Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/5J58yKtbBiBIftodlIX5_iP9ESc.roa
File:                     5J58yKtbBiBIftodlIX5_iP9ESc.roa (raw, json)
Hash identifier:          mpHGXKuOlPYToRcA4syESioIPhlnct2T8QkezmK4MEc=
Subject key identifier:   E4:9E:7C:C8:AB:5B:06:20:48:7E:DA:1D:94:85:F9:FE:23:FD:11:27
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       018BA454085893021B177DC1D48B7B7BBB29
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/5J58yKtbBiBIftodlIX5_iP9ESc.roa
Signing time:             Mon 06 Nov 2023 11:10:52 +0000
ROA not before:           Mon 06 Nov 2023 11:10:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     216475
IP address blocks:        195.133.79.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:33:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:a4:54:08:58:93:02:1b:17:7d:c1:d4:8b:7b:7b:bb:29
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Nov  6 11:10:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e49e7cc8ab5b0620487eda1d9485f9fe23fd1127
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:c3:b4:ff:58:ce:bc:2e:19:8a:7e:d3:3e:e5:
                    90:b9:a6:f0:33:cf:b4:b2:60:94:35:4e:ac:d2:d6:
                    b7:1e:f9:26:46:2d:a1:df:e1:84:3a:9e:b7:1c:97:
                    0c:9e:05:1a:b6:da:3e:b1:10:67:d0:9d:cb:15:97:
                    14:79:2b:06:a1:66:71:b6:53:89:a6:fb:2f:45:1c:
                    60:49:da:df:84:b3:39:bb:4c:e6:b9:6c:92:76:a1:
                    51:6e:8c:80:f7:3d:ce:47:7a:e6:f8:f9:cc:3c:05:
                    8e:d6:bb:9f:a7:6a:57:53:0d:a6:5f:2f:51:61:17:
                    e9:90:b9:58:62:14:1b:6e:da:16:53:7c:6b:e0:61:
                    ee:ce:1c:c6:48:a5:8a:6b:ec:86:4f:4a:18:73:28:
                    40:a9:8c:1f:29:4c:24:26:55:0a:6b:d2:ad:f3:58:
                    44:ee:57:80:1b:49:5b:c1:b2:f1:66:cd:c1:b0:bb:
                    35:fe:8d:71:93:b9:d5:02:8b:29:a2:eb:50:bd:ec:
                    7e:9b:67:dd:48:3b:d8:e0:e9:19:32:f6:7c:9c:fb:
                    39:31:57:b3:ed:63:e5:a9:74:76:8b:40:e3:e6:4c:
                    bc:9a:e9:3d:4c:c8:e8:ac:a1:49:1c:c4:82:ec:86:
                    68:e4:5d:4b:c7:de:dd:19:be:47:cb:f5:19:f6:86:
                    47:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:9E:7C:C8:AB:5B:06:20:48:7E:DA:1D:94:85:F9:FE:23:FD:11:27
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/5J58yKtbBiBIftodlIX5_iP9ESc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.133.79.0/24

    Signature Algorithm: sha256WithRSAEncryption
         64:18:5c:87:e2:d7:35:6c:91:2d:7f:56:cb:8c:65:3b:54:a0:
         06:07:59:0f:85:0f:77:fe:54:b5:26:81:08:e3:65:ab:06:04:
         23:84:17:e2:55:af:69:50:0d:04:8e:5e:33:9b:34:ab:7b:5d:
         d0:03:14:f2:86:02:67:38:84:9b:2d:f3:b6:4a:25:91:7d:83:
         eb:5d:29:74:3c:68:dc:0e:e6:b4:cc:f5:9d:2d:08:f7:33:8f:
         21:9b:08:a6:b4:82:01:8c:c4:36:7b:c0:1a:0f:cc:ab:0b:af:
         cd:81:2b:09:f5:9d:e9:cb:f1:eb:74:fb:d4:4c:02:f2:2d:71:
         63:c1:63:8c:ce:7e:ef:c3:f5:0b:25:ff:25:b5:31:21:69:87:
         d1:ee:e6:fe:f2:a3:a0:b8:e6:46:15:13:a7:60:ef:ef:64:d2:
         2c:dd:64:b7:7f:e1:3e:1d:b4:f6:ca:5d:36:31:99:f7:a7:bf:
         8a:b7:23:32:8f:52:17:56:c9:d5:0d:db:cd:5e:26:a3:d5:49:
         1d:89:55:56:5a:53:9c:9a:60:9d:3e:e7:75:19:1c:97:29:85:
         78:c4:53:ea:b6:ec:04:f1:7a:78:97:df:53:c3:2b:58:bb:a7:
         63:53:fd:45:4a:62:2b:d7:39:f4:82:b1:81:33:10:53:d2:18:
         ff:76:e3:bf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYukVAhYkwIbF33B1It7e7spMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMTA2MTExMDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDllN2NjOGFiNWIwNjIwNDg3ZWRhMWQ5NDg1ZjlmZTIzZmQxMTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvcO0/1jOvC4Zin7TPuWQuabwM8+0
smCUNU6s0ta3HvkmRi2h3+GEOp63HJcMngUatto+sRBn0J3LFZcUeSsGoWZxtlOJ
pvsvRRxgSdrfhLM5u0zmuWySdqFRboyA9z3OR3rm+PnMPAWO1rufp2pXUw2mXy9R
YRfpkLlYYhQbbtoWU3xr4GHuzhzGSKWKa+yGT0oYcyhAqYwfKUwkJlUKa9Kt81hE
7leAG0lbwbLxZs3BsLs1/o1xk7nVAospoutQvex+m2fdSDvY4OkZMvZ8nPs5MVez
7WPlqXR2i0Dj5ky8muk9TMjorKFJHMSC7IZo5F1Lx97dGb5Hy/UZ9oZHwQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOSefMirWwYgSH7aHZSF+f4j/REnMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvNUo1OHlLdGJCaUJJZnRvZGxJWDVfaVA5RVNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw4VPMA0G
CSqGSIb3DQEBCwUAA4IBAQBkGFyH4tc1bJEtf1bLjGU7VKAGB1kPhQ93/lS1JoEI
42WrBgQjhBfiVa9pUA0Ejl4zmzSre13QAxTyhgJnOISbLfO2SiWRfYPrXSl0PGjc
Dua0zPWdLQj3M48hmwimtIIBjMQ2e8AaD8yrC6/NgSsJ9Z3py/HrdPvUTALyLXFj
wWOMzn7vw/ULJf8ltTEhaYfR7ub+8qOguOZGFROnYO/vZNIs3WS3f+E+HbT2yl02
MZn3p7+KtyMyj1IXVsnVDdvNXiaj1UkdiVVWWlOcmmCdPud1GRyXKYV4xFPqtuwE
8Xp4l99TwytYu6djU/1FSmIr1zn0grGBMxBT0hj/duO/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:06 2024 by rpki-client on console-fra.rpki-client.org