Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/b4bnzjKPXScyx3iVg7x2Ac-9jg4.roa
File:                     b4bnzjKPXScyx3iVg7x2Ac-9jg4.roa (raw, json)
Hash identifier:          4v6drOb57Z6fgk7HKe1wwCpHE1zhDidJfvFxsXL7dV8=
Subject key identifier:   6F:86:E7:CE:32:8F:5D:27:32:C7:78:95:83:BC:76:01:CF:BD:8E:0E
Certificate issuer:       /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial:       018AB836DC07FE5AE5924FF8CDF6761AC386
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/b4bnzjKPXScyx3iVg7x2Ac-9jg4.roa
Signing time:             Thu 21 Sep 2023 14:48:37 +0000
ROA not before:           Thu 21 Sep 2023 14:48:37 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204272
IP address blocks:        5.188.220.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:29:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:b8:36:dc:07:fe:5a:e5:92:4f:f8:cd:f6:76:1a:c3:86
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
        Validity
            Not Before: Sep 21 14:48:37 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6f86e7ce328f5d2732c7789583bc7601cfbd8e0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:1e:3f:e3:a2:ed:3c:02:92:93:80:23:3d:7f:
                    a7:89:eb:34:1f:40:77:8c:6a:eb:00:31:7c:3f:52:
                    6f:ea:92:95:df:54:57:f2:69:49:ab:b7:f2:55:7e:
                    df:52:fe:d3:92:59:9a:4b:16:40:dc:e2:20:65:ef:
                    80:14:36:84:a4:dc:77:8d:5c:b7:51:28:38:09:ec:
                    e5:5b:ef:3d:e5:17:ce:ea:21:d1:25:49:c7:81:02:
                    02:a3:2a:bb:a2:ef:20:8a:d2:9d:07:81:42:94:15:
                    68:0b:38:07:b2:0b:41:17:a8:ce:d5:f4:fb:91:75:
                    21:95:06:1d:33:87:30:20:0e:c7:90:89:7c:34:42:
                    41:69:c1:c6:57:a9:9d:5c:d2:14:4a:f9:02:1b:3d:
                    48:d8:52:1b:8f:2f:13:fd:c7:ef:83:de:5e:ae:1d:
                    41:ac:81:99:9e:ad:68:07:8a:bd:ef:cd:8a:36:43:
                    e8:f7:e6:c4:c9:39:40:8c:43:2c:8b:b7:a8:16:df:
                    ba:7b:d3:5a:ac:38:28:1c:67:15:4c:71:10:81:79:
                    9f:39:3d:56:7f:3e:7e:39:5a:e9:70:2c:0d:81:2a:
                    72:4b:bc:a4:9f:6f:1d:72:b2:fb:e1:23:ad:8b:1a:
                    9f:ed:1b:8e:69:14:22:30:0e:5d:ef:fa:8d:d2:d5:
                    59:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:86:E7:CE:32:8F:5D:27:32:C7:78:95:83:BC:76:01:CF:BD:8E:0E
            X509v3 Authority Key Identifier:
                keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/b4bnzjKPXScyx3iVg7x2Ac-9jg4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.188.220.0/23

    Signature Algorithm: sha256WithRSAEncryption
         83:64:4d:31:72:ee:d3:31:90:9d:7c:38:d6:02:92:90:95:c8:
         62:2f:ab:0d:4d:11:ce:6e:79:ac:4e:bb:fb:85:7a:82:61:f6:
         b4:cd:8d:7c:c2:dd:76:4b:c9:f6:29:64:ec:43:55:57:d9:a9:
         ad:e3:64:04:18:f2:51:41:9a:cd:63:7c:82:a9:fc:43:68:51:
         e9:3b:20:bf:c3:09:22:4d:6f:fb:6d:f3:3f:c0:9e:88:da:f1:
         e5:47:91:d2:65:22:4c:23:be:57:7e:0e:77:d7:a4:5c:cf:ed:
         df:a3:5c:32:e5:72:49:b3:01:2d:f7:98:2f:b5:bd:76:c9:0f:
         99:9e:ad:1f:e6:4f:4f:dc:74:f9:04:33:d1:f7:5e:cd:8c:1e:
         9a:13:ce:80:5c:cb:5f:92:39:73:46:cb:58:b7:dd:25:b9:36:
         62:3e:62:52:bc:99:94:7d:d5:11:bc:d4:e9:d9:08:6f:88:5b:
         8d:c9:0f:aa:33:98:8c:93:23:90:33:bd:33:e1:5e:33:1b:48:
         82:86:fd:16:fa:bc:36:e7:51:d2:08:6f:7e:84:b2:f6:3a:90:
         d8:5a:92:b1:49:09:b5:89:8d:53:39:a8:7f:b4:01:a8:c2:ab:
         8c:a8:2b:b6:8a:cc:45:f4:b9:75:86:64:a8:21:49:8a:f9:e8:
         fe:87:0e:61
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYq4NtwH/lrlkk/4zfZ2GsOGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYWE4YTBhNWZkZmQ2OThlMTA0YmUzNmEyYWVlYzgxM2Fl
Y2EwNzEwHhcNMjMwOTIxMTQ0ODM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Zjg2ZTdjZTMyOGY1ZDI3MzJjNzc4OTU4M2JjNzYwMWNmYmQ4ZTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoh4/46LtPAKSk4AjPX+nies0H0B3
jGrrADF8P1Jv6pKV31RX8mlJq7fyVX7fUv7TklmaSxZA3OIgZe+AFDaEpNx3jVy3
USg4CezlW+895RfO6iHRJUnHgQICoyq7ou8gitKdB4FClBVoCzgHsgtBF6jO1fT7
kXUhlQYdM4cwIA7HkIl8NEJBacHGV6mdXNIUSvkCGz1I2FIbjy8T/cfvg95erh1B
rIGZnq1oB4q9782KNkPo9+bEyTlAjEMsi7eoFt+6e9NarDgoHGcVTHEQgXmfOT1W
fz5+OVrpcCwNgSpyS7ykn28dcrL74SOtixqf7RuOaRQiMA5d7/qN0tVZLwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG+G584yj10nMsd4lYO8dgHPvY4OMB8GA1UdIwQY
MBaAFOqqigpf39aY4QS+NqKu7IE67KBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQt
ODlkMDkyNDBjNDNiLzEvYjRibnpqS1BYU2N5eDNpVmc3eDJBYy05amc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQtODlkMDkyNDBjNDNi
LzEvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBBbzcMA0G
CSqGSIb3DQEBCwUAA4IBAQCDZE0xcu7TMZCdfDjWApKQlchiL6sNTRHObnmsTrv7
hXqCYfa0zY18wt12S8n2KWTsQ1VX2amt42QEGPJRQZrNY3yCqfxDaFHpOyC/wwki
TW/7bfM/wJ6I2vHlR5HSZSJMI75Xfg5316Rcz+3fo1wy5XJJswEt95gvtb12yQ+Z
nq0f5k9P3HT5BDPR917NjB6aE86AXMtfkjlzRstYt90luTZiPmJSvJmUfdURvNTp
2QhviFuNyQ+qM5iMkyOQM70z4V4zG0iChv0W+rw251HSCG9+hLL2OpDYWpKxSQm1
iY1TOah/tAGowquMqCu2isxF9Ll1hmSoIUmK+ej+hw5h
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:29 2024 by rpki-client on console-fra.rpki-client.org