Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/b4AeJz3F0TA2xGHlvsx9QjSd1AI.roa
File:                     b4AeJz3F0TA2xGHlvsx9QjSd1AI.roa (raw, json)
Hash identifier:          zCrzhBPa+LbO5MtJ7acOkQVquhkR4il7cnjtFHqP3fc=
Subject key identifier:   6F:80:1E:27:3D:C5:D1:30:36:C4:61:E5:BE:CC:7D:42:34:9D:D4:02
Certificate issuer:       /CN=131881732a3e245a959bc679e0458c39f893e46b
Certificate serial:       0188FD7B9FF890C1C56DF8234D17E6C0860D
Authority key identifier: 13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/b4AeJz3F0TA2xGHlvsx9QjSd1AI.roa
Signing time:             Tue 27 Jun 2023 15:31:57 +0000
ROA not before:           Tue 27 Jun 2023 15:31:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212219
IP address blocks:        5.178.100.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 28 Jul 2023 13:48:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:fd:7b:9f:f8:90:c1:c5:6d:f8:23:4d:17:e6:c0:86:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=131881732a3e245a959bc679e0458c39f893e46b
        Validity
            Not Before: Jun 27 15:31:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6f801e273dc5d13036c461e5becc7d42349dd402
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:ec:4b:c3:16:a8:51:f0:3a:fc:9c:dc:5f:63:
                    da:ac:da:d8:0c:ec:7c:03:fa:4b:42:c5:b0:5f:f8:
                    6a:80:ed:7f:1b:ef:7f:d5:c6:ed:03:08:eb:3d:95:
                    27:4e:01:51:7a:03:b1:d4:2e:37:0e:b1:82:bb:3a:
                    b8:ba:69:f8:59:45:35:7c:f4:f4:45:48:2e:05:6c:
                    4c:1c:e6:6a:b8:6e:3a:bf:4e:5b:a3:1f:a1:a9:ea:
                    86:51:d5:e8:49:96:6b:ca:1a:35:b7:6a:72:f1:c6:
                    c4:81:97:25:e0:10:92:b1:b6:57:58:70:6c:96:ee:
                    0b:19:81:e3:45:94:63:ae:8b:89:ec:07:c0:3e:0b:
                    f5:12:c9:26:f3:ca:3b:82:43:43:b1:78:c1:94:72:
                    60:0f:f2:fd:31:d2:7c:91:51:6c:84:93:c7:07:c3:
                    ef:bb:0b:d8:dc:6d:8a:6d:41:8f:ce:9f:55:a8:3d:
                    50:d2:ef:62:ee:c5:ad:b1:99:46:fc:24:6b:2a:82:
                    47:9b:1b:94:2e:8c:49:a7:79:89:4a:7b:0d:23:5e:
                    a5:bc:4f:52:35:7b:f5:f6:2e:c0:59:92:3c:59:b1:
                    c5:cd:0a:f6:82:59:68:0c:18:07:09:4d:02:97:3a:
                    5c:9c:b4:74:e8:e2:54:e8:59:be:54:1b:e4:84:e4:
                    94:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:80:1E:27:3D:C5:D1:30:36:C4:61:E5:BE:CC:7D:42:34:9D:D4:02
            X509v3 Authority Key Identifier:
                keyid:13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/b4AeJz3F0TA2xGHlvsx9QjSd1AI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.178.100.0/24

    Signature Algorithm: sha256WithRSAEncryption
         74:62:a6:47:e1:11:2d:40:12:dc:64:76:04:60:de:21:ed:2a:
         02:9d:2e:4f:62:63:19:16:44:ff:59:72:d4:55:65:fd:4b:70:
         20:51:f4:18:c0:a1:d4:c6:fa:9f:e9:49:13:3c:01:f7:e8:4a:
         c2:d2:3d:16:52:df:92:c9:a0:06:1b:f0:3f:a4:da:00:62:b1:
         fa:da:f6:64:05:8a:94:31:da:b3:1f:12:00:2f:2f:8f:6a:c2:
         07:2f:00:4f:9b:a2:25:e4:5c:29:48:65:3c:a4:05:a4:71:d1:
         1f:3e:d8:83:97:06:91:6a:80:41:5f:db:8b:7d:2c:bb:ae:63:
         6c:f3:b5:2b:76:31:d2:a8:fc:db:f9:b9:13:83:b4:3d:d0:5c:
         69:f8:f9:ca:93:94:cd:b8:6d:6d:27:48:f4:07:42:df:2b:41:
         47:59:f3:88:b4:7e:5c:f2:06:21:e0:4f:08:f8:bd:30:a2:bc:
         b0:26:03:a5:b0:18:ee:b2:43:e5:75:0f:56:28:a4:2e:b5:fd:
         e7:1c:bf:c2:32:4a:d5:3f:39:56:a0:1a:3e:33:44:73:a9:6e:
         96:09:a6:2e:2b:b6:3b:86:09:04:f5:11:f8:10:ea:2b:fb:f6:
         fc:aa:98:f0:a6:e8:85:13:7c:29:41:54:32:1b:6f:fe:2e:1a:
         18:7b:cd:51
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYj9e5/4kMHFbfgjTRfmwIYNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzMTg4MTczMmEzZTI0NWE5NTliYzY3OWUwNDU4YzM5Zjg5
M2U0NmIwHhcNMjMwNjI3MTUzMTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjgwMWUyNzNkYzVkMTMwMzZjNDYxZTViZWNjN2Q0MjM0OWRkNDAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkuxLwxaoUfA6/JzcX2ParNrYDOx8
A/pLQsWwX/hqgO1/G+9/1cbtAwjrPZUnTgFRegOx1C43DrGCuzq4umn4WUU1fPT0
RUguBWxMHOZquG46v05box+hqeqGUdXoSZZryho1t2py8cbEgZcl4BCSsbZXWHBs
lu4LGYHjRZRjrouJ7AfAPgv1Eskm88o7gkNDsXjBlHJgD/L9MdJ8kVFshJPHB8Pv
uwvY3G2KbUGPzp9VqD1Q0u9i7sWtsZlG/CRrKoJHmxuULoxJp3mJSnsNI16lvE9S
NXv19i7AWZI8WbHFzQr2glloDBgHCU0ClzpcnLR06OJU6Fm+VBvkhOSURQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG+AHic9xdEwNsRh5b7MfUI0ndQCMB8GA1UdIwQY
MBaAFBMYgXMqPiRalZvGeeBFjDn4k+RrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUt
Y2Q2MTUyMjYxYzZmLzEvYjRBZUp6M0YwVEEyeEdIbHZzeDlRalNkMUFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUtY2Q2MTUyMjYxYzZm
LzEvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABbJkMA0G
CSqGSIb3DQEBCwUAA4IBAQB0YqZH4REtQBLcZHYEYN4h7SoCnS5PYmMZFkT/WXLU
VWX9S3AgUfQYwKHUxvqf6UkTPAH36ErC0j0WUt+SyaAGG/A/pNoAYrH62vZkBYqU
MdqzHxIALy+PasIHLwBPm6Il5FwpSGU8pAWkcdEfPtiDlwaRaoBBX9uLfSy7rmNs
87UrdjHSqPzb+bkTg7Q90Fxp+PnKk5TNuG1tJ0j0B0LfK0FHWfOItH5c8gYh4E8I
+L0worywJgOlsBjuskPldQ9WKKQutf3nHL/CMkrVPzlWoBo+M0RzqW6WCaYuK7Y7
hgkE9RH4EOor+/b8qpjwpuiFE3wpQVQyG2/+LhoYe81R
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:33 2024 by rpki-client on console-fra.rpki-client.org