Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/f_MPyfFzOnAUr3jVSm2Lv8j647M.roa
File:                     f_MPyfFzOnAUr3jVSm2Lv8j647M.roa (raw, json)
Hash identifier:          cSIRYuVYEnyGS/UqYlAPtC7koGAaWHHPenhmdX0T1X8=
Subject key identifier:   7F:F3:0F:C9:F1:73:3A:70:14:AF:78:D5:4A:6D:8B:BF:C8:FA:E3:B3
Certificate issuer:       /CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Certificate serial:       01856F42D1D07DE2AFFA5B3B1E143FC170E1
Authority key identifier: 81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/f_MPyfFzOnAUr3jVSm2Lv8j647M.roa
Signing time:             Sun 01 Jan 2023 21:35:28 +0000
ROA not before:           Sun 01 Jan 2023 21:35:28 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     35043
IP address blocks:        5.160.248.0/21 maxlen: 22

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:30:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:42:d1:d0:7d:e2:af:fa:5b:3b:1e:14:3f:c1:70:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
        Validity
            Not Before: Jan  1 21:35:28 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7ff30fc9f1733a7014af78d54a6d8bbfc8fae3b3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:3a:73:83:90:f6:e2:d2:e2:77:db:88:1a:81:
                    26:32:db:f2:25:ef:18:e0:78:2c:d8:51:33:e5:da:
                    4c:c4:f2:8e:d2:8d:58:96:09:68:b0:36:da:dd:7b:
                    05:b7:a5:9d:54:be:b6:40:e3:32:3c:c5:0e:cc:62:
                    29:15:71:8e:8e:f9:93:94:8e:af:92:cf:e4:63:b1:
                    80:27:68:7b:d7:86:64:7b:88:06:3c:bd:9f:3e:15:
                    d8:d8:3d:01:e9:04:d0:51:2d:2b:10:4b:36:aa:e1:
                    8d:f8:39:bd:34:dc:9e:ff:37:66:a0:a8:2e:bd:f4:
                    33:5f:92:43:ce:a0:f0:aa:82:38:f0:a3:f6:28:27:
                    7d:ee:aa:80:86:6d:ba:8f:35:ca:49:b5:ba:94:d2:
                    79:e1:ac:3e:68:91:1f:5c:cf:38:49:e1:59:32:db:
                    cb:cb:a0:cc:fe:42:6d:17:4c:fe:95:d1:51:ba:9f:
                    a2:95:0d:4c:92:25:4f:19:b7:33:42:b9:73:db:7c:
                    d1:d1:5a:c7:e0:8d:ae:72:18:16:f5:d8:dc:4e:e7:
                    35:f6:55:62:26:07:50:47:02:b9:cd:8a:7e:26:93:
                    b5:46:e5:51:c5:f3:f4:51:f4:18:f4:c4:19:a8:6a:
                    3c:1c:80:4f:87:33:ea:c1:21:5c:03:94:d8:71:93:
                    83:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:F3:0F:C9:F1:73:3A:70:14:AF:78:D5:4A:6D:8B:BF:C8:FA:E3:B3
            X509v3 Authority Key Identifier:
                keyid:81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/f_MPyfFzOnAUr3jVSm2Lv8j647M.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.160.248.0/21

    Signature Algorithm: sha256WithRSAEncryption
         1a:4f:d1:c7:fd:e4:bc:94:31:f1:6d:d0:aa:19:1a:1c:72:96:
         a7:8d:02:31:0a:58:3e:12:15:01:1a:91:c0:e1:b2:6f:e4:3f:
         8d:79:cc:a5:7f:4e:4c:d8:b6:e4:04:4f:b1:b9:32:9f:c7:12:
         0e:17:5f:e1:4b:b2:1b:51:39:d0:54:46:15:82:f4:71:62:55:
         7f:8f:a8:20:af:6d:0c:e5:ef:67:eb:a4:3c:45:c1:6c:4e:c4:
         36:18:98:65:95:8c:93:a9:ae:b5:5e:f7:70:52:3b:74:da:81:
         2d:f1:2c:54:99:82:62:04:8a:08:f5:3b:8a:21:88:2e:1d:a4:
         47:08:7f:7a:9f:7b:81:5f:aa:43:6c:65:5e:f5:b4:ea:22:cd:
         fb:6b:02:cc:5b:79:c9:2f:5d:1b:f4:d9:5f:7c:0c:1d:50:8a:
         87:3d:dc:65:cf:5f:21:ec:d0:fd:d4:a4:46:23:7d:65:82:5c:
         bf:d5:e6:6f:f9:3f:d9:ec:03:07:48:16:95:c6:f6:fc:42:42:
         fb:81:7b:83:4e:02:be:51:65:17:ac:43:d1:69:73:97:53:70:
         ff:b2:03:1e:c4:be:b1:df:7a:80:c7:8a:9b:d6:7c:27:18:61:
         a7:5a:cb:78:3d:73:fc:1c:c1:3c:5b:04:fb:dd:f4:f4:45:34:
         47:d4:a5:11
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvQtHQfeKv+ls7HhQ/wXDhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxY2NhOWYxNWUxOTIxOTUzYTYyOGM4YWQyYWM0YmU5Nzdi
NmMzMDMwHhcNMjMwMTAxMjEzNTI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZmYzMGZjOWYxNzMzYTcwMTRhZjc4ZDU0YTZkOGJiZmM4ZmFlM2IzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAijpzg5D24tLid9uIGoEmMtvyJe8Y
4Hgs2FEz5dpMxPKO0o1YlglosDba3XsFt6WdVL62QOMyPMUOzGIpFXGOjvmTlI6v
ks/kY7GAJ2h714Zke4gGPL2fPhXY2D0B6QTQUS0rEEs2quGN+Dm9NNye/zdmoKgu
vfQzX5JDzqDwqoI48KP2KCd97qqAhm26jzXKSbW6lNJ54aw+aJEfXM84SeFZMtvL
y6DM/kJtF0z+ldFRup+ilQ1MkiVPGbczQrlz23zR0VrH4I2uchgW9djcTuc19lVi
JgdQRwK5zYp+JpO1RuVRxfP0UfQY9MQZqGo8HIBPhzPqwSFcA5TYcZODzQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH/zD8nxczpwFK941Upti7/I+uOzMB8GA1UdIwQY
MBaAFIHMqfFeGSGVOmKMitKsS+l3tsMDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUt
MjIwNmNjMmU2OTFjLzEvZl9NUHlmRnpPbkFVcjNqVlNtMkx2OGo2NDdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUtMjIwNmNjMmU2OTFj
LzEvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDBaD4MA0G
CSqGSIb3DQEBCwUAA4IBAQAaT9HH/eS8lDHxbdCqGRoccpanjQIxClg+EhUBGpHA
4bJv5D+Necylf05M2LbkBE+xuTKfxxIOF1/hS7IbUTnQVEYVgvRxYlV/j6ggr20M
5e9n66Q8RcFsTsQ2GJhllYyTqa61XvdwUjt02oEt8SxUmYJiBIoI9TuKIYguHaRH
CH96n3uBX6pDbGVe9bTqIs37awLMW3nJL10b9NlffAwdUIqHPdxlz18h7ND91KRG
I31lgly/1eZv+T/Z7AMHSBaVxvb8QkL7gXuDTgK+UWUXrEPRaXOXU3D/sgMexL6x
33qAx4qb1nwnGGGnWst4PXP8HME8WwT73fT0RTRH1KUR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:31 2024 by rpki-client on console-fra.rpki-client.org