Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/5J98wHcuEsiv7d0gQFT2bgMBt5Q.roa
File:                     5J98wHcuEsiv7d0gQFT2bgMBt5Q.roa (raw, json)
Hash identifier:          PokwhWVb7Y0lcURpzMuXriH9SBX473fWvynXF03GVzg=
Subject key identifier:   E4:9F:7C:C0:77:2E:12:C8:AF:ED:DD:20:40:54:F6:6E:03:01:B7:94
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       0189F26D06DE71FA09FE9C0177BA83EB9787
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/5J98wHcuEsiv7d0gQFT2bgMBt5Q.roa
Signing time:             Mon 14 Aug 2023 05:02:58 +0000
ROA not before:           Mon 14 Aug 2023 05:02:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     43260
IP address blocks:        37.221.120.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:29:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:f2:6d:06:de:71:fa:09:fe:9c:01:77:ba:83:eb:97:87
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: Aug 14 05:02:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e49f7cc0772e12c8afeddd204054f66e0301b794
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:3e:1d:44:49:4f:17:e9:14:c3:6e:3b:ec:bd:
                    19:dd:e7:af:b0:61:ac:76:57:23:b3:d7:38:6e:52:
                    05:20:e1:dc:8a:f4:05:60:b6:7d:a6:85:42:5c:ec:
                    72:bc:b6:d5:3a:34:3a:f6:58:2e:0e:25:dd:f1:1d:
                    0f:ac:65:a7:40:35:ef:e5:52:4c:ff:df:79:d0:28:
                    21:ce:3f:b2:71:ae:ce:b8:75:5a:bc:b7:fe:a5:72:
                    57:40:1f:3f:fd:71:4c:0c:d5:af:92:5b:ac:90:9f:
                    29:3b:0d:38:53:47:a0:16:ca:ae:d0:c8:22:c7:a4:
                    35:f0:93:bd:cc:7d:b2:01:96:e5:1a:80:30:68:1b:
                    83:f3:52:92:17:c0:43:6b:04:33:c8:36:26:1d:20:
                    77:97:db:f8:00:1b:4d:eb:d6:b8:19:bc:04:d9:5f:
                    b9:01:81:90:41:2e:f2:32:cc:c4:f7:4f:4d:62:2f:
                    03:78:ea:63:79:ac:75:93:4e:18:4a:0c:d5:57:fc:
                    43:35:b8:75:4e:f7:fd:1c:ce:2f:52:fa:68:d5:32:
                    c9:e3:66:a1:5f:2f:81:0d:d9:c0:8f:ae:b8:2a:22:
                    1e:e1:f9:57:7f:84:f9:3e:0c:30:33:0b:56:71:ca:
                    8f:23:59:60:3d:42:62:e3:d4:68:cd:ed:5c:e0:21:
                    5e:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:9F:7C:C0:77:2E:12:C8:AF:ED:DD:20:40:54:F6:6E:03:01:B7:94
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/5J98wHcuEsiv7d0gQFT2bgMBt5Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.221.120.0/22

    Signature Algorithm: sha256WithRSAEncryption
         0a:31:02:8c:3c:dd:ae:1f:d0:b4:e6:30:c2:08:d4:c7:03:b9:
         5c:14:07:eb:ad:ee:71:97:70:43:80:2f:fb:4f:3c:60:b7:41:
         20:2d:b8:0d:3c:32:71:d7:e0:f2:4e:2e:81:12:4c:e8:52:e4:
         97:bd:88:ec:9b:c6:15:47:8a:7e:67:79:9f:60:a3:40:e3:12:
         ba:5f:8a:96:51:59:b0:95:64:86:bf:77:4a:0a:6c:5b:13:98:
         99:bf:63:97:8b:4f:cc:98:44:41:a0:ce:f2:7a:db:8f:f4:93:
         3b:ec:e0:70:00:b0:83:29:ee:2d:28:67:4e:35:11:4e:ac:4f:
         4a:fa:04:3d:74:a1:af:87:29:0f:df:7b:a0:80:55:8f:a2:50:
         75:a8:4f:aa:46:c0:70:02:bf:27:40:d8:2f:33:a9:62:52:4b:
         45:c3:44:bc:69:d2:78:bd:10:53:5c:57:25:b8:ad:ff:a2:1a:
         07:26:ac:8c:5b:a2:6e:16:6b:f6:cf:17:8c:b1:2d:be:a5:76:
         c0:22:0c:54:34:a3:0c:10:57:01:0c:49:64:82:72:0e:6a:3c:
         d7:7e:e3:57:3c:23:98:2b:6f:a3:e8:a0:25:c3:22:93:df:4c:
         d3:0a:72:36:e8:79:0a:8d:c5:d0:78:a1:7a:9c:28:7e:4d:35:
         dd:ef:01:0b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYnybQbecfoJ/pwBd7qD65eHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwODE0MDUwMjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDlmN2NjMDc3MmUxMmM4YWZlZGRkMjA0MDU0ZjY2ZTAzMDFiNzk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhD4dRElPF+kUw2477L0Z3eevsGGs
dlcjs9c4blIFIOHcivQFYLZ9poVCXOxyvLbVOjQ69lguDiXd8R0PrGWnQDXv5VJM
/9950Cghzj+yca7OuHVavLf+pXJXQB8//XFMDNWvkluskJ8pOw04U0egFsqu0Mgi
x6Q18JO9zH2yAZblGoAwaBuD81KSF8BDawQzyDYmHSB3l9v4ABtN69a4GbwE2V+5
AYGQQS7yMszE909NYi8DeOpjeax1k04YSgzVV/xDNbh1Tvf9HM4vUvpo1TLJ42ah
Xy+BDdnAj664KiIe4flXf4T5PgwwMwtWccqPI1lgPUJi49Roze1c4CFeLwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOSffMB3LhLIr+3dIEBU9m4DAbeUMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvNUo5OHdIY3VFc2l2N2QwZ1FGVDJiZ01CdDVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCJd14MA0G
CSqGSIb3DQEBCwUAA4IBAQAKMQKMPN2uH9C05jDCCNTHA7lcFAfrre5xl3BDgC/7
Tzxgt0EgLbgNPDJx1+DyTi6BEkzoUuSXvYjsm8YVR4p+Z3mfYKNA4xK6X4qWUVmw
lWSGv3dKCmxbE5iZv2OXi0/MmERBoM7yetuP9JM77OBwALCDKe4tKGdONRFOrE9K
+gQ9dKGvhykP33uggFWPolB1qE+qRsBwAr8nQNgvM6liUktFw0S8adJ4vRBTXFcl
uK3/ohoHJqyMW6JuFmv2zxeMsS2+pXbAIgxUNKMMEFcBDElkgnIOajzXfuNXPCOY
K2+j6KAlwyKT30zTCnI26HkKjcXQeKF6nCh+TTXd7wEL
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:24 2024 by rpki-client on console-ams.rpki-client.org