Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/vAh6kFkcPmKZyfKjhsUpWbAgU6w.roa
File:                     vAh6kFkcPmKZyfKjhsUpWbAgU6w.roa (raw, json)
Hash identifier:          Xg8fxGBUeiJ1JnOMttiSq+an3HgzYxrRJ7lDJBCU/nw=
Subject key identifier:   BC:08:7A:90:59:1C:3E:62:99:C9:F2:A3:86:C5:29:59:B0:20:53:AC
Certificate issuer:       /CN=8bdf76c54b9e6935c30a9b4c9ba9309ac470ec02
Certificate serial:       018F6814116B68307C3CECFA1CFB78F5B84F
Authority key identifier: 8B:DF:76:C5:4B:9E:69:35:C3:0A:9B:4C:9B:A9:30:9A:C4:70:EC:02
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/i992xUueaTXDCptMm6kwmsRw7AI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/vAh6kFkcPmKZyfKjhsUpWbAgU6w.roa
Signing time:             Sat 11 May 2024 14:34:56 +0000
ROA not before:           Sat 11 May 2024 14:34:56 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     2914
IP address blocks:        5.102.36.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Tue 06 Aug 2024 19:21:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:68:14:11:6b:68:30:7c:3c:ec:fa:1c:fb:78:f5:b8:4f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8bdf76c54b9e6935c30a9b4c9ba9309ac470ec02
        Validity
            Not Before: May 11 14:34:56 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=bc087a90591c3e6299c9f2a386c52959b02053ac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:02:e0:40:68:a2:04:32:05:3e:60:dc:dd:ad:
                    0c:6a:d5:8d:7c:75:25:b7:bb:ba:2a:4b:94:00:0a:
                    a0:ff:bf:d2:e2:cb:fc:ac:4d:5b:41:86:3e:12:c1:
                    46:5c:5e:64:a0:20:18:a2:1f:1f:64:dc:1e:c0:a9:
                    51:51:82:ee:b8:42:70:98:dd:a7:0f:9c:b5:ac:2f:
                    ec:fe:95:8f:78:c5:8d:eb:55:02:ce:b1:97:04:9b:
                    79:d8:a6:86:7d:41:3f:89:2f:aa:cf:0a:44:22:2f:
                    38:cd:c6:dd:04:a3:ea:d4:96:5c:0a:93:4b:26:12:
                    70:45:8d:78:5a:59:22:7f:b8:b4:f7:c3:d8:42:a7:
                    90:da:46:eb:eb:04:6e:9f:44:c1:32:50:01:bd:9b:
                    1f:6d:0f:c8:d5:c0:b8:cd:60:2f:87:37:91:44:dd:
                    73:09:7d:5e:a0:40:26:5e:ec:36:c7:b3:5a:f7:d5:
                    a3:22:14:b5:47:d1:34:58:c7:59:6f:06:7d:f3:2f:
                    92:5f:e5:66:14:91:44:c9:aa:2e:1e:d3:f7:52:64:
                    e0:6a:42:95:3e:4a:9d:3d:be:18:9b:18:a5:f8:45:
                    12:ba:e5:13:a4:97:a8:b8:73:a1:8f:cb:5a:6b:a4:
                    48:bd:ac:d2:94:f9:3a:ee:12:11:d6:c4:fe:1a:23:
                    68:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:08:7A:90:59:1C:3E:62:99:C9:F2:A3:86:C5:29:59:B0:20:53:AC
            X509v3 Authority Key Identifier:
                keyid:8B:DF:76:C5:4B:9E:69:35:C3:0A:9B:4C:9B:A9:30:9A:C4:70:EC:02

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i992xUueaTXDCptMm6kwmsRw7AI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/vAh6kFkcPmKZyfKjhsUpWbAgU6w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/i992xUueaTXDCptMm6kwmsRw7AI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.102.36.0/23

    Signature Algorithm: sha256WithRSAEncryption
         05:84:d2:07:d6:c8:10:11:85:bc:4b:c7:18:73:87:f4:e1:38:
         27:73:57:2f:0b:d5:b2:d6:c4:66:51:55:ea:4f:f8:c0:24:e7:
         d3:cf:1e:d1:a3:c9:e4:f5:1a:c3:5e:24:f9:9a:3c:28:52:46:
         bc:5c:ad:ef:53:19:e0:7a:c1:1d:bc:7e:d4:75:33:7f:4c:19:
         69:49:92:2e:04:9d:55:cc:23:dd:51:48:03:42:ae:bf:a9:80:
         e6:6c:e3:92:fd:25:4b:54:8f:28:62:e4:d8:a5:f3:8a:ad:ef:
         a1:72:74:8f:af:4a:72:9d:0c:2a:d9:e0:76:8c:91:a6:0b:05:
         7f:8a:ef:7f:cc:24:a7:3b:8d:d6:44:a1:12:27:39:e0:c7:c7:
         8d:86:bd:d6:cb:fb:e3:51:c9:a9:98:17:ab:fa:51:15:ce:0e:
         53:30:6b:07:a3:08:09:f8:35:76:44:c2:bb:c7:d0:64:bb:f8:
         1f:7f:fc:82:44:1a:de:b3:f1:29:95:02:72:bd:ab:5c:c9:e5:
         fa:44:e2:34:6e:27:34:02:8d:5b:9d:28:6c:ec:74:88:a0:8b:
         b9:ac:2d:56:e9:09:d8:cb:a7:ae:09:63:49:33:09:c8:bc:b5:
         69:8b:fd:18:a8:a6:26:88:b5:f9:34:4e:7b:8b:79:6a:e3:9f:
         aa:f7:16:f1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY9oFBFraDB8POz6HPt49bhPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiZGY3NmM1NGI5ZTY5MzVjMzBhOWI0YzliYTkzMDlhYzQ3
MGVjMDIwHhcNMjQwNTExMTQzNDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzA4N2E5MDU5MWMzZTYyOTljOWYyYTM4NmM1Mjk1OWIwMjA1M2FjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ALgQGiiBDIFPmDc3a0MatWNfHUl
t7u6KkuUAAqg/7/S4sv8rE1bQYY+EsFGXF5koCAYoh8fZNwewKlRUYLuuEJwmN2n
D5y1rC/s/pWPeMWN61UCzrGXBJt52KaGfUE/iS+qzwpEIi84zcbdBKPq1JZcCpNL
JhJwRY14Wlkif7i098PYQqeQ2kbr6wRun0TBMlABvZsfbQ/I1cC4zWAvhzeRRN1z
CX1eoEAmXuw2x7Na99WjIhS1R9E0WMdZbwZ98y+SX+VmFJFEyaouHtP3UmTgakKV
PkqdPb4Ymxil+EUSuuUTpJeouHOhj8taa6RIvazSlPk67hIR1sT+GiNokQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLwIepBZHD5imcnyo4bFKVmwIFOsMB8GA1UdIwQY
MBaAFIvfdsVLnmk1wwqbTJupMJrEcOwCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTk5MnhVdWVhVFhEQ3B0TW02a3dtc1J3N0FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS8yMTUxOWUtYjhkYy00MjQwLWFhNzgt
OGQyMTg2NjUwMjdkLzEvdkFoNmtGa2NQbUtaeWZLamhzVXBXYkFnVTZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS8yMTUxOWUtYjhkYy00MjQwLWFhNzgtOGQyMTg2NjUwMjdk
LzEvaTk5MnhVdWVhVFhEQ3B0TW02a3dtc1J3N0FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBBWYkMA0G
CSqGSIb3DQEBCwUAA4IBAQAFhNIH1sgQEYW8S8cYc4f04Tgnc1cvC9Wy1sRmUVXq
T/jAJOfTzx7Ro8nk9RrDXiT5mjwoUka8XK3vUxngesEdvH7UdTN/TBlpSZIuBJ1V
zCPdUUgDQq6/qYDmbOOS/SVLVI8oYuTYpfOKre+hcnSPr0pynQwq2eB2jJGmCwV/
iu9/zCSnO43WRKESJzngx8eNhr3Wy/vjUcmpmBer+lEVzg5TMGsHowgJ+DV2RMK7
x9Bku/gff/yCRBres/EplQJyvatcyeX6ROI0bic0Ao1bnShs7HSIoIu5rC1W6QnY
y6euCWNJMwnIvLVpi/0YqKYmiLX5NE57i3lq45+q9xbx
Generated at Tue Aug 6 22:17:04 2024 by rpki-client on console-fra.rpki-client.org