Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/slGpSPbpLTnDt0dTGbameyvecWc.roa
File:                     slGpSPbpLTnDt0dTGbameyvecWc.roa (raw, json)
Hash identifier:          6w1Deqk0LVIlwREY5AA7Jh/mGdFFwhmDeCwMNkaF/3w=
Subject key identifier:   B2:51:A9:48:F6:E9:2D:39:C3:B7:47:53:19:B6:A6:7B:2B:DE:71:67
Certificate issuer:       /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial:       018572471019042BA43021058C6F214F8366
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/slGpSPbpLTnDt0dTGbameyvecWc.roa
Signing time:             Mon 02 Jan 2023 11:38:57 +0000
ROA not before:           Mon 02 Jan 2023 11:38:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     59947
IP address blocks:        5.189.254.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 09 May 2023 06:09:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:47:10:19:04:2b:a4:30:21:05:8c:6f:21:4f:83:66
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
        Validity
            Not Before: Jan  2 11:38:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b251a948f6e92d39c3b7475319b6a67b2bde7167
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f2:c6:b5:93:8d:25:fe:63:fd:78:1f:d5:6c:45:
                    d3:5d:5e:71:cc:41:75:d7:65:52:6f:b9:5a:63:2c:
                    e4:e2:c8:4c:13:17:7b:5f:b4:dc:c0:44:de:79:5b:
                    58:61:e6:76:6a:9e:43:42:c8:d5:73:7b:10:ce:fb:
                    20:c4:27:0c:77:1b:2c:cb:3b:03:67:77:2d:b6:7d:
                    46:64:58:67:96:d8:76:7a:9d:ef:a2:1a:ac:4b:d9:
                    02:7a:d2:97:8a:b4:26:e7:5d:9c:32:05:39:aa:50:
                    8b:27:4a:38:8f:84:7f:11:38:1f:81:2e:3f:47:ce:
                    97:83:8e:53:b9:fa:ef:af:cd:39:6d:e2:e2:8b:f7:
                    d0:2e:e6:22:d7:f9:52:bb:3b:31:71:b0:cc:ea:02:
                    17:75:60:20:6b:69:9e:3b:22:39:56:23:85:6b:15:
                    57:6a:24:4d:86:23:da:63:ab:54:ac:e7:a2:b9:0d:
                    32:44:85:90:b7:9c:38:9f:46:76:cb:c4:74:a1:37:
                    cf:0e:4b:93:20:32:b0:64:5f:ef:c4:74:6c:33:95:
                    43:7c:0f:e5:a5:d9:c5:e9:45:68:3c:e1:86:09:00:
                    b2:7c:2c:dd:55:2e:2c:96:2b:10:fa:2d:7e:2c:2c:
                    84:74:3f:d7:22:52:85:55:89:b8:6c:c6:1c:f3:a2:
                    7a:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:51:A9:48:F6:E9:2D:39:C3:B7:47:53:19:B6:A6:7B:2B:DE:71:67
            X509v3 Authority Key Identifier:
                keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/slGpSPbpLTnDt0dTGbameyvecWc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.189.254.0/24

    Signature Algorithm: sha256WithRSAEncryption
         97:dc:f0:0b:07:7b:c9:c2:2c:12:29:bf:07:9e:38:72:9c:62:
         cc:46:43:3e:50:38:6b:53:8a:99:d5:bb:36:f6:eb:d9:38:b3:
         5e:4d:32:49:77:62:23:12:8b:07:69:bc:57:13:28:18:4f:0b:
         ab:33:54:b1:f9:77:d7:80:06:be:08:a8:f9:1f:1e:42:26:85:
         ed:c4:97:a4:a9:8c:3c:a2:89:0d:19:d9:55:f8:3f:8a:e7:91:
         99:6c:f9:07:a3:6d:f7:93:48:66:d3:66:85:78:58:6b:09:52:
         8d:ef:97:ac:3d:60:76:65:a2:4d:de:b1:65:9e:df:39:e7:a3:
         38:76:5d:f4:a4:99:9b:4b:ab:c1:4a:58:60:84:82:dc:6d:ed:
         78:e9:5d:d0:ea:84:d1:38:fe:66:57:65:99:fe:ff:5d:11:c3:
         e8:8e:b6:5d:fc:c7:f2:cf:84:39:4f:27:d9:9a:92:88:68:c2:
         e4:38:72:f0:47:4d:84:fc:f9:f0:ee:37:2f:1c:cc:b1:9b:58:
         92:7f:4c:7b:e4:0d:8e:3e:a0:e7:9b:09:e0:1b:5f:8b:c3:37:
         80:89:57:e1:c1:d3:91:6f:11:6c:af:67:bc:ac:3c:d9:2c:5b:
         06:45:fb:12:1f:94:40:72:70:c7:1b:2d:e6:15:a6:86:a4:5d:
         fc:11:0b:6d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyRxAZBCukMCEFjG8hT4NmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYWE4YTBhNWZkZmQ2OThlMTA0YmUzNmEyYWVlYzgxM2Fl
Y2EwNzEwHhcNMjMwMTAyMTEzODU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjUxYTk0OGY2ZTkyZDM5YzNiNzQ3NTMxOWI2YTY3YjJiZGU3MTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8sa1k40l/mP9eB/VbEXTXV5xzEF1
12VSb7laYyzk4shMExd7X7TcwETeeVtYYeZ2ap5DQsjVc3sQzvsgxCcMdxssyzsD
Z3cttn1GZFhnlth2ep3vohqsS9kCetKXirQm512cMgU5qlCLJ0o4j4R/ETgfgS4/
R86Xg45Tufrvr805beLii/fQLuYi1/lSuzsxcbDM6gIXdWAga2meOyI5ViOFaxVX
aiRNhiPaY6tUrOeiuQ0yRIWQt5w4n0Z2y8R0oTfPDkuTIDKwZF/vxHRsM5VDfA/l
pdnF6UVoPOGGCQCyfCzdVS4slisQ+i1+LCyEdD/XIlKFVYm4bMYc86J6AQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLJRqUj26S05w7dHUxm2pnsr3nFnMB8GA1UdIwQY
MBaAFOqqigpf39aY4QS+NqKu7IE67KBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQt
ODlkMDkyNDBjNDNiLzEvc2xHcFNQYnBMVG5EdDBkVEdiYW1leXZlY1djLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQtODlkMDkyNDBjNDNi
LzEvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABb3+MA0G
CSqGSIb3DQEBCwUAA4IBAQCX3PALB3vJwiwSKb8HnjhynGLMRkM+UDhrU4qZ1bs2
9uvZOLNeTTJJd2IjEosHabxXEygYTwurM1Sx+XfXgAa+CKj5Hx5CJoXtxJekqYw8
ookNGdlV+D+K55GZbPkHo233k0hm02aFeFhrCVKN75esPWB2ZaJN3rFlnt8556M4
dl30pJmbS6vBSlhghILcbe146V3Q6oTROP5mV2WZ/v9dEcPojrZd/Mfyz4Q5TyfZ
mpKIaMLkOHLwR02E/Pnw7jcvHMyxm1iSf0x75A2OPqDnmwngG1+LwzeAiVfhwdOR
bxFsr2e8rDzZLFsGRfsSH5RAcnDHGy3mFaaGpF38EQtt
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:29 2024 by rpki-client on console-fra.rpki-client.org