Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/fed92a-2120-4326-a0c9-7168ae0b8278/1/JBedVaCNtnO17BuiUEaxic9I7-Y.roa
File:                     JBedVaCNtnO17BuiUEaxic9I7-Y.roa (raw, json)
Hash identifier:          V/ZQ0d4OOSBR+ISyMXi9ne0dubr5vU7B+/KppuKFdUk=
Subject key identifier:   24:17:9D:55:A0:8D:B6:73:B5:EC:1B:A2:50:46:B1:89:CF:48:EF:E6
Certificate issuer:       /CN=42f1a24c80fdca329644573ae6d61c9f2e374ed8
Certificate serial:       018F9A360D01B459E7BCE06510B32CCC7D57
Authority key identifier: 42:F1:A2:4C:80:FD:CA:32:96:44:57:3A:E6:D6:1C:9F:2E:37:4E:D8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QvGiTID9yjKWRFc65tYcny43Ttg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f1/fed92a-2120-4326-a0c9-7168ae0b8278/1/JBedVaCNtnO17BuiUEaxic9I7-Y.roa
Signing time:             Tue 21 May 2024 08:13:04 +0000
ROA not before:           Tue 21 May 2024 08:13:04 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     5400
IP address blocks:        2a00:2000::/23 maxlen: 23

Validation:               Failed, certificate revoked on Thu 23 May 2024 07:50:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:9a:36:0d:01:b4:59:e7:bc:e0:65:10:b3:2c:cc:7d:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=42f1a24c80fdca329644573ae6d61c9f2e374ed8
        Validity
            Not Before: May 21 08:13:04 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=24179d55a08db673b5ec1ba25046b189cf48efe6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:ac:8c:14:e7:59:95:27:66:32:42:1c:25:75:
                    8c:82:3b:7a:2b:e1:3a:b1:76:16:c5:5a:ab:31:af:
                    5e:6b:06:d8:8b:fa:83:82:36:e6:6f:72:94:95:d1:
                    bd:3c:65:7f:c9:c8:f7:ae:6a:c9:1d:54:31:f1:6b:
                    22:59:63:21:91:b7:d9:b1:08:09:60:53:ff:04:74:
                    dd:5c:e6:7a:48:51:6e:5f:95:8b:11:56:fb:f9:af:
                    95:c8:fe:d3:12:36:3e:86:25:02:08:42:b5:0c:c1:
                    19:dd:ec:ba:52:ec:9b:e4:5a:09:9e:f9:de:04:46:
                    49:e5:40:f8:c4:1e:1b:04:16:c8:80:28:ec:2e:68:
                    93:30:48:51:9c:0e:b1:95:40:fc:59:44:2c:a8:d1:
                    02:ed:ad:22:42:69:e0:8a:95:1e:fa:b9:71:dc:c1:
                    f5:07:5b:f8:05:65:5d:49:59:d4:aa:2d:ca:4f:5e:
                    02:47:88:f2:d2:eb:13:9e:bd:6d:8b:dc:55:b8:7a:
                    f1:e9:9b:9d:ed:63:e8:41:9b:d1:7e:55:e1:be:97:
                    ce:11:cd:e1:f4:c3:d5:12:8a:f0:51:a0:79:d9:ca:
                    a6:6f:73:c7:5d:e8:57:96:63:ac:32:77:2e:ea:bf:
                    82:8e:02:d4:f4:6a:2f:3e:db:1b:9b:56:16:7c:28:
                    90:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:17:9D:55:A0:8D:B6:73:B5:EC:1B:A2:50:46:B1:89:CF:48:EF:E6
            X509v3 Authority Key Identifier:
                keyid:42:F1:A2:4C:80:FD:CA:32:96:44:57:3A:E6:D6:1C:9F:2E:37:4E:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QvGiTID9yjKWRFc65tYcny43Ttg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/fed92a-2120-4326-a0c9-7168ae0b8278/1/JBedVaCNtnO17BuiUEaxic9I7-Y.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/fed92a-2120-4326-a0c9-7168ae0b8278/1/QvGiTID9yjKWRFc65tYcny43Ttg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a00:2000::/23

    Signature Algorithm: sha256WithRSAEncryption
         1c:cf:b9:f1:16:17:c2:47:8d:55:da:c6:42:1f:bc:f4:df:7e:
         b7:1c:38:fb:89:5d:ff:d2:1f:fc:ef:6a:30:da:44:bc:5d:01:
         03:75:1a:2c:4c:bf:4e:b5:f1:f3:56:a8:e4:75:3d:a3:be:bb:
         1d:b8:c3:59:2f:9e:cd:e6:42:63:91:07:3d:17:d9:3b:eb:f1:
         05:d1:1d:08:93:24:7f:25:6c:e1:44:97:f7:3e:38:a6:26:4e:
         4a:20:78:91:3d:86:8f:59:eb:5b:de:41:a7:50:4e:08:94:20:
         31:4a:3d:cb:47:ad:2e:3d:cb:11:d1:8b:d3:9c:d9:18:01:e1:
         43:aa:19:6b:4b:97:a4:cd:7f:6f:1a:e1:bc:c5:7d:55:22:b3:
         43:fa:ad:20:52:27:28:a4:fd:f1:70:6b:fa:8b:87:ea:18:d2:
         67:7d:d1:2b:ae:d7:28:f3:d5:b4:6c:b7:79:f2:f2:1b:2d:a0:
         cf:c4:b2:82:f2:a4:fd:2a:b8:b9:e4:82:af:49:95:a4:0e:35:
         5f:78:c2:90:72:57:e6:3f:d6:13:50:40:1c:85:1d:e5:2a:5a:
         a6:17:e2:50:d2:60:da:83:d8:1f:cb:4c:eb:18:3d:6f:ac:78:
         0a:42:39:a5:26:c3:7f:a4:37:6d:f1:0f:a7:68:fa:b8:1b:f9:
         af:3d:d0:4a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY+aNg0BtFnnvOBlELMszH1XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyZjFhMjRjODBmZGNhMzI5NjQ0NTczYWU2ZDYxYzlmMmUz
NzRlZDgwHhcNMjQwNTIxMDgxMzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDE3OWQ1NWEwOGRiNjczYjVlYzFiYTI1MDQ2YjE4OWNmNDhlZmU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwqyMFOdZlSdmMkIcJXWMgjt6K+E6
sXYWxVqrMa9eawbYi/qDgjbmb3KUldG9PGV/ycj3rmrJHVQx8WsiWWMhkbfZsQgJ
YFP/BHTdXOZ6SFFuX5WLEVb7+a+VyP7TEjY+hiUCCEK1DMEZ3ey6Uuyb5FoJnvne
BEZJ5UD4xB4bBBbIgCjsLmiTMEhRnA6xlUD8WUQsqNEC7a0iQmngipUe+rlx3MH1
B1v4BWVdSVnUqi3KT14CR4jy0usTnr1ti9xVuHrx6Zud7WPoQZvRflXhvpfOEc3h
9MPVEorwUaB52cqmb3PHXehXlmOsMncu6r+CjgLU9GovPtsbm1YWfCiQCQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCQXnVWgjbZztewbolBGsYnPSO/mMB8GA1UdIwQY
MBaAFELxokyA/coylkRXOubWHJ8uN07YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXZHaVRJRDl5aktXUkZjNjV0WWNueTQzVHRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS9mZWQ5MmEtMjEyMC00MzI2LWEwYzkt
NzE2OGFlMGI4Mjc4LzEvSkJlZFZhQ050bk8xN0J1aVVFYXhpYzlJNy1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS9mZWQ5MmEtMjEyMC00MzI2LWEwYzktNzE2OGFlMGI4Mjc4
LzEvUXZHaVRJRDl5aktXUkZjNjV0WWNueTQzVHRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAAjAGAwQBKgAgMA0G
CSqGSIb3DQEBCwUAA4IBAQAcz7nxFhfCR41V2sZCH7z03363HDj7iV3/0h/872ow
2kS8XQEDdRosTL9OtfHzVqjkdT2jvrsduMNZL57N5kJjkQc9F9k76/EF0R0IkyR/
JWzhRJf3PjimJk5KIHiRPYaPWetb3kGnUE4IlCAxSj3LR60uPcsR0YvTnNkYAeFD
qhlrS5ekzX9vGuG8xX1VIrND+q0gUicopP3xcGv6i4fqGNJnfdErrtco89W0bLd5
8vIbLaDPxLKC8qT9Kri55IKvSZWkDjVfeMKQclfmP9YTUEAchR3lKlqmF+JQ0mDa
g9gfy0zrGD1vrHgKQjmlJsN/pDdt8Q+naPq4G/mvPdBK
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:19 2024 by rpki-client on console-fra.rpki-client.org