Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/1OdcfXzdA68WbwgmWKkqfTgH5_A.roa
File:                     1OdcfXzdA68WbwgmWKkqfTgH5_A.roa (raw, json)
Hash identifier:          G+7uHc2dQUR7xSXQvgNoSAl1BT9flyn3DuD5DaKLzwM=
Subject key identifier:   D4:E7:5C:7D:7C:DD:03:AF:16:6F:08:26:58:A9:2A:7D:38:07:E7:F0
Certificate issuer:       /CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Certificate serial:       01856F42EC1F6DDEB238C9470F3E7CA8D788
Authority key identifier: 81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/1OdcfXzdA68WbwgmWKkqfTgH5_A.roa
Signing time:             Sun 01 Jan 2023 21:35:34 +0000
ROA not before:           Sun 01 Jan 2023 21:35:34 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     202391
IP address blocks:        46.209.162.0/24 maxlen: 24
                          5.160.152.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:30:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:42:ec:1f:6d:de:b2:38:c9:47:0f:3e:7c:a8:d7:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
        Validity
            Not Before: Jan  1 21:35:34 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d4e75c7d7cdd03af166f082658a92a7d3807e7f0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:93:9d:27:22:18:af:51:18:4a:5e:3e:55:61:
                    a9:a2:ba:1a:03:d9:a0:c6:3a:84:0d:bc:00:11:e8:
                    65:77:f9:4d:fb:f4:91:c4:f3:7f:ed:5b:41:9c:f5:
                    4e:c0:8f:57:8b:14:e8:83:a0:1e:df:72:34:a9:aa:
                    6f:d5:ec:b7:52:45:49:0a:d8:71:22:de:c2:e4:28:
                    36:36:bc:e7:ca:f0:28:89:22:06:b0:92:13:a4:87:
                    10:09:56:d7:77:2d:9c:62:64:3e:53:4a:2c:50:83:
                    72:48:e2:ae:e6:75:06:0b:a6:9d:89:11:2c:5a:e4:
                    04:11:8a:c0:12:4c:92:92:23:58:7b:18:2b:10:61:
                    03:d4:05:70:67:5d:36:9f:13:5b:b2:e1:04:b9:36:
                    81:67:fa:30:c1:13:ee:b5:a7:3a:a4:fc:e2:c8:ba:
                    22:64:c4:4a:f9:ff:89:01:98:05:37:9f:ce:9f:e2:
                    10:08:cb:99:17:05:ac:4d:5b:b7:d9:ab:38:ac:39:
                    73:41:06:da:4c:f6:e2:87:48:8f:2b:41:46:ac:ad:
                    19:b8:f6:4f:37:6f:83:fa:51:c4:05:dc:90:94:a7:
                    a7:71:05:6e:77:22:7a:05:87:8d:85:e9:b0:c0:d9:
                    4b:03:ee:46:9a:e9:6c:98:91:6d:8b:a2:38:4f:81:
                    15:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:E7:5C:7D:7C:DD:03:AF:16:6F:08:26:58:A9:2A:7D:38:07:E7:F0
            X509v3 Authority Key Identifier:
                keyid:81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/1OdcfXzdA68WbwgmWKkqfTgH5_A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.160.152.0/24
                  46.209.162.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0a:5f:ba:67:a9:8b:29:c9:29:d0:19:f1:82:fb:58:1d:42:22:
         f4:20:8d:94:96:75:03:e1:67:de:c2:5e:7f:73:55:6e:81:cc:
         3f:be:0d:a3:24:d6:09:70:b6:d9:d5:d3:a2:b8:f1:6c:22:5f:
         a0:f4:10:8f:1b:52:5c:e1:e1:7c:98:a3:60:31:b7:ea:a7:eb:
         55:d0:57:0e:4f:29:51:cb:21:cd:a9:62:74:7a:cb:db:1c:b3:
         4a:df:05:99:24:87:83:f8:ae:b5:4f:3f:63:9c:44:ce:4a:42:
         f6:82:e2:9c:8f:af:cf:a9:ee:e3:8e:69:93:4c:d4:60:d4:4e:
         54:cb:aa:ca:07:cc:59:c4:ac:4b:3b:ba:fc:42:ed:7f:e8:6b:
         10:4c:31:ae:a5:51:98:37:80:9f:60:b8:5b:dc:0b:ee:a3:e0:
         28:5f:72:39:0c:0a:93:05:b3:2d:b3:09:4f:01:b1:87:91:e9:
         3d:11:64:13:fe:44:69:6b:6c:96:b8:31:a9:7e:53:ab:87:43:
         22:a2:9b:e0:b9:b4:2d:1a:cd:a0:1c:4c:7a:15:cd:10:00:33:
         e7:74:8b:33:e2:dd:5c:5a:92:12:29:2b:fd:89:99:b1:66:1a:
         a1:7f:01:ac:bf:94:bd:8f:65:72:67:2b:f3:27:53:6a:d8:32:
         c9:66:a6:b2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvQuwfbd6yOMlHDz58qNeIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxY2NhOWYxNWUxOTIxOTUzYTYyOGM4YWQyYWM0YmU5Nzdi
NmMzMDMwHhcNMjMwMTAxMjEzNTM0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGU3NWM3ZDdjZGQwM2FmMTY2ZjA4MjY1OGE5MmE3ZDM4MDdlN2YwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmpOdJyIYr1EYSl4+VWGporoaA9mg
xjqEDbwAEehld/lN+/SRxPN/7VtBnPVOwI9XixTog6Ae33I0qapv1ey3UkVJCthx
It7C5Cg2NrznyvAoiSIGsJITpIcQCVbXdy2cYmQ+U0osUINySOKu5nUGC6adiREs
WuQEEYrAEkySkiNYexgrEGED1AVwZ102nxNbsuEEuTaBZ/owwRPutac6pPziyLoi
ZMRK+f+JAZgFN5/On+IQCMuZFwWsTVu32as4rDlzQQbaTPbih0iPK0FGrK0ZuPZP
N2+D+lHEBdyQlKencQVudyJ6BYeNhemwwNlLA+5GmulsmJFti6I4T4EVLwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNTnXH183QOvFm8IJlipKn04B+fwMB8GA1UdIwQY
MBaAFIHMqfFeGSGVOmKMitKsS+l3tsMDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUt
MjIwNmNjMmU2OTFjLzEvMU9kY2ZYemRBNjhXYndnbVdLa3FmVGdINV9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUtMjIwNmNjMmU2OTFj
LzEvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABaCYAwQA
LtGiMA0GCSqGSIb3DQEBCwUAA4IBAQAKX7pnqYspySnQGfGC+1gdQiL0II2UlnUD
4Wfewl5/c1Vugcw/vg2jJNYJcLbZ1dOiuPFsIl+g9BCPG1Jc4eF8mKNgMbfqp+tV
0FcOTylRyyHNqWJ0esvbHLNK3wWZJIeD+K61Tz9jnETOSkL2guKcj6/Pqe7jjmmT
TNRg1E5Uy6rKB8xZxKxLO7r8Qu1/6GsQTDGupVGYN4CfYLhb3Avuo+AoX3I5DAqT
BbMtswlPAbGHkek9EWQT/kRpa2yWuDGpflOrh0MiopvgubQtGs2gHEx6Fc0QADPn
dIsz4t1cWpISKSv9iZmxZhqhfwGsv5S9j2VyZyvzJ1Nq2DLJZqay
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:20 2024 by rpki-client on console-ams.rpki-client.org