1b:92:
                    67:af:21:8d:7f:ea:77:19:5e:b4:b9:c9:d8:52:35:
                    e4:00:74:64:a2:1f:e2:8f:2f:bd:82:37:be:8b:35:
                    56:12:89:2b:fc:a4:0a:e2:f7:d0:75:3c:f5:2a:c8:
                    ad:e2:8f:b1:2a:b2:95:70:82:2b:c7:dc:6c:7e:2c:
                    c4:76:a4:f5:73:d0:a0:22:ea:b6:db:10:97:30:6d:
                    e2:0f:b7:20:62:db:37:cc:6f:2c:44:94:2d:5e:a6:
                    2e:22:b6:49:58:2e:d4:dc:ec:22:96:5e:e4:ac:aa:
                    c1:93:30:40:7d:68:96:4e:1a:fb:8e:ab:7c:d0:83:
                    58:4b:69:fd:77:a1:49:64:63:a3:49:22:c4:73:db:
                    77:c2:c6:c6:68:2f:8b:cb:03:4a:b9:d3:63:ee:18:
                    23:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:A3:A6:2C:89:A5:5F:29:5B:3A:00:BA:C8:C6:31:07:B7:22:DD:B7
            X509v3 Authority Key Identifier:
                keyid:18:10:17:72:24:89:96:B8:7D:90:84:0C:2D:27:D6:25:49:45:81:73

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GBAXciSJlrh9kIQMLSfWJUlFgXM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/jqOmLImlXylbOgC6yMYxB7ci3bc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/GBAXciSJlrh9kIQMLSfWJUlFgXM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.64.108.0/22

    Signature Algorithm: sha256WithRSAEncryption
         7e:ae:a4:43:8c:c9:f6:72:8b:09:a9:6d:a3:36:24:7b:52:c3:
         5b:ab:70:19:fb:af:a5:e1:72:aa:84:cc:49:a9:ab:fc:16:e0:
         89:18:4a:8d:55:31:47:6c:d4:a1:d2:05:7a:78:d7:a6:23:4a:
         68:e6:8d:33:09:9f:86:ff:68:11:34:57:f5:07:ff:87:b7:85:
         10:0e:74:ba:a5:88:77:85:02:6f:5a:4a:1c:80:31:e7:83:11:
         db:96:24:3c:ae:0a:16:ce:c7:22:bc:3a:0d:82:f9:d2:94:fb:
         31:58:3f:98:ef:78:19:b4:c5:ce:9d:a3:57:25:5b:8b:54:05:
         e5:0b:30:52:1a:16:e1:d7:48:83:b3:b9:03:72:09:01:54:0a:
         02:37:af:be:ee:75:0b:80:80:17:31:33:87:ef:69:18:94:a3:
         47:b5:38:d8:3a:77:0b:2d:0d:41:31:d6:bb:62:78:6b:9c:ca:
         2c:cb:ed:f1:3e:5f:5b:46:fd:43:9d:6f:3a:48:a7:ee:06:bd:
         ef:e4:e6:ea:8c:50:a2:71:79:d7:65:0e:a8:50:a3:11:0a:61:
         cf:98:eb:07:5b:97:4f:84:2a:0b:30:15:97:04:80:6b:88:fa:
         b2:a3:2b:98:25:2a:69:6c:22:2e:cf:35:14:9f:d5:c8:ce:c3:
         fe:d2:fd:e9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSPRygrE3t3F4El8ZUx0ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4MTAxNzcyMjQ4OTk2Yjg3ZDkwODQwYzJkMjdkNjI1NDk0
NTgxNzMwHhcNMjQwMTAxMDQyOTQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZWEzYTYyYzg5YTU1ZjI5NWIzYTAwYmFjOGM2MzEwN2I3MjJkZGI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl4euvYL3S/E8VLF5GuxAqOu+0ziZ
OIBqfLcqBI6J6CIibCcYPa6qFH91vd+TtI+o27up/DGvdOxwo2+IcFp9NDVbc1s3
CVcYi5CMwUBggGkv7Ned15SNHVYd4rX9TavOhSofRRXZG5JnryGNf+p3GV60ucnY
UjXkAHRkoh/ijy+9gje+izVWEokr/KQK4vfQdTz1Ksit4o+xKrKVcIIrx9xsfizE
dqT1c9CgIuq22xCXMG3iD7cgYts3zG8sRJQtXqYuIrZJWC7U3Owill7krKrBkzBA
fWiWThr7jqt80INYS2n9d6FJZGOjSSLEc9t3wsbGaC+LywNKudNj7hgjewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI6jpiyJpV8pWzoAusjGMQe3It23MB8GA1UdIwQY
MBaAFBgQF3IkiZa4fZCEDC0n1iVJRYFzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0JBWGNpU0pscmg5a0lRTUxTZldKVWxGZ1hNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8yMGE1YTUtMGJhMi00MDUyLWJlYjQt
M2NjODVhZDNjMTkwLzEvanFPbUxJbWxYeWxiT2dDNnlNWXhCN2NpM2JjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8yMGE1YTUtMGJhMi00MDUyLWJlYjQtM2NjODVhZDNjMTkw
LzEvR0JBWGNpU0pscmg5a0lRTUxTZldKVWxGZ1hNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCvEBsMA0G
CSqGSIb3DQEBCwUAA4IBAQB+rqRDjMn2cosJqW2jNiR7UsNbq3AZ+6+l4XKqhMxJ
qav8FuCJGEqNVTFHbNSh0gV6eNemI0po5o0zCZ+G/2gRNFf1B/+Ht4UQDnS6pYh3
hQJvWkocgDHngxHbliQ8rgoWzscivDoNgvnSlPsxWD+Y73gZtMXOnaNXJVuLVAXl
CzBSGhbh10iDs7kDcgkBVAoCN6++7nULgIAXMTOH72kYlKNHtTjYOncLLQ1BMda7
YnhrnMosy+3xPl9bRv1DnW86SKfuBr3v5ObqjFCicXnXZQ6oUKMRCmHPmOsHW5dP
hCoLMBWXBIBriPqyoyuYJSppbCIuzzUUn9XIzsP+0v3p
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:59 2024 by rpki-client on console-fra.rpki-client.org