Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/015784-3705-418a-b994-7521af1ce259/1/5dNJV38yNzIfA6tydCh9Smv-SaA.roa
File:                     5dNJV38yNzIfA6tydCh9Smv-SaA.roa (raw, json)
Hash identifier:          Ca5jHj3Y+7LgV58DCKfWp5ns2wDfQBpEl67sHnlg9+M=
Subject key identifier:   E5:D3:49:57:7F:32:37:32:1F:03:AB:72:74:28:7D:4A:6B:FE:49:A0
Certificate issuer:       /CN=2baee7ea482d62a671063eac83789af39f390b74
Certificate serial:       018972DD81EC403B16F95F1D9823BB01158D
Authority key identifier: 2B:AE:E7:EA:48:2D:62:A6:71:06:3E:AC:83:78:9A:F3:9F:39:0B:74
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/K67n6kgtYqZxBj6sg3ia8585C3Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/07/015784-3705-418a-b994-7521af1ce259/1/5dNJV38yNzIfA6tydCh9Smv-SaA.roa
Signing time:             Thu 20 Jul 2023 10:34:26 +0000
ROA not before:           Thu 20 Jul 2023 10:34:26 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     197885
IP address blocks:        2001:678:388::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:29:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:72:dd:81:ec:40:3b:16:f9:5f:1d:98:23:bb:01:15:8d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2baee7ea482d62a671063eac83789af39f390b74
        Validity
            Not Before: Jul 20 10:34:26 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e5d349577f3237321f03ab7274287d4a6bfe49a0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:42:91:c6:f0:94:f1:07:d6:9a:44:52:7f:67:
                    de:9d:0a:6b:9d:84:e8:64:e2:c3:64:bd:7c:ea:f1:
                    3f:2c:95:a0:fe:40:b9:65:3a:03:71:e1:34:55:8a:
                    5a:0d:82:8f:d7:4d:77:dc:53:b4:19:df:4b:1d:f2:
                    98:b1:9e:22:73:58:19:72:1c:03:a8:b0:fe:1d:cb:
                    48:53:eb:7b:cc:4e:24:58:82:69:da:d6:6c:ee:92:
                    bf:c1:9d:fa:48:ac:c9:e0:a3:a5:7f:fb:d3:10:32:
                    7f:de:11:3f:f2:76:20:f3:ea:74:da:ca:bb:59:2a:
                    87:e6:d6:54:9e:26:95:b2:f6:24:aa:4d:84:15:83:
                    4a:43:9b:25:6a:d6:b4:cf:3a:17:e6:3a:ee:ab:dc:
                    e8:92:10:2a:8e:7b:3b:70:f8:d7:76:27:32:be:46:
                    a7:1d:ce:a8:51:d8:90:56:38:a8:ad:20:8b:cb:ee:
                    04:09:b9:bb:c9:ba:ec:c9:68:f5:dd:47:c0:79:e7:
                    52:a2:36:80:2b:d0:f6:6c:d3:08:ec:87:16:52:a1:
                    a1:00:78:af:22:41:c3:f5:c6:2d:f5:df:0e:a3:a0:
                    a5:62:3d:7f:46:e7:19:11:7a:88:aa:7c:0b:7f:4f:
                    10:30:1c:eb:52:11:1c:d8:18:be:90:96:9c:5d:c0:
                    58:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E5:D3:49:57:7F:32:37:32:1F:03:AB:72:74:28:7D:4A:6B:FE:49:A0
            X509v3 Authority Key Identifier:
                keyid:2B:AE:E7:EA:48:2D:62:A6:71:06:3E:AC:83:78:9A:F3:9F:39:0B:74

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K67n6kgtYqZxBj6sg3ia8585C3Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/015784-3705-418a-b994-7521af1ce259/1/5dNJV38yNzIfA6tydCh9Smv-SaA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/07/015784-3705-418a-b994-7521af1ce259/1/K67n6kgtYqZxBj6sg3ia8585C3Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:678:388::/48

    Signature Algorithm: sha256WithRSAEncryption
         8f:30:e6:ee:27:58:c5:5f:7e:82:42:c4:90:e1:64:d3:a0:31:
         12:02:0e:87:b2:70:a7:26:79:93:a1:79:b4:10:b9:ca:89:7d:
         aa:98:17:e3:49:5d:1f:08:fe:07:24:8f:c1:f4:c3:55:c0:0c:
         a9:72:02:8d:68:eb:1c:b2:36:de:37:d3:94:bc:dd:38:11:59:
         b2:53:c4:6c:f7:ff:78:5d:35:54:50:b4:f5:c2:8e:b1:2b:11:
         af:98:97:08:82:5c:ce:a6:3b:0b:79:c8:1b:33:4b:dd:46:40:
         84:e3:b3:76:a0:a3:5a:80:4a:3d:35:07:49:3b:9e:10:ee:e9:
         f5:d4:ab:92:31:a0:29:cc:6c:0a:71:fb:8b:64:67:85:11:53:
         10:9d:92:47:ab:08:60:4b:7c:a9:f3:94:76:51:da:4f:c1:06:
         36:de:de:88:69:7a:d0:fa:35:ee:f8:09:e3:2a:39:78:ab:90:
         11:7f:0d:c0:5d:27:12:64:55:fd:60:11:c0:52:5e:ef:a5:d6:
         c1:c4:8b:19:24:9c:f3:98:cd:ef:15:96:89:23:eb:1d:94:90:
         e6:bc:e8:80:9a:17:36:10:53:83:28:91:df:52:e4:db:ea:11:
         54:99:b4:b3:3d:95:07:48:55:5a:cb:33:b0:bf:e8:86:9a:03:
         74:f9:19:81
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYly3YHsQDsW+V8dmCO7ARWNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiYWVlN2VhNDgyZDYyYTY3MTA2M2VhYzgzNzg5YWYzOWYz
OTBiNzQwHhcNMjMwNzIwMTAzNDI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWQzNDk1NzdmMzIzNzMyMWYwM2FiNzI3NDI4N2Q0YTZiZmU0OWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA00KRxvCU8QfWmkRSf2fenQprnYTo
ZOLDZL186vE/LJWg/kC5ZToDceE0VYpaDYKP10133FO0Gd9LHfKYsZ4ic1gZchwD
qLD+HctIU+t7zE4kWIJp2tZs7pK/wZ36SKzJ4KOlf/vTEDJ/3hE/8nYg8+p02sq7
WSqH5tZUniaVsvYkqk2EFYNKQ5slata0zzoX5jruq9zokhAqjns7cPjXdicyvkan
Hc6oUdiQVjiorSCLy+4ECbm7ybrsyWj13UfAeedSojaAK9D2bNMI7IcWUqGhAHiv
IkHD9cYt9d8Oo6ClYj1/RucZEXqIqnwLf08QMBzrUhEc2Bi+kJacXcBYUQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFOXTSVd/MjcyHwOrcnQofUpr/kmgMB8GA1UdIwQY
MBaAFCuu5+pILWKmcQY+rIN4mvOfOQt0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzY3bjZrZ3RZcVp4Qmo2c2czaWE4NTg1QzNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy8wMTU3ODQtMzcwNS00MThhLWI5OTQt
NzUyMWFmMWNlMjU5LzEvNWROSlYzOHlOeklmQTZ0eWRDaDlTbXYtU2FBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy8wMTU3ODQtMzcwNS00MThhLWI5OTQtNzUyMWFmMWNlMjU5
LzEvSzY3bjZrZ3RZcVp4Qmo2c2czaWE4NTg1QzNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAOI
MA0GCSqGSIb3DQEBCwUAA4IBAQCPMObuJ1jFX36CQsSQ4WTToDESAg6HsnCnJnmT
oXm0ELnKiX2qmBfjSV0fCP4HJI/B9MNVwAypcgKNaOscsjbeN9OUvN04EVmyU8Rs
9/94XTVUULT1wo6xKxGvmJcIglzOpjsLecgbM0vdRkCE47N2oKNagEo9NQdJO54Q
7un11KuSMaApzGwKcfuLZGeFEVMQnZJHqwhgS3yp85R2UdpPwQY23t6IaXrQ+jXu
+AnjKjl4q5ARfw3AXScSZFX9YBHAUl7vpdbBxIsZJJzzmM3vFZaJI+sdlJDmvOiA
mhc2EFODKJHfUuTb6hFUmbSzPZUHSFVayzOwv+iGmgN0+RmB
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:47 2024 by rpki-client on console-fra.rpki-client.org