Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/hPCAveom-P6pzFOCEJkkl7bWfyE.roa
File:                     hPCAveom-P6pzFOCEJkkl7bWfyE.roa (raw, json)
Hash identifier:          SlYxTKlQQi5nqr2LLXadUQHxAIRxVd59WixW23io+w0=
Subject key identifier:   84:F0:80:BD:EA:26:F8:FE:A9:CC:53:82:10:99:24:97:B6:D6:7F:21
Certificate issuer:       /CN=131881732a3e245a959bc679e0458c39f893e46b
Certificate serial:       018F35B6B365916B9DD8D08146AED0950067
Authority key identifier: 13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/hPCAveom-P6pzFOCEJkkl7bWfyE.roa
Signing time:             Wed 01 May 2024 19:51:56 +0000
ROA not before:           Wed 01 May 2024 19:51:56 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     16276
IP address blocks:        5.144.179.0/24 maxlen: 24
                          5.144.181.0/24 maxlen: 24
                          5.178.106.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 29 May 2024 22:05:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:35:b6:b3:65:91:6b:9d:d8:d0:81:46:ae:d0:95:00:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=131881732a3e245a959bc679e0458c39f893e46b
        Validity
            Not Before: May  1 19:51:56 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=84f080bdea26f8fea9cc538210992497b6d67f21
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:52:77:b4:15:e6:97:c6:20:36:0e:2e:de:4a:
                    2b:ea:cf:d5:de:5d:f0:3f:c6:c6:30:c2:9c:db:d8:
                    22:1d:72:79:a1:fe:5a:a9:05:77:f1:51:ce:85:b9:
                    ca:4a:34:59:4c:95:cd:24:8b:f7:72:a1:60:65:49:
                    a5:c5:7c:7f:5f:61:e3:a9:2b:f3:ea:fa:7a:d6:4e:
                    63:fe:2f:d9:8d:82:33:86:81:2e:f2:76:71:d2:13:
                    96:b4:56:ee:cc:78:d7:b6:d1:de:4f:5a:7f:45:1f:
                    a8:d0:2f:68:55:8c:b1:ba:2d:30:cd:91:ec:8a:fe:
                    be:05:cc:4a:39:84:57:93:22:f8:5e:4a:61:14:2d:
                    b3:25:79:93:cb:a4:16:44:a1:7d:e7:9e:85:fa:c1:
                    bd:fd:95:08:89:b9:07:0f:68:4d:ba:a9:5e:e9:6b:
                    3f:13:7e:ea:fa:78:6f:f9:2d:40:b9:d3:9e:d5:d5:
                    2c:29:e3:77:8d:c0:a3:eb:e9:94:08:f1:ce:8e:2f:
                    57:fd:98:db:5d:7c:b8:3b:e5:84:a9:30:4d:b3:0a:
                    e1:c7:57:93:6a:09:a5:0f:0b:5a:c3:1a:27:d1:4d:
                    d6:d6:06:c2:34:d9:45:34:26:cc:0d:55:58:d1:a5:
                    8c:4a:bb:f8:86:47:1e:73:42:9d:e4:9e:0f:de:00:
                    2d:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:F0:80:BD:EA:26:F8:FE:A9:CC:53:82:10:99:24:97:B6:D6:7F:21
            X509v3 Authority Key Identifier:
                keyid:13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/hPCAveom-P6pzFOCEJkkl7bWfyE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.144.179.0/24
                  5.144.181.0/24
                  5.178.106.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9e:a2:30:cc:8f:76:23:d7:34:1e:ba:e1:47:d8:94:c5:58:11:
         dc:99:5d:08:31:97:19:c5:4a:a4:0f:7d:ed:c7:83:4d:d7:c2:
         99:a1:42:e1:3e:70:bf:e1:bc:10:7d:05:cd:5d:61:ff:cd:84:
         d2:68:41:0e:01:4a:4a:2e:00:f5:f8:2c:7f:c8:4a:39:34:f2:
         8a:1b:07:27:c3:8e:19:48:01:45:b0:69:51:3e:8c:6f:52:7c:
         c0:b7:9f:9d:c4:bd:0f:c2:fb:bf:e7:cb:2e:09:dd:04:79:a7:
         da:f9:ac:3a:75:70:f2:7d:89:3e:f1:2f:38:d4:4c:ad:4e:45:
         f6:82:cb:e4:17:a4:96:e5:58:1c:95:f0:f7:29:74:11:34:aa:
         50:ca:bd:52:23:34:e2:0b:6b:67:80:0c:a3:a7:da:da:ed:c7:
         14:0d:94:e2:63:0c:82:88:c9:54:e8:04:0d:ef:b5:70:76:1d:
         d4:b5:1c:d2:0b:fa:e4:4b:30:d1:d1:87:f7:b2:1f:b1:d2:7f:
         e1:44:15:40:46:95:c4:4a:6a:f9:e6:e7:45:00:b6:d8:cb:82:
         a5:ac:cc:c5:2a:1d:3e:b1:17:9d:81:7e:7f:3f:e8:9a:5a:8d:
         23:d2:c0:a8:a8:79:cc:7a:3f:f4:8a:6b:82:7d:46:a3:75:4c:
         5e:65:c3:38
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY81trNlkWud2NCBRq7QlQBnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzMTg4MTczMmEzZTI0NWE5NTliYzY3OWUwNDU4YzM5Zjg5
M2U0NmIwHhcNMjQwNTAxMTk1MTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGYwODBiZGVhMjZmOGZlYTljYzUzODIxMDk5MjQ5N2I2ZDY3ZjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxFJ3tBXml8YgNg4u3kor6s/V3l3w
P8bGMMKc29giHXJ5of5aqQV38VHOhbnKSjRZTJXNJIv3cqFgZUmlxXx/X2HjqSvz
6vp61k5j/i/ZjYIzhoEu8nZx0hOWtFbuzHjXttHeT1p/RR+o0C9oVYyxui0wzZHs
iv6+BcxKOYRXkyL4XkphFC2zJXmTy6QWRKF9556F+sG9/ZUIibkHD2hNuqle6Ws/
E37q+nhv+S1AudOe1dUsKeN3jcCj6+mUCPHOji9X/ZjbXXy4O+WEqTBNswrhx1eT
agmlDwtawxon0U3W1gbCNNlFNCbMDVVY0aWMSrv4hkcec0Kd5J4P3gAtBQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFITwgL3qJvj+qcxTghCZJJe21n8hMB8GA1UdIwQY
MBaAFBMYgXMqPiRalZvGeeBFjDn4k+RrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUt
Y2Q2MTUyMjYxYzZmLzEvaFBDQXZlb20tUDZwekZPQ0VKa2tsN2JXZnlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUtY2Q2MTUyMjYxYzZm
LzEvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABZCzAwQA
BZC1AwQABbJqMA0GCSqGSIb3DQEBCwUAA4IBAQCeojDMj3Yj1zQeuuFH2JTFWBHc
mV0IMZcZxUqkD33tx4NN18KZoULhPnC/4bwQfQXNXWH/zYTSaEEOAUpKLgD1+Cx/
yEo5NPKKGwcnw44ZSAFFsGlRPoxvUnzAt5+dxL0Pwvu/58suCd0Eeafa+aw6dXDy
fYk+8S841EytTkX2gsvkF6SW5VgclfD3KXQRNKpQyr1SIzTiC2tngAyjp9ra7ccU
DZTiYwyCiMlU6AQN77Vwdh3UtRzSC/rkSzDR0Yf3sh+x0n/hRBVARpXESmr55udF
ALbYy4KlrMzFKh0+sRedgX5/P+iaWo0j0sCoqHnMej/0imuCfUajdUxeZcM4
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:33 2024 by rpki-client on console-fra.rpki-client.org