Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/5C5e5PFHAC4Ro7vpDTyGjvQH4Fs.roa
File:                     5C5e5PFHAC4Ro7vpDTyGjvQH4Fs.roa (raw, json)
Hash identifier:          3iug30MH+NHpb8frLPWVEUK/HQWI4eFtwo1+LeU73OU=
Subject key identifier:   E4:2E:5E:E4:F1:47:00:2E:11:A3:BB:E9:0D:3C:86:8E:F4:07:E0:5B
Certificate issuer:       /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial:       018CCA2A68D6BC47A774B2E887BF0DAE3D18
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/5C5e5PFHAC4Ro7vpDTyGjvQH4Fs.roa
Signing time:             Tue 02 Jan 2024 12:33:46 +0000
ROA not before:           Tue 02 Jan 2024 12:33:46 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     22781
IP address blocks:        89.251.8.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Wed 03 Jan 2024 11:35:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:ca:2a:68:d6:bc:47:a7:74:b2:e8:87:bf:0d:ae:3d:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
        Validity
            Not Before: Jan  2 12:33:46 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=e42e5ee4f147002e11a3bbe90d3c868ef407e05b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:3a:30:d3:f3:40:03:72:49:1f:a2:5c:fb:8f:
                    65:13:46:7b:3b:df:b4:d8:d0:c8:f3:09:2e:35:d8:
                    fd:c4:d4:47:19:cf:c8:92:78:26:47:da:c3:d2:f1:
                    6c:9a:34:81:bb:78:f8:7b:ab:c4:3c:40:88:92:8f:
                    b4:83:b5:cd:62:24:27:cd:df:49:ee:00:09:da:b1:
                    7d:1b:c8:b6:57:03:0b:90:13:b0:4f:c6:d0:6d:09:
                    de:81:49:09:8e:c4:e2:c3:4e:7e:c7:49:6a:e9:d8:
                    8d:ca:29:62:69:0f:4f:a3:f5:f5:d3:15:a5:91:54:
                    d4:86:43:ec:06:19:a4:95:c2:dc:63:23:99:a1:08:
                    5b:05:f9:84:5e:c0:3d:86:c9:88:0a:54:2c:84:1f:
                    8e:0e:78:55:3e:a0:25:cb:e8:de:05:f4:35:e6:1a:
                    e7:3a:b7:ef:82:68:11:f4:2c:9e:94:58:0a:16:58:
                    af:56:b8:56:fd:25:f7:c6:c5:d0:c9:fa:b9:38:75:
                    42:8a:e2:30:6a:13:4c:5f:20:5d:be:e4:fa:8a:90:
                    70:c3:7e:9c:7d:e5:7e:f2:1d:fa:1d:47:1c:77:ab:
                    7d:f3:73:7e:27:bf:34:43:1b:d7:b9:cc:af:e6:f8:
                    b4:89:b1:3c:0c:df:89:c7:c2:10:66:b9:e1:93:e2:
                    43:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:2E:5E:E4:F1:47:00:2E:11:A3:BB:E9:0D:3C:86:8E:F4:07:E0:5B
            X509v3 Authority Key Identifier:
                keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/5C5e5PFHAC4Ro7vpDTyGjvQH4Fs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.251.8.0/23

    Signature Algorithm: sha256WithRSAEncryption
         98:a0:c6:87:f2:c6:bd:88:d5:38:4e:2f:17:10:cf:c0:49:92:
         db:8a:93:c7:87:03:7a:01:c7:b0:03:cb:88:15:6c:7f:ce:52:
         e1:0d:2b:c0:9e:df:b8:2a:c2:a5:fc:88:d3:20:89:a6:4e:96:
         25:bb:3c:09:41:73:47:c6:90:49:0c:e4:76:e1:3c:57:84:83:
         0e:eb:c2:65:2d:c7:93:25:6f:61:58:2b:8a:b5:6a:10:a5:6a:
         48:c1:2a:a4:5a:29:71:fd:9b:0e:07:94:c3:35:1b:f2:4d:78:
         68:a3:f5:7e:0e:0f:ed:4a:e8:ae:42:35:7b:17:e0:ec:16:cf:
         e0:b8:c7:cf:89:62:f5:75:57:f7:77:0f:e7:76:fc:eb:d1:e4:
         50:ac:da:ed:76:22:c3:13:e1:2e:62:7c:48:fe:40:42:27:8e:
         12:7d:24:ee:5c:f4:01:ed:86:8b:92:85:a7:bd:36:a6:eb:3f:
         3d:34:86:59:cf:c7:c3:e6:1e:ae:b4:95:76:78:04:33:ac:f1:
         61:9a:75:71:11:26:a6:39:43:95:15:ed:cf:57:2d:c2:95:79:
         a5:bb:60:27:b8:f1:1e:d0:c9:c6:d3:d1:3e:44:3b:6a:6b:cb:
         1c:67:ea:ea:1e:f4:47:56:75:d7:f0:a9:0e:ed:0b:2b:c0:f4:
         9e:41:71:6c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKmjWvEendLLoh78Nrj0YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjQwMTAyMTIzMzQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDJlNWVlNGYxNDcwMDJlMTFhM2JiZTkwZDNjODY4ZWY0MDdlMDViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAljow0/NAA3JJH6Jc+49lE0Z7O9+0
2NDI8wkuNdj9xNRHGc/IkngmR9rD0vFsmjSBu3j4e6vEPECIko+0g7XNYiQnzd9J
7gAJ2rF9G8i2VwMLkBOwT8bQbQnegUkJjsTiw05+x0lq6diNyiliaQ9Po/X10xWl
kVTUhkPsBhmklcLcYyOZoQhbBfmEXsA9hsmIClQshB+ODnhVPqAly+jeBfQ15hrn
OrfvgmgR9CyelFgKFlivVrhW/SX3xsXQyfq5OHVCiuIwahNMXyBdvuT6ipBww36c
feV+8h36HUccd6t983N+J780QxvXucyv5vi0ibE8DN+Jx8IQZrnhk+JD9QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOQuXuTxRwAuEaO76Q08ho70B+BbMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvNUM1ZTVQRkhBQzRSbzd2cERUeUdqdlFINEZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBWfsIMA0G
CSqGSIb3DQEBCwUAA4IBAQCYoMaH8sa9iNU4Ti8XEM/ASZLbipPHhwN6AcewA8uI
FWx/zlLhDSvAnt+4KsKl/IjTIImmTpYluzwJQXNHxpBJDOR24TxXhIMO68JlLceT
JW9hWCuKtWoQpWpIwSqkWilx/ZsOB5TDNRvyTXhoo/V+Dg/tSuiuQjV7F+DsFs/g
uMfPiWL1dVf3dw/ndvzr0eRQrNrtdiLDE+EuYnxI/kBCJ44SfSTuXPQB7YaLkoWn
vTam6z89NIZZz8fD5h6utJV2eAQzrPFhmnVxESamOUOVFe3PVy3ClXmlu2AnuPEe
0MnG09E+RDtqa8scZ+rqHvRHVnXX8KkO7QsrwPSeQXFs
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:15 2024 by rpki-client on console-ams.rpki-client.org