Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/49XO2KK0POnUGWnric4Veyypo1Y.roa
File:                     49XO2KK0POnUGWnric4Veyypo1Y.roa (raw, json)
Hash identifier:          xflzLaZWzju6LybzmIxjW6kVnFzguodjKCAirubGVTU=
Subject key identifier:   E3:D5:CE:D8:A2:B4:3C:E9:D4:19:69:EB:89:CE:15:7B:2C:A9:A3:56
Certificate issuer:       /CN=131881732a3e245a959bc679e0458c39f893e46b
Certificate serial:       018CCFF3C362221D57439913B6D8AFA20314
Authority key identifier: 13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/49XO2KK0POnUGWnric4Veyypo1Y.roa
Signing time:             Wed 03 Jan 2024 15:31:48 +0000
ROA not before:           Wed 03 Jan 2024 15:31:48 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     51431
IP address blocks:        5.144.176.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 04 Jan 2024 07:18:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:cf:f3:c3:62:22:1d:57:43:99:13:b6:d8:af:a2:03:14
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=131881732a3e245a959bc679e0458c39f893e46b
        Validity
            Not Before: Jan  3 15:31:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=e3d5ced8a2b43ce9d41969eb89ce157b2ca9a356
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:4b:fd:f8:bb:cf:f0:93:38:15:75:de:51:5d:
                    e9:98:b4:8b:b9:07:e0:ba:a3:16:9d:a0:25:27:9f:
                    8d:2d:1f:01:5a:57:27:5e:67:01:af:84:30:80:87:
                    61:db:f4:4f:89:38:50:92:0b:00:9d:1c:51:22:2f:
                    6a:a9:a8:41:de:b4:6c:83:01:95:0f:59:62:05:cb:
                    7d:9d:2c:4b:57:22:70:b9:2a:b5:d9:2a:f5:de:89:
                    aa:7d:d0:b8:99:83:aa:60:04:9e:60:49:af:94:56:
                    93:d2:93:d9:5a:4b:36:b9:66:da:0f:ce:8c:f9:08:
                    c0:7c:a6:bd:87:6f:32:aa:36:e1:a7:ce:80:8a:d9:
                    06:a3:bc:de:4e:65:00:c7:42:17:13:48:32:e6:bc:
                    7c:8d:c6:a8:db:2d:98:18:a9:92:3d:00:2b:eb:05:
                    03:5b:df:1b:fa:d9:a7:62:dc:8f:9b:90:73:e3:d9:
                    4c:63:16:19:2b:a8:8a:b1:81:1b:ed:69:38:73:38:
                    e8:76:de:e0:a0:39:d5:e2:20:18:1f:79:11:67:d5:
                    ae:27:37:ea:f0:35:25:64:37:f8:c1:8a:fa:b9:62:
                    db:b4:b7:94:22:3b:d6:5c:b8:eb:fe:0c:d7:1b:d0:
                    a5:4d:15:9b:02:05:e1:04:24:58:0a:8a:72:ea:07:
                    6e:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:D5:CE:D8:A2:B4:3C:E9:D4:19:69:EB:89:CE:15:7B:2C:A9:A3:56
            X509v3 Authority Key Identifier:
                keyid:13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/49XO2KK0POnUGWnric4Veyypo1Y.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.144.176.0/24

    Signature Algorithm: sha256WithRSAEncryption
         96:37:b3:8c:b0:b9:e1:7c:51:59:f7:d3:4d:dd:7b:5f:2b:93:
         b4:eb:94:2d:8d:e5:48:ae:ee:a9:3b:1a:4e:62:4e:4d:fb:24:
         e4:2a:ab:58:2a:ac:e1:5f:ec:17:82:f0:48:cf:8c:9e:f0:62:
         7e:2f:d3:37:0e:12:c0:c1:b2:b5:5e:ef:5d:f8:6d:4c:e0:e3:
         68:83:5b:ac:38:51:23:96:bf:1b:5d:16:77:48:1f:68:cc:3d:
         01:f7:e6:20:bc:18:8c:a8:67:73:99:c1:86:4c:60:1c:7b:e3:
         90:8f:7d:aa:95:a8:a0:9b:b0:62:7c:c4:f5:65:04:91:68:e4:
         fc:56:29:78:18:d9:2f:2c:91:0b:ba:c3:b9:c4:48:a4:f3:9c:
         31:fb:e8:82:43:cd:9f:91:fe:63:0c:a4:73:dc:39:37:fd:bf:
         8b:b5:38:49:c4:b5:e4:5f:d6:e8:90:76:9e:c3:f6:46:78:f9:
         1e:73:b2:ba:5e:10:35:c9:7f:f1:b1:f4:1f:54:d2:62:c9:30:
         1b:11:4f:3c:26:e2:7e:73:39:e9:75:ea:47:57:14:a8:b8:b8:
         34:78:d0:c4:76:9d:bb:b6:a8:22:c9:d8:b1:aa:59:a4:74:7e:
         2b:ff:f4:72:b2:e6:e1:8a:e4:f4:1a:85:51:a9:4b:9a:1b:c8:
         c4:8f:e0:50
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzP88NiIh1XQ5kTttivogMUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzMTg4MTczMmEzZTI0NWE5NTliYzY3OWUwNDU4YzM5Zjg5
M2U0NmIwHhcNMjQwMTAzMTUzMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlM2Q1Y2VkOGEyYjQzY2U5ZDQxOTY5ZWI4OWNlMTU3YjJjYTlhMzU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvEv9+LvP8JM4FXXeUV3pmLSLuQfg
uqMWnaAlJ5+NLR8BWlcnXmcBr4QwgIdh2/RPiThQkgsAnRxRIi9qqahB3rRsgwGV
D1liBct9nSxLVyJwuSq12Sr13omqfdC4mYOqYASeYEmvlFaT0pPZWks2uWbaD86M
+QjAfKa9h28yqjbhp86AitkGo7zeTmUAx0IXE0gy5rx8jcao2y2YGKmSPQAr6wUD
W98b+tmnYtyPm5Bz49lMYxYZK6iKsYEb7Wk4czjodt7goDnV4iAYH3kRZ9WuJzfq
8DUlZDf4wYr6uWLbtLeUIjvWXLjr/gzXG9ClTRWbAgXhBCRYCopy6gduVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOPVztiitDzp1Blp64nOFXssqaNWMB8GA1UdIwQY
MBaAFBMYgXMqPiRalZvGeeBFjDn4k+RrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUt
Y2Q2MTUyMjYxYzZmLzEvNDlYTzJLSzBQT25VR1ducmljNFZleXlwbzFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUtY2Q2MTUyMjYxYzZm
LzEvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABZCwMA0G
CSqGSIb3DQEBCwUAA4IBAQCWN7OMsLnhfFFZ99NN3XtfK5O065QtjeVIru6pOxpO
Yk5N+yTkKqtYKqzhX+wXgvBIz4ye8GJ+L9M3DhLAwbK1Xu9d+G1M4ONog1usOFEj
lr8bXRZ3SB9ozD0B9+YgvBiMqGdzmcGGTGAce+OQj32qlaigm7BifMT1ZQSRaOT8
Vil4GNkvLJELusO5xEik85wx++iCQ82fkf5jDKRz3Dk3/b+LtThJxLXkX9bokHae
w/ZGePkec7K6XhA1yX/xsfQfVNJiyTAbEU88JuJ+cznpdepHVxSouLg0eNDEdp27
tqgiydixqlmkdH4r//RysubhiuT0GoVRqUuaG8jEj+BQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:14 2024 by rpki-client on console-ams.rpki-client.org