Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/gTxnw6bqVsJmbe8fSEQ94bW165M.roa
File:                     gTxnw6bqVsJmbe8fSEQ94bW165M.roa (raw, json)
Hash identifier:          tZTlXCpoCVnnAVG2CkHFe+wWq2lf0/sPVMDwzCPUWS4=
Subject key identifier:   81:3C:67:C3:A6:EA:56:C2:66:6D:EF:1F:48:44:3D:E1:B5:B5:EB:93
Certificate issuer:       /CN=131881732a3e245a959bc679e0458c39f893e46b
Certificate serial:       0189B82EBEEF23CB5FB8888E21CDF3AE0AEC
Authority key identifier: 13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/gTxnw6bqVsJmbe8fSEQ94bW165M.roa
Signing time:             Wed 02 Aug 2023 21:36:58 +0000
ROA not before:           Wed 02 Aug 2023 21:36:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211256
IP address blocks:        5.178.103.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 25 Sep 2023 08:18:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:b8:2e:be:ef:23:cb:5f:b8:88:8e:21:cd:f3:ae:0a:ec
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=131881732a3e245a959bc679e0458c39f893e46b
        Validity
            Not Before: Aug  2 21:36:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=813c67c3a6ea56c2666def1f48443de1b5b5eb93
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:b3:46:43:e2:64:1e:b1:27:22:a6:84:73:7c:
                    b5:11:eb:17:77:d6:5b:cf:d8:65:47:b1:db:9c:a1:
                    99:da:05:30:5e:ca:5d:56:ab:98:c7:94:66:41:00:
                    67:b2:6b:23:99:ea:e4:be:c2:e3:85:9c:8b:8c:c6:
                    a1:ee:a5:43:a7:a5:fe:62:5d:ef:b6:a9:22:55:3a:
                    40:87:71:36:b7:14:d8:e4:81:8d:47:40:72:ae:10:
                    78:0c:da:9a:64:16:4b:9a:9d:31:50:48:74:65:19:
                    ff:6f:1e:d6:00:3e:1d:47:ba:15:96:9a:5d:94:77:
                    84:ff:61:9c:ae:3d:ed:0d:a0:83:23:0a:2f:79:81:
                    a1:08:b1:82:82:8e:13:bd:79:04:6c:4d:78:a3:73:
                    04:da:04:6d:7d:c0:3e:ff:c0:40:7e:0c:de:e5:85:
                    1e:ad:dd:4b:9a:24:75:bb:f7:17:9f:c1:02:83:6f:
                    ef:9f:2b:c9:d2:2e:96:55:65:3d:7c:39:6d:c3:a8:
                    3a:52:e6:42:95:2a:2d:90:18:11:5a:49:e2:f7:41:
                    72:c1:f1:eb:c3:9d:76:17:e6:ba:13:cd:b2:38:08:
                    de:62:dd:d9:41:5e:44:49:47:4b:57:e4:78:63:97:
                    46:7b:b3:ec:aa:72:38:4c:3b:f4:a8:3b:96:89:26:
                    9f:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:3C:67:C3:A6:EA:56:C2:66:6D:EF:1F:48:44:3D:E1:B5:B5:EB:93
            X509v3 Authority Key Identifier:
                keyid:13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/gTxnw6bqVsJmbe8fSEQ94bW165M.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.178.103.0/24

    Signature Algorithm: sha256WithRSAEncryption
         66:39:05:c9:06:18:fd:71:c1:2d:67:bd:de:f2:74:65:05:1c:
         65:f6:c8:33:b8:fd:36:f3:19:cc:fa:a3:49:95:72:c6:9c:82:
         9a:96:7e:c8:22:b4:d1:6c:81:d4:97:6f:d8:93:02:97:d5:80:
         b6:4c:71:cf:33:77:1e:4e:6b:43:3d:62:7b:fc:36:33:50:b6:
         ba:20:a0:1d:92:29:9a:c0:d0:0f:50:05:78:0a:42:2c:ce:a6:
         e3:e2:3c:41:11:67:e6:85:1f:a3:2f:c8:82:15:ca:ac:d4:e2:
         ec:ea:1b:2b:be:ed:36:0d:d7:03:8b:81:ed:a6:97:2f:88:a8:
         75:95:b6:91:82:66:22:f3:e6:96:3d:c8:01:1d:ae:7e:e5:4b:
         be:e8:cd:2a:24:a8:e7:c3:a4:4f:70:a2:a7:7c:2b:b1:5d:15:
         af:c5:13:29:6d:58:ba:81:89:26:03:e9:b0:1a:21:ab:14:77:
         11:6d:7a:71:20:47:64:36:f8:ba:ef:79:72:53:2c:5b:b2:57:
         6c:d2:f8:aa:11:36:60:b9:32:35:29:d2:bf:80:81:d0:23:93:
         2d:72:90:7a:cf:6a:32:27:54:0e:17:25:7f:f8:4b:4c:b2:99:
         43:2e:6d:4d:f7:99:57:77:8a:47:f4:9e:64:8a:ff:54:18:cb:
         82:4c:ab:02
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYm4Lr7vI8tfuIiOIc3zrgrsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzMTg4MTczMmEzZTI0NWE5NTliYzY3OWUwNDU4YzM5Zjg5
M2U0NmIwHhcNMjMwODAyMjEzNjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTNjNjdjM2E2ZWE1NmMyNjY2ZGVmMWY0ODQ0M2RlMWI1YjVlYjkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkbNGQ+JkHrEnIqaEc3y1EesXd9Zb
z9hlR7HbnKGZ2gUwXspdVquYx5RmQQBnsmsjmerkvsLjhZyLjMah7qVDp6X+Yl3v
tqkiVTpAh3E2txTY5IGNR0ByrhB4DNqaZBZLmp0xUEh0ZRn/bx7WAD4dR7oVlppd
lHeE/2Gcrj3tDaCDIwoveYGhCLGCgo4TvXkEbE14o3ME2gRtfcA+/8BAfgze5YUe
rd1LmiR1u/cXn8ECg2/vnyvJ0i6WVWU9fDltw6g6UuZClSotkBgRWkni90FywfHr
w512F+a6E82yOAjeYt3ZQV5ESUdLV+R4Y5dGe7PsqnI4TDv0qDuWiSafCwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIE8Z8Om6lbCZm3vH0hEPeG1teuTMB8GA1UdIwQY
MBaAFBMYgXMqPiRalZvGeeBFjDn4k+RrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUt
Y2Q2MTUyMjYxYzZmLzEvZ1R4bnc2YnFWc0ptYmU4ZlNFUTk0YlcxNjVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUtY2Q2MTUyMjYxYzZm
LzEvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABbJnMA0G
CSqGSIb3DQEBCwUAA4IBAQBmOQXJBhj9ccEtZ73e8nRlBRxl9sgzuP028xnM+qNJ
lXLGnIKaln7IIrTRbIHUl2/YkwKX1YC2THHPM3ceTmtDPWJ7/DYzULa6IKAdkima
wNAPUAV4CkIszqbj4jxBEWfmhR+jL8iCFcqs1OLs6hsrvu02DdcDi4HtppcviKh1
lbaRgmYi8+aWPcgBHa5+5Uu+6M0qJKjnw6RPcKKnfCuxXRWvxRMpbVi6gYkmA+mw
GiGrFHcRbXpxIEdkNvi673lyUyxbslds0viqETZguTI1KdK/gIHQI5MtcpB6z2oy
J1QOFyV/+EtMsplDLm1N95lXd4pH9J5kiv9UGMuCTKsC
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:15 2024 by rpki-client on console-ams.rpki-client.org