Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/jb_Itwp6wKajqFN9cASmqt1qkjo.roa
File:                     jb_Itwp6wKajqFN9cASmqt1qkjo.roa (raw, json)
Hash identifier:          NeIWxD3dwra5c8QOCvqwrgMQScsVnC3+zNPR9EqOXIo=
Subject key identifier:   8D:BF:C8:B7:0A:7A:C0:A6:A3:A8:53:7D:70:04:A6:AA:DD:6A:92:3A
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       0189B5AAE197AEB0F10A0DD1170E14C1E433
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/jb_Itwp6wKajqFN9cASmqt1qkjo.roa
Signing time:             Wed 02 Aug 2023 09:53:41 +0000
ROA not before:           Wed 02 Aug 2023 09:53:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     200482
IP address blocks:        89.213.7.0/24 maxlen: 24
                          89.213.150.0/24 maxlen: 24
                          89.213.163.0/24 maxlen: 24
                          82.153.4.0/24 maxlen: 24
                          89.213.172.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 04 Aug 2023 16:43:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:b5:aa:e1:97:ae:b0:f1:0a:0d:d1:17:0e:14:c1:e4:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Aug  2 09:53:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8dbfc8b70a7ac0a6a3a8537d7004a6aadd6a923a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:8b:6f:86:86:b6:24:d1:48:37:1e:7f:ec:e0:
                    29:cd:82:7f:d2:ce:c3:7f:8c:24:34:bc:75:4f:68:
                    c3:49:be:6f:09:49:93:e3:16:a5:af:c0:c1:aa:79:
                    4b:eb:de:3f:38:2c:5d:c3:08:dd:bd:41:b3:49:04:
                    72:54:81:88:e4:b0:36:29:61:49:08:51:7b:12:be:
                    35:96:1f:d7:0e:ee:c3:47:7d:a2:ba:be:8e:a9:98:
                    36:95:ac:db:f2:9d:d7:02:47:fb:c3:fb:bd:1c:31:
                    61:50:5a:6a:71:be:a2:e5:e8:e1:fb:b4:4d:78:4d:
                    a4:fd:4f:fe:de:1b:eb:6b:85:71:69:db:ba:53:f1:
                    0a:be:2a:38:c0:fa:d0:21:7e:5f:bb:0c:59:f9:5e:
                    69:39:d8:4e:6e:9f:16:46:7d:64:c0:ea:f3:4b:81:
                    5f:03:e7:df:40:37:52:11:7f:f5:8c:94:75:eb:58:
                    46:d3:51:f1:62:df:5f:b1:96:35:01:16:a6:51:85:
                    6a:da:fa:6a:73:00:55:f5:cf:9d:ac:e3:c9:c0:1b:
                    ef:57:8c:68:f6:d6:31:fd:45:a1:7b:ec:23:63:fa:
                    d2:a5:ad:c8:88:f3:be:4c:d3:63:a7:bf:20:95:a0:
                    67:81:6b:fc:63:9e:ca:96:e0:9e:d1:66:ca:8d:fa:
                    d8:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:BF:C8:B7:0A:7A:C0:A6:A3:A8:53:7D:70:04:A6:AA:DD:6A:92:3A
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/jb_Itwp6wKajqFN9cASmqt1qkjo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.4.0/24
                  89.213.7.0/24
                  89.213.150.0/24
                  89.213.163.0/24
                  89.213.172.0/24

    Signature Algorithm: sha256WithRSAEncryption
         35:64:46:1f:22:13:1a:f6:ac:4e:08:42:9f:2b:90:00:2b:26:
         60:12:e1:44:28:73:5b:7c:20:3a:51:3c:38:2d:6b:51:40:b5:
         e3:3d:7e:6c:2b:58:64:5f:fa:3d:a2:c6:5f:ce:99:35:0f:53:
         cd:e2:b6:09:e4:21:d6:d0:5e:1a:f2:30:fb:82:09:73:95:f1:
         77:f7:aa:0f:e3:7d:b8:f9:2f:a9:8c:67:9b:d6:90:b9:b8:34:
         89:e6:ee:31:e6:cb:92:26:6d:86:35:06:a9:b6:1d:d4:a5:24:
         6d:46:6d:cf:df:f8:7c:02:8d:64:73:2b:02:3d:14:8d:5e:3a:
         04:dd:c7:d6:86:30:e1:9d:23:08:8b:f1:44:cc:58:1f:ec:c6:
         6a:16:eb:df:67:fa:13:b9:c8:41:60:7d:fb:c2:a6:0f:ff:2f:
         7a:85:5c:3a:a9:45:8a:64:78:eb:3a:1c:e7:aa:2c:bb:11:55:
         a5:3f:5f:64:22:c7:e7:7e:60:c2:aa:e6:c6:23:62:f3:51:59:
         d6:3e:a0:de:ae:6b:90:01:9d:b3:ae:04:01:5e:b9:8b:82:a6:
         b6:2b:98:c1:80:0a:0c:3e:80:87:a2:ea:48:1c:6a:ab:96:04:
         df:b1:c1:24:9d:d1:77:93:be:fd:3f:82:86:c9:79:12:db:1c:
         d2:0b:1d:24
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYm1quGXrrDxCg3RFw4UweQzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwODAyMDk1MzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGJmYzhiNzBhN2FjMGE2YTNhODUzN2Q3MDA0YTZhYWRkNmE5MjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhYtvhoa2JNFINx5/7OApzYJ/0s7D
f4wkNLx1T2jDSb5vCUmT4xalr8DBqnlL694/OCxdwwjdvUGzSQRyVIGI5LA2KWFJ
CFF7Er41lh/XDu7DR32iur6OqZg2lazb8p3XAkf7w/u9HDFhUFpqcb6i5ejh+7RN
eE2k/U/+3hvra4Vxadu6U/EKvio4wPrQIX5fuwxZ+V5pOdhObp8WRn1kwOrzS4Ff
A+ffQDdSEX/1jJR161hG01HxYt9fsZY1ARamUYVq2vpqcwBV9c+drOPJwBvvV4xo
9tYx/UWhe+wjY/rSpa3IiPO+TNNjp78glaBngWv8Y57KluCe0WbKjfrYywIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFI2/yLcKesCmo6hTfXAEpqrdapI6MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvamJfSXR3cDZ3S2FqcUZOOWNBU21xdDFxa2pvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAUpkEAwQA
WdUHAwQAWdWWAwQAWdWjAwQAWdWsMA0GCSqGSIb3DQEBCwUAA4IBAQA1ZEYfIhMa
9qxOCEKfK5AAKyZgEuFEKHNbfCA6UTw4LWtRQLXjPX5sK1hkX/o9osZfzpk1D1PN
4rYJ5CHW0F4a8jD7gglzlfF396oP4324+S+pjGeb1pC5uDSJ5u4x5suSJm2GNQap
th3UpSRtRm3P3/h8Ao1kcysCPRSNXjoE3cfWhjDhnSMIi/FEzFgf7MZqFuvfZ/oT
uchBYH37wqYP/y96hVw6qUWKZHjrOhznqiy7EVWlP19kIsfnfmDCqubGI2LzUVnW
PqDermuQAZ2zrgQBXrmLgqa2K5jBgAoMPoCHoupIHGqrlgTfscEkndF3k779P4KG
yXkS2xzSCx0k
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:30 2024 by rpki-client on console-ams.rpki-client.org