Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/143d29-cf72-4d01-918c-16afc4dffdd4/1/JZFN8sMlhPNLmCk_IsSh_juq20w.roa
File:                     JZFN8sMlhPNLmCk_IsSh_juq20w.roa (raw, json)
Hash identifier:          r+7NQqJuO6d6jPkG1YnLp5kONfi3UEAg1jtEodaGn0g=
Subject key identifier:   25:91:4D:F2:C3:25:84:F3:4B:98:29:3F:22:C4:A1:FE:3B:AA:DB:4C
Certificate issuer:       /CN=3a00807698f0b097d69ab3926917d1dcc838a624
Certificate serial:       018571DE83B8ED3647BC6C84918EA0A91202
Authority key identifier: 3A:00:80:76:98:F0:B0:97:D6:9A:B3:92:69:17:D1:DC:C8:38:A6:24
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OgCAdpjwsJfWmrOSaRfR3Mg4piQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ba/143d29-cf72-4d01-918c-16afc4dffdd4/1/JZFN8sMlhPNLmCk_IsSh_juq20w.roa
Signing time:             Mon 02 Jan 2023 09:44:46 +0000
ROA not before:           Mon 02 Jan 2023 09:44:46 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     138968
IP address blocks:        45.81.33.0/24 maxlen: 24
                          45.81.32.0/23 maxlen: 24
                          45.150.236.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Fri 23 Jun 2023 13:47:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:de:83:b8:ed:36:47:bc:6c:84:91:8e:a0:a9:12:02
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a00807698f0b097d69ab3926917d1dcc838a624
        Validity
            Not Before: Jan  2 09:44:46 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=25914df2c32584f34b98293f22c4a1fe3baadb4c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:b0:bc:bd:5f:8e:73:0e:99:18:f7:aa:e6:cc:
                    ce:8f:d5:ae:dd:12:9c:f8:3f:c5:90:e6:3a:1e:27:
                    c9:25:ae:90:a5:95:8d:27:93:55:b1:32:21:ed:30:
                    e9:60:29:2b:52:79:ca:69:ba:05:11:27:79:7c:8c:
                    af:7f:b3:85:5a:4c:eb:89:a1:35:97:9f:f3:1c:5a:
                    01:48:1a:ca:fb:81:b7:8a:76:a9:4b:90:4f:8d:e4:
                    99:6a:6c:78:18:cc:62:a9:c6:91:5a:7b:73:b6:2b:
                    fe:53:07:ee:5c:10:a9:e1:4e:b1:03:0b:96:c0:5a:
                    01:3d:9d:b7:8b:12:56:6f:e1:b2:cb:71:ec:39:89:
                    19:23:ac:36:12:65:a4:79:8b:dc:b1:fd:ed:c9:52:
                    71:05:e7:eb:d5:7f:37:f0:fd:91:e2:1a:db:50:54:
                    d1:5f:2f:e6:e4:98:c8:13:d8:37:5a:46:60:9b:38:
                    95:e7:68:46:07:78:93:8b:a3:86:02:63:fc:e6:3e:
                    ae:9c:f9:6f:71:24:39:fe:cc:05:64:6b:29:bb:77:
                    58:04:82:55:4f:68:77:f5:06:85:fc:1f:b1:95:f6:
                    7a:97:2f:ac:59:26:f5:41:ba:67:4f:c3:c8:4e:a1:
                    15:bf:1b:77:6c:47:c8:12:b9:0f:d7:60:11:2d:40:
                    d1:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:91:4D:F2:C3:25:84:F3:4B:98:29:3F:22:C4:A1:FE:3B:AA:DB:4C
            X509v3 Authority Key Identifier:
                keyid:3A:00:80:76:98:F0:B0:97:D6:9A:B3:92:69:17:D1:DC:C8:38:A6:24

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OgCAdpjwsJfWmrOSaRfR3Mg4piQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/143d29-cf72-4d01-918c-16afc4dffdd4/1/JZFN8sMlhPNLmCk_IsSh_juq20w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/143d29-cf72-4d01-918c-16afc4dffdd4/1/OgCAdpjwsJfWmrOSaRfR3Mg4piQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.81.32.0/23
                  45.150.236.0/22

    Signature Algorithm: sha256WithRSAEncryption
         68:5d:02:bf:76:f3:e0:da:ff:08:68:0d:78:cd:7b:e8:ce:d6:
         b3:ab:63:06:59:f0:8e:38:ef:97:f3:77:c7:cc:5d:75:00:8d:
         90:85:94:be:3e:2a:3f:0c:1c:22:89:14:09:8d:71:e2:ed:c5:
         e9:ea:ef:60:85:43:68:93:dc:59:f5:26:3f:df:00:43:b4:f8:
         29:87:3b:a9:b4:50:20:3b:05:79:2f:84:0f:19:1b:6e:78:f8:
         38:99:e9:31:7a:a9:a2:f7:53:77:fb:dd:bf:6f:2c:ae:22:8b:
         40:05:81:f7:65:35:94:93:36:dc:14:52:5f:be:37:70:44:04:
         72:ab:32:10:0c:ab:b5:e4:df:ec:36:c8:64:5e:f3:f3:56:9c:
         a5:41:3d:6b:06:93:e4:7b:ff:6e:95:cc:fa:dd:3e:06:f1:81:
         a7:4c:af:cd:40:91:3e:bc:be:86:36:31:74:75:31:6f:b1:09:
         85:6c:26:cf:ee:a4:79:36:57:cf:db:40:d6:c4:d9:bb:5b:3a:
         4c:f1:0d:6c:e1:e5:f3:64:98:e2:d8:3d:5e:c2:6b:42:2b:8a:
         95:ee:21:38:e8:aa:c6:f3:7b:11:e7:1c:59:53:7f:71:9f:ce:
         e4:cb:57:53:42:bc:d2:db:b1:79:1e:b8:df:94:36:18:b2:19:
         80:8c:ac:72
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVx3oO47TZHvGyEkY6gqRICMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhMDA4MDc2OThmMGIwOTdkNjlhYjM5MjY5MTdkMWRjYzgz
OGE2MjQwHhcNMjMwMTAyMDk0NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTkxNGRmMmMzMjU4NGYzNGI5ODI5M2YyMmM0YTFmZTNiYWFkYjRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA67C8vV+Ocw6ZGPeq5szOj9Wu3RKc
+D/FkOY6HifJJa6QpZWNJ5NVsTIh7TDpYCkrUnnKaboFESd5fIyvf7OFWkzriaE1
l5/zHFoBSBrK+4G3inapS5BPjeSZamx4GMxiqcaRWntztiv+UwfuXBCp4U6xAwuW
wFoBPZ23ixJWb+Gyy3HsOYkZI6w2EmWkeYvcsf3tyVJxBefr1X838P2R4hrbUFTR
Xy/m5JjIE9g3WkZgmziV52hGB3iTi6OGAmP85j6unPlvcSQ5/swFZGspu3dYBIJV
T2h39QaF/B+xlfZ6ly+sWSb1QbpnT8PITqEVvxt3bEfIErkP12ARLUDRPwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCWRTfLDJYTzS5gpPyLEof47qttMMB8GA1UdIwQY
MBaAFDoAgHaY8LCX1pqzkmkX0dzIOKYkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2dDQWRwandzSmZXbXJPU2FSZlIzTWc0cGlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS8xNDNkMjktY2Y3Mi00ZDAxLTkxOGMt
MTZhZmM0ZGZmZGQ0LzEvSlpGTjhzTWxoUE5MbUNrX0lzU2hfanVxMjB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS8xNDNkMjktY2Y3Mi00ZDAxLTkxOGMtMTZhZmM0ZGZmZGQ0
LzEvT2dDQWRwandzSmZXbXJPU2FSZlIzTWc0cGlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLVEgAwQC
LZbsMA0GCSqGSIb3DQEBCwUAA4IBAQBoXQK/dvPg2v8IaA14zXvoztazq2MGWfCO
OO+X83fHzF11AI2QhZS+Pio/DBwiiRQJjXHi7cXp6u9ghUNok9xZ9SY/3wBDtPgp
hzuptFAgOwV5L4QPGRtuePg4mekxeqmi91N3+92/byyuIotABYH3ZTWUkzbcFFJf
vjdwRARyqzIQDKu15N/sNshkXvPzVpylQT1rBpPke/9ulcz63T4G8YGnTK/NQJE+
vL6GNjF0dTFvsQmFbCbP7qR5NlfP20DWxNm7WzpM8Q1s4eXzZJji2D1ewmtCK4qV
7iE46KrG83sR5xxZU39xn87ky1dTQrzS27F5HrjflDYYshmAjKxy
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:26 2024 by rpki-client on console-fra.rpki-client.org