Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/721920-939b-412b-a3c5-2329d79c4ae3/1/JjXjLJJmVWMeHUxwcIobplqvZqk.roa
File:                     JjXjLJJmVWMeHUxwcIobplqvZqk.roa (raw, json)
Hash identifier:          2eY/blXbjnsTwvnfHWryny0Ko3jqMsutM8hJyyVoypQ=
Subject key identifier:   26:35:E3:2C:92:66:55:63:1E:1D:4C:70:70:8A:1B:A6:5A:AF:66:A9
Certificate issuer:       /CN=d8073d06b58652f849fa8bcf3cec6b950909bd68
Certificate serial:       0187C6EAFB9FE8A781F9CEFFA6FA4E99D81E
Authority key identifier: D8:07:3D:06:B5:86:52:F8:49:FA:8B:CF:3C:EC:6B:95:09:09:BD:68
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2Ac9BrWGUvhJ-ovPPOxrlQkJvWg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/721920-939b-412b-a3c5-2329d79c4ae3/1/JjXjLJJmVWMeHUxwcIobplqvZqk.roa
Signing time:             Fri 28 Apr 2023 08:11:41 +0000
ROA not before:           Fri 28 Apr 2023 08:11:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61121
IP address blocks:        185.18.4.0/23 maxlen: 24
                          185.18.4.0/22 maxlen: 24
                          185.18.4.0/24 maxlen: 24
                          185.18.7.0/24 maxlen: 24
                          185.18.5.0/24 maxlen: 24
                          185.18.6.0/24 maxlen: 24
                          185.18.6.0/23 maxlen: 24
                          2a03:f1c0::/32 maxlen: 32

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:29:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:c6:ea:fb:9f:e8:a7:81:f9:ce:ff:a6:fa:4e:99:d8:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d8073d06b58652f849fa8bcf3cec6b950909bd68
        Validity
            Not Before: Apr 28 08:11:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2635e32c926655631e1d4c70708a1ba65aaf66a9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:1d:df:d5:ed:c4:86:73:ca:69:c2:5f:2b:08:
                    cd:59:9a:8e:8e:bf:56:b0:4c:b6:35:d1:e8:36:d1:
                    eb:06:b3:db:27:d3:13:06:da:b8:9e:a9:95:f6:82:
                    c2:85:3b:f6:01:26:d6:e4:4c:3a:f6:b9:13:4a:d5:
                    9e:60:a8:bc:0a:3e:85:ad:ba:ac:8e:f7:ad:c3:47:
                    f0:58:f1:61:3e:85:e8:e9:72:3a:97:d7:4d:12:ec:
                    2d:8d:cc:63:2b:3b:8a:e9:d2:3a:70:33:8b:40:45:
                    5f:40:39:dc:8c:14:1c:f3:06:2e:c5:13:e3:c1:bc:
                    0f:a9:6b:ef:30:0f:7a:d5:39:b2:d1:ea:72:ba:94:
                    a8:d7:96:4a:0c:c7:d3:53:74:9d:79:60:a0:03:62:
                    5f:35:cd:c2:a7:c2:71:dc:eb:dd:20:72:04:18:0e:
                    84:82:92:52:42:b4:7b:cb:32:18:97:fd:27:17:90:
                    b8:d2:65:94:65:f6:ca:e9:6d:62:c5:91:4c:d8:bc:
                    ff:d2:52:d7:07:ef:67:49:6d:07:38:88:ac:fa:48:
                    9d:a9:32:d0:94:d7:5c:38:c0:ef:0a:61:b2:78:68:
                    97:07:47:10:e3:76:08:7a:11:52:2d:eb:0d:31:25:
                    e2:aa:9e:53:5a:19:9c:ac:f3:a7:aa:8f:a9:14:7a:
                    fc:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:35:E3:2C:92:66:55:63:1E:1D:4C:70:70:8A:1B:A6:5A:AF:66:A9
            X509v3 Authority Key Identifier:
                keyid:D8:07:3D:06:B5:86:52:F8:49:FA:8B:CF:3C:EC:6B:95:09:09:BD:68

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Ac9BrWGUvhJ-ovPPOxrlQkJvWg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/721920-939b-412b-a3c5-2329d79c4ae3/1/JjXjLJJmVWMeHUxwcIobplqvZqk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/721920-939b-412b-a3c5-2329d79c4ae3/1/2Ac9BrWGUvhJ-ovPPOxrlQkJvWg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.18.4.0/22
                IPv6:
                  2a03:f1c0::/32

    Signature Algorithm: sha256WithRSAEncryption
         06:cf:01:a5:ee:7d:a4:40:16:f6:48:81:dd:7c:ae:7e:8b:fb:
         23:06:d6:5a:c8:b5:b2:b1:93:03:f8:b2:b3:ea:a3:c1:0a:f5:
         d8:d6:e9:ed:4d:ea:64:53:c3:c7:41:c6:21:7b:b1:e6:3a:d3:
         44:ca:c6:78:9a:62:a9:3a:82:19:19:0b:4c:54:9b:f4:fc:06:
         df:4d:9b:ac:46:3e:fe:05:a4:9e:60:87:de:d9:43:43:cd:63:
         c3:12:5e:de:fd:35:f9:35:52:a2:cd:e1:4f:dd:7e:36:11:ba:
         d5:79:f8:9f:ad:37:ed:ad:91:4a:a8:e6:b1:c0:0c:6f:03:cb:
         3a:5a:ef:dd:30:3d:6e:ad:8c:85:d0:56:ba:9a:57:e4:04:49:
         33:f6:9b:38:75:11:22:89:4e:96:bd:fb:f7:f7:d4:c4:75:33:
         11:cd:9b:1f:27:90:a4:e1:4c:c0:c6:55:fd:6c:d2:a2:60:74:
         e6:67:55:ac:8b:12:18:88:5a:8e:a7:24:70:a5:f2:91:a2:a4:
         5c:ba:ff:a4:24:6f:71:90:8a:9b:5f:36:3a:93:ec:6f:10:83:
         01:3b:3d:47:4f:6c:92:00:90:e4:3d:d8:42:b4:67:e6:82:73:
         2a:cb:8e:9a:a9:1a:11:13:4d:4c:1e:87:84:25:1f:02:d7:96:
         30:37:07:32
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYfG6vuf6KeB+c7/pvpOmdgeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MDczZDA2YjU4NjUyZjg0OWZhOGJjZjNjZWM2Yjk1MDkw
OWJkNjgwHhcNMjMwNDI4MDgxMTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjM1ZTMyYzkyNjY1NTYzMWUxZDRjNzA3MDhhMWJhNjVhYWY2NmE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkR3f1e3EhnPKacJfKwjNWZqOjr9W
sEy2NdHoNtHrBrPbJ9MTBtq4nqmV9oLChTv2ASbW5Ew69rkTStWeYKi8Cj6Frbqs
jvetw0fwWPFhPoXo6XI6l9dNEuwtjcxjKzuK6dI6cDOLQEVfQDncjBQc8wYuxRPj
wbwPqWvvMA961Tmy0epyupSo15ZKDMfTU3SdeWCgA2JfNc3Cp8Jx3OvdIHIEGA6E
gpJSQrR7yzIYl/0nF5C40mWUZfbK6W1ixZFM2Lz/0lLXB+9nSW0HOIis+kidqTLQ
lNdcOMDvCmGyeGiXB0cQ43YIehFSLesNMSXiqp5TWhmcrPOnqo+pFHr8FQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCY14yySZlVjHh1McHCKG6Zar2apMB8GA1UdIwQY
MBaAFNgHPQa1hlL4SfqLzzzsa5UJCb1oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkFjOUJyV0dVdmhKLW92UFBPeHJsUWtKdldnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83MjE5MjAtOTM5Yi00MTJiLWEzYzUt
MjMyOWQ3OWM0YWUzLzEvSmpYakxKSm1WV01lSFV4d2NJb2JwbHF2WnFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83MjE5MjAtOTM5Yi00MTJiLWEzYzUtMjMyOWQ3OWM0YWUz
LzEvMkFjOUJyV0dVdmhKLW92UFBPeHJsUWtKdldnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuRIEMA0E
AgACMAcDBQAqA/HAMA0GCSqGSIb3DQEBCwUAA4IBAQAGzwGl7n2kQBb2SIHdfK5+
i/sjBtZayLWysZMD+LKz6qPBCvXY1untTepkU8PHQcYhe7HmOtNEysZ4mmKpOoIZ
GQtMVJv0/AbfTZusRj7+BaSeYIfe2UNDzWPDEl7e/TX5NVKizeFP3X42EbrVefif
rTftrZFKqOaxwAxvA8s6Wu/dMD1urYyF0Fa6mlfkBEkz9ps4dREiiU6Wvfv399TE
dTMRzZsfJ5Ck4UzAxlX9bNKiYHTmZ1WsixIYiFqOpyRwpfKRoqRcuv+kJG9xkIqb
XzY6k+xvEIMBOz1HT2ySAJDkPdhCtGfmgnMqy46aqRoRE01MHoeEJR8C15YwNwcy
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:06 2024 by rpki-client on console-ams.rpki-client.org