Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/69f655-6879-426f-9bfb-3aed4cc7d5b8/1/1qXtR5k1SoWO9X3-7Uex_0dlNZ4.roa
File:                     1qXtR5k1SoWO9X3-7Uex_0dlNZ4.roa (raw, json)
Hash identifier:          MPzlROKW1eZnHvKE4FoE4NA+y7GkSOWn4FAURhYhYdw=
Subject key identifier:   D6:A5:ED:47:99:35:4A:85:8E:F5:7D:FE:ED:47:B1:FF:47:65:35:9E
Certificate issuer:       /CN=a93da86b4af60e7d29a587d01fcc98b5996c46da
Certificate serial:       0185700B949DCD23A153E0AC2F479C7B81F0
Authority key identifier: A9:3D:A8:6B:4A:F6:0E:7D:29:A5:87:D0:1F:CC:98:B5:99:6C:46:DA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qT2oa0r2Dn0ppYfQH8yYtZlsRto.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1f/69f655-6879-426f-9bfb-3aed4cc7d5b8/1/1qXtR5k1SoWO9X3-7Uex_0dlNZ4.roa
Signing time:             Mon 02 Jan 2023 01:14:44 +0000
ROA not before:           Mon 02 Jan 2023 01:14:44 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     31732
IP address blocks:        5.42.217.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 20 Jun 2023 12:50:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:0b:94:9d:cd:23:a1:53:e0:ac:2f:47:9c:7b:81:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a93da86b4af60e7d29a587d01fcc98b5996c46da
        Validity
            Not Before: Jan  2 01:14:44 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d6a5ed4799354a858ef57dfeed47b1ff4765359e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:83:23:f0:24:da:fc:b5:cb:44:a1:68:37:8a:
                    48:4b:0d:8a:3e:c7:ed:0f:7e:b5:10:b4:f0:3d:19:
                    97:23:e3:9e:bc:fb:58:5f:e6:22:3d:44:60:04:78:
                    94:a4:c0:73:7e:13:a1:be:d5:56:f5:0b:c6:0e:62:
                    00:1f:a1:05:b4:4d:f1:17:93:fa:a3:dd:12:10:4b:
                    c6:83:0b:71:4b:7c:f1:30:86:41:16:d2:fb:b1:51:
                    f0:ce:54:a1:e0:af:6c:0c:a9:f7:c5:f5:d7:ce:d9:
                    14:20:56:ff:12:8f:1e:c2:01:6e:ed:59:0d:c9:b8:
                    d1:99:79:15:3c:d9:cc:af:6e:80:2c:a5:bf:42:58:
                    16:af:88:54:aa:2c:d9:65:df:d5:bf:62:2c:fc:51:
                    c8:39:1d:80:df:7f:d6:4b:9d:ec:dc:d4:6f:e9:46:
                    bf:52:21:15:6b:1a:b6:2b:cc:21:b1:b4:db:26:36:
                    97:2b:2b:c6:b6:79:53:ae:6f:f2:78:4c:0c:9a:5e:
                    fa:ff:aa:4a:fc:94:8e:23:ea:5f:2c:ac:8e:92:13:
                    91:e0:64:ff:23:a3:cd:51:84:d3:2a:91:40:ea:aa:
                    90:11:92:3b:af:e8:0e:c2:56:6c:28:68:ae:46:23:
                    52:2b:45:be:85:a3:24:32:5b:62:05:f1:f4:be:4d:
                    f6:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:A5:ED:47:99:35:4A:85:8E:F5:7D:FE:ED:47:B1:FF:47:65:35:9E
            X509v3 Authority Key Identifier:
                keyid:A9:3D:A8:6B:4A:F6:0E:7D:29:A5:87:D0:1F:CC:98:B5:99:6C:46:DA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qT2oa0r2Dn0ppYfQH8yYtZlsRto.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/69f655-6879-426f-9bfb-3aed4cc7d5b8/1/1qXtR5k1SoWO9X3-7Uex_0dlNZ4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/69f655-6879-426f-9bfb-3aed4cc7d5b8/1/qT2oa0r2Dn0ppYfQH8yYtZlsRto.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.42.217.0/24

    Signature Algorithm: sha256WithRSAEncryption
         83:ff:3b:c9:e9:e9:ac:4f:0c:bb:ce:58:97:18:60:21:36:31:
         fa:7b:fb:4c:1e:7b:a5:8f:39:db:b1:d5:1b:f6:5c:ff:b0:53:
         ad:aa:68:70:26:83:23:66:1a:d7:26:40:1a:b8:2c:44:7b:28:
         d1:4e:64:4f:f9:d2:46:04:1f:f2:ad:a8:02:ae:85:a7:b5:c8:
         60:75:c0:a4:41:cb:a9:af:d6:8d:32:7a:4f:bf:ca:af:40:04:
         21:97:07:e1:68:ff:95:4e:67:5b:a3:9c:50:68:a8:d1:e1:b3:
         c6:0f:ec:68:4e:db:3d:c2:c5:54:6d:af:45:4f:63:5e:79:09:
         c9:b4:28:14:e2:fe:74:31:6b:b8:0c:1d:74:59:6a:8c:8d:ce:
         aa:73:cd:6a:71:b8:75:d9:94:5e:18:ce:ae:2d:f4:c0:6b:3a:
         92:30:e3:a8:c0:ff:41:54:70:7c:c8:ff:40:6c:59:24:2c:7a:
         39:67:01:52:7f:88:ea:3a:b2:be:4d:ca:ef:1d:1b:24:7a:b9:
         00:ae:48:c6:1d:26:4e:d5:a5:21:b2:6d:31:9e:60:65:46:b1:
         52:34:70:2a:65:92:17:03:a8:78:62:1d:94:5a:b6:9c:f6:ca:
         cc:60:44:07:8b:20:2b:87:8b:9a:20:e0:7d:73:8a:da:e5:db:
         a5:d9:dc:be
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwC5SdzSOhU+CsL0ece4HwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5M2RhODZiNGFmNjBlN2QyOWE1ODdkMDFmY2M5OGI1OTk2
YzQ2ZGEwHhcNMjMwMTAyMDExNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmE1ZWQ0Nzk5MzU0YTg1OGVmNTdkZmVlZDQ3YjFmZjQ3NjUzNTllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsoMj8CTa/LXLRKFoN4pISw2KPsft
D361ELTwPRmXI+OevPtYX+YiPURgBHiUpMBzfhOhvtVW9QvGDmIAH6EFtE3xF5P6
o90SEEvGgwtxS3zxMIZBFtL7sVHwzlSh4K9sDKn3xfXXztkUIFb/Eo8ewgFu7VkN
ybjRmXkVPNnMr26ALKW/QlgWr4hUqizZZd/Vv2Is/FHIOR2A33/WS53s3NRv6Ua/
UiEVaxq2K8whsbTbJjaXKyvGtnlTrm/yeEwMml76/6pK/JSOI+pfLKyOkhOR4GT/
I6PNUYTTKpFA6qqQEZI7r+gOwlZsKGiuRiNSK0W+haMkMltiBfH0vk325QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNal7UeZNUqFjvV9/u1Hsf9HZTWeMB8GA1UdIwQY
MBaAFKk9qGtK9g59KaWH0B/MmLWZbEbaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVQyb2EwcjJEbjBwcFlmUUg4eVl0WmxzUnRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi82OWY2NTUtNjg3OS00MjZmLTliZmIt
M2FlZDRjYzdkNWI4LzEvMXFYdFI1azFTb1dPOVgzLTdVZXhfMGRsTlo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi82OWY2NTUtNjg3OS00MjZmLTliZmItM2FlZDRjYzdkNWI4
LzEvcVQyb2EwcjJEbjBwcFlmUUg4eVl0WmxzUnRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABSrZMA0G
CSqGSIb3DQEBCwUAA4IBAQCD/zvJ6emsTwy7zliXGGAhNjH6e/tMHnuljznbsdUb
9lz/sFOtqmhwJoMjZhrXJkAauCxEeyjRTmRP+dJGBB/yragCroWntchgdcCkQcup
r9aNMnpPv8qvQAQhlwfhaP+VTmdbo5xQaKjR4bPGD+xoTts9wsVUba9FT2NeeQnJ
tCgU4v50MWu4DB10WWqMjc6qc81qcbh12ZReGM6uLfTAazqSMOOowP9BVHB8yP9A
bFkkLHo5ZwFSf4jqOrK+TcrvHRskerkArkjGHSZO1aUhsm0xnmBlRrFSNHAqZZIX
A6h4Yh2UWrac9srMYEQHiyArh4uaIOB9c4ra5dul2dy+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:52 2024 by rpki-client on console-fra.rpki-client.org