Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/e0b67e-2690-4a88-9d16-22e98de26106/1/OmrvvG0PdONWllNfCpfdO_T9LhU.roa
File:                     OmrvvG0PdONWllNfCpfdO_T9LhU.roa (raw, json)
Hash identifier:          lO+B7XWhKSQlHNRFkUPbfNnwqS+YIb3YATvKj9jj4O4=
Subject key identifier:   3A:6A:EF:BC:6D:0F:74:E3:56:96:53:5F:0A:97:DD:3B:F4:FD:2E:15
Certificate issuer:       /CN=2ee56d4d7b1d1a06ce89f746f79b656c7348c525
Certificate serial:       01857070787F692DE5D7FC54035C6DE85CE8
Authority key identifier: 2E:E5:6D:4D:7B:1D:1A:06:CE:89:F7:46:F7:9B:65:6C:73:48:C5:25
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LuVtTXsdGgbOifdG95tlbHNIxSU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/04/e0b67e-2690-4a88-9d16-22e98de26106/1/OmrvvG0PdONWllNfCpfdO_T9LhU.roa
Signing time:             Mon 02 Jan 2023 03:04:57 +0000
ROA not before:           Mon 02 Jan 2023 03:04:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     206970
IP address blocks:        5.104.156.0/23 maxlen: 23
                          2a06:e381::/32 maxlen: 32

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:30:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:70:78:7f:69:2d:e5:d7:fc:54:03:5c:6d:e8:5c:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2ee56d4d7b1d1a06ce89f746f79b656c7348c525
        Validity
            Not Before: Jan  2 03:04:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3a6aefbc6d0f74e35696535f0a97dd3bf4fd2e15
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:85:1a:3b:89:d4:81:43:5e:4e:fc:3f:04:59:
                    ed:76:c5:07:eb:8f:87:5f:f3:eb:0b:0c:aa:27:53:
                    61:8e:df:58:d3:d3:87:f3:fc:80:ec:8f:da:a9:5f:
                    2c:ce:d5:23:9d:ab:5a:08:44:2e:1e:2a:7f:e1:3c:
                    b8:64:6c:a5:2c:1c:9c:fa:04:ae:48:c6:f6:97:9b:
                    66:1c:e7:5d:ca:59:a6:99:5b:33:60:af:68:6b:bf:
                    26:9e:3b:fe:63:6f:6f:92:af:f8:ae:2d:81:a1:94:
                    70:5d:85:7f:42:b1:4f:0b:32:73:41:ed:1c:07:e1:
                    14:00:2d:5d:99:13:58:af:7a:c7:50:7d:d7:d0:d1:
                    fa:39:75:29:41:ec:43:e6:2c:f7:48:e8:00:41:7e:
                    39:0e:6d:4c:45:7d:5b:bc:42:9e:2b:24:cb:ad:dd:
                    fe:cc:d1:ee:22:c5:23:ef:98:fc:f1:81:77:ab:32:
                    77:e4:a1:bb:d2:46:71:45:ce:ae:8d:d7:bb:0f:a5:
                    ef:af:90:f5:5c:a0:e0:49:23:04:de:79:f9:55:0f:
                    5a:c9:16:ce:61:b3:1f:c0:3b:ff:42:62:80:e4:1d:
                    4f:c2:e5:76:17:d8:d2:4c:56:29:89:97:c6:b9:d4:
                    f7:3a:bc:17:1b:37:1b:d4:89:ca:1c:07:82:2e:f5:
                    4e:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:6A:EF:BC:6D:0F:74:E3:56:96:53:5F:0A:97:DD:3B:F4:FD:2E:15
            X509v3 Authority Key Identifier:
                keyid:2E:E5:6D:4D:7B:1D:1A:06:CE:89:F7:46:F7:9B:65:6C:73:48:C5:25

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LuVtTXsdGgbOifdG95tlbHNIxSU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/e0b67e-2690-4a88-9d16-22e98de26106/1/OmrvvG0PdONWllNfCpfdO_T9LhU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/04/e0b67e-2690-4a88-9d16-22e98de26106/1/LuVtTXsdGgbOifdG95tlbHNIxSU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.104.156.0/23
                IPv6:
                  2a06:e381::/32

    Signature Algorithm: sha256WithRSAEncryption
         13:4b:3e:01:7a:24:7c:95:c2:1e:c6:0f:d8:d8:79:46:1d:bc:
         f4:2a:32:cf:8f:9d:41:68:ca:67:18:7c:4a:6c:24:7a:12:49:
         ea:d5:ff:d2:2f:32:05:11:7a:18:2a:3f:2a:f4:e3:d8:3f:91:
         22:ff:87:2b:f0:79:fb:67:58:70:83:e4:af:00:1e:f9:ca:12:
         38:c5:66:e0:8f:a4:b2:cb:a1:06:d3:49:54:d1:8a:ba:fe:b9:
         3b:9b:eb:41:bc:f7:fb:d9:e4:0c:19:ad:26:5b:a5:9b:e8:9b:
         a5:c2:3f:8a:15:c1:ed:ce:d7:fa:a9:11:ba:0d:ef:f1:12:b2:
         f7:20:46:f8:c6:1d:a7:1f:c2:b3:84:a7:d5:b7:bb:b7:ab:a6:
         f1:d1:d7:bd:2e:be:7c:4a:42:f1:92:81:aa:12:be:ac:aa:37:
         6d:11:a7:bb:4d:55:54:ca:d1:b7:c2:3b:69:aa:30:03:78:ca:
         72:70:03:94:0a:d1:10:dd:5d:55:71:f2:42:b0:20:b9:98:f2:
         c3:ec:c3:f0:51:ad:c3:a3:05:0f:6a:67:7a:da:5e:ae:97:36:
         14:44:1a:bb:17:4a:53:2a:8e:93:90:de:70:68:f6:fb:09:4e:
         76:cf:31:be:1c:ab:ec:80:10:fa:b5:2f:fa:f4:ef:fd:7a:1b:
         0b:4a:ca:94
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVwcHh/aS3l1/xUA1xt6FzoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlZTU2ZDRkN2IxZDFhMDZjZTg5Zjc0NmY3OWI2NTZjNzM0
OGM1MjUwHhcNMjMwMTAyMDMwNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTZhZWZiYzZkMGY3NGUzNTY5NjUzNWYwYTk3ZGQzYmY0ZmQyZTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoYUaO4nUgUNeTvw/BFntdsUH64+H
X/PrCwyqJ1Nhjt9Y09OH8/yA7I/aqV8sztUjnataCEQuHip/4Ty4ZGylLByc+gSu
SMb2l5tmHOddylmmmVszYK9oa78mnjv+Y29vkq/4ri2BoZRwXYV/QrFPCzJzQe0c
B+EUAC1dmRNYr3rHUH3X0NH6OXUpQexD5iz3SOgAQX45Dm1MRX1bvEKeKyTLrd3+
zNHuIsUj75j88YF3qzJ35KG70kZxRc6ujde7D6Xvr5D1XKDgSSME3nn5VQ9ayRbO
YbMfwDv/QmKA5B1PwuV2F9jSTFYpiZfGudT3OrwXGzcb1InKHAeCLvVO2QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDpq77xtD3TjVpZTXwqX3Tv0/S4VMB8GA1UdIwQY
MBaAFC7lbU17HRoGzon3RvebZWxzSMUlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHVWdFRYc2RHZ2JPaWZkRzk1dGxiSE5JeFNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC9lMGI2N2UtMjY5MC00YTg4LTlkMTYt
MjJlOThkZTI2MTA2LzEvT21ydnZHMFBkT05XbGxOZkNwZmRPX1Q5TGhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC9lMGI2N2UtMjY5MC00YTg4LTlkMTYtMjJlOThkZTI2MTA2
LzEvTHVWdFRYc2RHZ2JPaWZkRzk1dGxiSE5JeFNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBBWicMA0E
AgACMAcDBQAqBuOBMA0GCSqGSIb3DQEBCwUAA4IBAQATSz4BeiR8lcIexg/Y2HlG
Hbz0KjLPj51BaMpnGHxKbCR6Eknq1f/SLzIFEXoYKj8q9OPYP5Ei/4cr8Hn7Z1hw
g+SvAB75yhI4xWbgj6Syy6EG00lU0Yq6/rk7m+tBvPf72eQMGa0mW6Wb6Julwj+K
FcHtztf6qRG6De/xErL3IEb4xh2nH8KzhKfVt7u3q6bx0de9Lr58SkLxkoGqEr6s
qjdtEae7TVVUytG3wjtpqjADeMpycAOUCtEQ3V1VcfJCsCC5mPLD7MPwUa3DowUP
amd62l6ulzYURBq7F0pTKo6TkN5waPb7CU52zzG+HKvsgBD6tS/69O/9ehsLSsqU
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:31 2024 by rpki-client on console-fra.rpki-client.org