Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/fe4266-7f54-4fb3-b810-e97d1d0220af/1/9TruztdSqdd4o3vaIH8X96KRvjc.roa
File:                     9TruztdSqdd4o3vaIH8X96KRvjc.roa (raw, json)
Hash identifier:          1wU4/U2a8Yvwy0KkKV6YjeegjfK8vcLm+5JUXMUO+xE=
Subject key identifier:   F5:3A:EE:CE:D7:52:A9:D7:78:A3:7B:DA:20:7F:17:F7:A2:91:BE:37
Certificate issuer:       /CN=8e626c909eb4951154bcee8221e43951b4257624
Certificate serial:       018B1E2A13485256E54194D57C91D3CBF737
Authority key identifier: 8E:62:6C:90:9E:B4:95:11:54:BC:EE:82:21:E4:39:51:B4:25:76:24
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jmJskJ60lRFUvO6CIeQ5UbQldiQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/01/fe4266-7f54-4fb3-b810-e97d1d0220af/1/9TruztdSqdd4o3vaIH8X96KRvjc.roa
Signing time:             Wed 11 Oct 2023 09:55:55 +0000
ROA not before:           Wed 11 Oct 2023 09:55:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     5511
IP address blocks:        5.180.84.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:1e:2a:13:48:52:56:e5:41:94:d5:7c:91:d3:cb:f7:37
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8e626c909eb4951154bcee8221e43951b4257624
        Validity
            Not Before: Oct 11 09:55:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f53aeeced752a9d778a37bda207f17f7a291be37
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:72:4b:61:d9:fb:e8:05:88:4d:91:5d:5d:db:
                    41:e6:72:7d:df:63:d9:4a:3d:80:1b:cd:5a:e6:c2:
                    df:03:7e:fa:97:b3:09:44:36:c3:a4:ee:a4:ef:4a:
                    16:3f:a1:b6:d6:b8:7a:82:f2:4a:a8:1c:3f:42:b8:
                    88:d8:2a:74:7b:0d:eb:e9:79:76:69:14:d8:b8:4e:
                    00:5e:42:1a:0a:ea:a8:d1:b6:dc:55:78:1d:ff:b2:
                    0e:67:4b:0a:48:dd:5a:b0:81:a6:25:09:4d:d4:aa:
                    00:34:ca:ce:af:c2:9c:51:59:79:57:14:39:40:44:
                    0c:cb:da:ed:8a:2b:b2:dc:2d:a8:38:8a:36:2e:45:
                    ca:e7:1e:0f:3e:ad:68:7f:fe:e3:89:93:43:14:ab:
                    3f:f4:23:24:af:0d:12:a0:4c:67:d9:c6:2d:a1:9a:
                    48:77:25:4c:81:f5:03:0b:96:7a:6a:f0:a5:57:fe:
                    95:a4:6d:c9:b3:fd:4a:69:7e:35:06:1f:20:1a:57:
                    35:61:1a:96:aa:12:b1:a9:ff:18:d4:2e:0e:c0:80:
                    7f:02:a9:33:07:18:28:80:68:00:dc:f9:c1:9e:5d:
                    38:68:b2:6c:cd:c5:b9:53:37:b7:01:71:aa:83:7b:
                    9b:a4:a8:d0:b1:06:04:62:ce:7d:21:a5:02:d8:06:
                    79:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:3A:EE:CE:D7:52:A9:D7:78:A3:7B:DA:20:7F:17:F7:A2:91:BE:37
            X509v3 Authority Key Identifier:
                keyid:8E:62:6C:90:9E:B4:95:11:54:BC:EE:82:21:E4:39:51:B4:25:76:24

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jmJskJ60lRFUvO6CIeQ5UbQldiQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/fe4266-7f54-4fb3-b810-e97d1d0220af/1/9TruztdSqdd4o3vaIH8X96KRvjc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/01/fe4266-7f54-4fb3-b810-e97d1d0220af/1/jmJskJ60lRFUvO6CIeQ5UbQldiQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.180.84.0/22

    Signature Algorithm: sha256WithRSAEncryption
         1c:12:2d:b3:a1:84:be:26:7f:d2:5e:f7:6d:12:bd:da:9b:e5:
         6a:3f:06:30:b1:e3:66:73:d6:fa:0d:ff:8d:78:24:83:b4:52:
         4e:8a:20:42:b3:aa:c8:4f:f1:58:59:54:0a:61:49:84:aa:d1:
         90:ed:ab:03:a4:5a:33:58:0d:a4:6d:85:7b:aa:28:36:1d:e4:
         cc:cc:42:86:c5:6c:54:f2:50:39:4c:13:64:ac:78:dd:f1:2b:
         b2:79:bf:fa:3d:0c:7f:55:23:aa:df:31:56:d9:8d:ef:bb:20:
         82:2a:06:da:ef:bc:ec:47:a6:18:a7:19:2d:e9:10:cd:b0:9b:
         8e:99:d2:73:2c:82:df:1e:38:ee:dc:8e:90:8a:e2:e8:8d:1c:
         9c:5c:53:1d:17:0a:f6:49:ff:2f:8a:4a:4e:10:58:c0:d3:da:
         9b:d0:5e:89:75:57:d2:04:60:93:3b:1a:c4:07:a1:70:ff:c7:
         82:35:24:bb:23:fd:5f:51:fb:60:20:16:60:7b:59:36:b6:4f:
         0f:fa:50:9e:8e:fa:56:9e:9b:78:fd:bd:6f:43:ef:bc:0c:9c:
         05:11:0c:ca:35:c0:47:7c:50:27:4c:16:87:f6:3f:b3:92:b9:
         b6:e5:32:23:19:ba:79:30:57:78:25:db:a3:6d:c0:63:10:e9:
         5b:fd:5c:8c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYseKhNIUlblQZTVfJHTy/c3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlNjI2YzkwOWViNDk1MTE1NGJjZWU4MjIxZTQzOTUxYjQy
NTc2MjQwHhcNMjMxMDExMDk1NTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTNhZWVjZWQ3NTJhOWQ3NzhhMzdiZGEyMDdmMTdmN2EyOTFiZTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsHJLYdn76AWITZFdXdtB5nJ932PZ
Sj2AG81a5sLfA376l7MJRDbDpO6k70oWP6G21rh6gvJKqBw/QriI2Cp0ew3r6Xl2
aRTYuE4AXkIaCuqo0bbcVXgd/7IOZ0sKSN1asIGmJQlN1KoANMrOr8KcUVl5VxQ5
QEQMy9rtiiuy3C2oOIo2LkXK5x4PPq1of/7jiZNDFKs/9CMkrw0SoExn2cYtoZpI
dyVMgfUDC5Z6avClV/6VpG3Js/1KaX41Bh8gGlc1YRqWqhKxqf8Y1C4OwIB/Aqkz
BxgogGgA3PnBnl04aLJszcW5Uze3AXGqg3ubpKjQsQYEYs59IaUC2AZ5owIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPU67s7XUqnXeKN72iB/F/eikb43MB8GA1UdIwQY
MBaAFI5ibJCetJURVLzugiHkOVG0JXYkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvam1Kc2tKNjBsUkZVdk82Q0llUTVVYlFsZGlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9mZTQyNjYtN2Y1NC00ZmIzLWI4MTAt
ZTk3ZDFkMDIyMGFmLzEvOVRydXp0ZFNxZGQ0bzN2YUlIOFg5NktSdmpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9mZTQyNjYtN2Y1NC00ZmIzLWI4MTAtZTk3ZDFkMDIyMGFm
LzEvam1Kc2tKNjBsUkZVdk82Q0llUTVVYlFsZGlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBbRUMA0G
CSqGSIb3DQEBCwUAA4IBAQAcEi2zoYS+Jn/SXvdtEr3am+VqPwYwseNmc9b6Df+N
eCSDtFJOiiBCs6rIT/FYWVQKYUmEqtGQ7asDpFozWA2kbYV7qig2HeTMzEKGxWxU
8lA5TBNkrHjd8Suyeb/6PQx/VSOq3zFW2Y3vuyCCKgba77zsR6YYpxkt6RDNsJuO
mdJzLILfHjju3I6QiuLojRycXFMdFwr2Sf8vikpOEFjA09qb0F6JdVfSBGCTOxrE
B6Fw/8eCNSS7I/1fUftgIBZge1k2tk8P+lCejvpWnpt4/b1vQ++8DJwFEQzKNcBH
fFAnTBaH9j+zkrm25TIjGbp5MFd4JdujbcBjEOlb/VyM
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:04 2024 by rpki-client on console-ams.rpki-client.org