Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/7d64f8-dde2-4a7f-951a-c06c62af9da5/1/JcMBf6HfLTLKS9eVJ_2LiV1tR2w.roa
File:                     JcMBf6HfLTLKS9eVJ_2LiV1tR2w.roa (raw, json)
Hash identifier:          euZo88Vrg0D+Bfq0s7BGQWAaIuvUFd9SCb+IISA7VcM=
Subject key identifier:   25:C3:01:7F:A1:DF:2D:32:CA:4B:D7:95:27:FD:8B:89:5D:6D:47:6C
Certificate issuer:       /CN=ec538cdcaf9f9246497dc7ae45845379fe6a7174
Certificate serial:       01869A68CF2F7F3A0FA86F54F54E09454B32
Authority key identifier: EC:53:8C:DC:AF:9F:92:46:49:7D:C7:AE:45:84:53:79:FE:6A:71:74
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7FOM3K-fkkZJfceuRYRTef5qcXQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8e/7d64f8-dde2-4a7f-951a-c06c62af9da5/1/JcMBf6HfLTLKS9eVJ_2LiV1tR2w.roa
Signing time:             Tue 28 Feb 2023 23:43:25 +0000
ROA not before:           Tue 28 Feb 2023 23:43:25 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     40676
IP address blocks:        92.118.19.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 00:29:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:9a:68:cf:2f:7f:3a:0f:a8:6f:54:f5:4e:09:45:4b:32
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ec538cdcaf9f9246497dc7ae45845379fe6a7174
        Validity
            Not Before: Feb 28 23:43:25 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=25c3017fa1df2d32ca4bd79527fd8b895d6d476c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:a2:86:3a:df:7e:f0:0d:49:b2:1c:ed:7f:7d:
                    c4:8c:e2:93:eb:33:76:c2:a5:1e:01:5d:10:67:d9:
                    f4:f6:12:c7:e8:4e:03:9f:a1:05:07:e9:20:45:50:
                    4e:72:46:cc:2a:14:0d:e5:1e:a9:7f:c6:3d:cd:8e:
                    c8:d6:89:a6:d4:ee:c4:67:e2:5c:08:72:0f:49:a1:
                    ce:e6:54:2e:96:6a:35:93:e1:55:19:db:ca:d6:d7:
                    a8:bd:ae:f3:97:f8:7b:7c:f8:12:32:54:4b:b7:9c:
                    bd:6c:a3:98:9f:51:f2:25:51:62:23:d9:9b:ab:d1:
                    06:54:d2:9f:4e:c8:02:32:4d:63:f5:21:f3:22:79:
                    61:3e:e2:01:40:67:4c:fc:92:08:a7:f5:d9:6a:4c:
                    ca:12:f4:80:de:27:79:47:f4:64:d8:e6:24:2f:18:
                    4f:c4:f3:3e:d2:7f:c7:e2:68:63:5e:0b:94:4a:8e:
                    77:30:ab:4e:c0:07:1c:6d:24:18:90:d1:d4:2c:4c:
                    75:3f:62:e6:7a:61:e3:21:a8:9d:11:94:dd:86:7a:
                    65:6c:f4:7b:8c:80:6b:de:2b:42:e8:b3:4e:f2:c4:
                    86:d5:bc:92:2c:88:ed:04:6b:76:2e:20:ee:a1:3b:
                    5e:df:e4:e9:38:e3:4b:ba:06:90:7d:b0:58:d6:da:
                    63:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:C3:01:7F:A1:DF:2D:32:CA:4B:D7:95:27:FD:8B:89:5D:6D:47:6C
            X509v3 Authority Key Identifier:
                keyid:EC:53:8C:DC:AF:9F:92:46:49:7D:C7:AE:45:84:53:79:FE:6A:71:74

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7FOM3K-fkkZJfceuRYRTef5qcXQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/7d64f8-dde2-4a7f-951a-c06c62af9da5/1/JcMBf6HfLTLKS9eVJ_2LiV1tR2w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/7d64f8-dde2-4a7f-951a-c06c62af9da5/1/7FOM3K-fkkZJfceuRYRTef5qcXQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  92.118.19.0/24

    Signature Algorithm: sha256WithRSAEncryption
         53:d1:9e:a5:95:b1:f4:17:cf:1c:fe:3d:c3:67:2a:ea:fe:48:
         e0:4b:8b:33:6f:99:22:6f:74:05:e1:7b:1e:91:53:9c:a8:46:
         3b:cd:38:8a:15:84:f5:d5:a2:4e:a3:99:c5:08:69:e8:12:85:
         3c:56:e3:e8:e1:e2:be:6a:5d:cc:b3:83:1e:79:4c:1e:e3:6a:
         c1:10:6e:95:98:7c:58:2a:08:e9:ea:77:3f:62:12:84:ba:7e:
         3c:05:a4:33:9b:d4:f4:bb:f6:87:cc:1b:43:06:df:08:c4:ac:
         cb:72:d9:fc:57:b3:85:b5:ca:bf:a1:eb:13:55:97:79:05:c2:
         3a:6e:14:6a:bf:9a:2f:d9:c5:ac:bc:3d:38:2a:10:d1:b5:2c:
         cb:95:65:92:bd:cb:a8:0d:c3:32:4c:b9:6c:81:43:b3:41:54:
         60:89:9e:0f:86:c9:df:0d:d2:f7:59:2d:38:f9:58:67:dc:e0:
         82:1a:65:f3:05:d6:93:d5:75:46:ed:d4:01:33:fb:8c:7f:83:
         f7:ac:29:1b:93:e9:eb:f7:dc:35:4d:8c:30:91:e8:6b:04:bb:
         ab:25:af:c1:6f:d5:b9:46:90:d0:30:54:fb:46:a3:65:9a:90:
         8e:d9:d7:78:5f:4f:0e:a5:c8:38:63:76:6f:f6:dc:fe:58:2e:
         82:ca:55:4f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYaaaM8vfzoPqG9U9U4JRUsyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjNTM4Y2RjYWY5ZjkyNDY0OTdkYzdhZTQ1ODQ1Mzc5ZmU2
YTcxNzQwHhcNMjMwMjI4MjM0MzI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWMzMDE3ZmExZGYyZDMyY2E0YmQ3OTUyN2ZkOGI4OTVkNmQ0NzZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyqKGOt9+8A1Jshztf33EjOKT6zN2
wqUeAV0QZ9n09hLH6E4Dn6EFB+kgRVBOckbMKhQN5R6pf8Y9zY7I1omm1O7EZ+Jc
CHIPSaHO5lQulmo1k+FVGdvK1teova7zl/h7fPgSMlRLt5y9bKOYn1HyJVFiI9mb
q9EGVNKfTsgCMk1j9SHzInlhPuIBQGdM/JIIp/XZakzKEvSA3id5R/Rk2OYkLxhP
xPM+0n/H4mhjXguUSo53MKtOwAccbSQYkNHULEx1P2LmemHjIaidEZTdhnplbPR7
jIBr3itC6LNO8sSG1bySLIjtBGt2LiDuoTte3+TpOONLugaQfbBY1tpjbwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCXDAX+h3y0yykvXlSf9i4ldbUdsMB8GA1UdIwQY
MBaAFOxTjNyvn5JGSX3HrkWEU3n+anF0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0ZPTTNLLWZra1pKZmNldVJZUlRlZjVxY1hRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS83ZDY0ZjgtZGRlMi00YTdmLTk1MWEt
YzA2YzYyYWY5ZGE1LzEvSmNNQmY2SGZMVExLUzllVkpfMkxpVjF0UjJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS83ZDY0ZjgtZGRlMi00YTdmLTk1MWEtYzA2YzYyYWY5ZGE1
LzEvN0ZPTTNLLWZra1pKZmNldVJZUlRlZjVxY1hRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXHYTMA0G
CSqGSIb3DQEBCwUAA4IBAQBT0Z6llbH0F88c/j3DZyrq/kjgS4szb5kib3QF4Xse
kVOcqEY7zTiKFYT11aJOo5nFCGnoEoU8VuPo4eK+al3Ms4MeeUwe42rBEG6VmHxY
Kgjp6nc/YhKEun48BaQzm9T0u/aHzBtDBt8IxKzLctn8V7OFtcq/oesTVZd5BcI6
bhRqv5ov2cWsvD04KhDRtSzLlWWSvcuoDcMyTLlsgUOzQVRgiZ4PhsnfDdL3WS04
+Vhn3OCCGmXzBdaT1XVG7dQBM/uMf4P3rCkbk+nr99w1TYwwkehrBLurJa/Bb9W5
RpDQMFT7RqNlmpCO2dd4X08Opcg4Y3Zv9tz+WC6CylVP
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:20 2024 by rpki-client on console-ams.rpki-client.org