Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/lk97usttrQipqB2jTA47GPMDtgI.roa
File:                     lk97usttrQipqB2jTA47GPMDtgI.roa (raw, json)
Hash identifier:          4yX0RrwXf6VGp2r2j3Exg7O62phBUar68MNTEhrMXoY=
Subject key identifier:   96:4F:7B:BA:CB:6D:AD:08:A9:A8:1D:A3:4C:0E:3B:18:F3:03:B6:02
Certificate issuer:       /CN=131881732a3e245a959bc679e0458c39f893e46b
Certificate serial:       018CC16EE099BDAA2C898B3E36AE5C9CFAD1
Authority key identifier: 13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/lk97usttrQipqB2jTA47GPMDtgI.roa
Signing time:             Sun 31 Dec 2023 19:51:58 +0000
ROA not before:           Sun 31 Dec 2023 19:51:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     16276
IP address blocks:        5.144.178.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 13:22:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c1:6e:e0:99:bd:aa:2c:89:8b:3e:36:ae:5c:9c:fa:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=131881732a3e245a959bc679e0458c39f893e46b
        Validity
            Not Before: Dec 31 19:51:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=964f7bbacb6dad08a9a81da34c0e3b18f303b602
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:f2:ad:5e:7a:2a:47:ca:0e:7e:78:f6:aa:b8:
                    66:5c:20:fc:49:ed:7e:d0:7b:8f:8a:8f:50:ba:25:
                    65:57:07:fb:20:3b:6c:6e:77:1c:31:9f:12:15:54:
                    5d:b9:11:c6:95:4a:c6:75:34:80:e8:b0:88:f7:bf:
                    8c:e9:54:82:aa:ae:65:1f:49:3e:fa:e7:3d:99:56:
                    e2:04:a5:aa:02:ca:f3:b8:ab:36:31:78:81:19:8b:
                    58:22:6b:4c:25:12:e1:7b:ec:58:a4:dc:b8:85:6f:
                    d6:bd:9b:6e:a7:ed:87:ce:e1:68:3b:2e:9b:19:57:
                    51:2e:ec:f0:f5:54:59:1e:42:bb:b8:04:6c:80:e5:
                    88:c3:c7:64:df:ee:55:bf:76:75:e7:d8:5b:23:6e:
                    fc:30:bc:b8:6b:a6:84:04:55:77:23:9b:46:9a:e0:
                    10:31:71:c0:46:8c:55:3d:ee:49:8d:04:43:78:44:
                    31:0e:1b:25:fd:df:fa:ae:81:59:4e:33:58:5a:ae:
                    14:67:07:52:77:96:61:45:ab:88:d9:8d:a7:bb:a7:
                    b0:cb:dc:e2:90:f7:33:89:07:e1:42:19:55:10:80:
                    bc:a8:62:5a:3f:c5:bd:0f:09:3f:0b:fe:af:0e:26:
                    ca:d6:7c:67:5a:e5:3e:8a:e5:90:fb:72:82:a2:fd:
                    1f:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:4F:7B:BA:CB:6D:AD:08:A9:A8:1D:A3:4C:0E:3B:18:F3:03:B6:02
            X509v3 Authority Key Identifier:
                keyid:13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/lk97usttrQipqB2jTA47GPMDtgI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.144.178.0/24

    Signature Algorithm: sha256WithRSAEncryption
         bc:7d:fe:9b:e5:a2:e7:c2:ca:2e:cf:a0:ab:af:54:a7:d4:05:
         b9:95:55:38:0d:6b:67:b0:09:0c:e0:a5:4e:51:4a:1a:2c:ac:
         90:a9:73:9b:37:ef:50:9c:be:cb:8f:6e:fb:ec:af:c3:14:79:
         73:b9:03:c0:bc:c0:aa:db:05:42:f4:e4:17:8d:b9:0e:8f:fc:
         ff:76:14:a7:6b:d2:b0:7c:1c:08:72:f2:8d:1c:bf:a4:7f:65:
         9d:1e:e6:72:2d:fc:49:5e:36:8a:9f:d3:cd:dc:54:f1:9a:79:
         9a:ed:2d:f5:cd:ab:5b:db:2e:c2:42:06:d4:ca:70:81:4f:c2:
         22:33:6a:ba:13:61:2c:59:c2:68:ac:8d:2b:3e:34:f1:06:3d:
         96:52:1b:5d:3f:4d:b4:fe:af:7d:f5:c6:3e:6a:0b:6d:30:f7:
         74:f2:3c:e7:fe:17:2d:f9:88:26:e3:6c:a8:1f:20:4d:26:ef:
         cb:b6:a5:d9:45:bf:44:cd:ee:14:f8:1d:6d:ee:ce:08:35:c4:
         6a:3d:40:38:49:44:c0:7c:39:f4:b3:5d:18:f0:ae:77:45:68:
         24:9b:f3:ee:ae:96:b3:d0:5b:08:29:e4:b5:4f:d4:a3:c8:0d:
         a8:c4:f1:31:fc:f8:ae:cf:50:81:55:ee:51:bc:8b:04:9f:76:
         b2:2d:61:fe
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzBbuCZvaosiYs+Nq5cnPrRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzMTg4MTczMmEzZTI0NWE5NTliYzY3OWUwNDU4YzM5Zjg5
M2U0NmIwHhcNMjMxMjMxMTk1MTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjRmN2JiYWNiNmRhZDA4YTlhODFkYTM0YzBlM2IxOGYzMDNiNjAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArvKtXnoqR8oOfnj2qrhmXCD8Se1+
0HuPio9QuiVlVwf7IDtsbnccMZ8SFVRduRHGlUrGdTSA6LCI97+M6VSCqq5lH0k+
+uc9mVbiBKWqAsrzuKs2MXiBGYtYImtMJRLhe+xYpNy4hW/WvZtup+2HzuFoOy6b
GVdRLuzw9VRZHkK7uARsgOWIw8dk3+5Vv3Z159hbI278MLy4a6aEBFV3I5tGmuAQ
MXHARoxVPe5JjQRDeEQxDhsl/d/6roFZTjNYWq4UZwdSd5ZhRauI2Y2nu6ewy9zi
kPcziQfhQhlVEIC8qGJaP8W9Dwk/C/6vDibK1nxnWuU+iuWQ+3KCov0fvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJZPe7rLba0Iqagdo0wOOxjzA7YCMB8GA1UdIwQY
MBaAFBMYgXMqPiRalZvGeeBFjDn4k+RrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUt
Y2Q2MTUyMjYxYzZmLzEvbGs5N3VzdHRyUWlwcUIyalRBNDdHUE1EdGdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUtY2Q2MTUyMjYxYzZm
LzEvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABZCyMA0G
CSqGSIb3DQEBCwUAA4IBAQC8ff6b5aLnwsouz6Crr1Sn1AW5lVU4DWtnsAkM4KVO
UUoaLKyQqXObN+9QnL7Lj2777K/DFHlzuQPAvMCq2wVC9OQXjbkOj/z/dhSna9Kw
fBwIcvKNHL+kf2WdHuZyLfxJXjaKn9PN3FTxmnma7S31zatb2y7CQgbUynCBT8Ii
M2q6E2EsWcJorI0rPjTxBj2WUhtdP020/q999cY+agttMPd08jzn/hct+Ygm42yo
HyBNJu/LtqXZRb9Eze4U+B1t7s4INcRqPUA4SUTAfDn0s10Y8K53RWgkm/Purpaz
0FsIKeS1T9SjyA2oxPEx/Piuz1CBVe5RvIsEn3ayLWH+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:33 2024 by rpki-client on console-fra.rpki-client.org