Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/jwlnz3eY7AcJ6tKqSDeMtczYtgM.roa
File:                     jwlnz3eY7AcJ6tKqSDeMtczYtgM.roa (raw, json)
Hash identifier:          V+TY8KvKcsvfZvswwk/9Xl+W9uVzzI+bU/dNs284U3s=
Subject key identifier:   8F:09:67:CF:77:98:EC:07:09:EA:D2:AA:48:37:8C:B5:CC:D8:B6:03
Certificate issuer:       /CN=722a8c1d311895016108ffbd14575c77cc28773a
Certificate serial:       01856B532A07B1A32641898439C26C871EAE
Authority key identifier: 72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/jwlnz3eY7AcJ6tKqSDeMtczYtgM.roa
Signing time:             Sun 01 Jan 2023 03:14:50 +0000
ROA not before:           Sun 01 Jan 2023 03:14:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     59463
IP address blocks:        109.160.62.0/24 maxlen: 24
                          109.160.17.0/24 maxlen: 24
                          109.160.16.0/24 maxlen: 24
                          109.160.16.0/21 maxlen: 21
                          109.160.21.0/24 maxlen: 24
                          109.160.23.0/24 maxlen: 24
                          109.160.22.0/24 maxlen: 24
                          109.160.18.0/24 maxlen: 24
                          109.160.20.0/24 maxlen: 24
                          109.160.19.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:30:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:53:2a:07:b1:a3:26:41:89:84:39:c2:6c:87:1e:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=722a8c1d311895016108ffbd14575c77cc28773a
        Validity
            Not Before: Jan  1 03:14:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8f0967cf7798ec0709ead2aa48378cb5ccd8b603
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:a9:70:ce:59:67:54:18:1a:8f:aa:1a:2f:3e:
                    7b:a3:48:b5:85:ab:dc:01:ff:9f:90:ae:dd:34:d1:
                    97:b2:1b:6d:41:e5:5b:a3:c0:9c:76:eb:08:fb:77:
                    5b:17:83:8f:6d:33:0a:94:d7:37:d9:d7:6d:b1:cb:
                    6a:16:c1:47:c6:a6:c5:f2:0a:39:ea:b8:05:f1:f3:
                    03:b6:3c:0c:c3:d5:0f:e5:04:e6:34:58:98:bb:2c:
                    19:51:8f:f6:1d:63:5e:da:e9:a4:a0:f7:af:26:27:
                    04:7a:c0:35:20:a3:a7:63:4e:2e:eb:09:34:42:93:
                    fe:b4:20:e7:81:68:43:96:b0:01:1b:86:c4:14:49:
                    09:a8:96:f6:52:15:c3:c2:82:06:05:1d:e0:e9:1d:
                    6f:05:f3:2d:4e:12:a2:89:c4:34:3a:d1:da:99:f7:
                    10:f2:fc:e4:a1:9e:6e:fd:d4:bb:29:0e:e3:b2:ae:
                    39:fa:ec:81:93:da:d9:10:9a:47:6e:35:8f:66:f5:
                    d3:e7:33:28:81:e6:d0:70:13:dc:a8:dc:24:0d:e7:
                    04:42:88:10:0f:9b:ed:e4:c3:40:82:06:0e:43:3b:
                    17:d1:ab:3a:62:33:4a:1b:a3:87:89:0a:ff:08:d2:
                    f7:75:44:76:9f:50:02:75:1a:94:b0:55:c9:39:de:
                    f4:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:09:67:CF:77:98:EC:07:09:EA:D2:AA:48:37:8C:B5:CC:D8:B6:03
            X509v3 Authority Key Identifier:
                keyid:72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/jwlnz3eY7AcJ6tKqSDeMtczYtgM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.160.16.0/21
                  109.160.62.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7d:0a:32:0e:ac:1f:1a:62:cd:99:fc:62:b4:f2:fb:10:a5:63:
         cd:dd:82:cc:26:33:97:f9:43:db:ee:42:35:b8:81:1e:83:22:
         b7:24:a8:83:ce:04:6d:13:b5:85:91:c3:f1:05:85:41:c5:78:
         85:02:f5:80:f2:6c:04:33:67:c7:ce:b5:90:1a:c5:fd:47:17:
         47:90:d3:b6:10:6f:7e:da:59:05:f7:73:24:c7:62:d8:60:2e:
         83:75:53:93:99:43:9e:87:dc:35:48:02:e9:7f:d7:48:f3:ea:
         fc:c8:97:70:e2:89:dc:79:64:c5:56:ca:f1:1b:e5:b0:be:3e:
         16:b7:17:b0:0d:49:ed:28:ab:ad:85:76:ae:1a:24:70:8b:ef:
         40:da:71:01:38:a7:49:5c:fc:af:b9:2e:2d:f1:66:30:05:b7:
         c2:93:56:8e:8b:da:7c:17:1d:27:04:78:37:13:f8:c8:db:b1:
         9c:e1:54:72:b6:15:79:9a:86:ce:cd:e9:e6:14:ca:7f:ec:12:
         47:11:51:ad:51:58:4c:bd:db:58:95:fb:6c:f1:82:11:42:2c:
         a4:7f:8c:7d:3b:c8:92:83:65:03:48:d6:31:98:93:6d:23:b3:
         de:fa:4d:a6:d7:57:cb:52:93:35:70:0f:62:e4:f0:55:a6:6f:
         48:69:9b:f8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVrUyoHsaMmQYmEOcJshx6uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMmE4YzFkMzExODk1MDE2MTA4ZmZiZDE0NTc1Yzc3Y2My
ODc3M2EwHhcNMjMwMTAxMDMxNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjA5NjdjZjc3OThlYzA3MDllYWQyYWE0ODM3OGNiNWNjZDhiNjAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgalwzllnVBgaj6oaLz57o0i1havc
Af+fkK7dNNGXshttQeVbo8CcdusI+3dbF4OPbTMKlNc32ddtsctqFsFHxqbF8go5
6rgF8fMDtjwMw9UP5QTmNFiYuywZUY/2HWNe2umkoPevJicEesA1IKOnY04u6wk0
QpP+tCDngWhDlrABG4bEFEkJqJb2UhXDwoIGBR3g6R1vBfMtThKiicQ0OtHamfcQ
8vzkoZ5u/dS7KQ7jsq45+uyBk9rZEJpHbjWPZvXT5zMogebQcBPcqNwkDecEQogQ
D5vt5MNAggYOQzsX0as6YjNKG6OHiQr/CNL3dUR2n1ACdRqUsFXJOd70ywIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFI8JZ893mOwHCerSqkg3jLXM2LYDMB8GA1UdIwQY
MBaAFHIqjB0xGJUBYQj/vRRXXHfMKHc6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYt
YTU1OGVlNjU0MzFmLzEvandsbnozZVk3QWNKNnRLcVNEZU10Y3pZdGdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYtYTU1OGVlNjU0MzFm
LzEvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDbaAQAwQA
baA+MA0GCSqGSIb3DQEBCwUAA4IBAQB9CjIOrB8aYs2Z/GK08vsQpWPN3YLMJjOX
+UPb7kI1uIEegyK3JKiDzgRtE7WFkcPxBYVBxXiFAvWA8mwEM2fHzrWQGsX9RxdH
kNO2EG9+2lkF93Mkx2LYYC6DdVOTmUOeh9w1SALpf9dI8+r8yJdw4onceWTFVsrx
G+Wwvj4WtxewDUntKKuthXauGiRwi+9A2nEBOKdJXPyvuS4t8WYwBbfCk1aOi9p8
Fx0nBHg3E/jI27Gc4VRythV5mobOzenmFMp/7BJHEVGtUVhMvdtYlfts8YIRQiyk
f4x9O8iSg2UDSNYxmJNtI7Pe+k2m11fLUpM1cA9i5PBVpm9IaZv4
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:14 2024 by rpki-client on console-fra.rpki-client.org