Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/b3987a-4504-4749-9d73-df572fe9672a/1/jLqABEt5cVIt0iu0jhkLqIoBeiM.roa
File:                     jLqABEt5cVIt0iu0jhkLqIoBeiM.roa (raw, json)
Hash identifier:          qarsIJp8SYqnrM5aJ9svppYTNmSsAXRpR/9lKQ4iAD0=
Subject key identifier:   8C:BA:80:04:4B:79:71:52:2D:D2:2B:B4:8E:19:0B:A8:8A:01:7A:23
Certificate issuer:       /CN=dbb396dfa951ec4157f211e5ed740ed97e1b0f3f
Certificate serial:       018FE494CB2D78E9E0796DC294C516516C4B
Authority key identifier: DB:B3:96:DF:A9:51:EC:41:57:F2:11:E5:ED:74:0E:D9:7E:1B:0F:3F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/27OW36lR7EFX8hHl7XQO2X4bDz8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e9/b3987a-4504-4749-9d73-df572fe9672a/1/jLqABEt5cVIt0iu0jhkLqIoBeiM.roa
Signing time:             Tue 04 Jun 2024 18:48:27 +0000
ROA not before:           Tue 04 Jun 2024 18:48:27 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     44559
IP address blocks:        86.111.224.0/24 maxlen: 24
                          86.111.225.0/24 maxlen: 24
                          86.111.226.0/24 maxlen: 24
                          86.111.227.0/24 maxlen: 24
                          86.111.229.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 06 Jun 2024 20:14:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:e4:94:cb:2d:78:e9:e0:79:6d:c2:94:c5:16:51:6c:4b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dbb396dfa951ec4157f211e5ed740ed97e1b0f3f
        Validity
            Not Before: Jun  4 18:48:27 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=8cba80044b7971522dd22bb48e190ba88a017a23
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:e6:f0:23:d2:02:cd:5c:73:cd:4b:e4:89:16:
                    d5:ac:43:0a:e9:59:78:74:43:d1:9c:42:09:95:fb:
                    37:d5:b5:a7:94:32:8b:94:f6:75:d2:bd:8b:20:42:
                    b6:26:95:db:13:ab:22:39:e2:8b:e4:a0:f7:dd:e7:
                    c7:fe:15:46:62:dd:f7:b1:32:14:06:4e:77:22:b4:
                    aa:c8:04:29:f4:e6:cc:2c:b5:5c:ed:e4:0a:37:5b:
                    9e:4c:44:e6:20:7e:a7:ae:b6:c0:fa:6f:ca:09:27:
                    51:64:f2:56:a3:4b:37:2a:88:2b:76:4a:50:1a:c8:
                    8f:5f:52:6b:1c:ec:54:a3:46:90:79:bc:21:b7:ab:
                    5b:eb:8c:f3:e9:59:9c:90:6d:b6:74:3f:63:66:4f:
                    31:24:86:3a:40:ea:32:1a:a3:86:14:0a:6d:83:ee:
                    5e:42:e8:22:dc:f4:2f:a4:57:7e:d1:02:b3:31:b9:
                    45:60:de:30:6a:93:3f:57:7b:9d:68:78:ca:11:24:
                    5c:4e:45:c1:2d:59:8f:80:fe:74:73:b3:cb:81:5a:
                    2a:d1:dd:a9:d4:a1:74:76:ff:06:02:98:c7:6e:0f:
                    09:67:64:cb:a2:fd:c1:f7:c6:08:06:07:fc:84:30:
                    ae:00:fb:d3:e4:ff:6c:80:5e:f2:08:64:55:6e:b9:
                    57:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:BA:80:04:4B:79:71:52:2D:D2:2B:B4:8E:19:0B:A8:8A:01:7A:23
            X509v3 Authority Key Identifier:
                keyid:DB:B3:96:DF:A9:51:EC:41:57:F2:11:E5:ED:74:0E:D9:7E:1B:0F:3F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/27OW36lR7EFX8hHl7XQO2X4bDz8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/b3987a-4504-4749-9d73-df572fe9672a/1/jLqABEt5cVIt0iu0jhkLqIoBeiM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/b3987a-4504-4749-9d73-df572fe9672a/1/27OW36lR7EFX8hHl7XQO2X4bDz8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  86.111.224.0/22
                  86.111.229.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5e:60:13:6c:4e:ef:35:cf:e6:5e:3f:64:ed:39:43:4f:20:60:
         7d:45:61:0e:d4:12:5a:f7:91:c2:2f:4a:d1:04:84:c7:80:9d:
         02:dd:70:29:6b:25:54:40:b8:43:88:26:a8:55:0a:88:fb:cd:
         7f:d8:58:b8:d8:9d:87:dc:24:70:b4:59:16:16:0e:40:9d:88:
         21:8e:b2:01:9d:8a:92:45:04:c6:9a:27:ed:55:7e:20:bf:dd:
         79:b4:de:1d:e5:9c:b4:d0:08:fb:77:2f:ff:50:88:8b:ec:e1:
         03:81:b9:f3:d6:06:51:31:fc:f3:96:4f:95:39:10:5f:0d:23:
         73:1f:16:22:2b:1b:13:c7:10:a0:32:39:a3:37:24:a5:0f:15:
         df:48:e7:ac:a8:ac:b7:35:cd:a0:ae:ce:c9:d5:c1:95:df:0f:
         0d:3d:8c:50:f8:aa:5d:88:ae:bb:f3:66:7e:7d:41:c6:e1:f4:
         9a:a5:ff:3f:0c:10:29:1e:37:6f:f6:25:84:4a:20:75:78:e7:
         85:a6:a5:7e:d5:6f:b4:4e:ad:93:3b:e9:12:24:bb:0e:1f:d7:
         ab:d2:ed:65:5b:30:0d:75:78:29:36:75:3f:3e:a0:39:05:a4:
         0a:ec:9f:73:6e:e3:a8:83:b0:37:39:55:32:6d:24:af:b9:d9:
         ff:c3:df:a6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY/klMsteOngeW3ClMUWUWxLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiYjM5NmRmYTk1MWVjNDE1N2YyMTFlNWVkNzQwZWQ5N2Ux
YjBmM2YwHhcNMjQwNjA0MTg0ODI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Y2JhODAwNDRiNzk3MTUyMmRkMjJiYjQ4ZTE5MGJhODhhMDE3YTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhubwI9ICzVxzzUvkiRbVrEMK6Vl4
dEPRnEIJlfs31bWnlDKLlPZ10r2LIEK2JpXbE6siOeKL5KD33efH/hVGYt33sTIU
Bk53IrSqyAQp9ObMLLVc7eQKN1ueTETmIH6nrrbA+m/KCSdRZPJWo0s3KogrdkpQ
GsiPX1JrHOxUo0aQebwht6tb64zz6VmckG22dD9jZk8xJIY6QOoyGqOGFAptg+5e
Qugi3PQvpFd+0QKzMblFYN4wapM/V3udaHjKESRcTkXBLVmPgP50c7PLgVoq0d2p
1KF0dv8GApjHbg8JZ2TLov3B98YIBgf8hDCuAPvT5P9sgF7yCGRVbrlXWQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIy6gARLeXFSLdIrtI4ZC6iKAXojMB8GA1UdIwQY
MBaAFNuzlt+pUexBV/IR5e10Dtl+Gw8/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjdPVzM2bFI3RUZYOGhIbDdYUU8yWDRiRHo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS9iMzk4N2EtNDUwNC00NzQ5LTlkNzMt
ZGY1NzJmZTk2NzJhLzEvakxxQUJFdDVjVkl0MGl1MGpoa0xxSW9CZWlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS9iMzk4N2EtNDUwNC00NzQ5LTlkNzMtZGY1NzJmZTk2NzJh
LzEvMjdPVzM2bFI3RUZYOGhIbDdYUU8yWDRiRHo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCVm/gAwQA
Vm/lMA0GCSqGSIb3DQEBCwUAA4IBAQBeYBNsTu81z+ZeP2TtOUNPIGB9RWEO1BJa
95HCL0rRBITHgJ0C3XApayVUQLhDiCaoVQqI+81/2Fi42J2H3CRwtFkWFg5AnYgh
jrIBnYqSRQTGmiftVX4gv915tN4d5Zy00Aj7dy//UIiL7OEDgbnz1gZRMfzzlk+V
ORBfDSNzHxYiKxsTxxCgMjmjNySlDxXfSOesqKy3Nc2grs7J1cGV3w8NPYxQ+Kpd
iK6782Z+fUHG4fSapf8/DBApHjdv9iWESiB1eOeFpqV+1W+0Tq2TO+kSJLsOH9er
0u1lWzANdXgpNnU/PqA5BaQK7J9zbuOog7A3OVUybSSvudn/w9+m
-----END CERTIFICATE-----
Generated at Thu Jun 6 21:15:25 2024 by rpki-client on console-fra.rpki-client.org