Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/e1_DRKZsnggVAmNkZJk4mRx1eBM.roa
File:                     e1_DRKZsnggVAmNkZJk4mRx1eBM.roa (raw, json)
Hash identifier:          W8sA6GjhrfwYzbc4uNcFyVigg7ibxBVlDzMS+U1GIZk=
Subject key identifier:   7B:5F:C3:44:A6:6C:9E:08:15:02:63:64:64:99:38:99:1C:75:78:13
Certificate issuer:       /CN=00e4f6a77368b7cecfe67220b436576b1e008aec
Certificate serial:       0185CE0D5A89960AA1C66CDCA3C33E2624B2
Authority key identifier: 00:E4:F6:A7:73:68:B7:CE:CF:E6:72:20:B4:36:57:6B:1E:00:8A:EC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AOT2p3Not87P5nIgtDZXax4Aiuw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/e1_DRKZsnggVAmNkZJk4mRx1eBM.roa
Signing time:             Fri 20 Jan 2023 07:20:59 +0000
ROA not before:           Fri 20 Jan 2023 07:20:59 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     210756
IP address blocks:        5.181.26.0/24 maxlen: 24
                          2a03:90c0:b0::/44 maxlen: 44

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:30:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:ce:0d:5a:89:96:0a:a1:c6:6c:dc:a3:c3:3e:26:24:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=00e4f6a77368b7cecfe67220b436576b1e008aec
        Validity
            Not Before: Jan 20 07:20:59 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7b5fc344a66c9e0815026364649938991c757813
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:2f:91:11:18:b3:30:fd:73:31:8e:41:55:59:
                    71:39:99:0f:cf:69:f9:36:6f:0f:9a:97:34:10:25:
                    a4:45:2b:5b:38:78:c5:3e:4c:c0:f5:2d:5f:a2:d4:
                    b1:ff:7d:fc:96:c6:8f:43:44:40:c3:38:8d:8d:27:
                    4f:b4:fd:e2:8c:7f:df:68:f2:72:59:e0:34:9c:73:
                    9d:df:c6:1b:68:38:9a:5e:c8:d3:b0:a5:11:00:c8:
                    9b:96:80:6f:d0:64:53:4a:6f:de:0c:70:83:2e:2d:
                    31:25:b1:95:30:45:8e:da:1a:e6:5a:2c:8c:99:ab:
                    a8:16:ad:c4:59:e0:2c:b9:52:58:a6:02:29:05:9b:
                    d2:ef:85:39:e2:71:1f:4c:fe:21:51:d5:8e:b8:f5:
                    3c:3a:3d:c7:67:02:53:c1:02:73:0b:9a:43:0c:a9:
                    b2:1c:6f:35:19:34:38:93:04:d8:87:27:30:23:e0:
                    42:25:2a:cb:a7:de:2d:cf:18:66:47:cd:39:24:90:
                    48:9f:1b:91:9d:3b:4b:af:00:cf:86:30:c4:9d:dd:
                    4a:ee:2e:26:6b:0f:45:a6:de:f0:78:27:4e:fd:69:
                    10:e8:e4:f7:16:c3:a8:1e:e3:e1:d8:6e:7e:0f:01:
                    5a:7d:30:c4:65:34:dd:51:10:6b:aa:05:dc:5e:c4:
                    47:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:5F:C3:44:A6:6C:9E:08:15:02:63:64:64:99:38:99:1C:75:78:13
            X509v3 Authority Key Identifier:
                keyid:00:E4:F6:A7:73:68:B7:CE:CF:E6:72:20:B4:36:57:6B:1E:00:8A:EC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AOT2p3Not87P5nIgtDZXax4Aiuw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/e1_DRKZsnggVAmNkZJk4mRx1eBM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/AOT2p3Not87P5nIgtDZXax4Aiuw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.181.26.0/24
                IPv6:
                  2a03:90c0:b0::/44

    Signature Algorithm: sha256WithRSAEncryption
         0e:15:d3:c2:7c:f2:b0:e5:cf:4b:d3:f3:6c:c5:30:54:c0:bd:
         8a:d2:e5:e0:c0:1a:8a:c5:a7:19:88:46:4d:12:3b:21:b6:68:
         1b:2a:7b:c4:53:bc:16:0a:b9:f7:8b:80:49:8b:54:e1:ad:d5:
         98:d1:22:42:80:0f:6b:d3:77:21:b7:38:2c:50:2d:ee:a0:41:
         d8:64:13:bc:ce:6b:3c:3a:b5:3a:c3:fa:25:9b:5b:5b:f2:d2:
         07:75:bf:08:b2:02:e4:a9:6a:2c:a3:73:f9:08:fd:b2:81:57:
         6c:a9:0c:79:56:1c:08:e4:fd:fe:2c:de:64:59:e1:97:51:16:
         e8:4c:a5:8b:a2:89:69:e2:e2:b6:d5:64:1a:ac:0b:b3:7c:71:
         9b:06:63:11:1b:43:63:77:5f:d2:b8:dc:92:c0:2f:58:c3:7f:
         0f:f2:22:f8:37:56:ec:56:a4:42:86:22:cd:ac:8b:e2:bd:bc:
         2e:05:49:1f:e6:de:c3:35:d9:23:48:f9:2f:c5:2f:84:88:fe:
         f7:95:99:94:84:c2:5a:57:38:4b:0c:21:84:05:bc:a5:83:0d:
         f8:1d:cd:be:3f:7b:1f:ad:15:df:37:57:95:bf:95:a1:64:eb:
         61:57:86:f1:26:98:cb:0b:cf:4d:5e:fc:ff:15:c9:8b:3c:39:
         26:01:38:9e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYXODVqJlgqhxmzco8M+JiSyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwZTRmNmE3NzM2OGI3Y2VjZmU2NzIyMGI0MzY1NzZiMWUw
MDhhZWMwHhcNMjMwMTIwMDcyMDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjVmYzM0NGE2NmM5ZTA4MTUwMjYzNjQ2NDk5Mzg5OTFjNzU3ODEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyi+RERizMP1zMY5BVVlxOZkPz2n5
Nm8Pmpc0ECWkRStbOHjFPkzA9S1fotSx/338lsaPQ0RAwziNjSdPtP3ijH/faPJy
WeA0nHOd38YbaDiaXsjTsKURAMibloBv0GRTSm/eDHCDLi0xJbGVMEWO2hrmWiyM
mauoFq3EWeAsuVJYpgIpBZvS74U54nEfTP4hUdWOuPU8Oj3HZwJTwQJzC5pDDKmy
HG81GTQ4kwTYhycwI+BCJSrLp94tzxhmR805JJBInxuRnTtLrwDPhjDEnd1K7i4m
aw9Fpt7weCdO/WkQ6OT3FsOoHuPh2G5+DwFafTDEZTTdURBrqgXcXsRHdQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHtfw0SmbJ4IFQJjZGSZOJkcdXgTMB8GA1UdIwQY
MBaAFADk9qdzaLfOz+ZyILQ2V2seAIrsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQU9UMnAzTm90ODdQNW5JZ3REWlhheDRBaXV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS82NTJkYTktYWZjNC00ZTIwLTgyZmMt
YjA3ZDg0MTZhZTRhLzEvZTFfRFJLWnNuZ2dWQW1Oa1pKazRtUngxZUJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS82NTJkYTktYWZjNC00ZTIwLTgyZmMtYjA3ZDg0MTZhZTRh
LzEvQU9UMnAzTm90ODdQNW5JZ3REWlhheDRBaXV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQABbUaMA8E
AgACMAkDBwQqA5DAALAwDQYJKoZIhvcNAQELBQADggEBAA4V08J88rDlz0vT82zF
MFTAvYrS5eDAGorFpxmIRk0SOyG2aBsqe8RTvBYKufeLgEmLVOGt1ZjRIkKAD2vT
dyG3OCxQLe6gQdhkE7zOazw6tTrD+iWbW1vy0gd1vwiyAuSpaiyjc/kI/bKBV2yp
DHlWHAjk/f4s3mRZ4ZdRFuhMpYuiiWni4rbVZBqsC7N8cZsGYxEbQ2N3X9K43JLA
L1jDfw/yIvg3VuxWpEKGIs2si+K9vC4FSR/m3sM12SNI+S/FL4SI/veVmZSEwlpX
OEsMIYQFvKWDDfgdzb4/ex+tFd83V5W/laFk62FXhvEmmMsLz01e/P8VyYs8OSYB
OJ4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:34 2024 by rpki-client on console-fra.rpki-client.org