Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/j9IrcRuAnXLLEOkiEnkS4SAojPk.roa
File:                     j9IrcRuAnXLLEOkiEnkS4SAojPk.roa (raw, json)
Hash identifier:          Sa/TeNd+F9s8aOAes6nkxayVWzqilpLfsD/iwnaacJA=
Subject key identifier:   8F:D2:2B:71:1B:80:9D:72:CB:10:E9:22:12:79:12:E1:20:28:8C:F9
Certificate issuer:       /CN=00775d9471b85d963fef6d283590e2d942dd5c21
Certificate serial:       0187B2620BAD8B59CB4C3C282AE61F46F92C
Authority key identifier: 00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/j9IrcRuAnXLLEOkiEnkS4SAojPk.roa
Signing time:             Mon 24 Apr 2023 08:29:42 +0000
ROA not before:           Mon 24 Apr 2023 08:29:42 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     42337
IP address blocks:        81.12.0.0/21 maxlen: 24
                          87.107.44.0/22 maxlen: 24
                          87.107.48.0/23 maxlen: 23
                          87.107.72.0/21 maxlen: 24
                          81.12.32.0/21 maxlen: 24
                          81.12.40.0/21 maxlen: 24
                          87.107.80.0/21 maxlen: 24
                          87.107.16.0/21 maxlen: 24
                          87.107.28.0/22 maxlen: 24
                          87.107.32.0/23 maxlen: 23
                          87.107.36.0/22 maxlen: 24
                          87.107.148.0/22 maxlen: 24
                          62.220.118.0/23 maxlen: 24
                          62.220.113.0/24 maxlen: 24
                          62.220.112.0/21 maxlen: 21
                          81.12.54.0/23 maxlen: 24
                          81.12.56.0/23 maxlen: 23
                          87.107.92.0/22 maxlen: 24
                          87.107.100.0/22 maxlen: 22
                          81.12.60.0/22 maxlen: 24
                          81.12.72.0/21 maxlen: 24
                          81.12.80.0/20 maxlen: 24
                          81.12.96.0/19 maxlen: 24
                          87.107.136.0/21 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 May 2023 09:42:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:b2:62:0b:ad:8b:59:cb:4c:3c:28:2a:e6:1f:46:f9:2c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=00775d9471b85d963fef6d283590e2d942dd5c21
        Validity
            Not Before: Apr 24 08:29:42 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8fd22b711b809d72cb10e922127912e120288cf9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:7a:a5:17:07:22:98:7f:ec:69:ed:1a:b2:eb:
                    44:4b:dd:4c:74:0f:0a:8e:6d:bc:d7:9d:f0:de:5c:
                    88:2d:47:7f:a3:18:a7:48:0a:c8:03:a2:20:f3:95:
                    a0:05:de:ce:76:9e:15:50:41:7c:d6:58:0b:29:55:
                    7b:00:bc:ab:9a:1a:70:00:65:2b:ef:e1:ee:e9:18:
                    1e:e3:d4:f0:25:05:fc:24:56:b8:42:8c:30:93:6c:
                    33:25:6b:fe:20:6b:7f:68:42:d1:c4:38:5e:34:e5:
                    64:cd:ee:d1:18:8a:e4:39:ae:41:6f:88:89:62:60:
                    07:a8:6e:d4:e1:cf:c8:c0:1f:68:80:21:f6:a8:36:
                    49:c2:b5:9b:bb:37:c6:a6:d1:f5:dc:d1:f2:7e:ea:
                    1c:aa:23:86:f3:88:0a:b8:1c:a9:c7:20:a0:f0:d4:
                    ae:4c:d8:f2:a9:a8:e4:90:e2:f7:b9:29:fd:76:cd:
                    00:37:f4:22:77:8f:6a:98:fe:25:a0:62:89:68:c8:
                    3f:51:be:66:02:7a:17:29:5c:81:60:e4:b9:a7:0c:
                    78:12:7d:3d:00:09:e9:ee:a2:68:d4:0c:32:23:96:
                    b4:a1:8c:30:94:96:fd:9a:35:d9:e2:f5:00:66:6b:
                    e4:4b:cf:1d:f1:17:f3:88:9d:1b:34:c9:5e:8b:68:
                    cf:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:D2:2B:71:1B:80:9D:72:CB:10:E9:22:12:79:12:E1:20:28:8C:F9
            X509v3 Authority Key Identifier:
                keyid:00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/j9IrcRuAnXLLEOkiEnkS4SAojPk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.220.112.0/21
                  81.12.0.0/21
                  81.12.32.0/20
                  81.12.54.0-81.12.57.255
                  81.12.60.0/22
                  81.12.72.0-81.12.127.255
                  87.107.16.0/21
                  87.107.28.0-87.107.33.255
                  87.107.36.0/22
                  87.107.44.0-87.107.49.255
                  87.107.72.0-87.107.87.255
                  87.107.92.0/22
                  87.107.100.0/22
                  87.107.136.0/21
                  87.107.148.0/22

    Signature Algorithm: sha256WithRSAEncryption
         32:0a:6a:a3:5f:d5:81:2f:32:10:95:bc:b8:2a:1b:da:bf:7c:
         4b:30:0c:6e:40:23:f0:d4:5c:e0:a6:8b:d7:e6:16:44:a8:c1:
         31:6e:e6:88:51:ee:2f:13:ed:4d:b9:d4:42:e6:55:42:87:df:
         94:b8:54:22:ad:93:f8:71:28:19:da:ce:d0:c5:b8:d5:e4:b8:
         f5:42:31:9e:f9:ab:83:d2:56:d3:25:81:ff:d6:1d:0f:21:12:
         84:da:ae:32:d9:cf:a7:09:85:71:ad:15:37:92:ae:62:49:95:
         f3:66:d9:6e:76:19:03:0d:df:c4:86:be:33:83:42:dc:59:64:
         df:9f:10:82:81:3d:c2:07:39:c6:2f:b2:ae:08:45:2b:38:45:
         38:34:be:2e:be:35:62:1b:12:13:41:27:ba:6d:c3:8b:a5:ec:
         d0:17:7e:5b:13:b8:ea:f6:0f:c9:78:b0:b9:7a:96:2c:71:4c:
         9d:a5:4d:f3:be:6b:2d:96:c5:b0:b9:f3:5b:d0:6b:3c:02:37:
         0e:7e:c3:bb:dc:cb:9e:03:45:d1:81:3a:c2:e8:ba:1c:7a:83:
         b1:38:4b:5e:cf:a6:ae:e8:e0:79:5e:7a:16:62:ae:c5:48:d2:
         e8:6c:c2:32:c2:d7:19:ae:b9:53:79:fa:d9:22:c0:ef:d9:ff:
         bb:50:75:de
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgISAYeyYguti1nLTDwoKuYfRvksMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNzc1ZDk0NzFiODVkOTYzZmVmNmQyODM1OTBlMmQ5NDJk
ZDVjMjEwHhcNMjMwNDI0MDgyOTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZmQyMmI3MTFiODA5ZDcyY2IxMGU5MjIxMjc5MTJlMTIwMjg4Y2Y5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk3qlFwcimH/sae0asutES91MdA8K
jm28153w3lyILUd/oxinSArIA6Ig85WgBd7Odp4VUEF81lgLKVV7ALyrmhpwAGUr
7+Hu6Rge49TwJQX8JFa4Qowwk2wzJWv+IGt/aELRxDheNOVkze7RGIrkOa5Bb4iJ
YmAHqG7U4c/IwB9ogCH2qDZJwrWbuzfGptH13NHyfuocqiOG84gKuBypxyCg8NSu
TNjyqajkkOL3uSn9ds0AN/Qid49qmP4loGKJaMg/Ub5mAnoXKVyBYOS5pwx4En09
AAnp7qJo1AwyI5a0oYwwlJb9mjXZ4vUAZmvkS88d8RfziJ0bNMlei2jPswIDAQAB
o4ICijCCAoYwHQYDVR0OBBYEFI/SK3EbgJ1yyxDpIhJ5EuEgKIz5MB8GA1UdIwQY
MBaAFAB3XZRxuF2WP+9tKDWQ4tlC3VwhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQt
NzZiMzNlNGNlODIxLzEvajlJcmNSdUFuWExMRU9raUVua1M0U0FvalBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQtNzZiMzNlNGNlODIx
LzEvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGfBggrBgEFBQcBBwEB/wSBjzCBjDCBiQQCAAEwgYIDBAM+
3HADBANRDAADBARRDCAwDAMEAVEMNgMEAVEMOAMEAlEMPDAMAwQDUQxIAwQHUQwA
AwQDV2sQMAwDBAJXaxwDBAFXayADBAJXayQwDAMEAldrLAMEAVdrMDAMAwQDV2tI
AwQDV2tQAwQCV2tcAwQCV2tkAwQDV2uIAwQCV2uUMA0GCSqGSIb3DQEBCwUAA4IB
AQAyCmqjX9WBLzIQlby4Khvav3xLMAxuQCPw1FzgpovX5hZEqMExbuaIUe4vE+1N
udRC5lVCh9+UuFQirZP4cSgZ2s7QxbjV5Lj1QjGe+auD0lbTJYH/1h0PIRKE2q4y
2c+nCYVxrRU3kq5iSZXzZtludhkDDd/Ehr4zg0LcWWTfnxCCgT3CBznGL7KuCEUr
OEU4NL4uvjViGxITQSe6bcOLpezQF35bE7jq9g/JeLC5epYscUydpU3zvmstlsWw
ufNb0Gs8AjcOfsO73MueA0XRgTrC6LoceoOxOEtez6au6OB5XnoWYq7FSNLobMIy
wtcZrrlTefrZIsDv2f+7UHXe
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:59 2024 by rpki-client on console-ams.rpki-client.org