Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/60f9ac-053a-4689-b081-3a3a9f0242b8/1/JmPzsNw_G_MfVLjVmnU9BjNhohc.roa
File:                     JmPzsNw_G_MfVLjVmnU9BjNhohc.roa (raw, json)
Hash identifier:          Go3QgcZ3CkzRk5gVPuwCMlN2X1lUIsNKs17HYa871M4=
Subject key identifier:   26:63:F3:B0:DC:3F:1B:F3:1F:54:B8:D5:9A:75:3D:06:33:61:A2:17
Certificate issuer:       /CN=529ca5a6e5d67421f3f2cd21138cb70704850955
Certificate serial:       01856FDDD84E03C405A713F7C90B6B60245E
Authority key identifier: 52:9C:A5:A6:E5:D6:74:21:F3:F2:CD:21:13:8C:B7:07:04:85:09:55
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UpylpuXWdCHz8s0hE4y3BwSFCVU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a4/60f9ac-053a-4689-b081-3a3a9f0242b8/1/JmPzsNw_G_MfVLjVmnU9BjNhohc.roa
Signing time:             Mon 02 Jan 2023 00:24:47 +0000
ROA not before:           Mon 02 Jan 2023 00:24:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     205385
IP address blocks:        185.220.51.0/24 maxlen: 24
                          185.220.48.0/22 maxlen: 24
                          2a0b:eec0::/32 maxlen: 32

Validation:               Failed, certificate revoked on Wed 01 Nov 2023 09:04:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:dd:d8:4e:03:c4:05:a7:13:f7:c9:0b:6b:60:24:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=529ca5a6e5d67421f3f2cd21138cb70704850955
        Validity
            Not Before: Jan  2 00:24:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2663f3b0dc3f1bf31f54b8d59a753d063361a217
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:d9:e7:f8:91:f2:e4:56:3d:6b:45:21:3b:c4:
                    34:1d:06:d3:e1:8c:7a:89:60:9f:d4:5b:bf:11:22:
                    4f:cc:77:bf:6a:25:7c:89:dc:3e:2d:7a:bb:83:8b:
                    30:32:80:70:e4:a4:bc:21:c2:66:69:cf:63:5b:eb:
                    2f:d6:cc:3e:50:0f:3a:ae:88:db:ec:0f:54:21:73:
                    16:e8:7a:84:44:b2:62:c8:1e:d6:97:6a:50:6a:a3:
                    4b:94:83:1e:a8:25:95:9d:51:55:66:00:86:d2:af:
                    cc:94:40:c0:83:c1:f2:8e:30:63:7d:ca:8a:cf:5a:
                    0a:ea:c8:e1:58:3e:ac:9d:f9:aa:ab:6f:1a:b7:3f:
                    fa:02:de:cb:81:d1:e2:7c:1f:09:df:a7:b5:66:63:
                    91:28:dd:8b:4a:0c:f8:64:97:a1:be:1c:bb:89:8d:
                    4e:bd:db:d2:cb:31:f3:8b:0e:1f:20:0a:1c:dc:63:
                    a7:18:00:ac:6d:60:16:24:c8:c6:e3:39:11:d0:28:
                    cc:a0:40:08:6e:84:1a:92:3b:8b:f8:24:9b:85:99:
                    03:0d:6f:f4:ea:5f:9e:2c:ab:25:7f:6b:8b:a7:4d:
                    94:81:fc:45:86:0f:8e:6b:f6:48:0e:ac:5d:43:1e:
                    e5:fe:85:96:ec:ad:9c:48:24:c0:70:cd:9d:c3:15:
                    31:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:63:F3:B0:DC:3F:1B:F3:1F:54:B8:D5:9A:75:3D:06:33:61:A2:17
            X509v3 Authority Key Identifier:
                keyid:52:9C:A5:A6:E5:D6:74:21:F3:F2:CD:21:13:8C:B7:07:04:85:09:55

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UpylpuXWdCHz8s0hE4y3BwSFCVU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/60f9ac-053a-4689-b081-3a3a9f0242b8/1/JmPzsNw_G_MfVLjVmnU9BjNhohc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/60f9ac-053a-4689-b081-3a3a9f0242b8/1/UpylpuXWdCHz8s0hE4y3BwSFCVU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.220.48.0/22
                IPv6:
                  2a0b:eec0::/32

    Signature Algorithm: sha256WithRSAEncryption
         61:d6:7a:71:e5:db:9b:da:eb:a3:32:40:a1:07:33:26:1e:7c:
         4b:9b:a7:ea:3f:2c:7b:51:24:b8:06:f6:96:43:7b:a7:4f:9c:
         e0:80:2a:cd:2b:5f:ce:f3:01:b2:94:b6:5d:eb:09:ea:b4:5b:
         28:a7:05:92:c9:0e:76:41:da:ce:14:cd:f5:be:27:07:2e:b2:
         cf:46:f7:ec:72:76:e8:28:00:5d:f4:6a:ff:cf:50:3b:a1:36:
         36:92:c0:f1:6c:56:e0:fc:0f:1b:b9:1d:32:95:e7:17:bb:63:
         b9:79:64:fa:1e:95:ff:a4:de:2e:12:45:8c:94:5b:1e:08:e5:
         57:56:36:2f:72:c0:29:4c:5b:26:56:39:9a:4c:0f:f7:81:59:
         3a:5f:9c:48:e0:8e:c2:90:c8:97:54:ec:91:87:85:4e:3c:28:
         65:4a:b5:0d:d5:00:9f:65:a4:8b:42:32:2e:b7:c3:ff:3e:b9:
         c1:c4:39:c6:5d:b8:00:74:e4:25:41:9b:c4:63:54:30:35:8b:
         7f:e4:51:39:58:ad:b1:9c:c5:cd:74:68:15:e9:17:30:6c:ed:
         14:80:e1:c8:ea:5c:90:d7:9d:4d:f0:86:39:4e:ac:c1:d1:91:
         36:a5:94:73:1b:3b:55:02:da:db:fc:66:64:0a:7f:86:3c:a3:
         81:fb:97:72
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVv3dhOA8QFpxP3yQtrYCReMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyOWNhNWE2ZTVkNjc0MjFmM2YyY2QyMTEzOGNiNzA3MDQ4
NTA5NTUwHhcNMjMwMTAyMDAyNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjYzZjNiMGRjM2YxYmYzMWY1NGI4ZDU5YTc1M2QwNjMzNjFhMjE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk9nn+JHy5FY9a0UhO8Q0HQbT4Yx6
iWCf1Fu/ESJPzHe/aiV8idw+LXq7g4swMoBw5KS8IcJmac9jW+sv1sw+UA86rojb
7A9UIXMW6HqERLJiyB7Wl2pQaqNLlIMeqCWVnVFVZgCG0q/MlEDAg8HyjjBjfcqK
z1oK6sjhWD6snfmqq28atz/6At7LgdHifB8J36e1ZmORKN2LSgz4ZJehvhy7iY1O
vdvSyzHziw4fIAoc3GOnGACsbWAWJMjG4zkR0CjMoEAIboQakjuL+CSbhZkDDW/0
6l+eLKslf2uLp02UgfxFhg+Oa/ZIDqxdQx7l/oWW7K2cSCTAcM2dwxUxMwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCZj87DcPxvzH1S41Zp1PQYzYaIXMB8GA1UdIwQY
MBaAFFKcpabl1nQh8/LNIROMtwcEhQlVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXB5bHB1WFdkQ0h6OHMwaEU0eTNCd1NGQ1ZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC82MGY5YWMtMDUzYS00Njg5LWIwODEt
M2EzYTlmMDI0MmI4LzEvSm1QenNOd19HX01mVkxqVm1uVTlCak5ob2hjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC82MGY5YWMtMDUzYS00Njg5LWIwODEtM2EzYTlmMDI0MmI4
LzEvVXB5bHB1WFdkQ0h6OHMwaEU0eTNCd1NGQ1ZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCudwwMA0E
AgACMAcDBQAqC+7AMA0GCSqGSIb3DQEBCwUAA4IBAQBh1npx5dub2uujMkChBzMm
HnxLm6fqPyx7USS4BvaWQ3unT5zggCrNK1/O8wGylLZd6wnqtFsopwWSyQ52QdrO
FM31vicHLrLPRvfscnboKABd9Gr/z1A7oTY2ksDxbFbg/A8buR0ylecXu2O5eWT6
HpX/pN4uEkWMlFseCOVXVjYvcsApTFsmVjmaTA/3gVk6X5xI4I7CkMiXVOyRh4VO
PChlSrUN1QCfZaSLQjIut8P/PrnBxDnGXbgAdOQlQZvEY1QwNYt/5FE5WK2xnMXN
dGgV6RcwbO0UgOHI6lyQ151N8IY5TqzB0ZE2pZRzGztVAtrb/GZkCn+GPKOB+5dy
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:27 2024 by rpki-client on console-ams.rpki-client.org