Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/69746c-501a-43e8-b887-7d448b396776/1/5EKA0wN7BFGi2C3BTCdJDYuNsAE.roa
File:                     5EKA0wN7BFGi2C3BTCdJDYuNsAE.roa (raw, json)
Hash identifier:          dvXK+r7QDoZCWBH7K6xmrCLc4iUsgfn1pYKiI5bH6tc=
Subject key identifier:   E4:42:80:D3:03:7B:04:51:A2:D8:2D:C1:4C:27:49:0D:8B:8D:B0:01
Certificate issuer:       /CN=61d38b37980a0dfae9cf9a2c5b56ade97faf502e
Certificate serial:       018A97ECC10B176EB3F2E41FE1DBB7E53B2D
Authority key identifier: 61:D3:8B:37:98:0A:0D:FA:E9:CF:9A:2C:5B:56:AD:E9:7F:AF:50:2E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YdOLN5gKDfrpz5osW1at6X-vUC4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d9/69746c-501a-43e8-b887-7d448b396776/1/5EKA0wN7BFGi2C3BTCdJDYuNsAE.roa
Signing time:             Fri 15 Sep 2023 08:19:50 +0000
ROA not before:           Fri 15 Sep 2023 08:19:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     200735
IP address blocks:        185.140.253.0/24 maxlen: 24
                          185.140.252.0/24 maxlen: 24
                          185.140.255.0/24 maxlen: 24
                          185.140.254.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:32:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:97:ec:c1:0b:17:6e:b3:f2:e4:1f:e1:db:b7:e5:3b:2d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=61d38b37980a0dfae9cf9a2c5b56ade97faf502e
        Validity
            Not Before: Sep 15 08:19:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e44280d3037b0451a2d82dc14c27490d8b8db001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:01:e5:03:17:7f:d8:d8:64:05:7f:27:89:52:
                    05:9b:03:82:27:37:e2:75:3f:7b:a4:b9:a2:ee:70:
                    d2:2b:3a:fe:11:3a:4d:e5:10:c3:e8:95:2c:95:3d:
                    3a:cb:84:d1:6c:5d:ee:75:29:2e:f7:31:e9:7c:81:
                    98:83:41:c1:bd:36:83:1b:01:45:e0:88:51:c5:1a:
                    18:05:1f:0f:1e:b3:07:c1:39:e7:a8:76:9a:58:5e:
                    8b:f2:50:1a:9d:93:6a:66:7e:40:00:3d:21:54:55:
                    79:68:0a:28:6d:eb:e9:88:53:2b:a1:5f:bf:21:39:
                    63:2b:f1:ec:f2:3d:01:1a:71:8a:4a:60:f9:25:78:
                    d7:ae:48:6c:0a:d8:74:61:b7:56:60:aa:25:35:da:
                    ad:4f:49:91:d6:d1:1d:58:26:84:08:2a:3f:a2:c3:
                    25:5b:c4:66:dc:4a:43:28:7a:9e:be:61:0f:e7:a4:
                    f3:68:9b:66:ea:69:49:7c:fd:fe:3b:ca:25:91:e5:
                    5f:68:58:4e:75:f5:0c:8a:5c:92:80:8e:0c:51:3d:
                    86:db:b5:66:e4:64:3b:c0:c2:02:78:67:04:98:e7:
                    a4:d2:14:d7:32:7d:d5:2a:57:59:00:ec:09:7d:09:
                    60:57:4b:0e:31:a7:ca:11:43:bf:bf:2b:c9:f6:68:
                    80:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:42:80:D3:03:7B:04:51:A2:D8:2D:C1:4C:27:49:0D:8B:8D:B0:01
            X509v3 Authority Key Identifier:
                keyid:61:D3:8B:37:98:0A:0D:FA:E9:CF:9A:2C:5B:56:AD:E9:7F:AF:50:2E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YdOLN5gKDfrpz5osW1at6X-vUC4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/69746c-501a-43e8-b887-7d448b396776/1/5EKA0wN7BFGi2C3BTCdJDYuNsAE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/69746c-501a-43e8-b887-7d448b396776/1/YdOLN5gKDfrpz5osW1at6X-vUC4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.140.252.0/22

    Signature Algorithm: sha256WithRSAEncryption
         54:56:70:25:5f:04:2d:d7:15:9b:20:cc:5a:04:96:c9:ea:eb:
         9d:80:77:ed:b8:e1:0e:c7:09:56:cd:1f:52:d0:2a:10:74:af:
         ab:a1:6e:ce:4d:eb:d7:25:76:68:e3:59:cc:13:a7:8d:0b:a3:
         95:c4:e8:0e:bd:0b:bc:23:e9:ba:fa:5f:3e:b4:9c:9c:02:ee:
         3e:84:ea:97:c0:d9:5f:e7:1c:42:dd:ac:ab:48:2f:f6:25:23:
         82:20:68:ad:d9:12:03:9e:4c:8a:67:91:5b:4c:72:78:0e:1f:
         ca:73:59:22:d4:f6:43:c8:93:8c:c9:6a:d7:e3:4b:3e:6b:cc:
         ca:54:23:0b:81:e8:68:0f:d1:4a:f2:16:d4:c6:f6:ce:15:d6:
         ef:4b:6c:a7:45:a6:39:3a:f6:c9:cf:e7:d8:66:44:13:33:9b:
         b3:6a:9f:b0:4d:fb:9b:a8:12:66:8c:d1:59:3f:34:3e:39:81:
         0f:60:4f:42:48:31:ef:dd:a0:12:41:4e:1d:74:b0:38:1d:bb:
         12:6b:4b:e5:7e:74:0e:18:7c:64:0d:64:9a:1c:80:94:17:72:
         e3:e3:1f:16:5d:9e:c3:0c:4a:26:99:bc:c2:7d:5e:7f:87:73:
         16:e4:ce:c0:f0:83:2b:23:d9:d0:c3:5e:1c:a4:17:0e:22:cd:
         28:2a:3e:a0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYqX7MELF26z8uQf4du35TstMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxZDM4YjM3OTgwYTBkZmFlOWNmOWEyYzViNTZhZGU5N2Zh
ZjUwMmUwHhcNMjMwOTE1MDgxOTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDQyODBkMzAzN2IwNDUxYTJkODJkYzE0YzI3NDkwZDhiOGRiMDAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzwHlAxd/2NhkBX8niVIFmwOCJzfi
dT97pLmi7nDSKzr+ETpN5RDD6JUslT06y4TRbF3udSku9zHpfIGYg0HBvTaDGwFF
4IhRxRoYBR8PHrMHwTnnqHaaWF6L8lAanZNqZn5AAD0hVFV5aAoobevpiFMroV+/
ITljK/Hs8j0BGnGKSmD5JXjXrkhsCth0YbdWYKolNdqtT0mR1tEdWCaECCo/osMl
W8Rm3EpDKHqevmEP56TzaJtm6mlJfP3+O8olkeVfaFhOdfUMilySgI4MUT2G27Vm
5GQ7wMICeGcEmOek0hTXMn3VKldZAOwJfQlgV0sOMafKEUO/vyvJ9miAwQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFORCgNMDewRRotgtwUwnSQ2LjbABMB8GA1UdIwQY
MBaAFGHTizeYCg366c+aLFtWrel/r1AuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWRPTE41Z0tEZnJwejVvc1cxYXQ2WC12VUM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82OTc0NmMtNTAxYS00M2U4LWI4ODct
N2Q0NDhiMzk2Nzc2LzEvNUVLQTB3TjdCRkdpMkMzQlRDZEpEWXVOc0FFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82OTc0NmMtNTAxYS00M2U4LWI4ODctN2Q0NDhiMzk2Nzc2
LzEvWWRPTE41Z0tEZnJwejVvc1cxYXQ2WC12VUM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYz8MA0G
CSqGSIb3DQEBCwUAA4IBAQBUVnAlXwQt1xWbIMxaBJbJ6uudgHftuOEOxwlWzR9S
0CoQdK+roW7OTevXJXZo41nME6eNC6OVxOgOvQu8I+m6+l8+tJycAu4+hOqXwNlf
5xxC3ayrSC/2JSOCIGit2RIDnkyKZ5FbTHJ4Dh/Kc1ki1PZDyJOMyWrX40s+a8zK
VCMLgehoD9FK8hbUxvbOFdbvS2ynRaY5OvbJz+fYZkQTM5uzap+wTfubqBJmjNFZ
PzQ+OYEPYE9CSDHv3aASQU4ddLA4HbsSa0vlfnQOGHxkDWSaHICUF3Lj4x8WXZ7D
DEommbzCfV5/h3MW5M7A8IMrI9nQw14cpBcOIs0oKj6g
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:53 2024 by rpki-client on console-fra.rpki-client.org