Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/taE3jLi3kYqJBQpQycNnjALb07s.roa
File:                     taE3jLi3kYqJBQpQycNnjALb07s.roa (raw, json)
Hash identifier:          VXNqHAwUyDOvEzVTOmGdz069xnvG4/qpkgRFpfUBqT8=
Subject key identifier:   B5:A1:37:8C:B8:B7:91:8A:89:05:0A:50:C9:C3:67:8C:02:DB:D3:BB
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       018D8679F4E49828C0EC6591973E32313273
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/taE3jLi3kYqJBQpQycNnjALb07s.roa
Signing time:             Thu 08 Feb 2024 02:09:15 +0000
ROA not before:           Thu 08 Feb 2024 02:09:15 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     21859
IP address blocks:        5.253.64.0/24 maxlen: 24
                          5.253.66.0/24 maxlen: 24
                          5.253.67.0/24 maxlen: 24
                          87.121.60.0/24 maxlen: 24
                          87.121.61.0/24 maxlen: 24
                          87.121.62.0/24 maxlen: 24
                          87.121.63.0/24 maxlen: 24
                          87.121.114.0/24 maxlen: 24
                          87.121.115.0/24 maxlen: 24
                          93.123.75.0/24 maxlen: 24
                          93.123.80.0/24 maxlen: 24
                          93.123.119.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 16 Feb 2024 00:43:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:86:79:f4:e4:98:28:c0:ec:65:91:97:3e:32:31:32:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: Feb  8 02:09:15 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=b5a1378cb8b7918a89050a50c9c3678c02dbd3bb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:3c:07:f6:ff:bd:ee:18:d7:5c:2b:4b:dd:17:
                    f8:b1:2c:64:ea:b7:b0:14:54:50:77:74:e2:87:d0:
                    01:b8:2d:10:03:f4:6c:ef:63:69:da:f0:48:ab:c5:
                    c0:a4:cc:58:91:59:b1:f4:eb:66:87:fd:cf:47:9b:
                    f3:55:00:38:95:4b:56:ba:c1:80:7b:ab:47:8d:55:
                    09:c7:48:19:05:d6:b7:df:b5:70:c4:39:b6:10:c5:
                    39:f4:de:e0:4c:5b:65:35:d9:94:ee:a8:5e:56:a1:
                    01:32:ec:0f:bd:40:f1:dc:7d:55:04:97:28:d0:fa:
                    8a:a8:23:7c:9a:3d:65:1a:3c:10:1e:4b:25:3b:a3:
                    a4:aa:e2:68:14:b6:33:fc:63:65:ea:6f:2b:00:f1:
                    91:ed:c1:7a:ee:89:c4:0e:5a:31:ee:8b:7c:cf:0c:
                    3f:b5:eb:09:cc:26:f4:b9:df:f1:57:03:bf:48:e0:
                    0f:f1:3f:7a:7b:71:62:f9:1f:3a:c0:3f:ae:8d:a5:
                    43:aa:05:bc:69:3f:71:eb:56:70:50:bf:e4:71:ff:
                    19:9e:cf:58:c2:39:af:76:06:d4:8e:94:b5:80:ed:
                    e2:f6:86:ae:30:51:dd:77:0e:2c:8b:14:0d:ad:99:
                    22:63:07:2a:a5:96:ed:4f:73:45:1a:62:2b:f4:1f:
                    e5:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:A1:37:8C:B8:B7:91:8A:89:05:0A:50:C9:C3:67:8C:02:DB:D3:BB
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/taE3jLi3kYqJBQpQycNnjALb07s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.253.64.0/24
                  5.253.66.0/23
                  87.121.60.0/22
                  87.121.114.0/23
                  93.123.75.0/24
                  93.123.80.0/24
                  93.123.119.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ab:4a:42:16:8b:f7:05:d9:cc:86:31:72:61:4c:3c:97:88:a8:
         87:d7:9c:8c:6e:5f:ea:37:27:ac:f3:28:03:89:67:b0:e3:c9:
         b1:7c:0e:94:01:ab:28:6b:db:48:88:af:00:5c:ff:ac:c6:03:
         1a:29:1e:37:64:15:36:f1:ce:47:f6:d5:28:b0:80:4b:bf:fb:
         f1:1a:7f:db:f5:74:d3:1c:51:ec:09:4a:19:bb:2d:de:ec:1f:
         74:d8:ab:87:db:62:45:bc:a3:21:be:08:91:f8:e4:42:91:31:
         1d:f1:d8:51:6c:b6:be:d9:9d:49:36:30:46:41:eb:3a:56:c0:
         1f:7c:90:48:92:4e:b1:d4:04:f2:cf:e1:8b:a0:b4:40:cd:62:
         d0:55:75:2a:fe:24:bd:2c:30:1a:13:7e:6c:d3:ef:13:f6:e0:
         e3:91:6a:53:48:57:b4:5c:44:27:e1:28:b6:3e:80:d0:3b:da:
         31:90:14:66:76:54:0d:8c:3a:96:65:09:51:67:fa:17:20:ad:
         a8:e8:00:08:53:f5:97:ec:38:26:86:f9:4c:85:b9:c6:99:a3:
         d4:78:cd:45:da:d7:24:e7:9a:a2:e5:08:ca:da:51:b9:75:37:
         46:e8:e3:ec:a6:21:66:43:b6:d3:3e:ec:bd:4d:ec:db:08:a8:
         f9:72:96:1d
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY2GefTkmCjA7GWRlz4yMTJzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMjA4MDIwOTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWExMzc4Y2I4Yjc5MThhODkwNTBhNTBjOWMzNjc4YzAyZGJkM2JiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhzwH9v+97hjXXCtL3Rf4sSxk6rew
FFRQd3Tih9ABuC0QA/Rs72Np2vBIq8XApMxYkVmx9Otmh/3PR5vzVQA4lUtWusGA
e6tHjVUJx0gZBda337VwxDm2EMU59N7gTFtlNdmU7qheVqEBMuwPvUDx3H1VBJco
0PqKqCN8mj1lGjwQHkslO6OkquJoFLYz/GNl6m8rAPGR7cF67onEDlox7ot8zww/
tesJzCb0ud/xVwO/SOAP8T96e3Fi+R86wD+ujaVDqgW8aT9x61ZwUL/kcf8Zns9Y
wjmvdgbUjpS1gO3i9oauMFHddw4sixQNrZkiYwcqpZbtT3NFGmIr9B/l4QIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFLWhN4y4t5GKiQUKUMnDZ4wC29O7MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvdGFFM2pMaTNrWXFKQlFwUXljTm5qQUxiMDdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQABf1AAwQB
Bf1CAwQCV3k8AwQBV3lyAwQAXXtLAwQAXXtQAwQAXXt3MA0GCSqGSIb3DQEBCwUA
A4IBAQCrSkIWi/cF2cyGMXJhTDyXiKiH15yMbl/qNyes8ygDiWew48mxfA6UAaso
a9tIiK8AXP+sxgMaKR43ZBU28c5H9tUosIBLv/vxGn/b9XTTHFHsCUoZuy3e7B90
2KuH22JFvKMhvgiR+ORCkTEd8dhRbLa+2Z1JNjBGQes6VsAffJBIkk6x1ATyz+GL
oLRAzWLQVXUq/iS9LDAaE35s0+8T9uDjkWpTSFe0XEQn4Si2PoDQO9oxkBRmdlQN
jDqWZQlRZ/oXIK2o6AAIU/WX7DgmhvlMhbnGmaPUeM1F2tck55qi5QjK2lG5dTdG
6OPspiFmQ7bTPuy9TezbCKj5cpYd
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:45 2024 by rpki-client on console-ams.rpki-client.org