Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/OD5juJhIyTf2JrZZP_nj5H7NoE0.roa
File:                     OD5juJhIyTf2JrZZP_nj5H7NoE0.roa (raw, json)
Hash identifier:          7grSfdCdM84wYWCJLvmckRUoIX82b4wYaS/9mdziIU0=
Subject key identifier:   38:3E:63:B8:98:48:C9:37:F6:26:B6:59:3F:F9:E3:E4:7E:CD:A0:4D
Certificate issuer:       /CN=131881732a3e245a959bc679e0458c39f893e46b
Certificate serial:       018E72582D51A712683D56F87ED19ABC787D
Authority key identifier: 13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/OD5juJhIyTf2JrZZP_nj5H7NoE0.roa
Signing time:             Sun 24 Mar 2024 21:22:45 +0000
ROA not before:           Sun 24 Mar 2024 21:22:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     26383
IP address blocks:        5.39.250.0/24 maxlen: 24
                          5.144.178.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 29 Mar 2024 23:54:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:72:58:2d:51:a7:12:68:3d:56:f8:7e:d1:9a:bc:78:7d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=131881732a3e245a959bc679e0458c39f893e46b
        Validity
            Not Before: Mar 24 21:22:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=383e63b89848c937f626b6593ff9e3e47ecda04d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:ea:8c:1a:36:c0:44:4b:9a:0b:de:2e:92:53:
                    bf:7f:8a:df:cc:ca:31:cc:72:4e:24:66:56:d6:b2:
                    e6:1d:4d:14:8c:a7:f5:0d:d2:fe:d6:14:a0:05:a9:
                    bd:12:43:ee:e0:b0:01:68:07:08:11:92:de:73:04:
                    1d:56:a4:e7:2b:7e:db:36:4f:24:bd:af:79:18:46:
                    83:01:01:b0:0b:c8:cb:e6:10:c0:ad:97:bb:93:ff:
                    11:22:97:a6:e4:56:78:6e:f2:9d:49:94:4c:a6:72:
                    cb:64:2e:5b:57:2c:d6:7c:b7:f9:a4:a1:be:86:e9:
                    57:67:50:68:d0:0a:ee:c7:e9:3e:f1:76:84:55:04:
                    52:6f:85:26:dd:36:07:d3:7f:35:82:39:c1:84:c6:
                    75:c3:82:b8:b9:9c:4c:b1:74:dd:4c:b3:06:de:df:
                    96:a6:9c:06:72:3a:33:cb:ec:36:14:f3:20:98:a6:
                    1e:5a:10:69:bc:c3:a2:82:97:61:fc:7b:de:89:e9:
                    62:a2:da:e8:d7:ca:4e:79:14:8b:b4:29:62:b1:0f:
                    ac:ec:56:63:7b:90:88:ca:64:92:bf:39:79:86:fe:
                    fc:a1:0a:a9:ec:ac:b2:3b:32:42:0b:33:f9:7b:39:
                    1c:bb:8f:d3:c1:db:3a:43:e5:59:7a:a5:c7:0b:c3:
                    ce:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:3E:63:B8:98:48:C9:37:F6:26:B6:59:3F:F9:E3:E4:7E:CD:A0:4D
            X509v3 Authority Key Identifier:
                keyid:13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/OD5juJhIyTf2JrZZP_nj5H7NoE0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.39.250.0/24
                  5.144.178.0/24

    Signature Algorithm: sha256WithRSAEncryption
         df:3d:85:80:71:00:4e:94:f6:06:81:af:01:7f:50:24:29:ca:
         2b:ef:8c:47:e1:46:6f:b9:d6:9f:0a:98:b3:30:43:ef:61:de:
         f7:22:1e:19:9a:9b:8f:8c:2d:b0:52:23:e0:ab:36:6a:50:f4:
         1d:09:13:1b:70:d3:dc:ff:d4:0d:fe:e4:42:7c:56:c8:dc:f8:
         28:da:51:4e:b1:08:1f:a1:7d:51:35:46:35:ae:94:b8:36:9f:
         f6:bf:99:60:df:59:50:dc:9e:80:63:cc:63:44:75:01:bb:68:
         1e:8f:90:dc:a3:c4:e7:83:f9:94:f1:6c:21:39:82:3a:82:58:
         0e:9d:bc:b9:56:cf:60:4f:70:9f:e8:cb:ee:30:7b:2c:24:6a:
         e4:b7:36:37:26:38:7e:9e:03:c1:10:51:f5:ca:41:98:65:56:
         17:aa:7a:21:1a:a6:56:4a:a7:d3:23:86:ca:93:5f:a3:96:23:
         8a:11:02:e7:4c:64:94:16:19:b3:9d:db:16:bf:71:ce:36:b2:
         70:14:25:64:ea:4e:1b:a0:6c:73:8b:d8:98:54:50:a2:91:ba:
         7b:b8:c9:51:5c:e2:1c:41:fc:79:48:09:0e:f7:c7:ee:ed:6e:
         20:93:5c:2b:49:2b:75:7d:d7:ce:83:2c:17:6e:d7:29:a2:3e:
         9b:4e:3e:c5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY5yWC1RpxJoPVb4ftGavHh9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzMTg4MTczMmEzZTI0NWE5NTliYzY3OWUwNDU4YzM5Zjg5
M2U0NmIwHhcNMjQwMzI0MjEyMjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODNlNjNiODk4NDhjOTM3ZjYyNmI2NTkzZmY5ZTNlNDdlY2RhMDRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm+qMGjbAREuaC94uklO/f4rfzMox
zHJOJGZW1rLmHU0UjKf1DdL+1hSgBam9EkPu4LABaAcIEZLecwQdVqTnK37bNk8k
va95GEaDAQGwC8jL5hDArZe7k/8RIpem5FZ4bvKdSZRMpnLLZC5bVyzWfLf5pKG+
hulXZ1Bo0Arux+k+8XaEVQRSb4Um3TYH0381gjnBhMZ1w4K4uZxMsXTdTLMG3t+W
ppwGcjozy+w2FPMgmKYeWhBpvMOigpdh/Hveieliotro18pOeRSLtClisQ+s7FZj
e5CIymSSvzl5hv78oQqp7KyyOzJCCzP5ezkcu4/Twds6Q+VZeqXHC8POOQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDg+Y7iYSMk39ia2WT/54+R+zaBNMB8GA1UdIwQY
MBaAFBMYgXMqPiRalZvGeeBFjDn4k+RrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUt
Y2Q2MTUyMjYxYzZmLzEvT0Q1anVKaEl5VGYySnJaWlBfbmo1SDdOb0UwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUtY2Q2MTUyMjYxYzZm
LzEvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABSf6AwQA
BZCyMA0GCSqGSIb3DQEBCwUAA4IBAQDfPYWAcQBOlPYGga8Bf1AkKcor74xH4UZv
udafCpizMEPvYd73Ih4ZmpuPjC2wUiPgqzZqUPQdCRMbcNPc/9QN/uRCfFbI3Pgo
2lFOsQgfoX1RNUY1rpS4Np/2v5lg31lQ3J6AY8xjRHUBu2gej5Dco8Tng/mU8Wwh
OYI6glgOnby5Vs9gT3Cf6MvuMHssJGrktzY3Jjh+ngPBEFH1ykGYZVYXqnohGqZW
SqfTI4bKk1+jliOKEQLnTGSUFhmzndsWv3HONrJwFCVk6k4boGxzi9iYVFCikbp7
uMlRXOIcQfx5SAkO98fu7W4gk1wrSSt1fdfOgywXbtcpoj6bTj7F
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:33 2024 by rpki-client on console-fra.rpki-client.org