Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/JczXZAIH05VuJoY9XBih7WPZMDc.roa
File:                     JczXZAIH05VuJoY9XBih7WPZMDc.roa (raw, json)
Hash identifier:          QQJqsltdaQlBQleD9lZ1Iu0LgAjJ2xiEP4/1RpkwD1Y=
Subject key identifier:   25:CC:D7:64:02:07:D3:95:6E:26:86:3D:5C:18:A1:ED:63:D9:30:37
Certificate issuer:       /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial:       0188BB1D5BB7C3F8EDF28E802B63AC2E9A1A
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/JczXZAIH05VuJoY9XBih7WPZMDc.roa
Signing time:             Wed 14 Jun 2023 18:14:03 +0000
ROA not before:           Wed 14 Jun 2023 18:14:03 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        85.208.104.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 15 Jun 2023 13:22:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:bb:1d:5b:b7:c3:f8:ed:f2:8e:80:2b:63:ac:2e:9a:1a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
        Validity
            Not Before: Jun 14 18:14:03 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=25ccd7640207d3956e26863d5c18a1ed63d93037
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:8a:a0:47:17:d8:f0:22:8d:67:8e:f4:15:e3:
                    8d:32:88:d5:52:e9:4f:51:29:5d:ba:c3:6e:c0:a0:
                    f8:ad:57:2d:56:93:99:d9:fe:87:28:dc:cd:99:52:
                    f0:9e:f5:4b:64:2c:9a:01:ae:05:80:66:34:e9:16:
                    1d:80:5d:2c:bb:58:6e:8b:b8:59:e1:7f:58:7b:19:
                    5f:c1:f2:84:8e:e8:a6:57:4c:ef:57:2c:77:8e:59:
                    f5:4d:b2:c9:ca:c8:b6:74:c1:dd:08:09:3c:4e:e0:
                    0e:03:fb:2c:0e:92:d8:23:d2:d2:c8:bd:8c:6f:2f:
                    b3:63:30:6c:1c:93:b7:af:14:bf:79:d8:81:fc:e4:
                    9a:a3:a5:88:16:b2:4b:f8:28:b0:26:33:f0:1c:a8:
                    a7:75:32:7a:5e:ed:a3:df:ec:76:aa:87:eb:4a:26:
                    00:b3:77:3e:12:28:99:ab:15:e7:d2:20:e5:52:34:
                    c0:e0:7a:be:97:2e:98:03:2b:7f:be:26:44:ec:a9:
                    43:63:26:eb:bc:d6:3b:5e:69:78:2e:3c:63:67:9d:
                    7b:02:73:99:aa:8a:db:92:ee:fc:98:84:eb:a9:22:
                    62:84:d1:bc:80:22:71:28:7c:1b:45:a0:cd:1c:b8:
                    3c:6b:16:ed:85:08:00:d6:74:af:de:c9:c9:2c:aa:
                    92:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:CC:D7:64:02:07:D3:95:6E:26:86:3D:5C:18:A1:ED:63:D9:30:37
            X509v3 Authority Key Identifier:
                keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/JczXZAIH05VuJoY9XBih7WPZMDc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.208.104.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a5:25:be:cd:14:6d:f6:73:16:0f:de:af:e3:ae:d3:71:cf:f3:
         1b:53:04:57:8d:2a:61:39:4b:25:63:32:2f:c1:d1:24:c7:8e:
         a4:50:78:f1:43:99:b6:04:d1:04:6d:91:2f:f3:12:3b:eb:0a:
         64:19:f5:bf:74:a7:d9:80:2e:9e:a5:8b:11:0f:86:15:61:04:
         56:af:6b:8c:ca:21:40:d3:fa:5e:f2:a9:c3:a8:87:d6:39:3b:
         e9:c8:25:2f:c7:75:15:97:75:0c:9d:f4:96:44:48:bd:9f:4f:
         3c:26:24:d5:11:77:f2:44:70:b7:7c:aa:00:b5:91:79:1c:f7:
         24:02:71:0a:cd:6d:ab:14:f3:c8:81:6b:34:46:ed:15:eb:4c:
         9c:81:3a:bd:41:87:82:75:20:b1:ae:d8:d0:b2:3e:4b:a3:b4:
         36:a3:b6:d3:d3:41:ee:5e:fa:e5:1c:65:0c:0f:37:27:45:40:
         7e:00:75:7b:02:bf:0c:ed:9d:42:be:94:b6:13:66:c9:50:38:
         71:60:46:8d:c9:17:1a:33:13:c5:9b:79:60:e9:28:3c:5a:21:
         8f:95:6f:01:4e:eb:ef:39:fe:41:26:0d:73:7f:cc:59:01:63:
         97:e1:51:8a:4b:cf:cf:f1:30:a5:f1:8f:c6:84:d9:c6:82:19:
         26:d8:6d:5e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYi7HVu3w/jt8o6AK2OsLpoaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjMwNjE0MTgxNDAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWNjZDc2NDAyMDdkMzk1NmUyNjg2M2Q1YzE4YTFlZDYzZDkzMDM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjoqgRxfY8CKNZ470FeONMojVUulP
USldusNuwKD4rVctVpOZ2f6HKNzNmVLwnvVLZCyaAa4FgGY06RYdgF0su1hui7hZ
4X9YexlfwfKEjuimV0zvVyx3jln1TbLJysi2dMHdCAk8TuAOA/ssDpLYI9LSyL2M
by+zYzBsHJO3rxS/ediB/OSao6WIFrJL+CiwJjPwHKindTJ6Xu2j3+x2qofrSiYA
s3c+EiiZqxXn0iDlUjTA4Hq+ly6YAyt/viZE7KlDYybrvNY7Xml4LjxjZ517AnOZ
qorbku78mITrqSJihNG8gCJxKHwbRaDNHLg8axbthQgA1nSv3snJLKqSxQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCXM12QCB9OVbiaGPVwYoe1j2TA3MB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvSmN6WFpBSUgwNVZ1Sm9ZOVhCaWg3V1BaTURjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVdBoMA0G
CSqGSIb3DQEBCwUAA4IBAQClJb7NFG32cxYP3q/jrtNxz/MbUwRXjSphOUslYzIv
wdEkx46kUHjxQ5m2BNEEbZEv8xI76wpkGfW/dKfZgC6epYsRD4YVYQRWr2uMyiFA
0/pe8qnDqIfWOTvpyCUvx3UVl3UMnfSWREi9n088JiTVEXfyRHC3fKoAtZF5HPck
AnEKzW2rFPPIgWs0Ru0V60ycgTq9QYeCdSCxrtjQsj5Lo7Q2o7bT00HuXvrlHGUM
DzcnRUB+AHV7Ar8M7Z1CvpS2E2bJUDhxYEaNyRcaMxPFm3lg6Sg8WiGPlW8BTuvv
Of5BJg1zf8xZAWOX4VGKS8/P8TCl8Y/GhNnGghkm2G1e
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:20 2024 by rpki-client on console-ams.rpki-client.org