Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/9a7df7-18ba-41f7-880a-746777e21c5b/1/JHCmoxub9CUT2F5aiS2xQ8uKSA4.roa
File:                     JHCmoxub9CUT2F5aiS2xQ8uKSA4.roa (raw, json)
Hash identifier:          8RCxkdlgKpjOb9wtbwmG9f6V1KX3A0i09rrmzfqGAN0=
Subject key identifier:   24:70:A6:A3:1B:9B:F4:25:13:D8:5E:5A:89:2D:B1:43:CB:8A:48:0E
Certificate issuer:       /CN=c4064476c2c47f778474a14816c1e06a40813e5c
Certificate serial:       01856EF41F2E386B38C9F7CCFF1DB481FE5F
Authority key identifier: C4:06:44:76:C2:C4:7F:77:84:74:A1:48:16:C1:E0:6A:40:81:3E:5C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xAZEdsLEf3eEdKFIFsHgakCBPlw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ad/9a7df7-18ba-41f7-880a-746777e21c5b/1/JHCmoxub9CUT2F5aiS2xQ8uKSA4.roa
Signing time:             Sun 01 Jan 2023 20:09:30 +0000
ROA not before:           Sun 01 Jan 2023 20:09:30 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     199284
IP address blocks:        217.17.206.0/23 maxlen: 23
                          2001:4bd8:52::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 22:30:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:f4:1f:2e:38:6b:38:c9:f7:cc:ff:1d:b4:81:fe:5f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c4064476c2c47f778474a14816c1e06a40813e5c
        Validity
            Not Before: Jan  1 20:09:30 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2470a6a31b9bf42513d85e5a892db143cb8a480e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:4f:c1:23:33:b2:99:8a:a1:03:3a:0f:78:5c:
                    ef:f8:53:5a:9a:d9:46:77:3b:6d:43:e5:62:da:46:
                    a3:06:51:db:3b:e3:da:18:23:8b:23:52:da:d1:2c:
                    94:ee:56:c5:d7:de:2b:c4:11:2c:49:1a:0e:79:dc:
                    a8:57:e7:2c:f0:29:64:36:70:e6:8a:98:b2:41:1a:
                    ca:10:f1:ff:f5:6f:63:29:d3:0a:5b:e0:c6:3f:0c:
                    a4:0d:0c:f5:f6:3e:77:8d:be:cc:4f:da:d7:55:97:
                    10:75:ff:bc:a0:c5:ea:90:ae:2c:72:b7:3b:f4:1d:
                    f9:16:83:a0:cb:63:40:f3:eb:00:92:75:43:21:0d:
                    2c:87:93:55:24:d4:88:15:46:84:36:58:43:11:fb:
                    3f:1f:68:d3:de:37:be:c6:a9:4b:a0:7b:1d:c8:0e:
                    c8:99:b9:0c:fb:85:77:22:46:dc:5c:72:53:ef:c6:
                    ff:a7:53:5c:b3:a9:06:25:86:60:11:d7:e8:81:5e:
                    59:ba:d4:ce:6f:b7:2c:5f:20:ce:f8:16:77:1b:f5:
                    41:98:45:3a:a1:90:1e:1d:ea:ec:49:14:a1:0d:b9:
                    4e:57:9f:ed:56:11:4b:db:17:ba:e8:17:4a:ec:e1:
                    3f:a9:2e:e9:1b:fe:50:9c:6d:db:61:c1:82:67:57:
                    3d:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:70:A6:A3:1B:9B:F4:25:13:D8:5E:5A:89:2D:B1:43:CB:8A:48:0E
            X509v3 Authority Key Identifier:
                keyid:C4:06:44:76:C2:C4:7F:77:84:74:A1:48:16:C1:E0:6A:40:81:3E:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xAZEdsLEf3eEdKFIFsHgakCBPlw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/9a7df7-18ba-41f7-880a-746777e21c5b/1/JHCmoxub9CUT2F5aiS2xQ8uKSA4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/9a7df7-18ba-41f7-880a-746777e21c5b/1/xAZEdsLEf3eEdKFIFsHgakCBPlw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  217.17.206.0/23
                IPv6:
                  2001:4bd8:52::/48

    Signature Algorithm: sha256WithRSAEncryption
         11:80:78:de:ec:ac:94:b6:5e:a0:43:d1:47:d6:18:ae:88:64:
         0d:73:c1:65:a8:0a:e6:5a:7d:0d:1a:55:c6:7c:8a:af:76:65:
         f8:ac:41:8f:5b:ef:7c:14:c1:51:04:ac:b1:27:58:5f:46:13:
         2d:6e:01:c5:08:c3:53:47:7e:a6:a2:b7:92:2b:5b:8b:4c:71:
         4f:15:c1:48:7b:46:40:c4:ab:70:6d:e8:07:57:c9:c3:82:fc:
         95:8b:9c:ed:cc:b3:45:49:39:b5:86:a2:17:5b:04:c7:4b:fe:
         94:d6:96:f5:e7:5e:f1:ca:16:47:ae:32:26:de:74:9c:b5:71:
         e9:c7:7a:c3:33:39:fd:46:b1:82:3a:25:25:3b:a0:49:f2:2f:
         1d:1e:38:4b:bf:92:1e:3c:9e:48:43:25:da:5c:6b:fd:3e:98:
         6e:09:db:27:4d:aa:2b:00:25:5b:1b:42:1d:9e:34:95:02:4e:
         08:af:a8:07:10:13:46:11:0b:18:99:a2:c6:2e:6f:ae:2a:09:
         a7:65:2a:97:45:8d:6c:93:ae:16:08:57:27:09:f5:6f:87:57:
         e9:88:4c:e8:ba:d0:70:94:14:0a:26:a8:b6:08:ec:55:ee:39:
         bc:c9:94:c5:3e:ac:4d:e9:b0:73:46:29:58:a6:37:04:0d:f5:
         89:d0:3a:51
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVu9B8uOGs4yffM/x20gf5fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MDY0NDc2YzJjNDdmNzc4NDc0YTE0ODE2YzFlMDZhNDA4
MTNlNWMwHhcNMjMwMTAxMjAwOTMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDcwYTZhMzFiOWJmNDI1MTNkODVlNWE4OTJkYjE0M2NiOGE0ODBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApE/BIzOymYqhAzoPeFzv+FNamtlG
dzttQ+Vi2kajBlHbO+PaGCOLI1La0SyU7lbF194rxBEsSRoOedyoV+cs8ClkNnDm
ipiyQRrKEPH/9W9jKdMKW+DGPwykDQz19j53jb7MT9rXVZcQdf+8oMXqkK4scrc7
9B35FoOgy2NA8+sAknVDIQ0sh5NVJNSIFUaENlhDEfs/H2jT3je+xqlLoHsdyA7I
mbkM+4V3IkbcXHJT78b/p1Ncs6kGJYZgEdfogV5ZutTOb7csXyDO+BZ3G/VBmEU6
oZAeHersSRShDblOV5/tVhFL2xe66BdK7OE/qS7pG/5QnG3bYcGCZ1c9sQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCRwpqMbm/QlE9heWoktsUPLikgOMB8GA1UdIwQY
MBaAFMQGRHbCxH93hHShSBbB4GpAgT5cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEFaRWRzTEVmM2VFZEtGSUZzSGdha0NCUGx3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC85YTdkZjctMThiYS00MWY3LTg4MGEt
NzQ2Nzc3ZTIxYzViLzEvSkhDbW94dWI5Q1VUMkY1YWlTMnhROHVLU0E0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC85YTdkZjctMThiYS00MWY3LTg4MGEtNzQ2Nzc3ZTIxYzVi
LzEveEFaRWRzTEVmM2VFZEtGSUZzSGdha0NCUGx3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQB2RHOMA8E
AgACMAkDBwAgAUvYAFIwDQYJKoZIhvcNAQELBQADggEBABGAeN7srJS2XqBD0UfW
GK6IZA1zwWWoCuZafQ0aVcZ8iq92ZfisQY9b73wUwVEErLEnWF9GEy1uAcUIw1NH
fqait5IrW4tMcU8VwUh7RkDEq3Bt6AdXycOC/JWLnO3Ms0VJObWGohdbBMdL/pTW
lvXnXvHKFkeuMibedJy1cenHesMzOf1GsYI6JSU7oEnyLx0eOEu/kh48nkhDJdpc
a/0+mG4J2ydNqisAJVsbQh2eNJUCTgivqAcQE0YRCxiZosYub64qCadlKpdFjWyT
rhYIVycJ9W+HV+mITOi60HCUFAomqLYI7FXuObzJlMU+rE3psHNGKVimNwQN9YnQ
OlE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:13 2024 by rpki-client on console-ams.rpki-client.org