Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/J9JFcTug4aDbEAaCh_WNoXIc_mk.roa
File:                     J9JFcTug4aDbEAaCh_WNoXIc_mk.roa (raw, json)
Hash identifier:          VXNdRLCMnNLcYGgo+Bmet9LQMcm6lKgrD8I4GWqkDwQ=
Subject key identifier:   27:D2:45:71:3B:A0:E1:A0:DB:10:06:82:87:F5:8D:A1:72:1C:FE:69
Certificate issuer:       /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial:       018EA773C254FAB2C7F00A7E95680746C234
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/J9JFcTug4aDbEAaCh_WNoXIc_mk.roa
Signing time:             Thu 04 Apr 2024 04:52:45 +0000
ROA not before:           Thu 04 Apr 2024 04:52:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     7018
IP address blocks:        5.182.187.0/24 maxlen: 24
                          5.182.198.0/24 maxlen: 24
                          31.132.54.0/23 maxlen: 23
                          63.246.130.0/24 maxlen: 24
                          63.246.131.0/24 maxlen: 24
                          63.246.132.0/24 maxlen: 24
                          63.246.133.0/24 maxlen: 24
                          63.246.137.0/24 maxlen: 24
                          63.246.144.0/24 maxlen: 24
                          63.246.150.0/24 maxlen: 24
                          63.246.151.0/24 maxlen: 24
                          63.246.158.0/24 maxlen: 24
                          78.31.204.0/24 maxlen: 24
                          94.154.170.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 27 Jun 2024 18:03:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:a7:73:c2:54:fa:b2:c7:f0:0a:7e:95:68:07:46:c2:34
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
        Validity
            Not Before: Apr  4 04:52:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=27d245713ba0e1a0db10068287f58da1721cfe69
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:7a:97:b2:4a:21:26:ec:50:bb:f7:41:1a:a7:
                    0a:13:9f:bb:01:0d:db:aa:f6:90:b1:c3:77:56:50:
                    a7:a5:7d:7d:c0:e8:fd:ee:6c:35:69:d7:41:93:39:
                    46:da:ab:a6:f9:82:f5:c1:16:fc:e5:93:84:b5:aa:
                    d6:ac:1a:b4:b4:9c:21:58:8e:07:41:f3:55:89:62:
                    84:73:4a:6c:65:6c:58:78:1c:63:f8:bf:42:b5:12:
                    8e:66:7d:ed:31:55:cf:e7:7a:9b:e3:64:28:44:2b:
                    ea:96:84:62:0d:99:9f:06:01:d4:46:36:75:b8:fd:
                    92:3b:61:8e:e0:1c:f1:a4:29:71:e9:f1:f4:99:8a:
                    fb:d1:17:8b:4d:5a:76:7d:a7:f8:b8:9d:1f:ec:af:
                    b7:73:c2:40:b3:73:4a:e8:14:de:6d:1c:bc:ca:41:
                    2a:81:63:98:d2:2b:b7:e5:87:d2:48:b0:63:44:07:
                    fa:96:9f:5d:c5:81:19:3f:cb:e5:87:0d:46:e3:08:
                    67:8e:da:45:5d:47:ec:05:fa:93:84:15:98:55:62:
                    53:db:44:45:5d:d5:7f:c9:3b:40:d6:aa:37:80:23:
                    c3:a0:67:36:78:db:02:bc:87:21:81:ff:7b:92:bd:
                    4b:48:1f:1d:7d:de:50:64:9e:53:01:1e:96:37:43:
                    0e:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:D2:45:71:3B:A0:E1:A0:DB:10:06:82:87:F5:8D:A1:72:1C:FE:69
            X509v3 Authority Key Identifier:
                keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/J9JFcTug4aDbEAaCh_WNoXIc_mk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.182.187.0/24
                  5.182.198.0/24
                  31.132.54.0/23
                  63.246.130.0-63.246.133.255
                  63.246.137.0/24
                  63.246.144.0/24
                  63.246.150.0/23
                  63.246.158.0/24
                  78.31.204.0/24
                  94.154.170.0/24

    Signature Algorithm: sha256WithRSAEncryption
         83:04:72:ce:e2:91:b7:58:93:6d:db:d6:a1:09:8c:ff:8f:dc:
         c7:a1:eb:6c:d8:6e:1f:6c:f6:58:01:bf:65:6d:32:bf:bd:ce:
         99:89:2b:f3:f3:be:6f:ff:c4:05:73:01:bb:0b:3d:82:f1:bd:
         1d:e6:6d:45:19:f9:3a:4a:68:a1:8f:ca:cd:f4:53:7c:27:4f:
         38:fa:28:a4:21:a4:a0:c7:ad:83:98:d5:2d:ae:08:a2:1f:69:
         e4:cc:21:f2:79:11:9e:38:6f:1e:f2:63:f3:1c:46:95:5c:21:
         a6:ce:d5:5d:da:b0:c8:41:d3:6d:25:48:cf:af:4f:a8:90:87:
         05:32:1f:1f:8c:4d:f1:35:c3:68:1f:44:e1:73:0c:ef:fa:7a:
         fd:11:a6:b4:da:b8:64:9c:fd:3a:5c:a6:51:33:71:74:45:0e:
         e8:27:87:d8:33:e7:0c:78:21:c7:be:30:43:b4:6e:15:99:aa:
         e7:2c:56:bd:99:ca:13:1c:87:38:1a:92:d3:22:3e:2c:15:2e:
         aa:61:35:2e:09:32:29:f9:31:77:2e:99:19:57:9b:0e:65:fe:
         c0:2d:bd:4a:0f:66:98:4d:1d:c6:b2:d9:40:3b:32:2c:67:b9:
         33:05:cb:21:3f:35:5f:bf:cf:59:5e:32:da:a0:67:c5:b9:66:
         91:7d:3f:09
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAY6nc8JU+rLH8Ap+lWgHRsI0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjQwNDA0MDQ1MjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyN2QyNDU3MTNiYTBlMWEwZGIxMDA2ODI4N2Y1OGRhMTcyMWNmZTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtnqXskohJuxQu/dBGqcKE5+7AQ3b
qvaQscN3VlCnpX19wOj97mw1addBkzlG2qum+YL1wRb85ZOEtarWrBq0tJwhWI4H
QfNViWKEc0psZWxYeBxj+L9CtRKOZn3tMVXP53qb42QoRCvqloRiDZmfBgHURjZ1
uP2SO2GO4BzxpClx6fH0mYr70ReLTVp2faf4uJ0f7K+3c8JAs3NK6BTebRy8ykEq
gWOY0iu35YfSSLBjRAf6lp9dxYEZP8vlhw1G4whnjtpFXUfsBfqThBWYVWJT20RF
XdV/yTtA1qo3gCPDoGc2eNsCvIchgf97kr1LSB8dfd5QZJ5TAR6WN0MOgQIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFCfSRXE7oOGg2xAGgof1jaFyHP5pMB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvSjlKRmNUdWc0YURiRUFhQ2hfV05vWEljX21rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQABba7AwQA
BbbGAwQBH4Q2MAwDBAE/9oIDBAE/9oQDBAA/9okDBAA/9pADBAE/9pYDBAA/9p4D
BABOH8wDBABemqowDQYJKoZIhvcNAQELBQADggEBAIMEcs7ikbdYk23b1qEJjP+P
3Meh62zYbh9s9lgBv2VtMr+9zpmJK/Pzvm//xAVzAbsLPYLxvR3mbUUZ+TpKaKGP
ys30U3wnTzj6KKQhpKDHrYOY1S2uCKIfaeTMIfJ5EZ44bx7yY/McRpVcIabO1V3a
sMhB020lSM+vT6iQhwUyHx+MTfE1w2gfROFzDO/6ev0RprTauGSc/TpcplEzcXRF
Dugnh9gz5wx4Ice+MEO0bhWZqucsVr2ZyhMchzgaktMiPiwVLqphNS4JMin5MXcu
mRlXmw5l/sAtvUoPZphNHcay2UA7MixnuTMFyyE/NV+/z1leMtqgZ8W5ZpF9Pwk=
-----END CERTIFICATE-----
Generated at Fri Jun 28 00:03:54 2024 by rpki-client on console-ams.rpki-client.org