Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/JOS-ABUzlzS5EoyTDJWoEHmr8yE.roa
File:                     JOS-ABUzlzS5EoyTDJWoEHmr8yE.roa (raw, json)
Hash identifier:          KRxkTcM9fdBkjZ9B5fGInmPh3+Zwi+OcPPYbzEaMhM0=
Subject key identifier:   24:E4:BE:00:15:33:97:34:B9:12:8C:93:0C:95:A8:10:79:AB:F3:21
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       01888A93F59E09FA8953B0D0BBAEDA26E1F1
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/JOS-ABUzlzS5EoyTDJWoEHmr8yE.roa
Signing time:             Mon 05 Jun 2023 08:02:12 +0000
ROA not before:           Mon 05 Jun 2023 08:02:12 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     397563
IP address blocks:        82.153.223.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 20 Jun 2023 08:53:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:8a:93:f5:9e:09:fa:89:53:b0:d0:bb:ae:da:26:e1:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jun  5 08:02:12 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=24e4be0015339734b9128c930c95a81079abf321
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:ff:3f:95:9b:f7:42:3e:8d:5a:6c:8c:82:d5:
                    96:e0:a9:57:17:5f:4f:42:ca:43:ce:7b:56:f3:c5:
                    13:dd:a6:31:62:d4:ad:a9:20:83:9b:06:b3:5e:1f:
                    7e:b9:26:4d:af:b1:e2:60:de:1e:52:af:af:5f:0a:
                    21:22:47:8e:32:f4:b6:1e:ef:ca:38:ff:5a:1f:5b:
                    3e:da:7e:55:09:f1:2b:be:e0:7c:88:d7:ed:6a:f1:
                    e9:6c:09:73:e8:b5:e6:b5:80:1b:48:23:db:ce:d4:
                    31:85:13:4d:7e:c2:f3:c3:6d:13:06:df:7f:b9:e1:
                    b4:e0:93:0b:48:b2:5d:fe:9a:bd:4f:0d:b2:f0:ab:
                    a2:48:13:15:84:2a:01:a1:07:32:6e:bb:f8:ee:9a:
                    98:30:dc:4a:7a:79:5e:cb:69:85:9b:bb:74:35:f7:
                    85:54:02:66:f3:e3:8d:34:b4:7f:87:b0:9f:d5:ba:
                    81:29:b6:b3:38:88:d1:55:5a:0a:88:8e:31:a8:11:
                    3e:73:1e:bf:e7:4d:c2:83:49:3f:9c:9c:3b:b8:33:
                    8f:b4:a6:2c:cc:b0:cc:16:b0:db:fa:eb:d7:48:ac:
                    9e:6a:ce:a4:8f:fb:29:83:dc:bf:13:99:09:3d:d1:
                    3d:e0:71:48:6a:be:46:db:d6:95:f7:de:61:1d:2a:
                    cd:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:E4:BE:00:15:33:97:34:B9:12:8C:93:0C:95:A8:10:79:AB:F3:21
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/JOS-ABUzlzS5EoyTDJWoEHmr8yE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.223.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9c:32:2a:cb:bd:ba:0e:e6:5d:54:7d:33:58:e4:8d:03:68:5b:
         a4:f2:cb:f3:96:da:9a:43:2b:12:cd:80:72:ec:40:00:4a:ba:
         02:94:8d:2e:2d:f3:4a:6a:7a:76:db:25:21:f8:1d:50:0e:37:
         65:db:14:a7:65:25:18:61:d9:ef:59:81:36:af:71:80:9a:20:
         cd:09:c5:13:c4:82:2f:8f:7a:c9:e7:2f:56:70:65:4e:e1:c8:
         04:db:3b:31:47:41:e3:fe:2e:36:3d:c4:44:13:53:0f:59:7a:
         31:ef:ae:b6:40:65:15:e3:b9:2a:c5:b6:de:86:fb:2f:e6:8f:
         72:ee:fa:29:f5:ec:20:e7:d0:e5:fd:a3:04:ec:ac:4f:00:bf:
         ef:c1:5e:3f:60:a8:2f:96:eb:c4:78:59:1e:6b:18:81:ba:47:
         51:87:fa:bf:06:5e:54:5f:cd:ba:89:21:0e:4a:67:88:57:fa:
         42:be:1e:43:bd:cc:97:3f:81:55:9a:0b:50:cb:db:d7:79:9e:
         a3:4b:99:3c:12:42:88:97:58:0c:16:7c:c1:e7:ef:9f:7c:4b:
         b2:0e:55:4e:52:a5:08:f3:d2:30:6b:7b:1e:da:cc:8e:c2:17:
         c1:de:6a:bf:f8:5f:9c:26:9b:8f:a3:df:53:f1:41:42:6b:22:
         8e:7f:35:a6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYiKk/WeCfqJU7DQu67aJuHxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNjA1MDgwMjEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGU0YmUwMDE1MzM5NzM0YjkxMjhjOTMwYzk1YTgxMDc5YWJmMzIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuv8/lZv3Qj6NWmyMgtWW4KlXF19P
QspDzntW88UT3aYxYtStqSCDmwazXh9+uSZNr7HiYN4eUq+vXwohIkeOMvS2Hu/K
OP9aH1s+2n5VCfErvuB8iNftavHpbAlz6LXmtYAbSCPbztQxhRNNfsLzw20TBt9/
ueG04JMLSLJd/pq9Tw2y8KuiSBMVhCoBoQcybrv47pqYMNxKenley2mFm7t0NfeF
VAJm8+ONNLR/h7Cf1bqBKbazOIjRVVoKiI4xqBE+cx6/503Cg0k/nJw7uDOPtKYs
zLDMFrDb+uvXSKyeas6kj/spg9y/E5kJPdE94HFIar5G29aV995hHSrNbwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCTkvgAVM5c0uRKMkwyVqBB5q/MhMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvSk9TLUFCVXpselM1RW95VERKV29FSG1yOHlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpnfMA0G
CSqGSIb3DQEBCwUAA4IBAQCcMirLvboO5l1UfTNY5I0DaFuk8svzltqaQysSzYBy
7EAASroClI0uLfNKanp22yUh+B1QDjdl2xSnZSUYYdnvWYE2r3GAmiDNCcUTxIIv
j3rJ5y9WcGVO4cgE2zsxR0Hj/i42PcREE1MPWXox7662QGUV47kqxbbehvsv5o9y
7vop9ewg59Dl/aME7KxPAL/vwV4/YKgvluvEeFkeaxiBukdRh/q/Bl5UX826iSEO
SmeIV/pCvh5DvcyXP4FVmgtQy9vXeZ6jS5k8EkKIl1gMFnzB5++ffEuyDlVOUqUI
89Iwa3se2syOwhfB3mq/+F+cJpuPo99T8UFCayKOfzWm
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:22 2024 by rpki-client on console-ams.rpki-client.org