Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/5Ldu7XCLQdglPaBbJXjgww1PDJs.roa
File:                     5Ldu7XCLQdglPaBbJXjgww1PDJs.roa (raw, json)
Hash identifier:          8hxT53RLlNwpRK1u0DFk+J2zsjmQtgxWyNKrp+0tXrA=
Subject key identifier:   E4:B7:6E:ED:70:8B:41:D8:25:3D:A0:5B:25:78:E0:C3:0D:4F:0C:9B
Certificate issuer:       /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial:       018E965F33D370FF225F33721D09E136DADC
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/5Ldu7XCLQdglPaBbJXjgww1PDJs.roa
Signing time:             Sun 31 Mar 2024 21:16:45 +0000
ROA not before:           Sun 31 Mar 2024 21:16:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     834
IP address blocks:        188.209.132.0/22 maxlen: 24
                          188.209.133.0/24 maxlen: 24
                          188.209.134.0/24 maxlen: 24
                          188.209.139.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 04 Apr 2024 15:06:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:96:5f:33:d3:70:ff:22:5f:33:72:1d:09:e1:36:da:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
        Validity
            Not Before: Mar 31 21:16:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=e4b76eed708b41d8253da05b2578e0c30d4f0c9b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:34:25:4f:7f:a3:cf:13:ff:e8:11:7e:93:6b:
                    23:3f:87:78:79:df:81:be:ad:a5:98:3a:38:fc:e8:
                    94:81:ca:f5:6c:52:8d:8c:93:34:bc:4b:25:af:5a:
                    b5:45:53:1f:3d:18:62:d0:5a:92:4f:dd:91:8d:d6:
                    77:c5:03:52:7c:42:b6:fe:7e:db:10:1d:63:32:8f:
                    05:89:7e:fd:41:7e:e5:3d:45:d7:d4:c4:a1:f3:0e:
                    60:84:82:68:6a:61:d0:13:95:e9:5e:6e:a3:ff:0d:
                    73:ed:8e:e6:8c:5a:18:23:85:50:9a:54:28:f7:46:
                    e0:3e:63:af:c4:de:ce:68:c0:96:70:21:0a:05:41:
                    d9:17:77:70:b0:6c:47:95:41:c4:32:fd:49:7e:b9:
                    e5:6b:b2:3e:cc:f9:af:a3:b5:32:25:9f:a6:b5:df:
                    0c:0b:71:f2:c0:1d:6d:18:a2:c5:02:f6:3b:5f:db:
                    a0:78:4a:15:7a:fe:aa:9b:6d:c1:97:a6:8e:62:67:
                    50:8c:49:75:01:e3:5b:01:37:b2:a5:58:fd:42:e3:
                    c6:db:cd:dd:f1:30:f9:40:36:9f:a5:2b:43:ac:b4:
                    2e:64:bb:ea:f8:2b:05:9c:64:a5:3b:73:9e:cd:d7:
                    f8:87:29:24:b3:90:8d:ac:39:2f:d1:32:25:2c:fd:
                    da:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:B7:6E:ED:70:8B:41:D8:25:3D:A0:5B:25:78:E0:C3:0D:4F:0C:9B
            X509v3 Authority Key Identifier:
                keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/5Ldu7XCLQdglPaBbJXjgww1PDJs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.209.132.0/22
                  188.209.139.0/24

    Signature Algorithm: sha256WithRSAEncryption
         66:19:6f:fd:97:b0:d5:0b:08:eb:bf:a5:1a:23:0d:e4:3c:51:
         2b:bc:d6:12:8e:4b:81:ce:79:2f:a0:56:70:ab:fa:d0:3b:cc:
         bf:cd:8e:b6:55:88:68:b8:4d:7c:8c:42:ee:52:2d:99:ce:23:
         a5:f1:8a:6f:b2:9a:9c:cb:6a:c5:5d:bd:6d:df:14:9a:7c:e4:
         5c:e3:f0:49:06:a1:9f:f4:74:b9:f8:41:e6:f3:5e:c0:b5:b7:
         4f:bf:54:66:12:04:e3:23:9b:41:41:b7:65:7d:1f:a5:a0:e4:
         22:a8:3e:ad:e3:5f:1f:b3:71:05:6e:4d:fa:33:df:c0:86:25:
         15:a8:3c:64:aa:8b:4f:7d:9c:08:30:2f:e7:d7:61:d4:c0:b6:
         13:88:b9:66:35:e5:a4:32:ee:8d:1e:25:1d:c3:f2:20:99:ed:
         ff:77:9c:ae:0f:ea:c3:92:06:04:6e:90:56:86:86:ec:0d:86:
         9c:ea:24:f4:5d:2e:d3:3c:c1:01:78:ea:9f:32:50:af:88:85:
         a1:9c:50:53:9f:29:c9:1f:2f:19:a1:94:8f:c8:fa:23:1b:f7:
         7f:78:e6:68:a2:e4:25:b5:de:fb:ea:b9:09:b5:8b:54:ce:86:
         f7:87:69:ae:fb:d2:12:be:30:ff:92:f4:42:c7:b6:45:2f:4d:
         b6:5c:64:9d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY6WXzPTcP8iXzNyHQnhNtrcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjQwMzMxMjExNjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGI3NmVlZDcwOGI0MWQ4MjUzZGEwNWIyNTc4ZTBjMzBkNGYwYzliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmDQlT3+jzxP/6BF+k2sjP4d4ed+B
vq2lmDo4/OiUgcr1bFKNjJM0vEslr1q1RVMfPRhi0FqST92RjdZ3xQNSfEK2/n7b
EB1jMo8FiX79QX7lPUXX1MSh8w5ghIJoamHQE5XpXm6j/w1z7Y7mjFoYI4VQmlQo
90bgPmOvxN7OaMCWcCEKBUHZF3dwsGxHlUHEMv1Jfrnla7I+zPmvo7UyJZ+mtd8M
C3HywB1tGKLFAvY7X9ugeEoVev6qm23Bl6aOYmdQjEl1AeNbATeypVj9QuPG283d
8TD5QDafpStDrLQuZLvq+CsFnGSlO3Oezdf4hykks5CNrDkv0TIlLP3aDQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOS3bu1wi0HYJT2gWyV44MMNTwybMB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvNUxkdTdYQ0xRZGdsUGFCYkpYamd3dzFQREpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCvNGEAwQA
vNGLMA0GCSqGSIb3DQEBCwUAA4IBAQBmGW/9l7DVCwjrv6UaIw3kPFErvNYSjkuB
znkvoFZwq/rQO8y/zY62VYhouE18jELuUi2ZziOl8Ypvspqcy2rFXb1t3xSafORc
4/BJBqGf9HS5+EHm817AtbdPv1RmEgTjI5tBQbdlfR+loOQiqD6t418fs3EFbk36
M9/AhiUVqDxkqotPfZwIMC/n12HUwLYTiLlmNeWkMu6NHiUdw/Igme3/d5yuD+rD
kgYEbpBWhobsDYac6iT0XS7TPMEBeOqfMlCviIWhnFBTnynJHy8ZoZSPyPojG/d/
eOZoouQltd776rkJtYtUzob3h2mu+9ISvjD/kvRCx7ZFL022XGSd
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:54 2024 by rpki-client on console-ams.rpki-client.org