Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/JDJZ6D_STBj5T3pGf-IrMJnximg.roa
File:                     JDJZ6D_STBj5T3pGf-IrMJnximg.roa (raw, json)
Hash identifier:          kVVt5zfQG4x+R16hQHyCi7UV2d7hp2w+yEUoSJ8MPCI=
Subject key identifier:   24:32:59:E8:3F:D2:4C:18:F9:4F:7A:46:7F:E2:2B:30:99:F1:8A:68
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       018852750088EE6ED5EA4B67D5BF34494213
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/JDJZ6D_STBj5T3pGf-IrMJnximg.roa
Signing time:             Thu 25 May 2023 10:29:39 +0000
ROA not before:           Thu 25 May 2023 10:29:39 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     143158
IP address blocks:        192.159.99.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 26 May 2023 08:59:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:52:75:00:88:ee:6e:d5:ea:4b:67:d5:bf:34:49:42:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: May 25 10:29:39 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=243259e83fd24c18f94f7a467fe22b3099f18a68
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:e1:8a:42:50:16:29:fa:0d:7d:96:66:ad:5e:
                    1d:87:5f:0a:cc:45:db:84:74:1b:47:08:12:97:32:
                    3b:35:8a:b7:96:de:f7:c3:2d:c2:7a:ff:b5:01:50:
                    d3:45:b9:11:32:f8:e5:85:b7:32:1b:25:8f:0a:83:
                    f4:fb:38:54:5f:d7:1e:10:23:e3:1a:c9:3a:0a:75:
                    21:35:9a:93:de:e5:37:af:02:ea:a7:df:e7:0e:b5:
                    e2:89:a8:59:57:6c:f0:f4:d8:f3:41:c6:d4:d5:e8:
                    f5:8c:14:d9:a9:14:3d:6a:cc:6e:b9:57:ff:dd:86:
                    2f:de:c2:d1:ec:51:53:fd:a9:26:9f:2a:0e:91:76:
                    db:9b:7c:24:68:3c:ca:41:97:f8:08:b2:0b:6b:3e:
                    0a:41:33:b4:c3:82:b5:a9:73:53:00:c0:b7:55:81:
                    dc:ee:a5:32:c6:94:70:45:54:e9:8f:57:2b:9a:e9:
                    16:b2:a6:8c:fd:2e:06:8d:cf:26:6e:f5:64:85:05:
                    44:25:42:d7:b5:cb:2b:22:21:80:8a:aa:93:33:7b:
                    73:97:bc:16:31:94:7a:fc:98:39:92:49:44:38:c8:
                    b4:65:13:5a:59:d2:ad:49:24:70:8d:e3:53:30:f1:
                    49:74:90:bb:44:59:2a:59:d2:22:85:2a:8e:88:4b:
                    a9:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:32:59:E8:3F:D2:4C:18:F9:4F:7A:46:7F:E2:2B:30:99:F1:8A:68
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/JDJZ6D_STBj5T3pGf-IrMJnximg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.159.99.0/24

    Signature Algorithm: sha256WithRSAEncryption
         81:24:6b:f4:81:15:82:11:8c:d3:a1:8d:0b:f2:10:cc:ab:0d:
         01:54:b7:e6:78:51:45:a4:99:ab:db:96:84:c2:27:5b:7d:65:
         17:57:8d:25:cd:b0:8d:1b:41:42:5d:eb:2c:eb:b3:90:1a:2d:
         26:54:ee:96:74:98:1b:e9:6f:1f:a0:cd:56:ed:00:bb:3b:00:
         84:6e:86:cc:36:a7:a2:e7:d7:45:66:e2:2a:88:d6:00:e2:76:
         1a:c5:83:d1:0c:22:94:ac:7c:ab:18:f6:47:0c:36:6e:86:45:
         11:ac:cb:01:86:78:60:6c:3a:aa:13:32:8c:bf:78:9a:91:a3:
         a6:66:aa:f7:2f:48:49:70:46:4e:c3:4f:03:f6:80:f0:18:fc:
         f0:53:a6:8d:fd:21:c7:66:90:7f:2b:64:a1:cf:0b:b5:2e:fe:
         70:e1:1d:dc:a2:79:26:48:8b:e2:c1:ea:ab:17:7b:97:a8:25:
         8c:11:b3:5b:34:32:61:15:62:89:23:e2:8b:12:e1:b3:fb:45:
         3b:97:82:82:7d:25:e7:5e:b3:3d:bd:64:60:6e:10:86:db:12:
         c1:af:f0:19:3a:1d:6b:9b:19:a3:86:05:78:8a:9a:c2:2f:01:
         99:53:9b:b9:31:8c:1c:2c:db:51:09:e7:db:03:67:e8:97:6f:
         47:b2:01:64
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYhSdQCI7m7V6ktn1b80SUITMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNTI1MTAyOTM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDMyNTllODNmZDI0YzE4Zjk0ZjdhNDY3ZmUyMmIzMDk5ZjE4YTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk+GKQlAWKfoNfZZmrV4dh18KzEXb
hHQbRwgSlzI7NYq3lt73wy3Cev+1AVDTRbkRMvjlhbcyGyWPCoP0+zhUX9ceECPj
Gsk6CnUhNZqT3uU3rwLqp9/nDrXiiahZV2zw9NjzQcbU1ej1jBTZqRQ9asxuuVf/
3YYv3sLR7FFT/akmnyoOkXbbm3wkaDzKQZf4CLILaz4KQTO0w4K1qXNTAMC3VYHc
7qUyxpRwRVTpj1crmukWsqaM/S4Gjc8mbvVkhQVEJULXtcsrIiGAiqqTM3tzl7wW
MZR6/Jg5kklEOMi0ZRNaWdKtSSRwjeNTMPFJdJC7RFkqWdIihSqOiEupFQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCQyWeg/0kwY+U96Rn/iKzCZ8YpoMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvSkRKWjZEX1NUQmo1VDNwR2YtSXJNSm54aW1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwJ9jMA0G
CSqGSIb3DQEBCwUAA4IBAQCBJGv0gRWCEYzToY0L8hDMqw0BVLfmeFFFpJmr25aE
widbfWUXV40lzbCNG0FCXess67OQGi0mVO6WdJgb6W8foM1W7QC7OwCEbobMNqei
59dFZuIqiNYA4nYaxYPRDCKUrHyrGPZHDDZuhkURrMsBhnhgbDqqEzKMv3iakaOm
Zqr3L0hJcEZOw08D9oDwGPzwU6aN/SHHZpB/K2Shzwu1Lv5w4R3conkmSIviweqr
F3uXqCWMEbNbNDJhFWKJI+KLEuGz+0U7l4KCfSXnXrM9vWRgbhCG2xLBr/AZOh1r
mxmjhgV4iprCLwGZU5u5MYwcLNtRCefbA2fol29HsgFk
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:10 2024 by rpki-client on console-ams.rpki-client.org