Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/153788-14b7-4551-9ade-6aea9057c800/1/_X5dVFAQrj0fNdjkDgYX2j_73yU.roa
File:                     _X5dVFAQrj0fNdjkDgYX2j_73yU.roa (raw, json)
Hash identifier:          UOm4+hAInroU88aTZ0Hp60B79eSGByAITggkU+Vz7I4=
Subject key identifier:   FD:7E:5D:54:50:10:AE:3D:1F:35:D8:E4:0E:06:17:DA:3F:FB:DF:25
Certificate issuer:       /CN=aeb66ec5e8f2405f6f8d486e73fb82b8de0dee0f
Certificate serial:       018570D519C81AC583DD267DFEFF08CC7427
Authority key identifier: AE:B6:6E:C5:E8:F2:40:5F:6F:8D:48:6E:73:FB:82:B8:DE:0D:EE:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rrZuxejyQF9vjUhuc_uCuN4N7g8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/32/153788-14b7-4551-9ade-6aea9057c800/1/_X5dVFAQrj0fNdjkDgYX2j_73yU.roa
Signing time:             Mon 02 Jan 2023 04:54:51 +0000
ROA not before:           Mon 02 Jan 2023 04:54:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     397192
IP address blocks:        78.143.245.0/24 maxlen: 24
                          78.143.247.0/24 maxlen: 24
                          5.226.176.0/21 maxlen: 24
                          2a03:a860:a00::/40 maxlen: 48
                          2a03:a860:51::/48 maxlen: 48
                          2a03:a860:61::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:29:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:d5:19:c8:1a:c5:83:dd:26:7d:fe:ff:08:cc:74:27
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aeb66ec5e8f2405f6f8d486e73fb82b8de0dee0f
        Validity
            Not Before: Jan  2 04:54:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=fd7e5d545010ae3d1f35d8e40e0617da3ffbdf25
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:ec:af:f9:7e:04:26:b2:77:fa:22:76:46:be:
                    ce:0f:14:6d:aa:0b:4d:64:02:8e:df:03:ba:ff:bf:
                    49:3c:4c:b0:32:53:af:fe:df:65:a4:0e:d4:3a:07:
                    80:46:94:c8:94:f5:6d:45:80:40:5e:09:7f:84:0f:
                    86:be:c8:54:e7:23:de:69:0d:a3:89:0a:9a:1b:d2:
                    c1:39:fb:f5:8b:8e:9b:8e:c3:3d:c0:84:a1:7f:d5:
                    ff:be:f0:f2:75:50:3e:39:20:29:41:92:e3:d5:21:
                    70:27:89:be:e8:b8:fc:35:f6:69:ca:25:74:e0:29:
                    89:d3:a7:c6:6e:43:18:57:96:e5:e8:ad:3d:60:fb:
                    41:01:cc:44:e6:89:1f:db:69:07:e0:5a:65:55:46:
                    de:56:8d:71:1f:b4:aa:7c:51:19:7c:6c:9b:0d:13:
                    78:83:4b:ec:56:44:96:63:39:36:82:da:2b:ec:7d:
                    d2:ad:79:64:fb:f8:6d:74:c3:25:73:ae:cd:0a:7b:
                    03:bf:da:8e:0c:39:50:82:34:6b:55:c6:c8:fe:ea:
                    dc:2c:8f:e4:bf:6d:8c:86:3f:46:e6:a8:57:b9:87:
                    69:17:cd:42:34:2c:7d:2f:28:c6:55:f9:2c:b4:9d:
                    f5:58:bb:f1:08:be:6e:81:67:32:a3:e8:4b:e5:94:
                    72:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:7E:5D:54:50:10:AE:3D:1F:35:D8:E4:0E:06:17:DA:3F:FB:DF:25
            X509v3 Authority Key Identifier:
                keyid:AE:B6:6E:C5:E8:F2:40:5F:6F:8D:48:6E:73:FB:82:B8:DE:0D:EE:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rrZuxejyQF9vjUhuc_uCuN4N7g8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/153788-14b7-4551-9ade-6aea9057c800/1/_X5dVFAQrj0fNdjkDgYX2j_73yU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/32/153788-14b7-4551-9ade-6aea9057c800/1/rrZuxejyQF9vjUhuc_uCuN4N7g8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.226.176.0/21
                  78.143.245.0/24
                  78.143.247.0/24
                IPv6:
                  2a03:a860:51::/48
                  2a03:a860:61::/48
                  2a03:a860:a00::/40

    Signature Algorithm: sha256WithRSAEncryption
         8a:f5:0a:66:17:a4:b4:e6:4d:5f:e1:da:c9:16:e8:9d:b0:92:
         8e:eb:64:26:7c:d7:4c:0e:b5:f8:88:e3:b1:48:f3:97:6b:8f:
         85:9c:7f:ff:f3:52:53:9a:69:b3:7d:bf:b4:d3:a9:7c:20:8d:
         6e:71:83:92:ad:dc:42:cb:2a:99:72:f8:f2:8f:ca:07:f8:d0:
         a1:7f:0c:f7:36:73:43:de:95:38:80:a5:ea:28:b3:f6:77:04:
         0f:ef:97:39:78:7f:7c:6d:2f:32:7d:77:0a:36:d3:19:5a:b6:
         b3:61:8c:a2:ea:f1:5a:5b:37:86:49:69:1f:d9:76:e3:af:1f:
         17:62:9b:25:6d:4d:54:cf:d2:71:5f:44:71:d7:4e:d5:10:7f:
         52:9a:8c:1e:7c:ad:e5:93:43:df:80:76:f1:94:f4:6f:db:01:
         41:1d:8f:7f:c5:d1:19:24:08:c8:cc:17:7f:6f:5b:3e:f7:e2:
         93:0b:bf:9f:2e:bc:11:28:12:43:88:86:94:5a:98:9e:bd:ef:
         f5:42:ba:f7:cc:98:f4:a9:2a:d0:dc:ce:7d:3d:df:b3:f9:ad:
         c3:6c:18:9b:f7:e2:9a:8d:df:07:25:e7:0e:15:ac:09:10:44:
         90:bb:e7:14:f5:6a:2e:29:9d:fd:3e:a0:8d:0f:5f:78:4c:d3:
         34:96:fd:5a
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYVw1RnIGsWD3SZ9/v8IzHQnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlYjY2ZWM1ZThmMjQwNWY2ZjhkNDg2ZTczZmI4MmI4ZGUw
ZGVlMGYwHhcNMjMwMTAyMDQ1NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDdlNWQ1NDUwMTBhZTNkMWYzNWQ4ZTQwZTA2MTdkYTNmZmJkZjI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn+yv+X4EJrJ3+iJ2Rr7ODxRtqgtN
ZAKO3wO6/79JPEywMlOv/t9lpA7UOgeARpTIlPVtRYBAXgl/hA+GvshU5yPeaQ2j
iQqaG9LBOfv1i46bjsM9wIShf9X/vvDydVA+OSApQZLj1SFwJ4m+6Lj8NfZpyiV0
4CmJ06fGbkMYV5bl6K09YPtBAcxE5okf22kH4FplVUbeVo1xH7SqfFEZfGybDRN4
g0vsVkSWYzk2gtor7H3SrXlk+/htdMMlc67NCnsDv9qODDlQgjRrVcbI/urcLI/k
v22Mhj9G5qhXuYdpF81CNCx9LyjGVfkstJ31WLvxCL5ugWcyo+hL5ZRyMQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFP1+XVRQEK49HzXY5A4GF9o/+98lMB8GA1UdIwQY
MBaAFK62bsXo8kBfb41IbnP7grjeDe4PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnJadXhlanlRRjl2alVodWNfdUN1TjRON2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi8xNTM3ODgtMTRiNy00NTUxLTlhZGUt
NmFlYTkwNTdjODAwLzEvX1g1ZFZGQVFyajBmTmRqa0RnWVgyal83M3lVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi8xNTM3ODgtMTRiNy00NTUxLTlhZGUtNmFlYTkwNTdjODAw
LzEvcnJadXhlanlRRjl2alVodWNfdUN1TjRON2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAYBAIAATASAwQDBeKwAwQA
To/1AwQATo/3MCAEAgACMBoDBwAqA6hgAFEDBwAqA6hgAGEDBgAqA6hgCjANBgkq
hkiG9w0BAQsFAAOCAQEAivUKZhektOZNX+HayRbonbCSjutkJnzXTA61+IjjsUjz
l2uPhZx///NSU5pps32/tNOpfCCNbnGDkq3cQssqmXL48o/KB/jQoX8M9zZzQ96V
OICl6iiz9ncED++XOXh/fG0vMn13CjbTGVq2s2GMourxWls3hklpH9l2468fF2Kb
JW1NVM/ScV9EcddO1RB/UpqMHnyt5ZND34B28ZT0b9sBQR2Pf8XRGSQIyMwXf29b
Pvfikwu/ny68ESgSQ4iGlFqYnr3v9UK698yY9Kkq0NzOfT3fs/mtw2wYm/fimo3f
ByXnDhWsCRBEkLvnFPVqLimd/T6gjQ9feEzTNJb9Wg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:39 2024 by rpki-client on console-fra.rpki-client.org