Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/5Gj4PPxzTH6knLskGWOu_AUdHTY.roa
File:                     5Gj4PPxzTH6knLskGWOu_AUdHTY.roa (raw, json)
Hash identifier:          Su9sn6yLXNycd7CStdnN2hFRj15XKRFzf8+eKASa/vo=
Subject key identifier:   E4:68:F8:3C:FC:73:4C:7E:A4:9C:BB:24:19:63:AE:FC:05:1D:1D:36
Certificate issuer:       /CN=dc11daefaff81c7e501278d87d9bc2b204d71155
Certificate serial:       018D31750F38507AA3C02F73603BB73CF6E7
Authority key identifier: DC:11:DA:EF:AF:F8:1C:7E:50:12:78:D8:7D:9B:C2:B2:04:D7:11:55
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3BHa76_4HH5QEnjYfZvCsgTXEVU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/5Gj4PPxzTH6knLskGWOu_AUdHTY.roa
Signing time:             Mon 22 Jan 2024 13:56:11 +0000
ROA not before:           Mon 22 Jan 2024 13:56:11 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     43260
IP address blocks:        94.154.42.0/24 maxlen: 24
                          94.154.44.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Sun 28 Jan 2024 21:41:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:31:75:0f:38:50:7a:a3:c0:2f:73:60:3b:b7:3c:f6:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc11daefaff81c7e501278d87d9bc2b204d71155
        Validity
            Not Before: Jan 22 13:56:11 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=e468f83cfc734c7ea49cbb241963aefc051d1d36
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:c9:0a:46:58:3f:ca:d3:7e:7e:08:72:19:2e:
                    de:a7:7c:af:6d:05:9c:1b:a8:22:1d:7e:64:09:b5:
                    13:0d:02:fb:c7:a6:5b:f8:38:3a:2e:c5:88:5d:f6:
                    b1:df:74:cc:20:85:97:94:ba:18:fe:c1:05:30:5b:
                    27:80:b2:5a:18:1e:b7:19:a5:ab:6d:90:a2:e5:c8:
                    22:5c:45:e0:9f:d2:cf:13:51:d1:e2:95:cf:77:d9:
                    ed:58:48:99:b5:92:2c:13:a0:b5:0c:85:89:65:69:
                    c0:4b:8a:55:12:e2:16:77:23:0f:68:4c:1c:0e:8a:
                    32:59:0b:b2:3d:3c:ef:df:b0:bf:35:c0:3a:5f:a5:
                    96:1a:ca:0f:c4:bf:17:39:0f:90:31:ae:db:16:13:
                    68:9b:de:27:31:2a:70:ac:54:89:68:ec:52:fb:7a:
                    5b:b8:40:5b:65:f8:1a:bc:01:80:b2:ad:71:a0:00:
                    bf:57:39:08:3a:7d:0b:c4:de:76:fb:90:b3:53:37:
                    bd:31:7b:cf:e6:55:b8:da:0f:01:7e:06:9d:ef:18:
                    cf:5a:3d:da:f8:92:47:bd:bb:9a:18:e3:43:95:79:
                    20:07:26:7f:66:1e:8b:b6:77:a0:f7:f7:fe:b6:da:
                    c8:d8:5b:2b:79:33:15:bc:67:bf:63:53:30:6e:9e:
                    82:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:68:F8:3C:FC:73:4C:7E:A4:9C:BB:24:19:63:AE:FC:05:1D:1D:36
            X509v3 Authority Key Identifier:
                keyid:DC:11:DA:EF:AF:F8:1C:7E:50:12:78:D8:7D:9B:C2:B2:04:D7:11:55

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3BHa76_4HH5QEnjYfZvCsgTXEVU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/5Gj4PPxzTH6knLskGWOu_AUdHTY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/3BHa76_4HH5QEnjYfZvCsgTXEVU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  94.154.42.0/24
                  94.154.44.0/23

    Signature Algorithm: sha256WithRSAEncryption
         96:0c:7f:9b:14:bf:5c:da:74:8c:0f:60:b8:f3:e7:cd:7d:db:
         1d:d3:20:f7:22:33:df:91:ab:14:84:95:76:e8:57:22:99:b1:
         31:d0:4e:30:38:03:ea:ed:de:45:21:23:b4:53:70:6e:87:3f:
         2c:ec:e0:a5:7c:4a:d3:22:88:7d:3f:57:29:13:9e:c8:a2:68:
         8d:83:b1:31:cb:b3:98:34:6c:e7:40:7c:14:ee:4c:79:71:03:
         8d:db:fd:cc:48:29:9a:89:77:fc:8c:a2:77:8a:c9:45:43:29:
         fb:48:00:01:35:3f:c2:c6:69:a9:ca:ac:6f:de:11:20:c9:62:
         5d:05:58:e0:f0:bb:73:e2:63:2e:c8:d9:02:ef:31:e8:d5:dd:
         c3:93:aa:e3:cc:bd:f3:86:b5:bd:ec:68:94:e9:6b:b1:54:52:
         25:d0:d4:71:7f:6b:30:23:61:e5:64:eb:70:0c:57:35:d3:5e:
         e7:e4:aa:e3:75:35:15:b8:fb:c1:d4:20:92:82:e3:4a:e3:c2:
         13:e1:7f:3b:eb:7c:f9:77:3d:20:0e:0d:22:54:1a:66:08:4a:
         f2:75:44:6c:5a:69:fa:56:30:37:05:23:2a:ba:68:4a:7b:bf:
         ec:02:f4:b9:03:a2:bf:33:72:d2:c3:bb:3b:84:bf:b1:94:42:
         c3:26:0e:d2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY0xdQ84UHqjwC9zYDu3PPbnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMTFkYWVmYWZmODFjN2U1MDEyNzhkODdkOWJjMmIyMDRk
NzExNTUwHhcNMjQwMTIyMTM1NjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDY4ZjgzY2ZjNzM0YzdlYTQ5Y2JiMjQxOTYzYWVmYzA1MWQxZDM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgckKRlg/ytN+fghyGS7ep3yvbQWc
G6giHX5kCbUTDQL7x6Zb+Dg6LsWIXfax33TMIIWXlLoY/sEFMFsngLJaGB63GaWr
bZCi5cgiXEXgn9LPE1HR4pXPd9ntWEiZtZIsE6C1DIWJZWnAS4pVEuIWdyMPaEwc
DooyWQuyPTzv37C/NcA6X6WWGsoPxL8XOQ+QMa7bFhNom94nMSpwrFSJaOxS+3pb
uEBbZfgavAGAsq1xoAC/VzkIOn0LxN52+5CzUze9MXvP5lW42g8Bfgad7xjPWj3a
+JJHvbuaGONDlXkgByZ/Zh6Ltneg9/f+ttrI2FsreTMVvGe/Y1Mwbp6COwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFORo+Dz8c0x+pJy7JBljrvwFHR02MB8GA1UdIwQY
MBaAFNwR2u+v+Bx+UBJ42H2bwrIE1xFVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0JIYTc2XzRISDVRRW5qWWZadkNzZ1RYRVZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC9iMjI2MDMtOTBhYi00M2FkLWFiMTYt
NjUyNDljYmM1NzNjLzEvNUdqNFBQeHpUSDZrbkxza0dXT3VfQVVkSFRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC9iMjI2MDMtOTBhYi00M2FkLWFiMTYtNjUyNDljYmM1NzNj
LzEvM0JIYTc2XzRISDVRRW5qWWZadkNzZ1RYRVZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAXpoqAwQB
XposMA0GCSqGSIb3DQEBCwUAA4IBAQCWDH+bFL9c2nSMD2C48+fNfdsd0yD3IjPf
kasUhJV26FcimbEx0E4wOAPq7d5FISO0U3Buhz8s7OClfErTIoh9P1cpE57IomiN
g7Exy7OYNGznQHwU7kx5cQON2/3MSCmaiXf8jKJ3islFQyn7SAABNT/Cxmmpyqxv
3hEgyWJdBVjg8Ltz4mMuyNkC7zHo1d3Dk6rjzL3zhrW97GiU6WuxVFIl0NRxf2sw
I2HlZOtwDFc1017n5KrjdTUVuPvB1CCSguNK48IT4X8763z5dz0gDg0iVBpmCEry
dURsWmn6VjA3BSMqumhKe7/sAvS5A6K/M3LSw7s7hL+xlELDJg7S
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:55 2024 by rpki-client on console-ams.rpki-client.org