Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/iajrEMNfof51rzr_MxdCQu5qL24.roa
File:                     iajrEMNfof51rzr_MxdCQu5qL24.roa (raw, json)
Hash identifier:          Y0kyooe457tZRTnjBY0GcaM2B+CgeLDelnWJk4+fyr8=
Subject key identifier:   89:A8:EB:10:C3:5F:A1:FE:75:AF:3A:FF:33:17:42:42:EE:6A:2F:6E
Certificate issuer:       /CN=131881732a3e245a959bc679e0458c39f893e46b
Certificate serial:       018CD357AF0A548BAEA7E43524CCFC6BAFD8
Authority key identifier: 13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/iajrEMNfof51rzr_MxdCQu5qL24.roa
Signing time:             Thu 04 Jan 2024 07:19:48 +0000
ROA not before:           Thu 04 Jan 2024 07:19:48 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     197789
IP address blocks:        5.144.176.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 01 Feb 2024 13:24:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:d3:57:af:0a:54:8b:ae:a7:e4:35:24:cc:fc:6b:af:d8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=131881732a3e245a959bc679e0458c39f893e46b
        Validity
            Not Before: Jan  4 07:19:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=89a8eb10c35fa1fe75af3aff33174242ee6a2f6e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:c9:fc:71:16:26:a2:37:a2:ea:59:4a:95:3a:
                    dd:35:de:0f:f7:fb:c6:ee:a2:fd:da:b3:5e:66:29:
                    ad:1e:ce:52:5c:15:94:c6:31:3e:1d:04:ac:b2:c7:
                    1a:10:4d:9a:dd:1a:14:29:f3:c8:3a:75:d5:a0:de:
                    52:8d:7f:3f:1d:1c:b2:42:54:9e:49:6f:d7:92:1f:
                    cb:89:73:34:4e:8f:f9:11:94:b3:21:2f:05:9f:fe:
                    01:87:11:3d:b4:30:f6:ab:51:0f:f8:36:66:90:b2:
                    b5:77:e2:c4:be:e0:25:c3:ef:87:13:31:dd:ca:8c:
                    34:c0:6a:6e:a7:22:14:cd:43:7b:55:79:6e:c1:8d:
                    08:32:aa:4b:e5:a4:10:d2:1e:a6:61:f9:7b:03:09:
                    4a:d7:97:6f:29:d3:aa:89:9b:9f:80:94:c4:e2:b0:
                    0d:c8:7b:31:54:70:4f:da:1d:f7:f5:73:78:be:3d:
                    4c:2f:cc:70:2a:19:bc:ec:a0:b1:94:7b:bd:e7:48:
                    f2:46:7d:01:f7:c4:94:19:51:d3:74:c5:74:09:4c:
                    4b:ed:d5:af:ce:ca:be:b5:03:6e:3e:7a:f3:56:e5:
                    71:64:99:ac:c5:37:88:2d:6e:62:c6:c2:d2:3f:19:
                    ce:9e:33:67:e5:f5:02:dd:78:e3:9d:4a:88:75:6a:
                    1e:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:A8:EB:10:C3:5F:A1:FE:75:AF:3A:FF:33:17:42:42:EE:6A:2F:6E
            X509v3 Authority Key Identifier:
                keyid:13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/iajrEMNfof51rzr_MxdCQu5qL24.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.144.176.0/24

    Signature Algorithm: sha256WithRSAEncryption
         cf:0e:a0:22:f7:f2:30:c5:c2:21:14:66:ea:90:39:63:29:da:
         27:d2:bb:8a:9b:19:2a:b1:b3:c2:d5:40:b2:b4:13:02:98:85:
         32:22:67:bf:23:28:2a:b6:85:c3:e8:5c:77:d6:01:7d:fe:7a:
         d6:38:4b:5b:43:01:95:4a:b5:a3:82:3d:85:1f:3e:04:1b:25:
         15:d1:7c:38:20:9d:14:61:15:11:9e:45:bb:47:50:5a:eb:c6:
         c4:47:65:88:1b:4e:b3:f1:b2:c9:ea:36:51:cc:81:5a:3f:5b:
         48:74:4f:9a:a3:6f:ba:6f:97:c8:d7:2f:29:e6:16:c2:c5:ff:
         4e:63:60:71:f0:5d:68:36:35:ef:9d:ec:61:18:81:4f:c6:8f:
         3c:52:54:f9:df:6e:83:26:b9:d9:32:f4:c9:54:ca:66:a6:9c:
         d3:a5:f6:19:ab:9b:da:1a:82:42:46:61:63:29:b3:87:46:5a:
         3b:22:36:f1:2f:0b:db:9f:25:12:ca:de:a2:bb:a9:6c:8c:7d:
         c3:1f:ed:ad:a7:a3:6a:5c:60:0a:14:69:5a:c5:43:e0:52:54:
         e0:c6:e5:ad:cf:db:50:4c:e2:39:f8:2b:72:7a:5a:b1:3f:9a:
         e9:49:7b:a3:2a:a6:96:3d:6d:b3:fc:42:2a:df:ce:7e:94:54:
         cd:70:ec:25
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzTV68KVIuup+Q1JMz8a6/YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzMTg4MTczMmEzZTI0NWE5NTliYzY3OWUwNDU4YzM5Zjg5
M2U0NmIwHhcNMjQwMTA0MDcxOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWE4ZWIxMGMzNWZhMWZlNzVhZjNhZmYzMzE3NDI0MmVlNmEyZjZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg8n8cRYmojei6llKlTrdNd4P9/vG
7qL92rNeZimtHs5SXBWUxjE+HQSssscaEE2a3RoUKfPIOnXVoN5SjX8/HRyyQlSe
SW/Xkh/LiXM0To/5EZSzIS8Fn/4BhxE9tDD2q1EP+DZmkLK1d+LEvuAlw++HEzHd
yow0wGpupyIUzUN7VXluwY0IMqpL5aQQ0h6mYfl7AwlK15dvKdOqiZufgJTE4rAN
yHsxVHBP2h339XN4vj1ML8xwKhm87KCxlHu950jyRn0B98SUGVHTdMV0CUxL7dWv
zsq+tQNuPnrzVuVxZJmsxTeILW5ixsLSPxnOnjNn5fUC3XjjnUqIdWoeFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFImo6xDDX6H+da86/zMXQkLuai9uMB8GA1UdIwQY
MBaAFBMYgXMqPiRalZvGeeBFjDn4k+RrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUt
Y2Q2MTUyMjYxYzZmLzEvaWFqckVNTmZvZjUxcnpyX014ZENRdTVxTDI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUtY2Q2MTUyMjYxYzZm
LzEvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABZCwMA0G
CSqGSIb3DQEBCwUAA4IBAQDPDqAi9/IwxcIhFGbqkDljKdon0ruKmxkqsbPC1UCy
tBMCmIUyIme/IygqtoXD6Fx31gF9/nrWOEtbQwGVSrWjgj2FHz4EGyUV0Xw4IJ0U
YRURnkW7R1Ba68bER2WIG06z8bLJ6jZRzIFaP1tIdE+ao2+6b5fI1y8p5hbCxf9O
Y2Bx8F1oNjXvnexhGIFPxo88UlT5326DJrnZMvTJVMpmppzTpfYZq5vaGoJCRmFj
KbOHRlo7IjbxLwvbnyUSyt6iu6lsjH3DH+2tp6NqXGAKFGlaxUPgUlTgxuWtz9tQ
TOI5+CtyelqxP5rpSXujKqaWPW2z/EIq385+lFTNcOwl
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:33 2024 by rpki-client on console-fra.rpki-client.org