Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/JMgOieJyFoGd2xQLjTGPPVUmLag.roa
File:                     JMgOieJyFoGd2xQLjTGPPVUmLag.roa (raw, json)
Hash identifier:          nx0bYtAKnKkCiAYtrPFUo60Xq1phhyqp9pyRGRu+TTA=
Subject key identifier:   24:C8:0E:89:E2:72:16:81:9D:DB:14:0B:8D:31:8F:3D:55:26:2D:A8
Certificate issuer:       /CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Certificate serial:       018BB84B7F1FF9B099C1D3DACD96FD4ADC99
Authority key identifier: 93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/JMgOieJyFoGd2xQLjTGPPVUmLag.roa
Signing time:             Fri 10 Nov 2023 08:13:57 +0000
ROA not before:           Fri 10 Nov 2023 08:13:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     400899
IP address blocks:        88.214.54.0/23 maxlen: 23
                          88.214.52.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Mon 13 Nov 2023 05:56:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:b8:4b:7f:1f:f9:b0:99:c1:d3:da:cd:96:fd:4a:dc:99
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
        Validity
            Not Before: Nov 10 08:13:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=24c80e89e27216819ddb140b8d318f3d55262da8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:f6:da:b0:27:1e:1c:62:97:62:22:59:5a:12:
                    2a:21:7c:19:79:67:28:b2:07:a7:d4:0c:08:50:58:
                    f7:36:4b:a4:a9:c7:28:4a:d7:ab:37:56:19:1e:4b:
                    e8:c3:41:74:4e:38:b9:d4:34:c5:d4:1c:8a:1e:cc:
                    c3:2b:5c:bd:21:a3:76:ee:61:b2:71:d7:e3:51:31:
                    9d:ef:98:28:07:0d:d2:39:3e:d9:7e:cc:24:6e:99:
                    46:17:cd:ac:fe:00:e1:84:e0:5b:66:e5:32:b8:17:
                    e3:60:a3:16:2f:8b:d2:31:2f:4b:17:b5:f1:c2:26:
                    ca:6c:9d:0a:55:cd:5d:b0:c7:85:b0:a4:4a:1d:49:
                    bd:8b:1a:bc:de:ea:67:c9:f9:8a:a1:d2:87:ff:97:
                    21:b9:53:77:36:c0:3f:29:6e:c7:2a:e6:80:38:da:
                    3e:c4:01:94:12:09:99:b1:c6:c7:d0:26:46:f6:e4:
                    8f:56:9d:29:09:6b:86:b3:80:32:47:4e:ee:90:05:
                    66:78:21:ba:77:b2:aa:53:c3:37:9d:9d:b8:2c:f1:
                    aa:49:a5:d3:7f:d1:3d:36:d8:d7:78:3b:0d:a7:85:
                    a9:ff:f7:e6:61:e2:a9:47:c9:dd:37:02:9f:75:dc:
                    15:0c:de:65:52:64:be:a6:da:3e:2e:a8:ad:da:d6:
                    ca:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:C8:0E:89:E2:72:16:81:9D:DB:14:0B:8D:31:8F:3D:55:26:2D:A8
            X509v3 Authority Key Identifier:
                keyid:93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/JMgOieJyFoGd2xQLjTGPPVUmLag.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  88.214.52.0/22

    Signature Algorithm: sha256WithRSAEncryption
         82:a2:e5:90:4f:4f:40:23:cc:99:c2:64:76:6b:d8:97:46:4e:
         78:7e:02:d8:d9:1c:ec:cc:2f:2e:f2:0a:d0:42:dc:60:d5:2a:
         24:28:16:1b:a6:11:e1:2e:6a:1b:44:75:79:cb:f3:7a:16:fb:
         39:a0:dc:00:e1:91:0d:52:2e:48:a3:13:8a:0a:95:93:b4:8a:
         47:5b:56:e2:fe:53:9c:40:ec:54:57:d7:95:f1:19:d8:a6:3b:
         42:0f:24:e8:75:81:d9:3b:da:1a:c4:b5:da:48:2b:12:e3:de:
         e9:e2:2f:38:45:2c:b8:ab:2f:9a:aa:a5:57:07:7c:89:e2:1e:
         96:a2:ce:1e:95:d4:ca:a0:0b:79:77:7a:8e:66:d5:f0:3c:5d:
         9b:a0:56:39:df:ad:37:a5:92:1e:3a:cc:fe:0c:d9:e3:96:9c:
         5c:86:36:f9:cd:62:36:27:f6:f4:75:4a:6e:8e:39:b5:da:a3:
         62:68:09:61:76:0e:eb:16:fc:11:d0:ef:62:1f:14:b6:df:ee:
         30:14:98:ff:fc:d4:47:1f:be:08:d1:23:64:f0:70:c9:c6:ce:
         d6:2a:50:7b:d1:41:05:1c:02:0b:2d:ef:f7:22:10:f4:ff:7b:
         e2:70:f6:f9:66:8b:a5:f3:3a:35:fe:2c:73:bb:98:90:1d:00:
         a1:5d:2b:ca
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYu4S38f+bCZwdPazZb9StyZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjc3ZDdjYjkyNzFjZTM2MTI1NmU5ODMzY2M3YjE0ZmQw
MjNlYmUwHhcNMjMxMTEwMDgxMzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGM4MGU4OWUyNzIxNjgxOWRkYjE0MGI4ZDMxOGYzZDU1MjYyZGE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnvbasCceHGKXYiJZWhIqIXwZeWco
sgen1AwIUFj3NkukqccoSterN1YZHkvow0F0Tji51DTF1ByKHszDK1y9IaN27mGy
cdfjUTGd75goBw3SOT7ZfswkbplGF82s/gDhhOBbZuUyuBfjYKMWL4vSMS9LF7Xx
wibKbJ0KVc1dsMeFsKRKHUm9ixq83upnyfmKodKH/5chuVN3NsA/KW7HKuaAONo+
xAGUEgmZscbH0CZG9uSPVp0pCWuGs4AyR07ukAVmeCG6d7KqU8M3nZ24LPGqSaXT
f9E9NtjXeDsNp4Wp//fmYeKpR8ndNwKfddwVDN5lUmS+pto+Lqit2tbKTwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCTIDonichaBndsUC40xjz1VJi2oMB8GA1UdIwQY
MBaAFJNnfXy5JxzjYSVumDPMexT9Aj6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYt
OTlhY2I5OWNlNzU0LzEvSk1nT2llSnlGb0dkMnhRTGpUR1BQVlVtTGFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYtOTlhY2I5OWNlNzU0
LzEvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCWNY0MA0G
CSqGSIb3DQEBCwUAA4IBAQCCouWQT09AI8yZwmR2a9iXRk54fgLY2RzszC8u8grQ
Qtxg1SokKBYbphHhLmobRHV5y/N6Fvs5oNwA4ZENUi5IoxOKCpWTtIpHW1bi/lOc
QOxUV9eV8RnYpjtCDyTodYHZO9oaxLXaSCsS497p4i84RSy4qy+aqqVXB3yJ4h6W
os4eldTKoAt5d3qOZtXwPF2boFY53603pZIeOsz+DNnjlpxchjb5zWI2J/b0dUpu
jjm12qNiaAlhdg7rFvwR0O9iHxS23+4wFJj//NRHH74I0SNk8HDJxs7WKlB70UEF
HAILLe/3IhD0/3vicPb5Zoul8zo1/ixzu5iQHQChXSvK
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:48 2024 by rpki-client on console-ams.rpki-client.org