Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/QbXJsXDouBFUEcQUBQeKsUyO7fw.roa
File:                     QbXJsXDouBFUEcQUBQeKsUyO7fw.roa (raw, json)
Hash identifier:          qB1Of85lKJGcnr2L1Hmi2546tpSfRYnSPg3NCo4o+RQ=
Subject key identifier:   41:B5:C9:B1:70:E8:B8:11:54:11:C4:14:05:07:8A:B1:4C:8E:ED:FC
Certificate issuer:       /CN=131881732a3e245a959bc679e0458c39f893e46b
Certificate serial:       018C5322D43B2822CACC0BAD8A3ECB8AFB2F
Authority key identifier: 13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/QbXJsXDouBFUEcQUBQeKsUyO7fw.roa
Signing time:             Sun 10 Dec 2023 09:50:40 +0000
ROA not before:           Sun 10 Dec 2023 09:50:40 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211522
IP address blocks:        5.144.180.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 18:31:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:53:22:d4:3b:28:22:ca:cc:0b:ad:8a:3e:cb:8a:fb:2f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=131881732a3e245a959bc679e0458c39f893e46b
        Validity
            Not Before: Dec 10 09:50:40 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=41b5c9b170e8b8115411c41405078ab14c8eedfc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:1e:35:fb:22:0d:5c:c7:13:15:d2:e8:18:28:
                    42:40:36:a6:12:99:9a:ab:58:7a:6f:da:05:a8:31:
                    6c:42:b1:ab:99:bb:91:f0:a9:bc:98:9c:61:79:45:
                    13:a7:b0:b1:06:fe:18:40:87:ed:42:38:be:63:3c:
                    6f:49:52:e4:20:32:b3:84:95:f9:5c:9b:f1:92:68:
                    ac:ff:a4:f4:51:0f:f0:89:09:0b:ea:9a:19:49:39:
                    9f:b6:b1:c1:43:46:1d:32:97:7f:39:ad:cd:ee:1a:
                    16:8e:23:1e:2d:8a:6b:c5:45:e3:84:dc:6c:8a:26:
                    81:07:bc:67:7f:76:ff:65:25:3c:b8:e6:ad:18:7d:
                    ff:23:09:ab:3f:ec:88:20:9e:2f:5f:6e:b3:93:d2:
                    1d:b7:66:11:2c:d9:d9:2d:34:22:26:d4:4a:44:38:
                    31:36:e7:48:5f:00:3d:31:97:38:a7:03:9b:9b:b6:
                    85:b7:0f:7b:21:cd:ee:bd:4e:22:eb:7b:cb:ee:10:
                    c7:d1:b3:bb:51:f1:4d:42:a0:6b:1c:b3:de:2b:5e:
                    26:45:10:c7:38:df:3c:ef:23:6a:5a:fa:53:66:b3:
                    b4:db:27:7f:5d:a2:ba:3e:89:e5:b2:e3:6d:ca:cb:
                    7c:85:5d:17:f9:01:0e:d4:a3:05:cf:bf:0a:14:ec:
                    d1:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:B5:C9:B1:70:E8:B8:11:54:11:C4:14:05:07:8A:B1:4C:8E:ED:FC
            X509v3 Authority Key Identifier:
                keyid:13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/QbXJsXDouBFUEcQUBQeKsUyO7fw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.144.180.0/24

    Signature Algorithm: sha256WithRSAEncryption
         09:e2:65:bd:1e:24:94:99:43:33:ea:48:76:33:95:70:d0:48:
         84:91:06:a7:32:71:a1:59:9b:fe:1c:86:01:16:57:38:b3:da:
         6f:22:94:80:c9:75:03:18:11:44:ca:d2:39:18:3d:28:9b:79:
         c9:37:fc:13:b2:20:f7:a4:10:67:91:c4:e8:f7:2c:2b:18:3a:
         08:9c:62:1b:96:ca:d0:2f:49:16:65:bb:b0:1a:15:b8:12:6e:
         00:6d:8e:d3:08:5c:51:61:d8:33:85:c1:1c:24:5d:94:bc:23:
         dc:c7:4d:d3:2b:2f:be:77:97:c6:e2:a2:46:51:a4:02:25:51:
         16:5b:79:07:d4:bf:8c:96:00:79:ec:47:72:b1:f8:80:c5:64:
         62:2d:6d:e1:c7:df:e9:9c:7e:6d:43:54:5d:5a:0a:55:22:62:
         48:11:b1:e9:cd:86:f2:c4:5d:21:f0:30:61:e4:7a:8a:95:e3:
         40:7e:8c:65:40:7e:7c:64:36:40:eb:e6:08:14:fa:37:35:1c:
         b1:6e:50:b4:ca:fb:8e:19:a1:4b:fa:35:b6:ca:23:80:c7:3c:
         51:a3:0b:f6:8d:6e:d8:cf:7f:2e:35:ac:a9:40:f3:4c:6e:56:
         18:fa:c4:b3:5b:00:4e:31:a5:7e:7d:4c:98:e7:fa:8e:c7:6a:
         5f:4d:fd:44
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYxTItQ7KCLKzAutij7LivsvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzMTg4MTczMmEzZTI0NWE5NTliYzY3OWUwNDU4YzM5Zjg5
M2U0NmIwHhcNMjMxMjEwMDk1MDQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWI1YzliMTcwZThiODExNTQxMWM0MTQwNTA3OGFiMTRjOGVlZGZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhB41+yINXMcTFdLoGChCQDamEpma
q1h6b9oFqDFsQrGrmbuR8Km8mJxheUUTp7CxBv4YQIftQji+YzxvSVLkIDKzhJX5
XJvxkmis/6T0UQ/wiQkL6poZSTmftrHBQ0YdMpd/Oa3N7hoWjiMeLYprxUXjhNxs
iiaBB7xnf3b/ZSU8uOatGH3/IwmrP+yIIJ4vX26zk9Idt2YRLNnZLTQiJtRKRDgx
NudIXwA9MZc4pwObm7aFtw97Ic3uvU4i63vL7hDH0bO7UfFNQqBrHLPeK14mRRDH
ON887yNqWvpTZrO02yd/XaK6PonlsuNtyst8hV0X+QEO1KMFz78KFOzRrQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEG1ybFw6LgRVBHEFAUHirFMju38MB8GA1UdIwQY
MBaAFBMYgXMqPiRalZvGeeBFjDn4k+RrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUt
Y2Q2MTUyMjYxYzZmLzEvUWJYSnNYRG91QkZVRWNRVUJRZUtzVXlPN2Z3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUtY2Q2MTUyMjYxYzZm
LzEvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABZC0MA0G
CSqGSIb3DQEBCwUAA4IBAQAJ4mW9HiSUmUMz6kh2M5Vw0EiEkQanMnGhWZv+HIYB
Flc4s9pvIpSAyXUDGBFEytI5GD0om3nJN/wTsiD3pBBnkcTo9ywrGDoInGIblsrQ
L0kWZbuwGhW4Em4AbY7TCFxRYdgzhcEcJF2UvCPcx03TKy++d5fG4qJGUaQCJVEW
W3kH1L+MlgB57EdysfiAxWRiLW3hx9/pnH5tQ1RdWgpVImJIEbHpzYbyxF0h8DBh
5HqKleNAfoxlQH58ZDZA6+YIFPo3NRyxblC0yvuOGaFL+jW2yiOAxzxRowv2jW7Y
z38uNaypQPNMblYY+sSzWwBOMaV+fUyY5/qOx2pfTf1E
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:15 2024 by rpki-client on console-ams.rpki-client.org