Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/JLU2fLLIAaNyDl-mxQ7om2X7Maw.roa
File:                     JLU2fLLIAaNyDl-mxQ7om2X7Maw.roa (raw, json)
Hash identifier:          74MG81Q3PWV8zxUV+cw+pLl7/Ro9xBSu/fiKa5zr8iE=
Subject key identifier:   24:B5:36:7C:B2:C8:01:A3:72:0E:5F:A6:C5:0E:E8:9B:65:FB:31:AC
Certificate issuer:       /CN=6c03a2caf298019fbd668621516c8c6e1d10e83c
Certificate serial:       018E70A9E0BF94E75EBF7DA8863D7B91DF45
Authority key identifier: 6C:03:A2:CA:F2:98:01:9F:BD:66:86:21:51:6C:8C:6E:1D:10:E8:3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bAOiyvKYAZ-9ZoYhUWyMbh0Q6Dw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/JLU2fLLIAaNyDl-mxQ7om2X7Maw.roa
Signing time:             Sun 24 Mar 2024 13:32:45 +0000
ROA not before:           Sun 24 Mar 2024 13:32:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     207990
IP address blocks:        91.132.114.0/23 maxlen: 32
                          91.199.253.0/24 maxlen: 24
                          103.53.82.0/23 maxlen: 32
                          103.240.180.0/22 maxlen: 32
                          193.19.206.0/24 maxlen: 32
                          193.28.182.0/24 maxlen: 32
                          193.28.191.0/24 maxlen: 32
                          193.28.202.0/24 maxlen: 32
                          193.28.237.0/24 maxlen: 32
                          213.217.10.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 10 May 2024 09:32:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:70:a9:e0:bf:94:e7:5e:bf:7d:a8:86:3d:7b:91:df:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6c03a2caf298019fbd668621516c8c6e1d10e83c
        Validity
            Not Before: Mar 24 13:32:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=24b5367cb2c801a3720e5fa6c50ee89b65fb31ac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:fc:6e:f8:e4:1a:bd:7e:83:fe:6f:e3:21:0a:
                    04:94:3d:8b:fa:3d:29:66:0d:50:c4:35:29:8b:3f:
                    14:72:be:29:06:1e:91:23:8a:6f:77:eb:8a:6c:e2:
                    32:64:98:8c:2c:99:aa:5a:02:9e:ab:7f:4e:81:bb:
                    0d:5e:68:c8:a2:be:07:6c:72:63:73:f8:79:31:2c:
                    04:16:d5:1d:5a:53:96:a4:08:df:dd:ce:07:4b:84:
                    55:57:66:e3:74:1a:b1:b6:c9:32:5d:3b:7d:6e:a8:
                    8b:6c:14:84:3a:e2:8b:9c:eb:c2:45:3f:a7:13:0b:
                    08:0d:cc:33:7d:36:b0:c3:22:d3:0e:47:cf:9e:6e:
                    9c:e2:b1:df:56:79:a3:10:5b:56:a4:c6:0d:62:e9:
                    e5:46:b8:55:8e:e5:41:c1:de:d4:35:07:8a:53:34:
                    a1:2b:30:fc:63:ec:d9:07:7d:09:67:3a:03:fe:33:
                    9c:98:78:62:cd:d5:d7:f1:90:6a:3a:f1:70:3d:28:
                    c0:69:86:1b:e7:da:b4:b2:25:8d:41:4c:a5:36:bc:
                    d5:9c:4a:64:c1:48:6a:d1:00:a2:b2:a8:d4:55:dd:
                    ef:05:82:31:5c:5c:af:60:62:b1:f9:df:84:27:dc:
                    bd:1c:3c:82:bf:f4:6d:fd:31:a6:02:3f:cd:58:08:
                    e7:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:B5:36:7C:B2:C8:01:A3:72:0E:5F:A6:C5:0E:E8:9B:65:FB:31:AC
            X509v3 Authority Key Identifier:
                keyid:6C:03:A2:CA:F2:98:01:9F:BD:66:86:21:51:6C:8C:6E:1D:10:E8:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bAOiyvKYAZ-9ZoYhUWyMbh0Q6Dw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/JLU2fLLIAaNyDl-mxQ7om2X7Maw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/bAOiyvKYAZ-9ZoYhUWyMbh0Q6Dw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.132.114.0/23
                  91.199.253.0/24
                  103.53.82.0/23
                  103.240.180.0/22
                  193.19.206.0/24
                  193.28.182.0/24
                  193.28.191.0/24
                  193.28.202.0/24
                  193.28.237.0/24
                  213.217.10.0/24

    Signature Algorithm: sha256WithRSAEncryption
         74:b8:f2:cb:52:45:f4:80:09:d0:b7:7e:82:28:82:28:bf:11:
         10:33:f6:47:04:c1:67:78:d6:89:3c:a0:5a:c6:cf:d9:79:c9:
         62:f5:15:74:f2:2c:73:be:75:cb:02:fc:b3:5f:45:50:59:e4:
         74:1e:67:b8:ca:e5:5b:fa:7a:d4:64:02:65:d3:99:f3:b2:25:
         cc:ec:c1:b9:d4:7d:de:65:e3:26:c6:f7:c7:d0:0c:25:0b:a0:
         ed:20:bf:fd:68:f9:ab:51:70:9f:51:d8:5b:02:b8:15:6e:e2:
         b0:35:6c:a5:d5:fa:9a:f4:16:2c:55:cd:59:c3:04:03:2f:5c:
         f0:6f:9a:57:62:2f:2c:bf:16:06:54:27:0f:f7:b2:3a:98:67:
         34:78:0a:b1:b4:78:3f:57:00:7d:e1:fb:83:3d:82:d3:6e:32:
         8c:30:db:2f:30:d5:76:23:00:a0:f3:95:55:d2:0b:4c:93:2e:
         e9:f0:ff:7b:20:a6:54:78:31:80:be:d2:8c:58:47:16:41:f8:
         d6:9a:6a:6e:5d:9d:c0:43:37:3f:db:25:2c:73:dc:8f:68:82:
         26:f2:3b:c8:46:15:07:a1:0b:a1:1a:ee:75:af:70:b8:c9:7b:
         4b:90:42:fd:c3:5a:8f:9a:aa:61:e5:ff:b7:7b:f8:b8:f4:78:
         ac:ef:28:02
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAY5wqeC/lOdev32ohj17kd9FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjMDNhMmNhZjI5ODAxOWZiZDY2ODYyMTUxNmM4YzZlMWQx
MGU4M2MwHhcNMjQwMzI0MTMzMjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGI1MzY3Y2IyYzgwMWEzNzIwZTVmYTZjNTBlZTg5YjY1ZmIzMWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhPxu+OQavX6D/m/jIQoElD2L+j0p
Zg1QxDUpiz8Ucr4pBh6RI4pvd+uKbOIyZJiMLJmqWgKeq39OgbsNXmjIor4HbHJj
c/h5MSwEFtUdWlOWpAjf3c4HS4RVV2bjdBqxtskyXTt9bqiLbBSEOuKLnOvCRT+n
EwsIDcwzfTawwyLTDkfPnm6c4rHfVnmjEFtWpMYNYunlRrhVjuVBwd7UNQeKUzSh
KzD8Y+zZB30JZzoD/jOcmHhizdXX8ZBqOvFwPSjAaYYb59q0siWNQUylNrzVnEpk
wUhq0QCisqjUVd3vBYIxXFyvYGKx+d+EJ9y9HDyCv/Rt/TGmAj/NWAjnmQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFCS1NnyyyAGjcg5fpsUO6Jtl+zGsMB8GA1UdIwQY
MBaAFGwDosrymAGfvWaGIVFsjG4dEOg8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkFPaXl2S1lBWi05Wm9ZaFVXeU1iaDBRNkR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8xNmI4ZTQtMTI1My00ZDllLWJkNDkt
ZmMzN2ZiMGNkNDNiLzEvSkxVMmZMTElBYU55RGwtbXhRN29tMlg3TWF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny8xNmI4ZTQtMTI1My00ZDllLWJkNDktZmMzN2ZiMGNkNDNi
LzEvYkFPaXl2S1lBWi05Wm9ZaFVXeU1iaDBRNkR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQBW4RyAwQA
W8f9AwQBZzVSAwQCZ/C0AwQAwRPOAwQAwRy2AwQAwRy/AwQAwRzKAwQAwRztAwQA
1dkKMA0GCSqGSIb3DQEBCwUAA4IBAQB0uPLLUkX0gAnQt36CKIIovxEQM/ZHBMFn
eNaJPKBaxs/Zecli9RV08ixzvnXLAvyzX0VQWeR0Hme4yuVb+nrUZAJl05nzsiXM
7MG51H3eZeMmxvfH0AwlC6DtIL/9aPmrUXCfUdhbArgVbuKwNWyl1fqa9BYsVc1Z
wwQDL1zwb5pXYi8svxYGVCcP97I6mGc0eAqxtHg/VwB94fuDPYLTbjKMMNsvMNV2
IwCg85VV0gtMky7p8P97IKZUeDGAvtKMWEcWQfjWmmpuXZ3AQzc/2yUsc9yPaIIm
8jvIRhUHoQuhGu51r3C4yXtLkEL9w1qPmqph5f+3e/i49His7ygC
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:58 2024 by rpki-client on console-fra.rpki-client.org