Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/hG9VSnI3biwApx00HfcCRuMwd6Q.roa
File:                     hG9VSnI3biwApx00HfcCRuMwd6Q.roa (raw, json)
Hash identifier:          aiSA2QaEf2sAgcvvl7OBrmGWfD3qeRxr47OvNCprn9Q=
Subject key identifier:   84:6F:55:4A:72:37:6E:2C:00:A7:1D:34:1D:F7:02:46:E3:30:77:A4
Certificate issuer:       /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial:       018AF5CB1D4787D9073CD955DA26289E1E7E
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/hG9VSnI3biwApx00HfcCRuMwd6Q.roa
Signing time:             Tue 03 Oct 2023 13:47:23 +0000
ROA not before:           Tue 03 Oct 2023 13:47:23 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     49453
IP address blocks:        5.188.87.0/24 maxlen: 24
                          5.188.86.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:29:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:f5:cb:1d:47:87:d9:07:3c:d9:55:da:26:28:9e:1e:7e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
        Validity
            Not Before: Oct  3 13:47:23 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=846f554a72376e2c00a71d341df70246e33077a4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:8c:6f:f5:f3:6e:7d:57:3e:21:bd:83:53:51:
                    86:83:2c:d3:67:9d:1d:8c:09:ca:d5:c2:1e:c6:33:
                    e6:b9:ad:37:3e:f7:f1:2a:3e:b8:1d:0f:d0:5a:5d:
                    d0:ad:71:82:5e:3d:b7:bf:99:47:12:09:52:bb:bd:
                    90:6f:a3:d4:22:fd:4a:27:cd:8f:62:04:c5:a7:50:
                    1e:28:da:6f:b3:6b:a1:0b:70:26:a4:ba:6f:ff:7a:
                    40:c1:0a:ca:98:0a:43:78:5f:91:3e:70:30:db:25:
                    6b:f5:a4:9d:bd:2d:ee:80:b3:c7:f7:bb:3a:1f:29:
                    80:b8:2d:94:de:3f:3c:b1:6d:2b:20:e0:1b:19:5d:
                    04:2e:d7:02:0c:70:fc:15:82:8e:76:a0:6b:a6:2d:
                    e9:2e:9e:63:a0:be:5d:9c:87:e4:62:b4:4a:54:58:
                    fc:60:a3:ac:25:8b:56:83:99:0e:14:7f:8f:20:5f:
                    3d:ac:af:25:9f:22:2b:00:07:93:23:ce:89:97:44:
                    ab:46:27:8d:bc:1b:57:a6:e7:03:0d:8d:33:7f:c8:
                    29:55:c0:c3:1b:b6:f0:90:0e:09:2f:ba:ff:9e:dc:
                    dc:72:ce:a2:87:6f:9b:df:8f:e6:ec:8d:6c:bd:b1:
                    79:c1:3b:b7:29:aa:08:e5:c1:6a:ad:e5:d5:6a:19:
                    13:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:6F:55:4A:72:37:6E:2C:00:A7:1D:34:1D:F7:02:46:E3:30:77:A4
            X509v3 Authority Key Identifier:
                keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/hG9VSnI3biwApx00HfcCRuMwd6Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.188.86.0/23

    Signature Algorithm: sha256WithRSAEncryption
         35:b2:4c:e4:05:3e:81:43:34:95:dd:ad:d4:aa:c6:ce:29:23:
         63:dd:8d:4f:f5:56:97:a3:6e:9e:bd:c3:62:c4:ad:c3:2f:59:
         99:fb:48:fc:7d:b5:9d:cf:71:8b:f7:b0:6e:3d:49:53:16:70:
         07:90:5c:15:f2:3f:c4:f3:4e:48:2e:a5:fb:11:65:76:b7:03:
         fc:69:31:2a:f8:45:5f:e7:ff:4d:21:7e:2e:bf:a4:c7:55:43:
         67:70:63:4f:09:d0:1e:11:48:ec:56:ed:a0:f9:36:dd:7f:50:
         4e:09:63:68:10:fe:b2:12:50:7a:e7:07:3b:90:6b:a5:a6:83:
         be:aa:27:f5:af:63:b5:73:ae:ab:d5:ee:1f:cd:0f:a9:de:c0:
         04:69:ed:7a:f0:9e:f4:d2:eb:b0:b8:70:58:70:d5:3c:14:9e:
         55:90:18:3e:17:d7:fb:ba:32:04:e3:f1:31:63:eb:c4:eb:e0:
         d1:0e:01:7b:7e:64:07:b8:5a:52:19:d4:d4:69:eb:42:8f:6c:
         36:84:66:76:ed:cb:d8:bb:ae:e5:3a:59:7e:11:9f:e7:e4:3b:
         f1:51:a8:4e:6a:28:d4:25:73:61:1e:a6:e6:fd:fb:21:61:26:
         ac:fd:8f:ed:f4:97:4a:57:ea:2b:84:8d:af:c2:f1:64:52:23:
         9d:16:52:eb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYr1yx1Hh9kHPNlV2iYonh5+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYWE4YTBhNWZkZmQ2OThlMTA0YmUzNmEyYWVlYzgxM2Fl
Y2EwNzEwHhcNMjMxMDAzMTM0NzIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDZmNTU0YTcyMzc2ZTJjMDBhNzFkMzQxZGY3MDI0NmUzMzA3N2E0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoYxv9fNufVc+Ib2DU1GGgyzTZ50d
jAnK1cIexjPmua03PvfxKj64HQ/QWl3QrXGCXj23v5lHEglSu72Qb6PUIv1KJ82P
YgTFp1AeKNpvs2uhC3AmpLpv/3pAwQrKmApDeF+RPnAw2yVr9aSdvS3ugLPH97s6
HymAuC2U3j88sW0rIOAbGV0ELtcCDHD8FYKOdqBrpi3pLp5joL5dnIfkYrRKVFj8
YKOsJYtWg5kOFH+PIF89rK8lnyIrAAeTI86Jl0SrRieNvBtXpucDDY0zf8gpVcDD
G7bwkA4JL7r/ntzccs6ih2+b34/m7I1svbF5wTu3KaoI5cFqreXVahkTsQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIRvVUpyN24sAKcdNB33AkbjMHekMB8GA1UdIwQY
MBaAFOqqigpf39aY4QS+NqKu7IE67KBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQt
ODlkMDkyNDBjNDNiLzEvaEc5VlNuSTNiaXdBcHgwMEhmY0NSdU13ZDZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQtODlkMDkyNDBjNDNi
LzEvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBBbxWMA0G
CSqGSIb3DQEBCwUAA4IBAQA1skzkBT6BQzSV3a3UqsbOKSNj3Y1P9VaXo26evcNi
xK3DL1mZ+0j8fbWdz3GL97BuPUlTFnAHkFwV8j/E805ILqX7EWV2twP8aTEq+EVf
5/9NIX4uv6THVUNncGNPCdAeEUjsVu2g+Tbdf1BOCWNoEP6yElB65wc7kGulpoO+
qif1r2O1c66r1e4fzQ+p3sAEae168J700uuwuHBYcNU8FJ5VkBg+F9f7ujIE4/Ex
Y+vE6+DRDgF7fmQHuFpSGdTUaetCj2w2hGZ27cvYu67lOll+EZ/n5DvxUahOaijU
JXNhHqbm/fshYSas/Y/t9JdKV+orhI2vwvFkUiOdFlLr
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:56:55 2024 by rpki-client on console-ams.rpki-client.org