Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/d70833-68eb-4100-9123-94e1ab575094/1/1DfJwgXYqnRthINQL8dhYoi6rfo.roa
File:                     1DfJwgXYqnRthINQL8dhYoi6rfo.roa (raw, json)
Hash identifier:          olABvA2G79lFSR4MTdd6GOWToO4QX2/YaiXGsRejk84=
Subject key identifier:   D4:37:C9:C2:05:D8:AA:74:6D:84:83:50:2F:C7:61:62:88:BA:AD:FA
Certificate issuer:       /CN=e26b61851652fc8fedc011a6f22f7ae9b6beb0a3
Certificate serial:       018BB35A3CB5E2DAB605032A1A8F35761863
Authority key identifier: E2:6B:61:85:16:52:FC:8F:ED:C0:11:A6:F2:2F:7A:E9:B6:BE:B0:A3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4mthhRZS_I_twBGm8i966ba-sKM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1f/d70833-68eb-4100-9123-94e1ab575094/1/1DfJwgXYqnRthINQL8dhYoi6rfo.roa
Signing time:             Thu 09 Nov 2023 09:11:57 +0000
ROA not before:           Thu 09 Nov 2023 09:11:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212954
IP address blocks:        5.253.130.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 06:30:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:b3:5a:3c:b5:e2:da:b6:05:03:2a:1a:8f:35:76:18:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e26b61851652fc8fedc011a6f22f7ae9b6beb0a3
        Validity
            Not Before: Nov  9 09:11:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d437c9c205d8aa746d8483502fc7616288baadfa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:fd:8e:16:7f:00:27:3a:3d:4f:b8:38:cf:2c:
                    70:36:88:02:68:cd:f5:95:fe:16:45:82:6d:71:99:
                    8d:86:c5:ab:4f:6a:e3:32:fc:9a:3d:e9:67:ea:d6:
                    20:a4:41:9b:85:71:d5:81:68:4a:cf:db:39:73:59:
                    b7:d0:b7:b5:44:01:55:1c:88:88:08:2e:d1:e0:45:
                    ec:3b:7c:67:1b:d4:83:ce:be:68:36:e5:0c:41:59:
                    15:fd:09:1c:08:42:77:32:53:69:e3:d9:2c:d8:74:
                    f7:c8:16:ff:50:9b:ac:f8:39:47:0b:1f:4c:e4:73:
                    65:af:b9:b0:15:0a:0c:01:21:07:f1:e1:41:4b:b1:
                    ff:4c:7f:5a:92:fb:29:3c:c7:7e:94:df:38:a3:51:
                    9e:ac:52:fd:7f:ab:b9:19:9e:cb:2f:45:62:67:e3:
                    28:cf:fe:50:18:e1:d8:d2:42:26:b7:06:a5:5b:69:
                    ee:4d:32:d9:f5:5a:40:36:40:88:b8:04:83:f0:10:
                    2b:61:0b:8c:07:bb:b6:4d:69:b2:29:0e:b7:82:6d:
                    a6:f2:25:7d:74:d3:ff:0e:2d:54:06:e6:b3:40:dc:
                    a2:77:74:e7:03:58:f6:f8:e2:ca:18:32:7b:9a:8a:
                    3e:16:f3:93:52:a0:d1:87:7e:a0:bc:62:65:70:ea:
                    8b:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:37:C9:C2:05:D8:AA:74:6D:84:83:50:2F:C7:61:62:88:BA:AD:FA
            X509v3 Authority Key Identifier:
                keyid:E2:6B:61:85:16:52:FC:8F:ED:C0:11:A6:F2:2F:7A:E9:B6:BE:B0:A3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4mthhRZS_I_twBGm8i966ba-sKM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/d70833-68eb-4100-9123-94e1ab575094/1/1DfJwgXYqnRthINQL8dhYoi6rfo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/d70833-68eb-4100-9123-94e1ab575094/1/4mthhRZS_I_twBGm8i966ba-sKM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.253.130.0/24

    Signature Algorithm: sha256WithRSAEncryption
         81:de:46:f1:c9:fd:35:95:dd:76:2c:a4:8c:02:28:30:90:a0:
         ba:69:f5:75:87:31:9e:d0:af:1b:35:a9:29:30:6a:d4:98:5e:
         97:c5:e2:7b:1a:94:56:1e:d1:d5:15:70:f0:b2:fc:91:83:c9:
         78:07:02:88:1a:29:1d:f9:2a:c6:3d:0c:ef:a8:6b:b0:ac:1a:
         d6:68:06:b9:99:0a:21:3a:d1:11:ba:27:1e:4a:7a:3b:fe:c3:
         07:90:f0:32:35:69:d9:62:21:d3:2e:32:e4:84:6b:5f:fc:2a:
         29:b8:c6:50:3b:0c:4e:81:b3:1c:14:93:93:85:33:a7:70:fc:
         98:f6:bc:17:9a:5a:98:8d:33:e3:f6:19:bd:34:c7:af:8b:0c:
         ff:ed:70:f5:cb:63:94:9c:0c:4c:91:be:48:8b:05:b1:e6:2b:
         61:78:80:b0:64:eb:1f:e6:cc:0d:b6:7d:0f:4f:49:c2:30:6e:
         c1:df:45:14:c0:cc:f4:c7:f4:c6:be:38:97:33:d3:ac:18:fb:
         e8:8e:87:c9:b6:60:31:db:7e:6c:de:2f:f9:a7:25:fc:b9:17:
         b6:48:1e:12:a7:8c:a8:55:90:20:a6:4b:69:99:15:36:23:62:
         99:c8:09:fa:69:23:a3:24:07:f4:ed:85:3f:2f:d0:25:fd:62:
         49:97:55:db
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYuzWjy14tq2BQMqGo81dhhjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyNmI2MTg1MTY1MmZjOGZlZGMwMTFhNmYyMmY3YWU5YjZi
ZWIwYTMwHhcNMjMxMTA5MDkxMTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDM3YzljMjA1ZDhhYTc0NmQ4NDgzNTAyZmM3NjE2Mjg4YmFhZGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7P2OFn8AJzo9T7g4zyxwNogCaM31
lf4WRYJtcZmNhsWrT2rjMvyaPeln6tYgpEGbhXHVgWhKz9s5c1m30Le1RAFVHIiI
CC7R4EXsO3xnG9SDzr5oNuUMQVkV/QkcCEJ3MlNp49ks2HT3yBb/UJus+DlHCx9M
5HNlr7mwFQoMASEH8eFBS7H/TH9akvspPMd+lN84o1GerFL9f6u5GZ7LL0ViZ+Mo
z/5QGOHY0kImtwalW2nuTTLZ9VpANkCIuASD8BArYQuMB7u2TWmyKQ63gm2m8iV9
dNP/Di1UBuazQNyid3TnA1j2+OLKGDJ7moo+FvOTUqDRh36gvGJlcOqLhwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNQ3ycIF2Kp0bYSDUC/HYWKIuq36MB8GA1UdIwQY
MBaAFOJrYYUWUvyP7cARpvIveum2vrCjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNG10aGhSWlNfSV90d0JHbThpOTY2YmEtc0tNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi9kNzA4MzMtNjhlYi00MTAwLTkxMjMt
OTRlMWFiNTc1MDk0LzEvMURmSndnWFlxblJ0aElOUUw4ZGhZb2k2cmZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi9kNzA4MzMtNjhlYi00MTAwLTkxMjMtOTRlMWFiNTc1MDk0
LzEvNG10aGhSWlNfSV90d0JHbThpOTY2YmEtc0tNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABf2CMA0G
CSqGSIb3DQEBCwUAA4IBAQCB3kbxyf01ld12LKSMAigwkKC6afV1hzGe0K8bNakp
MGrUmF6XxeJ7GpRWHtHVFXDwsvyRg8l4BwKIGikd+SrGPQzvqGuwrBrWaAa5mQoh
OtERuiceSno7/sMHkPAyNWnZYiHTLjLkhGtf/CopuMZQOwxOgbMcFJOThTOncPyY
9rwXmlqYjTPj9hm9NMeviwz/7XD1y2OUnAxMkb5IiwWx5itheICwZOsf5swNtn0P
T0nCMG7B30UUwMz0x/TGvjiXM9OsGPvojofJtmAx235s3i/5pyX8uRe2SB4Sp4yo
VZAgpktpmRU2I2KZyAn6aSOjJAf07YU/L9Al/WJJl1Xb
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:54 2024 by rpki-client on console-fra.rpki-client.org