Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/5c57e7-7ba8-4a62-8d15-c6b6fd12ce27/1/5km8UhyfqAMu2cumwri3FqygDh8.roa
File:                     5km8UhyfqAMu2cumwri3FqygDh8.roa (raw, json)
Hash identifier:          Gp0Q/780StawRvCkSrR9I8q8S2BRDDaa9K4A4drCmzc=
Subject key identifier:   E6:49:BC:52:1C:9F:A8:03:2E:D9:CB:A6:C2:B8:B7:16:AC:A0:0E:1F
Certificate issuer:       /CN=415c10f84dc22937ef6d15eb71bbb4a5308162bf
Certificate serial:       018CC348976AE6F85ADE155FE5D1AD8CE06D
Authority key identifier: 41:5C:10:F8:4D:C2:29:37:EF:6D:15:EB:71:BB:B4:A5:30:81:62:BF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QVwQ-E3CKTfvbRXrcbu0pTCBYr8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/06/5c57e7-7ba8-4a62-8d15-c6b6fd12ce27/1/5km8UhyfqAMu2cumwri3FqygDh8.roa
Signing time:             Mon 01 Jan 2024 04:29:23 +0000
ROA not before:           Mon 01 Jan 2024 04:29:23 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     197524
IP address blocks:        185.93.200.0/22 maxlen: 22
                          185.18.36.0/22 maxlen: 22
                          91.235.8.0/22 maxlen: 22
                          2a05:fa40::/29 maxlen: 29

Validation:               Failed, certificate revoked on Wed 31 Jul 2024 05:24:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:48:97:6a:e6:f8:5a:de:15:5f:e5:d1:ad:8c:e0:6d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=415c10f84dc22937ef6d15eb71bbb4a5308162bf
        Validity
            Not Before: Jan  1 04:29:23 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=e649bc521c9fa8032ed9cba6c2b8b716aca00e1f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:85:a0:57:0e:b0:71:5e:e0:1a:f9:6a:5d:3d:
                    5e:d2:e1:58:a2:4c:b5:be:3b:11:94:dd:c8:fe:e3:
                    e6:88:17:2f:8c:59:ae:4a:14:8c:bc:43:26:ea:d5:
                    53:e8:cb:bd:e2:0b:40:fb:af:ad:31:81:ea:9c:b4:
                    02:8f:fe:21:9d:0f:e6:ef:88:d9:0f:43:a0:1a:f0:
                    e1:aa:95:c0:68:9e:ee:9f:af:e6:4c:58:a0:4a:8b:
                    77:a9:46:29:b5:d1:fd:8b:61:df:72:c2:77:cd:89:
                    54:65:f6:06:66:d3:63:72:3d:eb:eb:95:d9:ad:da:
                    ad:17:0d:b3:4a:0d:11:ad:d6:9b:d8:ca:7e:94:a8:
                    ae:b7:af:4a:96:76:51:29:9d:3d:aa:01:ce:64:21:
                    ae:18:b9:d4:12:23:1e:5f:33:8e:42:d5:f1:31:16:
                    35:d2:59:8f:32:fe:6a:65:17:0f:f2:c3:d0:c6:b4:
                    83:dd:73:46:2d:79:46:a1:53:ef:26:0b:69:d7:5f:
                    69:c0:5e:ef:91:c9:72:4b:35:96:ae:e3:e7:a7:59:
                    b6:91:0d:ad:95:8c:11:e3:7c:22:b7:99:0f:c5:47:
                    9d:b4:1b:99:ca:6d:91:44:3d:ee:43:f1:b2:9d:33:
                    4d:c5:0a:57:67:b4:85:fc:2e:a3:89:f2:7d:37:a1:
                    b2:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:49:BC:52:1C:9F:A8:03:2E:D9:CB:A6:C2:B8:B7:16:AC:A0:0E:1F
            X509v3 Authority Key Identifier:
                keyid:41:5C:10:F8:4D:C2:29:37:EF:6D:15:EB:71:BB:B4:A5:30:81:62:BF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QVwQ-E3CKTfvbRXrcbu0pTCBYr8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/5c57e7-7ba8-4a62-8d15-c6b6fd12ce27/1/5km8UhyfqAMu2cumwri3FqygDh8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/06/5c57e7-7ba8-4a62-8d15-c6b6fd12ce27/1/QVwQ-E3CKTfvbRXrcbu0pTCBYr8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.235.8.0/22
                  185.18.36.0/22
                  185.93.200.0/22
                IPv6:
                  2a05:fa40::/29

    Signature Algorithm: sha256WithRSAEncryption
         01:b1:1b:e8:74:93:ac:7e:f9:6d:52:9a:ba:da:c6:8d:c8:d9:
         f7:e4:9a:45:bb:fb:3e:50:c0:8b:61:b5:ed:48:aa:4f:c1:0b:
         3e:53:b5:1d:ab:ec:b8:83:f2:64:3c:d9:86:7e:d2:2e:e9:d0:
         e8:22:ce:42:10:79:51:69:86:c4:eb:93:5f:42:4b:aa:f1:58:
         2b:7e:53:91:ad:6f:a8:9f:c3:84:52:ab:e9:b1:06:2c:3e:fd:
         d3:2d:9a:f0:7a:0e:2c:e7:db:ee:42:c9:f4:ad:7b:87:eb:9f:
         6f:a6:c1:48:94:e9:bc:0a:c4:c8:25:45:35:b2:ef:3f:62:45:
         f3:ec:3d:1a:89:4d:be:46:6d:87:87:dd:5d:ad:fd:47:f1:42:
         8a:7d:cb:f8:7d:6c:75:74:86:bc:9a:b8:3d:9e:76:a6:a4:d1:
         c4:2d:a2:64:a6:1b:bf:59:db:21:09:ac:7a:29:f7:1b:fc:ac:
         02:57:e2:6e:5d:ed:f3:cf:0c:9e:07:10:7a:12:d1:db:7c:80:
         d7:f7:39:1e:e0:44:24:dd:12:ee:a2:13:10:4c:08:e5:40:a8:
         91:c2:da:58:9e:ef:58:9e:9c:4f:d6:5d:55:9d:cd:68:18:ea:
         56:28:ff:70:91:b9:0d:9d:8f:67:91:8d:74:c8:9d:32:65:d1:
         10:12:a4:00
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzDSJdq5vha3hVf5dGtjOBtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxNWMxMGY4NGRjMjI5MzdlZjZkMTVlYjcxYmJiNGE1MzA4
MTYyYmYwHhcNMjQwMTAxMDQyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjQ5YmM1MjFjOWZhODAzMmVkOWNiYTZjMmI4YjcxNmFjYTAwZTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA04WgVw6wcV7gGvlqXT1e0uFYoky1
vjsRlN3I/uPmiBcvjFmuShSMvEMm6tVT6Mu94gtA+6+tMYHqnLQCj/4hnQ/m74jZ
D0OgGvDhqpXAaJ7un6/mTFigSot3qUYptdH9i2HfcsJ3zYlUZfYGZtNjcj3r65XZ
rdqtFw2zSg0Rrdab2Mp+lKiut69KlnZRKZ09qgHOZCGuGLnUEiMeXzOOQtXxMRY1
0lmPMv5qZRcP8sPQxrSD3XNGLXlGoVPvJgtp119pwF7vkclySzWWruPnp1m2kQ2t
lYwR43wit5kPxUedtBuZym2RRD3uQ/GynTNNxQpXZ7SF/C6jifJ9N6GynwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFOZJvFIcn6gDLtnLpsK4txasoA4fMB8GA1UdIwQY
MBaAFEFcEPhNwik3720V63G7tKUwgWK/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVZ3US1FM0NLVGZ2YlJYcmNidTBwVENCWXI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi81YzU3ZTctN2JhOC00YTYyLThkMTUt
YzZiNmZkMTJjZTI3LzEvNWttOFVoeWZxQU11MmN1bXdyaTNGcXlnRGg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi81YzU3ZTctN2JhOC00YTYyLThkMTUtYzZiNmZkMTJjZTI3
LzEvUVZ3US1FM0NLVGZ2YlJYcmNidTBwVENCWXI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCW+sIAwQC
uRIkAwQCuV3IMA0EAgACMAcDBQMqBfpAMA0GCSqGSIb3DQEBCwUAA4IBAQABsRvo
dJOsfvltUpq62saNyNn35JpFu/s+UMCLYbXtSKpPwQs+U7Udq+y4g/JkPNmGftIu
6dDoIs5CEHlRaYbE65NfQkuq8VgrflORrW+on8OEUqvpsQYsPv3TLZrweg4s59vu
Qsn0rXuH659vpsFIlOm8CsTIJUU1su8/YkXz7D0aiU2+Rm2Hh91drf1H8UKKfcv4
fWx1dIa8mrg9nnampNHELaJkphu/WdshCax6Kfcb/KwCV+JuXe3zzwyeBxB6EtHb
fIDX9zke4EQk3RLuohMQTAjlQKiRwtpYnu9YnpxP1l1Vnc1oGOpWKP9wkbkNnY9n
kY10yJ0yZdEQEqQA
-----END CERTIFICATE-----
Generated at Wed Jul 31 07:42:35 2024 by rpki-client on console-ams.rpki-client.org