Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/RF5FOImuXWZieGQTSKgIMqVuHjY.roa
File:                     RF5FOImuXWZieGQTSKgIMqVuHjY.roa (raw, json)
Hash identifier:          21vH+VWWyK6PwsPx9DWkVW9aldZwB3tBFLRjznXAFBM=
Subject key identifier:   44:5E:45:38:89:AE:5D:66:62:78:64:13:48:A8:08:32:A5:6E:1E:36
Certificate issuer:       /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial:       0187FF21AAEAD0658BC6DE545E6560D37487
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/RF5FOImuXWZieGQTSKgIMqVuHjY.roa
Signing time:             Tue 09 May 2023 06:10:09 +0000
ROA not before:           Tue 09 May 2023 06:10:09 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     35277
IP address blocks:        5.189.219.0/24 maxlen: 24
                          5.189.218.0/24 maxlen: 24
                          5.189.217.0/24 maxlen: 24
                          5.189.216.0/24 maxlen: 24
                          5.188.50.0/24 maxlen: 24
                          5.101.44.0/24 maxlen: 24
                          5.101.47.0/24 maxlen: 24
                          5.101.46.0/24 maxlen: 24
                          5.101.45.0/24 maxlen: 24
                          5.188.202.0/24 maxlen: 24
                          5.188.201.0/24 maxlen: 24
                          5.188.200.0/24 maxlen: 24
                          91.243.40.0/24 maxlen: 24
                          91.243.43.0/24 maxlen: 24
                          5.189.253.0/24 maxlen: 24
                          5.189.252.0/24 maxlen: 24
                          5.189.255.0/24 maxlen: 24
                          5.189.254.0/24 maxlen: 24
                          5.8.44.0/24 maxlen: 24
                          5.8.47.0/24 maxlen: 24
                          5.8.46.0/24 maxlen: 24
                          5.8.45.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:ff:21:aa:ea:d0:65:8b:c6:de:54:5e:65:60:d3:74:87
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
        Validity
            Not Before: May  9 06:10:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=445e453889ae5d666278641348a80832a56e1e36
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:46:58:93:5f:cd:3b:f8:79:62:cd:0e:c6:83:
                    5b:27:63:d6:12:bd:1c:11:9a:6f:04:05:88:d6:5e:
                    81:ac:2e:84:c3:eb:8f:a4:37:f3:90:29:07:43:12:
                    89:56:75:03:ec:28:e7:05:7d:bf:66:1b:7d:55:22:
                    f3:6f:d2:32:02:01:95:85:c6:ee:8b:52:57:76:76:
                    61:28:00:d0:0d:c1:c7:28:fc:bf:4d:d9:07:a6:16:
                    d8:33:2e:5b:53:ef:bb:38:76:05:7f:a1:44:8c:a2:
                    7a:44:d4:79:7d:13:fd:74:1c:d7:05:2f:38:97:70:
                    1b:5c:d0:14:ae:2c:a6:b9:25:a0:8e:9f:ba:c0:da:
                    ae:62:13:0f:7f:a2:1c:1f:a2:15:02:e2:2d:84:6f:
                    03:93:16:bb:62:62:10:bc:49:9d:cb:60:dc:1f:4d:
                    c7:e1:fa:55:2b:fe:65:7c:d7:af:36:22:f3:a4:81:
                    c2:e9:87:3b:5a:17:e8:ad:15:90:01:64:30:bf:a5:
                    a3:f3:80:1f:48:f6:e9:aa:92:1c:3b:45:63:9d:be:
                    c5:e0:be:62:d6:0c:b7:5c:f4:a7:9f:bb:af:42:f5:
                    aa:12:34:13:74:8c:81:e6:bb:ee:dd:e3:f8:1f:6e:
                    85:5a:f4:35:3d:c5:0a:01:32:54:8d:2b:86:06:b4:
                    11:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:5E:45:38:89:AE:5D:66:62:78:64:13:48:A8:08:32:A5:6E:1E:36
            X509v3 Authority Key Identifier:
                keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/RF5FOImuXWZieGQTSKgIMqVuHjY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.8.44.0/22
                  5.101.44.0/22
                  5.188.50.0/24
                  5.188.200.0-5.188.202.255
                  5.189.216.0/22
                  5.189.252.0/22
                  91.243.40.0/24
                  91.243.43.0/24

    Signature Algorithm: sha256WithRSAEncryption
         70:f4:23:60:23:f0:27:91:48:f6:a4:12:c3:ce:f1:f6:f2:46:
         b8:5e:e2:c2:fa:87:1a:ea:76:9f:29:c3:6b:2f:77:33:55:1d:
         c1:2e:30:6e:c1:5c:27:00:7b:fc:8f:e8:1d:33:a6:9d:b8:d9:
         8a:dd:94:c8:14:3f:1a:61:32:06:28:45:31:44:de:ac:27:04:
         a1:4e:36:bd:3d:c1:8f:ad:53:38:c3:b0:9f:6e:a9:de:c1:d4:
         a0:67:b0:6e:9b:0c:59:b7:fe:4b:62:90:7b:ca:59:a1:6e:a7:
         45:19:ab:c8:f2:d8:e4:47:e1:c0:09:58:21:68:0c:21:8a:f1:
         28:e7:c6:bd:86:cd:8d:5e:54:97:56:7c:cf:ba:96:43:63:5f:
         2f:a0:fe:67:ff:da:a1:45:55:66:a3:eb:ec:5c:56:0f:18:d1:
         94:34:8e:bf:a0:e4:72:c0:ea:b2:46:76:cb:6c:c4:22:8e:48:
         32:d8:c8:db:98:52:da:a7:c4:81:da:69:22:c5:bd:78:10:3d:
         49:24:e9:4e:5d:ef:7c:4a:67:ae:cf:91:61:a6:e0:aa:98:7a:
         4e:cc:91:56:17:91:3b:57:52:4c:f7:1f:08:dd:c8:d8:ca:1e:
         d4:a7:cd:f3:71:bb:29:39:91:d2:2d:5a:af:3d:fa:5c:32:0a:
         29:03:72:5a
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYf/Iarq0GWLxt5UXmVg03SHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYWE4YTBhNWZkZmQ2OThlMTA0YmUzNmEyYWVlYzgxM2Fl
Y2EwNzEwHhcNMjMwNTA5MDYxMDA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDVlNDUzODg5YWU1ZDY2NjI3ODY0MTM0OGE4MDgzMmE1NmUxZTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqUZYk1/NO/h5Ys0OxoNbJ2PWEr0c
EZpvBAWI1l6BrC6Ew+uPpDfzkCkHQxKJVnUD7CjnBX2/Zht9VSLzb9IyAgGVhcbu
i1JXdnZhKADQDcHHKPy/TdkHphbYMy5bU++7OHYFf6FEjKJ6RNR5fRP9dBzXBS84
l3AbXNAUriymuSWgjp+6wNquYhMPf6IcH6IVAuIthG8Dkxa7YmIQvEmdy2DcH03H
4fpVK/5lfNevNiLzpIHC6Yc7WhforRWQAWQwv6Wj84AfSPbpqpIcO0Vjnb7F4L5i
1gy3XPSnn7uvQvWqEjQTdIyB5rvu3eP4H26FWvQ1PcUKATJUjSuGBrQRpwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFEReRTiJrl1mYnhkE0ioCDKlbh42MB8GA1UdIwQY
MBaAFOqqigpf39aY4QS+NqKu7IE67KBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQt
ODlkMDkyNDBjNDNiLzEvUkY1Rk9JbXVYV1ppZUdRVFNLZ0lNcVZ1SGpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQtODlkMDkyNDBjNDNi
LzEvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQCBQgsAwQC
BWUsAwQABbwyMAwDBAMFvMgDBAAFvMoDBAIFvdgDBAIFvfwDBABb8ygDBABb8ysw
DQYJKoZIhvcNAQELBQADggEBAHD0I2Aj8CeRSPakEsPO8fbyRrhe4sL6hxrqdp8p
w2svdzNVHcEuMG7BXCcAe/yP6B0zpp242YrdlMgUPxphMgYoRTFE3qwnBKFONr09
wY+tUzjDsJ9uqd7B1KBnsG6bDFm3/ktikHvKWaFup0UZq8jy2ORH4cAJWCFoDCGK
8Sjnxr2GzY1eVJdWfM+6lkNjXy+g/mf/2qFFVWaj6+xcVg8Y0ZQ0jr+g5HLA6rJG
dstsxCKOSDLYyNuYUtqnxIHaaSLFvXgQPUkk6U5d73xKZ67PkWGm4KqYek7MkVYX
kTtXUkz3HwjdyNjKHtSnzfNxuyk5kdItWq89+lwyCikDclo=
-----END CERTIFICATE-----