Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/JPp08pB3bcVphenYmjpH35_K7IY.roa
File:                     JPp08pB3bcVphenYmjpH35_K7IY.roa (raw, json)
Hash identifier:          FYbeqnGW6ynU3E4PtGp4hUMPiGNPf6iWtkM6URCcSkU=
Subject key identifier:   24:FA:74:F2:90:77:6D:C5:69:85:E9:D8:9A:3A:47:DF:9F:CA:EC:86
Certificate issuer:       /CN=c66d9d50b3b89d51c8aa2493e7ef4701d6251dad
Certificate serial:       018CC9BC73543F4F7F85279F089278E0EE3E
Authority key identifier: C6:6D:9D:50:B3:B8:9D:51:C8:AA:24:93:E7:EF:47:01:D6:25:1D:AD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xm2dULO4nVHIqiST5-9HAdYlHa0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/JPp08pB3bcVphenYmjpH35_K7IY.roa
Signing time:             Tue 02 Jan 2024 10:33:39 +0000
ROA not before:           Tue 02 Jan 2024 10:33:39 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     212042
IP address blocks:        5.181.201.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 10 May 2024 15:35:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c9:bc:73:54:3f:4f:7f:85:27:9f:08:92:78:e0:ee:3e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c66d9d50b3b89d51c8aa2493e7ef4701d6251dad
        Validity
            Not Before: Jan  2 10:33:39 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=24fa74f290776dc56985e9d89a3a47df9fcaec86
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:1b:59:df:4b:2e:58:ef:63:64:99:b6:84:aa:
                    10:d9:65:22:c0:71:df:e8:74:da:16:39:d7:8e:2a:
                    c4:76:52:a8:0c:4a:2b:b2:0d:6c:57:9f:20:51:21:
                    82:e8:92:6a:4c:be:f8:e0:eb:d1:5f:80:47:1e:33:
                    33:17:f4:26:4a:ed:0a:3e:e6:83:46:c8:3e:9a:e9:
                    dd:14:1d:ee:8f:99:e3:4c:1b:14:a3:b2:6a:ed:5c:
                    01:dc:18:2f:08:10:95:72:64:1e:34:ce:47:5d:dd:
                    f6:e0:94:cb:b3:77:80:90:b4:fc:7c:a3:46:fe:13:
                    f8:b9:a4:1f:77:3c:81:83:f9:d6:93:4e:17:2e:d0:
                    52:68:59:42:92:c2:2c:cb:f0:6b:f8:3f:d1:19:10:
                    ed:22:5c:3e:69:30:ec:34:1e:1f:b5:66:51:e8:ea:
                    f5:d8:ca:96:0e:df:a7:82:b6:ee:a8:9e:00:74:33:
                    c3:5b:69:62:0a:3e:2d:ef:5c:56:f8:e1:6b:93:99:
                    58:2d:c8:ce:c4:d1:1a:41:05:cd:79:9a:35:bd:bb:
                    4d:20:aa:c2:f9:d6:88:8a:3a:49:a8:d9:be:ee:88:
                    47:da:7d:04:8b:5c:52:41:15:82:80:80:77:84:fa:
                    ef:d1:52:ec:4d:ca:00:95:e8:f2:cc:96:9c:ce:46:
                    6c:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:FA:74:F2:90:77:6D:C5:69:85:E9:D8:9A:3A:47:DF:9F:CA:EC:86
            X509v3 Authority Key Identifier:
                keyid:C6:6D:9D:50:B3:B8:9D:51:C8:AA:24:93:E7:EF:47:01:D6:25:1D:AD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xm2dULO4nVHIqiST5-9HAdYlHa0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/JPp08pB3bcVphenYmjpH35_K7IY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/xm2dULO4nVHIqiST5-9HAdYlHa0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.181.201.0/24

    Signature Algorithm: sha256WithRSAEncryption
         86:17:e6:e6:bb:40:92:14:1e:ca:eb:1f:26:bc:6f:26:28:2e:
         51:6e:ef:dd:a9:ee:c3:5c:a2:a7:89:f5:5d:45:16:4f:a5:14:
         0f:2b:7e:8f:89:8f:74:2d:2d:ef:ca:a5:84:3e:95:42:ad:3a:
         a4:70:d5:a4:d7:bd:be:24:79:e1:4f:dd:86:d9:26:bf:b3:01:
         37:71:6a:dd:68:92:02:28:20:3e:fe:9b:ab:9a:51:ec:02:fa:
         e0:2d:db:1e:b0:49:c2:60:0a:a5:3f:46:de:43:54:27:52:14:
         a7:36:2a:8b:ba:79:11:af:bf:81:47:89:b7:04:25:30:14:ca:
         c3:80:3d:01:f6:a3:64:cc:a0:e6:40:cb:e5:a2:91:4b:82:e8:
         c8:4c:e8:ff:62:f0:8e:2d:59:18:1d:32:ee:f7:f3:9c:0e:69:
         4c:6e:3c:36:f6:ab:a4:7b:8b:61:4d:5c:15:d0:15:31:b5:c2:
         97:96:34:7f:7f:14:9f:eb:75:eb:96:5a:10:72:f8:5d:cd:4e:
         81:79:42:6f:6b:cf:ec:46:c7:c4:59:de:ad:a6:13:71:39:e5:
         24:05:2a:5f:4d:27:4c:26:aa:8f:1e:ea:2d:15:08:92:5c:b3:
         d4:eb:2d:c2:ee:04:ed:79:12:4d:fb:b8:91:91:eb:f3:74:84:
         b7:44:44:54
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJvHNUP09/hSefCJJ44O4+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NmQ5ZDUwYjNiODlkNTFjOGFhMjQ5M2U3ZWY0NzAxZDYy
NTFkYWQwHhcNMjQwMTAyMTAzMzM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGZhNzRmMjkwNzc2ZGM1Njk4NWU5ZDg5YTNhNDdkZjlmY2FlYzg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArhtZ30suWO9jZJm2hKoQ2WUiwHHf
6HTaFjnXjirEdlKoDEorsg1sV58gUSGC6JJqTL744OvRX4BHHjMzF/QmSu0KPuaD
Rsg+mundFB3uj5njTBsUo7Jq7VwB3BgvCBCVcmQeNM5HXd324JTLs3eAkLT8fKNG
/hP4uaQfdzyBg/nWk04XLtBSaFlCksIsy/Br+D/RGRDtIlw+aTDsNB4ftWZR6Or1
2MqWDt+ngrbuqJ4AdDPDW2liCj4t71xW+OFrk5lYLcjOxNEaQQXNeZo1vbtNIKrC
+daIijpJqNm+7ohH2n0Ei1xSQRWCgIB3hPrv0VLsTcoAlejyzJaczkZsVQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCT6dPKQd23FaYXp2Jo6R9+fyuyGMB8GA1UdIwQY
MBaAFMZtnVCzuJ1RyKokk+fvRwHWJR2tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG0yZFVMTzRuVkhJcWlTVDUtOUhBZFlsSGEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS80YmI3NGItOGQ2ZC00NTE0LWEzOWMt
YjdjNTc4Yjc0ZTM1LzEvSlBwMDhwQjNiY1ZwaGVuWW1qcEgzNV9LN0lZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS80YmI3NGItOGQ2ZC00NTE0LWEzOWMtYjdjNTc4Yjc0ZTM1
LzEveG0yZFVMTzRuVkhJcWlTVDUtOUhBZFlsSGEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABbXJMA0G
CSqGSIb3DQEBCwUAA4IBAQCGF+bmu0CSFB7K6x8mvG8mKC5Rbu/dqe7DXKKnifVd
RRZPpRQPK36PiY90LS3vyqWEPpVCrTqkcNWk172+JHnhT92G2Sa/swE3cWrdaJIC
KCA+/purmlHsAvrgLdsesEnCYAqlP0beQ1QnUhSnNiqLunkRr7+BR4m3BCUwFMrD
gD0B9qNkzKDmQMvlopFLgujITOj/YvCOLVkYHTLu9/OcDmlMbjw29quke4thTVwV
0BUxtcKXljR/fxSf63XrlloQcvhdzU6BeUJva8/sRsfEWd6tphNxOeUkBSpfTSdM
JqqPHuotFQiSXLPU6y3C7gTteRJN+7iRkevzdIS3RERU
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:25 2024 by rpki-client on console-fra.rpki-client.org