Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/Pq-vdb77sEqu5C2inU48kJP5Ack.roa
File:                     Pq-vdb77sEqu5C2inU48kJP5Ack.roa (raw, json)
Hash identifier:          0jGgmnE0AL49Hzpj1Xtfq5XL1lr3UpWUmnk2SzXDJh0=
Subject key identifier:   3E:AF:AF:75:BE:FB:B0:4A:AE:E4:2D:A2:9D:4E:3C:90:93:F9:01:C9
Certificate issuer:       /CN=131881732a3e245a959bc679e0458c39f893e46b
Certificate serial:       018EB5716FFF37135AFEE5F31579979D16BC
Authority key identifier: 13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/Pq-vdb77sEqu5C2inU48kJP5Ack.roa
Signing time:             Sat 06 Apr 2024 22:04:54 +0000
ROA not before:           Sat 06 Apr 2024 22:04:54 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     57152
IP address blocks:        5.178.96.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 08 Apr 2024 15:45:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:b5:71:6f:ff:37:13:5a:fe:e5:f3:15:79:97:9d:16:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=131881732a3e245a959bc679e0458c39f893e46b
        Validity
            Not Before: Apr  6 22:04:54 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=3eafaf75befbb04aaee42da29d4e3c9093f901c9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:ca:4a:ad:55:df:5e:ac:a3:03:6c:ef:3c:b9:
                    b7:91:03:f7:93:82:c6:ac:8a:63:2f:96:a9:e2:3c:
                    17:91:ce:2b:e6:34:3f:42:9f:aa:69:c1:74:c7:15:
                    dc:17:0e:a9:2e:ee:a3:2a:b9:4d:84:02:96:89:77:
                    ca:b7:9b:54:f1:60:18:07:9a:48:09:30:6c:cf:58:
                    1e:e1:ee:cc:96:db:9d:a5:93:ea:15:e3:2f:56:c3:
                    de:79:41:a2:66:ac:69:a9:5c:99:d6:4d:22:fd:ef:
                    d3:63:70:87:cc:a5:1a:1f:39:06:ce:e6:52:ec:3f:
                    45:a6:6e:2f:f7:d4:36:f3:51:d1:b6:d6:13:67:cc:
                    93:81:43:c8:98:82:25:19:cf:e3:52:26:24:f7:fb:
                    c0:13:e3:a9:cc:98:93:8a:83:90:1a:89:f0:96:c0:
                    5a:2b:22:df:14:7f:4a:96:d9:09:ce:b8:8b:90:00:
                    42:4a:3f:a3:83:21:f7:c0:61:6d:2d:29:7a:c1:bb:
                    ff:1d:eb:68:fc:d6:07:42:91:c0:4b:65:b6:8d:4a:
                    e3:62:15:aa:8d:31:d9:93:b9:6c:3d:94:bb:37:a3:
                    15:c6:c4:6c:1f:4e:f7:bc:54:b7:e1:9d:e4:1e:6b:
                    39:ca:f4:38:90:fa:3f:36:92:50:61:5a:b2:c8:55:
                    e2:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:AF:AF:75:BE:FB:B0:4A:AE:E4:2D:A2:9D:4E:3C:90:93:F9:01:C9
            X509v3 Authority Key Identifier:
                keyid:13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/Pq-vdb77sEqu5C2inU48kJP5Ack.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.178.96.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1a:b5:50:98:ba:a3:40:13:1a:a5:11:e2:2f:8a:9d:1b:e7:d7:
         4e:9a:dd:87:c8:b7:ef:90:3d:0c:57:7e:2b:fb:a3:d5:69:c2:
         b1:b8:81:62:d2:33:ec:1e:6a:ad:0e:02:43:f4:ac:3c:cf:5d:
         51:75:68:ad:5b:c1:82:9b:ae:a2:34:a8:31:ab:4e:f0:c3:34:
         8d:f2:9c:c2:b4:ad:5b:4d:16:ab:23:1e:35:1d:b5:65:29:8b:
         40:4a:d5:da:e8:df:84:f3:bc:64:72:8e:a5:52:7a:50:0e:cd:
         38:eb:a3:22:e4:05:62:f6:bd:e7:ca:b6:af:5c:d3:a3:2d:63:
         aa:ce:c5:1c:55:b2:c1:dc:9a:b3:82:c4:bf:be:63:5f:1f:34:
         6f:ef:a3:4a:1a:ea:7c:25:39:31:16:6f:24:04:f0:1b:b1:b6:
         4b:35:7b:54:d7:85:15:33:31:61:88:88:e4:8a:91:dd:63:ac:
         ed:31:d7:ac:3c:49:32:74:db:a4:40:1e:32:d8:6e:64:75:ad:
         44:b8:6a:5f:1b:55:00:25:90:23:38:1c:b0:fd:80:95:84:47:
         fd:8e:07:f8:35:71:9e:85:09:4d:8d:19:f2:80:5d:de:74:04:
         45:0c:30:03:4b:48:39:8f:ac:1c:dc:96:19:d0:00:d9:97:37:
         2c:ca:8a:ab
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY61cW//NxNa/uXzFXmXnRa8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzMTg4MTczMmEzZTI0NWE5NTliYzY3OWUwNDU4YzM5Zjg5
M2U0NmIwHhcNMjQwNDA2MjIwNDU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWFmYWY3NWJlZmJiMDRhYWVlNDJkYTI5ZDRlM2M5MDkzZjkwMWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApcpKrVXfXqyjA2zvPLm3kQP3k4LG
rIpjL5ap4jwXkc4r5jQ/Qp+qacF0xxXcFw6pLu6jKrlNhAKWiXfKt5tU8WAYB5pI
CTBsz1ge4e7MltudpZPqFeMvVsPeeUGiZqxpqVyZ1k0i/e/TY3CHzKUaHzkGzuZS
7D9Fpm4v99Q281HRttYTZ8yTgUPImIIlGc/jUiYk9/vAE+OpzJiTioOQGonwlsBa
KyLfFH9KltkJzriLkABCSj+jgyH3wGFtLSl6wbv/Heto/NYHQpHAS2W2jUrjYhWq
jTHZk7lsPZS7N6MVxsRsH073vFS34Z3kHms5yvQ4kPo/NpJQYVqyyFXiiQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD6vr3W++7BKruQtop1OPJCT+QHJMB8GA1UdIwQY
MBaAFBMYgXMqPiRalZvGeeBFjDn4k+RrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUt
Y2Q2MTUyMjYxYzZmLzEvUHEtdmRiNzdzRXF1NUMyaW5VNDhrSlA1QWNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUtY2Q2MTUyMjYxYzZm
LzEvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABbJgMA0G
CSqGSIb3DQEBCwUAA4IBAQAatVCYuqNAExqlEeIvip0b59dOmt2HyLfvkD0MV34r
+6PVacKxuIFi0jPsHmqtDgJD9Kw8z11RdWitW8GCm66iNKgxq07wwzSN8pzCtK1b
TRarIx41HbVlKYtAStXa6N+E87xkco6lUnpQDs0466Mi5AVi9r3nyravXNOjLWOq
zsUcVbLB3JqzgsS/vmNfHzRv76NKGup8JTkxFm8kBPAbsbZLNXtU14UVMzFhiIjk
ipHdY6ztMdesPEkydNukQB4y2G5kda1EuGpfG1UAJZAjOByw/YCVhEf9jgf4NXGe
hQlNjRnygF3edARFDDADS0g5j6wc3JYZ0ADZlzcsyoqr
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:33 2024 by rpki-client on console-fra.rpki-client.org