Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/88fdd1-8b7b-4101-ac66-b590957d9415/1/j39tTHJPZtoSsNAUwlUaGIW4DJs.roa
File:                     j39tTHJPZtoSsNAUwlUaGIW4DJs.roa (raw, json)
Hash identifier:          ThfMIy/TsLTZrPw82GfMtcfpsOsG6hjjeFnp/yl2UcQ=
Subject key identifier:   8F:7F:6D:4C:72:4F:66:DA:12:B0:D0:14:C2:55:1A:18:85:B8:0C:9B
Certificate issuer:       /CN=5e1bf6a319da2489816aedba1b4fd0cc7ddf3e1e
Certificate serial:       01876FC621CB8F82394D6966D04F6C83E3D6
Authority key identifier: 5E:1B:F6:A3:19:DA:24:89:81:6A:ED:BA:1B:4F:D0:CC:7D:DF:3E:1E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Xhv2oxnaJImBau26G0_QzH3fPh4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e2/88fdd1-8b7b-4101-ac66-b590957d9415/1/j39tTHJPZtoSsNAUwlUaGIW4DJs.roa
Signing time:             Tue 11 Apr 2023 10:04:28 +0000
ROA not before:           Tue 11 Apr 2023 10:04:28 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     39386
IP address blocks:        84.235.56.0/23 maxlen: 23
                          178.86.50.0/24 maxlen: 24
                          37.224.192.0/24 maxlen: 24
                          84.235.95.0/24 maxlen: 24
                          84.235.0.0/17 maxlen: 17
                          84.235.111.0/24 maxlen: 24
                          84.235.0.0/24 maxlen: 24
                          84.235.110.0/24 maxlen: 24
                          84.235.109.0/24 maxlen: 24
                          84.235.108.0/24 maxlen: 24
                          84.235.120.0/22 maxlen: 22
                          84.235.14.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 13 Apr 2023 12:33:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:6f:c6:21:cb:8f:82:39:4d:69:66:d0:4f:6c:83:e3:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5e1bf6a319da2489816aedba1b4fd0cc7ddf3e1e
        Validity
            Not Before: Apr 11 10:04:28 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8f7f6d4c724f66da12b0d014c2551a1885b80c9b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:64:44:3c:a4:c3:f0:76:88:7a:00:a9:e4:6c:
                    eb:bc:b0:3a:2b:f9:8a:d4:4c:ed:e1:34:57:ee:70:
                    e2:c4:9e:9d:63:0f:ef:62:9a:bb:34:87:7d:4d:67:
                    ac:c1:81:7e:d1:1a:15:17:9e:cd:4a:79:fe:7f:f8:
                    5d:27:b8:5b:1b:a6:ce:e6:04:b0:03:51:ff:16:6a:
                    8e:5c:f3:44:bd:c9:fe:75:f6:fd:77:fa:58:96:63:
                    f9:25:d1:d8:c1:80:ef:48:06:d9:1e:3f:fe:35:f5:
                    10:a0:59:b7:51:8a:33:0b:de:42:24:b1:44:10:2e:
                    39:bc:32:2c:4b:f4:3d:a4:1a:f7:34:4d:6d:5f:fd:
                    93:ac:5d:ed:de:cf:b6:68:32:e7:a8:b4:57:75:e8:
                    40:ab:af:3c:30:7f:3b:78:c0:1c:e4:0d:9c:e6:5e:
                    39:f0:a3:75:ac:91:07:1c:e3:11:2b:84:45:8f:93:
                    fa:02:b5:64:65:b7:e8:51:1f:a3:36:37:cb:f7:17:
                    18:a4:70:3f:a0:52:17:e9:37:b9:39:40:ca:21:62:
                    f3:1d:fe:bb:28:18:80:a4:e5:5c:8d:4a:4c:21:8c:
                    dc:77:74:25:f8:3d:51:a3:f5:8c:81:b4:2c:d4:a3:
                    85:c6:9c:fd:36:37:12:eb:62:e7:2b:39:51:4a:69:
                    16:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:7F:6D:4C:72:4F:66:DA:12:B0:D0:14:C2:55:1A:18:85:B8:0C:9B
            X509v3 Authority Key Identifier:
                keyid:5E:1B:F6:A3:19:DA:24:89:81:6A:ED:BA:1B:4F:D0:CC:7D:DF:3E:1E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xhv2oxnaJImBau26G0_QzH3fPh4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/88fdd1-8b7b-4101-ac66-b590957d9415/1/j39tTHJPZtoSsNAUwlUaGIW4DJs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/88fdd1-8b7b-4101-ac66-b590957d9415/1/Xhv2oxnaJImBau26G0_QzH3fPh4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.224.192.0/24
                  84.235.0.0/17
                  178.86.50.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3b:e2:8d:7c:22:51:70:46:7a:02:c5:99:cd:36:20:6c:08:d7:
         5e:6a:eb:77:93:11:40:eb:33:54:2d:0f:ab:d8:a3:b9:6e:68:
         bc:d1:de:5a:1e:ec:65:81:2a:08:df:24:c8:47:73:fd:a1:51:
         5e:5f:64:37:e1:33:4d:7b:b0:e4:63:95:07:b5:04:a6:41:58:
         c5:ac:7e:49:5d:93:db:5f:26:af:97:f1:f8:c9:38:ba:c0:27:
         77:b5:22:20:2b:41:be:2f:74:55:68:88:ad:9e:3d:77:8f:75:
         9d:63:3f:4d:2d:dc:22:1d:23:23:0c:c6:bb:d9:b9:e9:14:77:
         7d:a9:6a:a3:64:cf:4f:ac:61:e8:26:07:45:a9:04:ee:29:87:
         9d:4c:15:0f:e4:a5:4c:06:a2:75:1f:b5:31:98:03:4c:ea:89:
         67:2d:5b:be:38:e2:e4:8c:c5:4f:30:42:75:0f:ae:3b:ca:53:
         94:ee:52:73:ef:5a:ab:a6:16:96:c8:5e:1b:cd:50:6b:a9:27:
         16:af:4d:39:5e:4e:77:75:f7:12:30:06:7e:1f:f6:e0:f7:1c:
         64:19:13:4d:71:da:cc:04:d2:ef:6d:4e:35:af:78:6f:de:c9:
         cc:24:3d:dc:85:bd:ff:09:b4:95:a6:5d:36:8b:46:14:1e:79:
         aa:7c:16:d4
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYdvxiHLj4I5TWlm0E9sg+PWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlMWJmNmEzMTlkYTI0ODk4MTZhZWRiYTFiNGZkMGNjN2Rk
ZjNlMWUwHhcNMjMwNDExMTAwNDI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjdmNmQ0YzcyNGY2NmRhMTJiMGQwMTRjMjU1MWExODg1YjgwYzliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnGREPKTD8HaIegCp5GzrvLA6K/mK
1Ezt4TRX7nDixJ6dYw/vYpq7NId9TWeswYF+0RoVF57NSnn+f/hdJ7hbG6bO5gSw
A1H/FmqOXPNEvcn+dfb9d/pYlmP5JdHYwYDvSAbZHj/+NfUQoFm3UYozC95CJLFE
EC45vDIsS/Q9pBr3NE1tX/2TrF3t3s+2aDLnqLRXdehAq688MH87eMAc5A2c5l45
8KN1rJEHHOMRK4RFj5P6ArVkZbfoUR+jNjfL9xcYpHA/oFIX6Te5OUDKIWLzHf67
KBiApOVcjUpMIYzcd3Ql+D1Ro/WMgbQs1KOFxpz9NjcS62LnKzlRSmkWKwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFI9/bUxyT2baErDQFMJVGhiFuAybMB8GA1UdIwQY
MBaAFF4b9qMZ2iSJgWrtuhtP0Mx93z4eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGh2Mm94bmFKSW1CYXUyNkcwX1F6SDNmUGg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi84OGZkZDEtOGI3Yi00MTAxLWFjNjYt
YjU5MDk1N2Q5NDE1LzEvajM5dFRISlBadG9Tc05BVXdsVWFHSVc0REpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi84OGZkZDEtOGI3Yi00MTAxLWFjNjYtYjU5MDk1N2Q5NDE1
LzEvWGh2Mm94bmFKSW1CYXUyNkcwX1F6SDNmUGg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAJeDAAwQH
VOsAAwQAslYyMA0GCSqGSIb3DQEBCwUAA4IBAQA74o18IlFwRnoCxZnNNiBsCNde
aut3kxFA6zNULQ+r2KO5bmi80d5aHuxlgSoI3yTIR3P9oVFeX2Q34TNNe7DkY5UH
tQSmQVjFrH5JXZPbXyavl/H4yTi6wCd3tSIgK0G+L3RVaIitnj13j3WdYz9NLdwi
HSMjDMa72bnpFHd9qWqjZM9PrGHoJgdFqQTuKYedTBUP5KVMBqJ1H7UxmANM6oln
LVu+OOLkjMVPMEJ1D647ylOU7lJz71qrphaWyF4bzVBrqScWr005Xk53dfcSMAZ+
H/bg9xxkGRNNcdrMBNLvbU41r3hv3snMJD3chb3/CbSVpl02i0YUHnmqfBbU
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:10 2024 by rpki-client on console-fra.rpki-client.org