Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/eKFHu3EP0KJfn--V3Vi_Vd6u-tg.roa
File:                     eKFHu3EP0KJfn--V3Vi_Vd6u-tg.roa (raw, json)
Hash identifier:          d426mhFV017VLWHlH+e+w81IjHH7CaP0urxM3HPl3Pk=
Subject key identifier:   78:A1:47:BB:71:0F:D0:A2:5F:9F:EF:95:DD:58:BF:55:DE:AE:FA:D8
Certificate issuer:       /CN=131881732a3e245a959bc679e0458c39f893e46b
Certificate serial:       018CC64B2C66C0E5A024ACA16BFE8F800C78
Authority key identifier: 13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/eKFHu3EP0KJfn--V3Vi_Vd6u-tg.roa
Signing time:             Mon 01 Jan 2024 18:31:04 +0000
ROA not before:           Mon 01 Jan 2024 18:31:04 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     399471
IP address blocks:        5.144.179.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 10 Jan 2024 08:57:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c6:4b:2c:66:c0:e5:a0:24:ac:a1:6b:fe:8f:80:0c:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=131881732a3e245a959bc679e0458c39f893e46b
        Validity
            Not Before: Jan  1 18:31:04 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=78a147bb710fd0a25f9fef95dd58bf55deaefad8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:6c:40:71:80:d9:9f:ce:57:9c:ed:25:cd:01:
                    46:ab:dd:68:b1:49:9b:37:1d:8a:20:2a:03:6f:b6:
                    04:bc:85:c2:5c:93:c1:11:10:b7:ca:42:cf:7b:cf:
                    a2:5e:93:cd:6d:98:95:b8:8c:a7:d6:28:fb:82:d8:
                    47:a8:2e:4d:71:c4:3a:ed:b9:66:ed:db:d7:91:18:
                    14:e2:69:b7:89:03:ac:2c:f2:42:75:6b:b9:ed:96:
                    46:6b:92:30:1d:7f:ee:e5:84:fc:99:ae:67:48:43:
                    54:4c:02:2e:0f:a6:cc:6a:9e:cb:4b:f8:24:05:30:
                    1d:ef:cb:41:df:4a:3b:80:84:fd:f2:3d:40:0a:c7:
                    ae:b0:27:39:ad:36:63:ba:af:5d:cd:7e:0d:af:af:
                    65:91:f3:56:50:da:c8:bf:8e:eb:a5:36:1a:3d:93:
                    5c:73:7b:6b:02:cf:49:ea:54:dc:a1:ec:67:1f:09:
                    9e:2b:75:fe:12:a2:21:8f:11:1a:58:76:00:76:5e:
                    1c:67:f7:42:51:cc:12:08:20:4d:83:a8:dc:88:ef:
                    7d:04:7b:28:7c:bc:3e:8d:b4:87:88:66:fa:41:f1:
                    75:ab:7c:67:5e:60:88:75:d2:85:6f:be:c0:8d:05:
                    2b:f9:3b:95:71:74:44:f6:ee:2a:85:0e:0d:17:74:
                    a5:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:A1:47:BB:71:0F:D0:A2:5F:9F:EF:95:DD:58:BF:55:DE:AE:FA:D8
            X509v3 Authority Key Identifier:
                keyid:13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/eKFHu3EP0KJfn--V3Vi_Vd6u-tg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.144.179.0/24

    Signature Algorithm: sha256WithRSAEncryption
         56:5c:2e:2a:a2:2b:25:7a:4b:a8:d3:40:d0:30:af:c3:0f:42:
         94:35:d5:8c:5a:04:87:d9:d7:ac:e4:fe:d1:94:cf:ae:11:c7:
         d2:38:f7:3d:cf:ea:b8:db:46:4f:7a:4d:f8:52:b5:f1:b1:f6:
         0a:d4:97:f4:3c:27:3a:75:29:56:c9:bd:29:50:29:c1:c3:75:
         e9:67:59:d1:b1:4f:ea:6b:ba:f5:e5:9d:b9:c3:2d:47:84:13:
         1f:d9:a5:a8:47:13:65:07:74:9f:bc:d2:40:c8:ab:20:a6:24:
         d1:72:66:96:71:bc:22:96:d4:33:9a:de:57:d5:94:71:f5:c5:
         6e:8e:dc:13:6c:04:05:52:f4:ed:39:4c:2c:ed:4b:3a:d6:30:
         47:a1:9e:df:c8:e2:57:4b:7e:37:2f:9b:e5:68:2e:2f:5f:9e:
         e7:a2:85:f1:1c:fb:dc:e3:be:0d:46:16:b4:d3:bc:6b:02:40:
         dc:5a:7f:f6:1e:d6:80:67:5f:9b:bc:56:cc:99:0d:d4:11:4f:
         05:9f:98:89:40:07:e1:8d:14:ba:09:4b:ec:6b:b0:d1:3c:eb:
         5e:91:70:21:b8:01:41:01:a3:d4:5a:c3:f3:e3:9c:c7:b5:66:
         b4:3d:72:83:e9:0e:c5:2f:2a:09:c0:62:76:84:f3:ce:99:49:
         34:db:69:33
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGSyxmwOWgJKyha/6PgAx4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzMTg4MTczMmEzZTI0NWE5NTliYzY3OWUwNDU4YzM5Zjg5
M2U0NmIwHhcNMjQwMTAxMTgzMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OGExNDdiYjcxMGZkMGEyNWY5ZmVmOTVkZDU4YmY1NWRlYWVmYWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtWxAcYDZn85XnO0lzQFGq91osUmb
Nx2KICoDb7YEvIXCXJPBERC3ykLPe8+iXpPNbZiVuIyn1ij7gthHqC5NccQ67blm
7dvXkRgU4mm3iQOsLPJCdWu57ZZGa5IwHX/u5YT8ma5nSENUTAIuD6bMap7LS/gk
BTAd78tB30o7gIT98j1ACseusCc5rTZjuq9dzX4Nr69lkfNWUNrIv47rpTYaPZNc
c3trAs9J6lTcoexnHwmeK3X+EqIhjxEaWHYAdl4cZ/dCUcwSCCBNg6jciO99BHso
fLw+jbSHiGb6QfF1q3xnXmCIddKFb77AjQUr+TuVcXRE9u4qhQ4NF3Sl/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHihR7txD9CiX5/vld1Yv1XervrYMB8GA1UdIwQY
MBaAFBMYgXMqPiRalZvGeeBFjDn4k+RrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUt
Y2Q2MTUyMjYxYzZmLzEvZUtGSHUzRVAwS0pmbi0tVjNWaV9WZDZ1LXRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUtY2Q2MTUyMjYxYzZm
LzEvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABZCzMA0G
CSqGSIb3DQEBCwUAA4IBAQBWXC4qoislekuo00DQMK/DD0KUNdWMWgSH2des5P7R
lM+uEcfSOPc9z+q420ZPek34UrXxsfYK1Jf0PCc6dSlWyb0pUCnBw3XpZ1nRsU/q
a7r15Z25wy1HhBMf2aWoRxNlB3SfvNJAyKsgpiTRcmaWcbwiltQzmt5X1ZRx9cVu
jtwTbAQFUvTtOUws7Us61jBHoZ7fyOJXS343L5vlaC4vX57nooXxHPvc474NRha0
07xrAkDcWn/2HtaAZ1+bvFbMmQ3UEU8Fn5iJQAfhjRS6CUvsa7DRPOtekXAhuAFB
AaPUWsPz45zHtWa0PXKD6Q7FLyoJwGJ2hPPOmUk022kz
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:15 2024 by rpki-client on console-ams.rpki-client.org