Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/SYzNPkjOYb3nooHBLfbppc-lewU.roa
File:                     SYzNPkjOYb3nooHBLfbppc-lewU.roa (raw, json)
Hash identifier:          5kQUnwLzYE8cy9WqzDjpZsKXzVPXS9zKiHJdNZGpi7M=
Subject key identifier:   49:8C:CD:3E:48:CE:61:BD:E7:A2:81:C1:2D:F6:E9:A5:CF:A5:7B:05
Certificate issuer:       /CN=e501815c6f98f3a2b6184afebf18ea341be882ea
Certificate serial:       018AA9E0B3B4D0908613805C443730776881
Authority key identifier: E5:01:81:5C:6F:98:F3:A2:B6:18:4A:FE:BF:18:EA:34:1B:E8:82:EA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5QGBXG-Y86K2GEr-vxjqNBvoguo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/SYzNPkjOYb3nooHBLfbppc-lewU.roa
Signing time:             Mon 18 Sep 2023 19:59:50 +0000
ROA not before:           Mon 18 Sep 2023 19:59:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61317
IP address blocks:        185.96.168.0/23 maxlen: 24
                          87.251.0.0/20 maxlen: 24
                          87.251.16.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Wed 08 Nov 2023 01:45:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:a9:e0:b3:b4:d0:90:86:13:80:5c:44:37:30:77:68:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e501815c6f98f3a2b6184afebf18ea341be882ea
        Validity
            Not Before: Sep 18 19:59:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=498ccd3e48ce61bde7a281c12df6e9a5cfa57b05
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:fc:df:76:a8:d1:ab:e6:6a:e8:b4:63:6a:d1:
                    b8:f9:b5:fe:fc:c6:0a:c6:bc:a7:c2:f9:37:31:22:
                    9f:2b:45:3c:c8:af:91:ef:71:02:0f:f7:d6:ac:6a:
                    94:84:16:e4:bc:b9:b9:cf:ec:56:2e:96:58:03:7d:
                    50:39:2b:a5:e9:02:5e:67:f5:83:5e:5f:99:2a:21:
                    32:60:65:98:91:a1:16:40:65:d5:a4:b2:55:fd:eb:
                    90:7d:14:98:d8:2b:5f:62:4c:af:f4:f9:f0:64:c5:
                    c2:38:94:0e:10:7a:e1:77:b2:09:25:c0:d7:f9:d3:
                    db:b7:d7:88:c8:3d:bf:fe:7f:ae:2c:aa:28:f1:25:
                    0b:b3:76:dc:9f:2b:94:ff:2f:ef:cf:29:22:b6:49:
                    18:d4:25:19:9d:69:cd:42:fa:a1:e0:04:c4:51:48:
                    dd:02:6a:8b:ab:d3:3b:c5:e9:c5:31:57:ee:98:be:
                    91:2e:6d:a2:3b:4d:42:5a:ed:ed:90:09:20:aa:b8:
                    78:c0:bb:3b:90:6a:be:9a:f7:e4:d2:d6:6e:b2:43:
                    76:6f:f3:1e:f6:27:37:da:a9:5c:ce:9f:ad:05:55:
                    d5:b4:e8:29:ab:a4:28:c9:72:d9:85:ac:60:0a:ce:
                    c6:8a:78:f6:36:32:4b:f5:4e:83:d1:1f:34:52:db:
                    5b:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:8C:CD:3E:48:CE:61:BD:E7:A2:81:C1:2D:F6:E9:A5:CF:A5:7B:05
            X509v3 Authority Key Identifier:
                keyid:E5:01:81:5C:6F:98:F3:A2:B6:18:4A:FE:BF:18:EA:34:1B:E8:82:EA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5QGBXG-Y86K2GEr-vxjqNBvoguo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/SYzNPkjOYb3nooHBLfbppc-lewU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/5QGBXG-Y86K2GEr-vxjqNBvoguo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  87.251.0.0-87.251.19.255
                  185.96.168.0/23

    Signature Algorithm: sha256WithRSAEncryption
         23:4c:79:b7:1a:fc:4c:b2:4b:09:54:bc:71:4c:76:da:de:46:
         a2:80:6a:6c:07:d2:9a:14:1f:6a:18:4c:ac:3d:db:fb:0f:0e:
         ea:e4:4b:6e:03:f2:73:9c:36:f7:ed:2e:41:26:ed:a2:e8:dc:
         9f:01:a9:fc:c8:ea:24:9e:3a:99:c9:30:ee:49:eb:97:d9:e7:
         e2:6d:43:51:a0:83:09:d0:37:27:e7:f3:b6:e4:a4:ba:9e:cc:
         41:b9:45:0b:88:98:e3:32:56:1f:2d:7b:ed:e5:82:5d:66:26:
         e7:8c:5b:84:ef:f4:e6:87:11:5f:9d:7b:77:51:c4:d5:bb:89:
         50:ca:43:90:e0:4c:b8:a7:ca:f4:42:72:37:a7:75:65:dd:cb:
         8a:d1:e6:3d:b4:d4:da:d9:e8:af:e8:fc:6b:20:31:66:52:0c:
         22:64:9d:f3:aa:b3:7a:24:fb:b8:4f:de:48:a2:de:0d:89:eb:
         9a:41:3c:fb:f8:17:49:30:00:c7:fa:15:e9:cc:d0:22:68:d4:
         09:0f:4d:39:1d:e3:d5:4b:c1:9b:f0:68:a3:72:45:65:65:ff:
         e5:bb:cb:d2:85:c4:66:1a:ac:16:33:38:32:5f:1f:41:08:df:
         2e:2d:46:82:85:28:02:de:7b:48:7b:66:8c:ce:dc:b1:43:ca:
         94:2c:a7:dc
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAYqp4LO00JCGE4BcRDcwd2iBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1MDE4MTVjNmY5OGYzYTJiNjE4NGFmZWJmMThlYTM0MWJl
ODgyZWEwHhcNMjMwOTE4MTk1OTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OThjY2QzZTQ4Y2U2MWJkZTdhMjgxYzEyZGY2ZTlhNWNmYTU3YjA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmPzfdqjRq+Zq6LRjatG4+bX+/MYK
xrynwvk3MSKfK0U8yK+R73ECD/fWrGqUhBbkvLm5z+xWLpZYA31QOSul6QJeZ/WD
Xl+ZKiEyYGWYkaEWQGXVpLJV/euQfRSY2CtfYkyv9PnwZMXCOJQOEHrhd7IJJcDX
+dPbt9eIyD2//n+uLKoo8SULs3bcnyuU/y/vzykitkkY1CUZnWnNQvqh4ATEUUjd
AmqLq9M7xenFMVfumL6RLm2iO01CWu3tkAkgqrh4wLs7kGq+mvfk0tZuskN2b/Me
9ic32qlczp+tBVXVtOgpq6QoyXLZhaxgCs7Ginj2NjJL9U6D0R80UttbDQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFEmMzT5IzmG956KBwS326aXPpXsFMB8GA1UdIwQY
MBaAFOUBgVxvmPOithhK/r8Y6jQb6ILqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVFHQlhHLVk4NksyR0VyLXZ4anFOQnZvZ3VvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy81YjAyMjItZWQ2NC00ZjU1LWI0NWIt
MDA1OWY3MzdlZjA1LzEvU1l6TlBrak9ZYjNub29IQkxmYnBwYy1sZXdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy81YjAyMjItZWQ2NC00ZjU1LWI0NWItMDA1OWY3MzdlZjA1
LzEvNVFHQlhHLVk4NksyR0VyLXZ4anFOQnZvZ3VvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAATATMAsDAwBX+wME
Alf7EAMEAblgqDANBgkqhkiG9w0BAQsFAAOCAQEAI0x5txr8TLJLCVS8cUx22t5G
ooBqbAfSmhQfahhMrD3b+w8O6uRLbgPyc5w29+0uQSbtoujcnwGp/MjqJJ46mckw
7knrl9nn4m1DUaCDCdA3J+fztuSkup7MQblFC4iY4zJWHy177eWCXWYm54xbhO/0
5ocRX517d1HE1buJUMpDkOBMuKfK9EJyN6d1Zd3LitHmPbTU2tnor+j8ayAxZlIM
ImSd86qzeiT7uE/eSKLeDYnrmkE8+/gXSTAAx/oV6czQImjUCQ9NOR3j1UvBm/Bo
o3JFZWX/5bvL0oXEZhqsFjM4Ml8fQQjfLi1GgoUoAt57SHtmjM7csUPKlCyn3A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:56:59 2024 by rpki-client on console-ams.rpki-client.org