Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/Ue8Ed_yoRtmh2uHqLtYO9jv7GRo.roa
File:                     Ue8Ed_yoRtmh2uHqLtYO9jv7GRo.roa (raw, json)
Hash identifier:          bcfU03b/A/XXfNLXZPCObRcjX8qGiLEKR2ljuzbT7tg=
Subject key identifier:   51:EF:04:77:FC:A8:46:D9:A1:DA:E1:EA:2E:D6:0E:F6:3B:FB:19:1A
Certificate issuer:       /CN=131881732a3e245a959bc679e0458c39f893e46b
Certificate serial:       018C15A3218824011AE80ACD538BD1663FC7
Authority key identifier: 13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/Ue8Ed_yoRtmh2uHqLtYO9jv7GRo.roa
Signing time:             Tue 28 Nov 2023 11:14:21 +0000
ROA not before:           Tue 28 Nov 2023 11:14:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     147287
IP address blocks:        5.178.108.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 29 Nov 2023 15:32:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:15:a3:21:88:24:01:1a:e8:0a:cd:53:8b:d1:66:3f:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=131881732a3e245a959bc679e0458c39f893e46b
        Validity
            Not Before: Nov 28 11:14:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=51ef0477fca846d9a1dae1ea2ed60ef63bfb191a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:8e:a3:66:a6:aa:1e:49:99:eb:80:9c:19:fa:
                    46:1d:03:f5:3a:ca:bc:5b:80:da:c1:41:7d:89:1f:
                    7e:c2:b7:1f:82:43:36:ca:f3:38:d0:09:d2:a4:03:
                    8e:6c:42:4c:ea:d0:e6:92:82:53:4c:af:22:c6:cc:
                    d7:b7:f4:51:51:dc:3c:74:f0:55:e6:fa:78:bb:81:
                    ad:7e:4c:e8:58:e4:c2:7b:d7:77:36:a0:a8:9e:d4:
                    cc:e5:64:bc:99:82:b6:75:e7:39:94:2c:72:b9:44:
                    16:72:8b:fa:c6:5d:ea:5a:c1:bc:d7:81:85:4f:0d:
                    b7:2c:e7:5a:de:1a:dd:72:d9:57:82:ea:7a:cb:d3:
                    be:75:6f:43:25:3f:ff:42:2a:f5:96:4d:70:30:0b:
                    eb:22:f5:40:9d:bb:d5:25:17:59:1d:c4:e5:e9:e1:
                    b7:23:5c:2e:35:db:d0:7b:4d:5f:05:37:fe:70:ab:
                    76:e7:47:1d:a7:82:91:fc:50:91:3e:c7:09:79:32:
                    f7:0d:62:17:cd:1a:5a:8a:dc:2a:37:c3:b8:9e:b0:
                    55:58:cf:9d:a1:64:5f:fc:c5:86:52:b1:af:aa:b4:
                    2f:bc:5e:23:26:b2:5d:c2:10:fe:ec:d7:72:d5:9f:
                    66:d1:db:77:c3:43:a3:b1:0d:ea:b5:1c:6a:7f:83:
                    80:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:EF:04:77:FC:A8:46:D9:A1:DA:E1:EA:2E:D6:0E:F6:3B:FB:19:1A
            X509v3 Authority Key Identifier:
                keyid:13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/Ue8Ed_yoRtmh2uHqLtYO9jv7GRo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.178.108.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a6:5e:fa:ec:3c:65:9f:6a:e2:a5:08:03:8c:30:d0:7b:b5:c5:
         a4:96:92:23:f3:ea:27:e8:28:e5:3b:87:29:47:c9:81:60:79:
         5e:67:b0:db:c8:68:05:df:4e:07:43:be:b4:17:a0:e0:b1:ec:
         e1:7d:fa:ac:16:02:9b:e7:53:01:45:77:ee:c1:22:d8:60:73:
         e0:82:48:cb:ac:38:08:65:8e:66:f2:7b:c4:ed:34:7b:8d:d9:
         51:44:1c:e6:dd:08:94:91:43:cd:b6:a4:b8:aa:3f:e0:f7:01:
         60:c0:af:cd:78:b5:b3:32:77:42:5c:c7:f6:0f:15:48:c6:cb:
         cd:cb:f1:81:76:52:c9:43:26:3b:93:64:7f:6f:29:56:9c:45:
         97:a5:3e:38:4c:06:43:d6:53:a8:27:15:fa:eb:97:ad:59:31:
         f1:23:b4:d6:13:0f:c5:20:e5:e4:a3:e9:fb:e3:32:54:b8:73:
         ed:8f:45:41:d0:6f:6b:90:af:f5:24:f4:81:b2:91:8d:ab:ba:
         03:23:89:e1:c2:54:34:f4:56:d0:21:eb:c6:08:b9:21:84:fd:
         3d:b4:60:6f:eb:01:6d:85:c3:30:f5:87:3a:43:e1:ea:6a:39:
         21:bc:03:c0:86:1c:14:65:a1:97:75:55:d6:3c:be:68:90:f1:
         0c:ea:d1:32
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYwVoyGIJAEa6ArNU4vRZj/HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzMTg4MTczMmEzZTI0NWE5NTliYzY3OWUwNDU4YzM5Zjg5
M2U0NmIwHhcNMjMxMTI4MTExNDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MWVmMDQ3N2ZjYTg0NmQ5YTFkYWUxZWEyZWQ2MGVmNjNiZmIxOTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhI6jZqaqHkmZ64CcGfpGHQP1Osq8
W4DawUF9iR9+wrcfgkM2yvM40AnSpAOObEJM6tDmkoJTTK8ixszXt/RRUdw8dPBV
5vp4u4GtfkzoWOTCe9d3NqContTM5WS8mYK2dec5lCxyuUQWcov6xl3qWsG814GF
Tw23LOda3hrdctlXgup6y9O+dW9DJT//Qir1lk1wMAvrIvVAnbvVJRdZHcTl6eG3
I1wuNdvQe01fBTf+cKt250cdp4KR/FCRPscJeTL3DWIXzRpaitwqN8O4nrBVWM+d
oWRf/MWGUrGvqrQvvF4jJrJdwhD+7Ndy1Z9m0dt3w0OjsQ3qtRxqf4OAXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFHvBHf8qEbZodrh6i7WDvY7+xkaMB8GA1UdIwQY
MBaAFBMYgXMqPiRalZvGeeBFjDn4k+RrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUt
Y2Q2MTUyMjYxYzZmLzEvVWU4RWRfeW9SdG1oMnVIcUx0WU85anY3R1JvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUtY2Q2MTUyMjYxYzZm
LzEvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABbJsMA0G
CSqGSIb3DQEBCwUAA4IBAQCmXvrsPGWfauKlCAOMMNB7tcWklpIj8+on6CjlO4cp
R8mBYHleZ7DbyGgF304HQ760F6DgsezhffqsFgKb51MBRXfuwSLYYHPggkjLrDgI
ZY5m8nvE7TR7jdlRRBzm3QiUkUPNtqS4qj/g9wFgwK/NeLWzMndCXMf2DxVIxsvN
y/GBdlLJQyY7k2R/bylWnEWXpT44TAZD1lOoJxX665etWTHxI7TWEw/FIOXko+n7
4zJUuHPtj0VB0G9rkK/1JPSBspGNq7oDI4nhwlQ09FbQIevGCLkhhP09tGBv6wFt
hcMw9Yc6Q+HqajkhvAPAhhwUZaGXdVXWPL5okPEM6tEy
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:33 2024 by rpki-client on console-fra.rpki-client.org