Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/f01f35-2cca-4e5a-828a-6bffcb7c0f0a/1/i31IEQFpHxnv8amsVrhzPBbgv4g.roa
File:                     i31IEQFpHxnv8amsVrhzPBbgv4g.roa (raw, json)
Hash identifier:          LNpZFaAciEiNAsN4cpNeOJhzF9eFAZy5d6NrcWjcM2s=
Subject key identifier:   8B:7D:48:11:01:69:1F:19:EF:F1:A9:AC:56:B8:73:3C:16:E0:BF:88
Certificate issuer:       /CN=d504e641e55a48aee0141e2c0d26227102caa6d4
Certificate serial:       018B38CB40F904DAFEABB802FA9903BB6AC7
Authority key identifier: D5:04:E6:41:E5:5A:48:AE:E0:14:1E:2C:0D:26:22:71:02:CA:A6:D4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1QTmQeVaSK7gFB4sDSYicQLKptQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1e/f01f35-2cca-4e5a-828a-6bffcb7c0f0a/1/i31IEQFpHxnv8amsVrhzPBbgv4g.roa
Signing time:             Mon 16 Oct 2023 14:02:06 +0000
ROA not before:           Mon 16 Oct 2023 14:02:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     210644
IP address blocks:        5.182.86.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 27 Oct 2023 17:31:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:38:cb:40:f9:04:da:fe:ab:b8:02:fa:99:03:bb:6a:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d504e641e55a48aee0141e2c0d26227102caa6d4
        Validity
            Not Before: Oct 16 14:02:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8b7d481101691f19eff1a9ac56b8733c16e0bf88
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:31:e1:4d:69:55:b7:a7:d8:b3:94:e3:d4:ba:
                    b7:88:bc:82:8b:8d:d1:c9:c0:08:e2:05:42:5d:b1:
                    4c:93:8d:25:f4:9b:83:03:5a:8b:04:a2:e1:e8:96:
                    8b:3c:4a:c9:22:74:9e:55:33:7f:33:58:2f:0b:b1:
                    aa:d2:7e:9a:44:8f:de:69:1a:eb:b5:0c:80:ec:10:
                    e7:ff:53:16:21:ca:84:3d:20:94:26:7a:3f:8d:31:
                    d8:22:76:d5:c9:0b:a9:f5:78:ed:7f:0b:ea:6a:bd:
                    b3:e6:a5:7c:6d:39:ec:8a:b1:10:5a:48:2b:62:e0:
                    14:cb:00:b2:d1:94:23:60:c7:50:30:90:e4:50:72:
                    32:ee:c7:b6:25:f3:b6:7f:50:6e:3d:88:9f:65:9f:
                    af:07:95:f6:f3:3a:ca:e2:6b:5a:78:9b:2e:d5:67:
                    de:25:76:ee:c0:c6:17:be:08:5a:32:a4:8a:42:c8:
                    f7:b7:27:fe:25:f0:b8:ca:57:da:bf:63:3f:d5:bf:
                    5d:0c:cf:b6:9f:44:ed:fa:b1:25:2d:f0:68:d8:b9:
                    4d:d0:b3:ef:69:91:eb:0f:74:76:2d:08:20:23:aa:
                    04:d9:0c:cd:d0:96:1b:7f:08:29:a4:c8:b3:68:0a:
                    d9:ba:75:6c:c5:72:5e:5c:e5:4d:35:0e:2f:1c:31:
                    55:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:7D:48:11:01:69:1F:19:EF:F1:A9:AC:56:B8:73:3C:16:E0:BF:88
            X509v3 Authority Key Identifier:
                keyid:D5:04:E6:41:E5:5A:48:AE:E0:14:1E:2C:0D:26:22:71:02:CA:A6:D4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1QTmQeVaSK7gFB4sDSYicQLKptQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/f01f35-2cca-4e5a-828a-6bffcb7c0f0a/1/i31IEQFpHxnv8amsVrhzPBbgv4g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/f01f35-2cca-4e5a-828a-6bffcb7c0f0a/1/1QTmQeVaSK7gFB4sDSYicQLKptQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.182.86.0/24

    Signature Algorithm: sha256WithRSAEncryption
         d3:73:f4:4f:ee:bc:f5:ac:24:9b:40:48:d0:6c:29:40:a2:49:
         32:07:5d:5e:34:37:52:fe:41:c1:bb:86:39:f0:1c:30:ba:05:
         61:90:34:b9:d0:f1:a1:3f:2a:ae:a2:8c:53:5f:b7:fa:f2:b8:
         7c:38:fe:08:89:7c:b8:e8:fe:81:e7:a6:d7:4d:3f:32:43:12:
         86:f8:3b:17:d4:11:07:b9:b5:bc:f6:77:a5:1e:a4:15:de:99:
         59:16:ef:2a:90:0f:fc:94:d5:d5:8b:03:85:70:66:2e:9d:48:
         42:c9:e2:3d:dd:a5:49:f0:94:97:ed:59:75:22:98:74:50:54:
         c4:c9:cb:15:a9:ff:8b:19:67:e1:11:c9:c5:4d:35:a3:a2:cb:
         2a:66:0c:18:3f:b5:55:0d:e8:c5:db:5d:a6:d6:ba:7d:08:b4:
         84:b3:c9:3d:47:2c:9b:4e:ca:84:f9:48:45:a1:21:da:a0:f8:
         c8:43:7f:c5:09:76:3c:89:39:dc:58:3b:81:19:45:35:bf:b0:
         7f:0d:1d:b7:a5:d2:43:63:e2:99:82:a3:fe:d8:ce:12:51:61:
         fe:35:29:1d:81:7c:6c:ad:9d:8e:81:9e:15:06:af:7b:32:cf:
         df:85:c7:bd:00:c0:3b:5c:4d:fb:3d:e8:55:a3:7c:34:5a:66:
         52:67:84:ae
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYs4y0D5BNr+q7gC+pkDu2rHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1MDRlNjQxZTU1YTQ4YWVlMDE0MWUyYzBkMjYyMjcxMDJj
YWE2ZDQwHhcNMjMxMDE2MTQwMjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjdkNDgxMTAxNjkxZjE5ZWZmMWE5YWM1NmI4NzMzYzE2ZTBiZjg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnjHhTWlVt6fYs5Tj1Lq3iLyCi43R
ycAI4gVCXbFMk40l9JuDA1qLBKLh6JaLPErJInSeVTN/M1gvC7Gq0n6aRI/eaRrr
tQyA7BDn/1MWIcqEPSCUJno/jTHYInbVyQup9Xjtfwvqar2z5qV8bTnsirEQWkgr
YuAUywCy0ZQjYMdQMJDkUHIy7se2JfO2f1BuPYifZZ+vB5X28zrK4mtaeJsu1Wfe
JXbuwMYXvghaMqSKQsj3tyf+JfC4ylfav2M/1b9dDM+2n0Tt+rElLfBo2LlN0LPv
aZHrD3R2LQggI6oE2QzN0JYbfwgppMizaArZunVsxXJeXOVNNQ4vHDFVmQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIt9SBEBaR8Z7/GprFa4czwW4L+IMB8GA1UdIwQY
MBaAFNUE5kHlWkiu4BQeLA0mInECyqbUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVFUbVFlVmFTSzdnRkI0c0RTWWljUUxLcHRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS9mMDFmMzUtMmNjYS00ZTVhLTgyOGEt
NmJmZmNiN2MwZjBhLzEvaTMxSUVRRnBIeG52OGFtc1ZyaHpQQmJndjRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS9mMDFmMzUtMmNjYS00ZTVhLTgyOGEtNmJmZmNiN2MwZjBh
LzEvMVFUbVFlVmFTSzdnRkI0c0RTWWljUUxLcHRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABbZWMA0G
CSqGSIb3DQEBCwUAA4IBAQDTc/RP7rz1rCSbQEjQbClAokkyB11eNDdS/kHBu4Y5
8BwwugVhkDS50PGhPyquooxTX7f68rh8OP4IiXy46P6B56bXTT8yQxKG+DsX1BEH
ubW89nelHqQV3plZFu8qkA/8lNXViwOFcGYunUhCyeI93aVJ8JSX7Vl1Iph0UFTE
ycsVqf+LGWfhEcnFTTWjossqZgwYP7VVDejF212m1rp9CLSEs8k9RyybTsqE+UhF
oSHaoPjIQ3/FCXY8iTncWDuBGUU1v7B/DR23pdJDY+KZgqP+2M4SUWH+NSkdgXxs
rZ2OgZ4VBq97Ms/fhce9AMA7XE37PehVo3w0WmZSZ4Su
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:49 2024 by rpki-client on console-fra.rpki-client.org