Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/5cb454-7bee-4e5d-b295-942482f8d2ea/1/JhjknOmEYZezslcQY6NVAzmbBQ4.roa
File:                     JhjknOmEYZezslcQY6NVAzmbBQ4.roa (raw, json)
Hash identifier:          T/ZpxR7KH7+S5nyb6d/TDSZOFHzZ49yeAtKOyi5rBw0=
Subject key identifier:   26:18:E4:9C:E9:84:61:97:B3:B2:57:10:63:A3:55:03:39:9B:05:0E
Certificate issuer:       /CN=54296d23def4c8521c647dc68acb3c123f611d89
Certificate serial:       01856FCB8EB786B2A4E98A0416402AB1EECF
Authority key identifier: 54:29:6D:23:DE:F4:C8:52:1C:64:7D:C6:8A:CB:3C:12:3F:61:1D:89
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VCltI970yFIcZH3Giss8Ej9hHYk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fc/5cb454-7bee-4e5d-b295-942482f8d2ea/1/JhjknOmEYZezslcQY6NVAzmbBQ4.roa
Signing time:             Mon 02 Jan 2023 00:04:49 +0000
ROA not before:           Mon 02 Jan 2023 00:04:49 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     201387
IP address blocks:        109.166.244.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:29:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:cb:8e:b7:86:b2:a4:e9:8a:04:16:40:2a:b1:ee:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=54296d23def4c8521c647dc68acb3c123f611d89
        Validity
            Not Before: Jan  2 00:04:49 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2618e49ce9846197b3b2571063a35503399b050e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:55:f9:1f:b6:5c:97:3d:49:19:a0:46:f2:15:
                    7a:e5:57:2e:25:47:f1:ae:92:95:93:83:7f:3e:e7:
                    89:a8:58:81:c1:91:26:ca:53:c7:be:93:a4:4d:fc:
                    2e:19:92:d7:38:12:ad:66:d9:ba:bb:37:7a:ca:63:
                    fc:3e:e0:1d:38:fd:24:0b:8b:27:14:ea:60:b1:95:
                    c6:9b:8c:78:9d:ee:0d:96:d4:fc:b3:ff:b0:5c:85:
                    5f:ad:4a:d9:ba:d5:c2:64:ea:04:8c:f2:4e:73:be:
                    c5:ec:74:35:15:4e:9a:f2:93:14:79:d9:68:62:05:
                    fc:88:74:b1:ec:94:70:bf:cf:04:a0:5c:18:18:03:
                    59:a8:e2:1b:fa:3b:36:7d:a3:c1:27:de:f2:50:5f:
                    be:27:94:ff:6d:9e:e2:9c:1e:9d:04:e0:26:08:5e:
                    3c:30:95:fc:dc:7f:89:7c:e1:41:8e:d7:f6:21:43:
                    25:d5:13:4e:26:bf:5c:ab:f4:22:89:cc:cf:04:be:
                    91:30:ac:3e:f2:aa:18:a3:25:1d:14:c0:41:f4:3d:
                    c4:78:fa:3e:39:f6:8b:2a:55:51:51:9b:34:37:6e:
                    f4:ae:29:74:61:c3:81:5d:67:09:2e:cc:44:5e:78:
                    9c:10:94:2e:a0:7f:72:68:ed:5e:d0:43:6a:4f:fe:
                    50:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:18:E4:9C:E9:84:61:97:B3:B2:57:10:63:A3:55:03:39:9B:05:0E
            X509v3 Authority Key Identifier:
                keyid:54:29:6D:23:DE:F4:C8:52:1C:64:7D:C6:8A:CB:3C:12:3F:61:1D:89

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VCltI970yFIcZH3Giss8Ej9hHYk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/5cb454-7bee-4e5d-b295-942482f8d2ea/1/JhjknOmEYZezslcQY6NVAzmbBQ4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/5cb454-7bee-4e5d-b295-942482f8d2ea/1/VCltI970yFIcZH3Giss8Ej9hHYk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.166.244.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0b:84:44:82:83:6c:15:8e:06:c1:cb:d0:52:7c:3a:77:5c:df:
         5d:c9:ae:0f:17:ba:97:1e:11:bc:3d:a4:49:97:25:02:fd:43:
         e8:04:df:53:2f:49:e6:e0:9e:76:1a:8a:9b:fa:b2:c2:cf:01:
         1f:56:ee:fa:6c:5c:ce:77:95:45:de:cb:fc:8c:aa:d7:42:c2:
         f7:e2:8b:1b:e5:d4:39:b2:8d:92:1e:b8:cf:27:ad:57:34:1c:
         e4:eb:d1:71:25:40:3e:4e:d3:c4:73:70:cf:19:98:4f:bd:5d:
         c4:6e:da:aa:82:4e:08:f3:55:6e:3d:69:f7:0d:1f:b7:d4:a5:
         56:cb:62:36:6f:89:97:f1:45:a6:7e:f1:88:1f:82:16:f6:56:
         c9:7f:8f:7c:a2:d0:0a:38:df:b0:01:26:d2:1f:8d:f1:48:c7:
         d2:d6:a5:34:3a:13:96:c5:2e:7b:f5:d5:c2:fe:60:2c:59:95:
         3d:df:51:42:fb:e1:5b:c7:a0:b3:ed:df:00:4a:84:10:3b:09:
         f4:67:46:c8:2d:ab:4e:55:71:2a:c8:9b:54:01:0e:c7:1f:54:
         8b:12:8f:48:b0:8f:1e:cc:38:32:e3:da:28:c1:2a:e5:18:9f:
         54:54:9f:37:26:6d:f1:12:4f:5d:9c:c1:0b:fe:01:c1:33:6a:
         b3:61:dc:37
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvy463hrKk6YoEFkAqse7PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0Mjk2ZDIzZGVmNGM4NTIxYzY0N2RjNjhhY2IzYzEyM2Y2
MTFkODkwHhcNMjMwMTAyMDAwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjE4ZTQ5Y2U5ODQ2MTk3YjNiMjU3MTA2M2EzNTUwMzM5OWIwNTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjFX5H7Zclz1JGaBG8hV65VcuJUfx
rpKVk4N/PueJqFiBwZEmylPHvpOkTfwuGZLXOBKtZtm6uzd6ymP8PuAdOP0kC4sn
FOpgsZXGm4x4ne4NltT8s/+wXIVfrUrZutXCZOoEjPJOc77F7HQ1FU6a8pMUedlo
YgX8iHSx7JRwv88EoFwYGANZqOIb+js2faPBJ97yUF++J5T/bZ7inB6dBOAmCF48
MJX83H+JfOFBjtf2IUMl1RNOJr9cq/QiiczPBL6RMKw+8qoYoyUdFMBB9D3EePo+
OfaLKlVRUZs0N270ril0YcOBXWcJLsxEXnicEJQuoH9yaO1e0ENqT/5QTQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCYY5JzphGGXs7JXEGOjVQM5mwUOMB8GA1UdIwQY
MBaAFFQpbSPe9MhSHGR9xorLPBI/YR2JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkNsdEk5NzB5RkljWkgzR2lzczhFajloSFlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy81Y2I0NTQtN2JlZS00ZTVkLWIyOTUt
OTQyNDgyZjhkMmVhLzEvSmhqa25PbUVZWmV6c2xjUVk2TlZBem1iQlE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy81Y2I0NTQtN2JlZS00ZTVkLWIyOTUtOTQyNDgyZjhkMmVh
LzEvVkNsdEk5NzB5RkljWkgzR2lzczhFajloSFlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbab0MA0G
CSqGSIb3DQEBCwUAA4IBAQALhESCg2wVjgbBy9BSfDp3XN9dya4PF7qXHhG8PaRJ
lyUC/UPoBN9TL0nm4J52Goqb+rLCzwEfVu76bFzOd5VF3sv8jKrXQsL34osb5dQ5
so2SHrjPJ61XNBzk69FxJUA+TtPEc3DPGZhPvV3Ebtqqgk4I81VuPWn3DR+31KVW
y2I2b4mX8UWmfvGIH4IW9lbJf498otAKON+wASbSH43xSMfS1qU0OhOWxS579dXC
/mAsWZU931FC++Fbx6Cz7d8ASoQQOwn0Z0bILatOVXEqyJtUAQ7HH1SLEo9IsI8e
zDgy49oowSrlGJ9UVJ83Jm3xEk9dnMEL/gHBM2qzYdw3
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:45 2024 by rpki-client on console-fra.rpki-client.org