Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/JP_fIE8MYFyGF_WErThusHEOnoU.roa
File:                     JP_fIE8MYFyGF_WErThusHEOnoU.roa (raw, json)
Hash identifier:          PF6CtODh1mEIGUuolXDnOxkpb7O2qW5InEcshYV1Sk0=
Subject key identifier:   24:FF:DF:20:4F:0C:60:5C:86:17:F5:84:AD:38:6E:B0:71:0E:9E:85
Certificate issuer:       /CN=3263787fd0f94b37813eef16bc8137423ee3fef3
Certificate serial:       01856FF035F363E56E232B9EF2A4EE843475
Authority key identifier: 32:63:78:7F:D0:F9:4B:37:81:3E:EF:16:BC:81:37:42:3E:E3:FE:F3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/JP_fIE8MYFyGF_WErThusHEOnoU.roa
Signing time:             Mon 02 Jan 2023 00:44:51 +0000
ROA not before:           Mon 02 Jan 2023 00:44:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     60800
IP address blocks:        91.210.100.0/22 maxlen: 24
                          103.82.0.0/22 maxlen: 24
                          185.42.16.0/22 maxlen: 24
                          125.62.72.0/22 maxlen: 24
                          185.17.172.0/22 maxlen: 24
                          185.222.112.0/22 maxlen: 24
                          2a03:ec40::/29 maxlen: 29

Validation:               Failed, certificate revoked on Tue 14 Feb 2023 17:42:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:f0:35:f3:63:e5:6e:23:2b:9e:f2:a4:ee:84:34:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3263787fd0f94b37813eef16bc8137423ee3fef3
        Validity
            Not Before: Jan  2 00:44:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=24ffdf204f0c605c8617f584ad386eb0710e9e85
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:ed:68:43:af:3c:1c:f7:ba:e2:3a:5e:8d:1a:
                    30:ff:0b:f4:fa:2a:67:a2:6d:df:8e:d2:be:4a:36:
                    3b:0c:e3:28:e2:92:f3:19:18:ca:5d:82:84:0d:0b:
                    30:49:30:67:c3:3d:b3:56:69:7b:4d:36:57:2f:ea:
                    ee:bb:92:66:7e:12:78:2d:9c:bf:fa:35:e7:c8:25:
                    78:78:80:64:9f:14:ae:0c:e2:62:8d:7f:c7:37:33:
                    c1:0b:ad:13:6b:e0:b7:9c:c5:3b:a8:f9:a8:9c:06:
                    de:f3:9b:50:99:2b:c6:c0:94:58:93:34:af:c5:c8:
                    11:88:ed:cb:8c:d9:0c:39:c0:c1:25:4c:0c:bf:50:
                    48:b1:9f:e8:28:3f:48:e7:6b:05:db:20:dd:42:81:
                    d7:e2:31:69:26:c8:bc:9d:26:f6:3d:3d:da:87:74:
                    ba:c9:6c:09:fb:6f:72:c9:12:0a:09:82:31:82:77:
                    e4:a8:96:56:14:6f:2f:ed:df:b6:d0:02:86:61:ad:
                    d0:63:5b:9a:00:0f:9c:e1:c7:a0:94:e5:36:68:47:
                    1f:1f:57:27:45:97:49:45:75:07:37:64:37:81:8f:
                    1f:fc:16:e0:e4:9f:76:cb:dc:ab:73:0a:48:23:e7:
                    58:d1:57:87:9b:f6:ae:37:b0:ae:b7:b7:08:70:b7:
                    43:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:FF:DF:20:4F:0C:60:5C:86:17:F5:84:AD:38:6E:B0:71:0E:9E:85
            X509v3 Authority Key Identifier:
                keyid:32:63:78:7F:D0:F9:4B:37:81:3E:EF:16:BC:81:37:42:3E:E3:FE:F3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/JP_fIE8MYFyGF_WErThusHEOnoU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.210.100.0/22
                  103.82.0.0/22
                  125.62.72.0/22
                  185.17.172.0/22
                  185.42.16.0/22
                  185.222.112.0/22
                IPv6:
                  2a03:ec40::/29

    Signature Algorithm: sha256WithRSAEncryption
         5f:b0:fe:c6:18:cc:9d:f8:38:f3:a9:58:e8:92:eb:f9:ce:8b:
         1b:f4:a7:85:d1:1b:02:d3:77:19:cb:f1:e4:62:b0:6d:de:59:
         4a:9a:69:8e:86:9d:26:74:38:dc:6e:d7:df:8a:ee:16:65:c2:
         8f:1a:50:ac:bb:16:48:38:d3:10:b2:85:e4:82:07:ae:2f:d8:
         78:89:db:7b:99:e8:6a:17:0c:a2:3a:c3:2f:4a:ca:5b:38:95:
         b4:5b:ee:33:0c:c6:b8:63:d6:81:1b:26:50:b3:ad:02:85:5f:
         75:f1:a4:d9:6e:da:e4:ea:ab:a3:b8:70:1c:93:d4:33:3f:bc:
         84:b8:a2:58:30:65:10:c2:eb:2a:a0:90:6e:c5:bb:97:f6:06:
         51:85:aa:be:17:6c:69:84:8c:3b:da:0b:ad:d1:ee:74:fe:7b:
         0b:af:20:b5:c6:d1:18:95:2e:d9:a4:a7:fb:0d:44:e5:94:01:
         97:fa:1c:32:18:01:a9:d8:1c:bf:6d:12:18:88:ce:34:90:c5:
         31:d8:15:de:4b:4f:ce:53:76:82:fd:53:13:a6:5b:b9:8a:53:
         c5:f0:17:ce:0e:c7:9f:d6:16:69:e9:24:0f:8b:9e:1b:ee:03:
         1c:2c:7a:38:34:69:8f:67:cf:91:9e:91:9a:be:92:1e:9d:15:
         e2:b1:e4:b0
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYVv8DXzY+VuIyue8qTuhDR1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNjM3ODdmZDBmOTRiMzc4MTNlZWYxNmJjODEzNzQyM2Vl
M2ZlZjMwHhcNMjMwMTAyMDA0NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGZmZGYyMDRmMGM2MDVjODYxN2Y1ODRhZDM4NmViMDcxMGU5ZTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuu1oQ688HPe64jpejRow/wv0+ipn
om3fjtK+SjY7DOMo4pLzGRjKXYKEDQswSTBnwz2zVml7TTZXL+ruu5JmfhJ4LZy/
+jXnyCV4eIBknxSuDOJijX/HNzPBC60Ta+C3nMU7qPmonAbe85tQmSvGwJRYkzSv
xcgRiO3LjNkMOcDBJUwMv1BIsZ/oKD9I52sF2yDdQoHX4jFpJsi8nSb2PT3ah3S6
yWwJ+29yyRIKCYIxgnfkqJZWFG8v7d+20AKGYa3QY1uaAA+c4ceglOU2aEcfH1cn
RZdJRXUHN2Q3gY8f/Bbg5J92y9yrcwpII+dY0VeHm/auN7Cut7cIcLdDMwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFCT/3yBPDGBchhf1hK04brBxDp6FMB8GA1UdIwQY
MBaAFDJjeH/Q+Us3gT7vFryBN0I+4/7zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTW1ONGY5RDVTemVCUHU4V3ZJRTNRajdqX3ZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS83NzAzZWYtMjQyMi00MzdjLWI5M2Qt
NTk1ZTBiZjVjNjEzLzEvSlBfZklFOE1ZRnlHRl9XRXJUaHVzSEVPbm9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS83NzAzZWYtMjQyMi00MzdjLWI5M2QtNTk1ZTBiZjVjNjEz
LzEvTW1ONGY5RDVTemVCUHU4V3ZJRTNRajdqX3ZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQCW9JkAwQC
Z1IAAwQCfT5IAwQCuRGsAwQCuSoQAwQCud5wMA0EAgACMAcDBQMqA+xAMA0GCSqG
SIb3DQEBCwUAA4IBAQBfsP7GGMyd+DjzqVjokuv5zosb9KeF0RsC03cZy/HkYrBt
3llKmmmOhp0mdDjcbtffiu4WZcKPGlCsuxZIONMQsoXkggeuL9h4idt7mehqFwyi
OsMvSspbOJW0W+4zDMa4Y9aBGyZQs60ChV918aTZbtrk6qujuHAck9QzP7yEuKJY
MGUQwusqoJBuxbuX9gZRhaq+F2xphIw72gut0e50/nsLryC1xtEYlS7ZpKf7DUTl
lAGX+hwyGAGp2By/bRIYiM40kMUx2BXeS0/OU3aC/VMTplu5ilPF8BfODsef1hZp
6SQPi54b7gMcLHo4NGmPZ8+RnpGavpIenRXiseSw
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:15 2024 by rpki-client on console-fra.rpki-client.org