Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/db1b48-1cc5-4833-93d9-b9464718ba37/1/oLj_EM2CzWSF71M76dq6IeQPRuo.roa
File:                     oLj_EM2CzWSF71M76dq6IeQPRuo.roa (raw, json)
Hash identifier:          I8C+Y3CQDgVHb/pil6KXq4EEXG7whK/075qhaFgsvWc=
Subject key identifier:   A0:B8:FF:10:CD:82:CD:64:85:EF:53:3B:E9:DA:BA:21:E4:0F:46:EA
Certificate issuer:       /CN=73f210f1299a1e0aee71dc1d79e5fb12092d30a9
Certificate serial:       018D1D1463726F35565FE9B0E40536EE6DC2
Authority key identifier: 73:F2:10:F1:29:9A:1E:0A:EE:71:DC:1D:79:E5:FB:12:09:2D:30:A9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/c_IQ8SmaHgrucdwdeeX7EgktMKk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/db1b48-1cc5-4833-93d9-b9464718ba37/1/oLj_EM2CzWSF71M76dq6IeQPRuo.roa
Signing time:             Thu 18 Jan 2024 14:58:11 +0000
ROA not before:           Thu 18 Jan 2024 14:58:11 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     10753
IP address blocks:        5.22.204.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Thu 15 Feb 2024 20:34:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:1d:14:63:72:6f:35:56:5f:e9:b0:e4:05:36:ee:6d:c2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=73f210f1299a1e0aee71dc1d79e5fb12092d30a9
        Validity
            Not Before: Jan 18 14:58:11 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=a0b8ff10cd82cd6485ef533be9daba21e40f46ea
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:b5:ff:0f:76:4d:a5:8e:20:69:0d:b8:fc:5c:
                    fd:da:7f:65:b7:94:4a:5f:e5:5e:c5:d5:3e:98:1b:
                    f2:f8:45:3f:ba:ea:b2:f4:02:7d:93:a7:00:f6:69:
                    19:97:b6:50:44:47:5e:9b:0e:e5:17:ed:6d:f4:ee:
                    7d:3c:6d:a7:88:7c:22:69:93:91:ed:7e:ac:ea:f3:
                    fa:b7:83:17:9d:ae:13:7d:94:f2:11:f6:c4:a0:e2:
                    7f:95:67:83:4e:fb:68:f0:28:d4:78:f7:cb:cd:8e:
                    95:46:b6:5c:b8:d4:e1:fe:0f:f4:d6:0b:41:b8:2c:
                    bf:a8:cd:32:3e:8d:bf:4d:87:60:25:9b:a7:ad:78:
                    ae:00:0a:b8:e1:29:66:da:a6:11:10:a2:0e:32:25:
                    9b:d1:a3:47:33:aa:66:75:68:ff:9c:70:69:af:c6:
                    51:c5:e1:47:98:86:fb:96:41:7d:34:63:b1:fc:e2:
                    57:11:84:ad:d8:bb:86:f0:77:0a:6e:9e:56:ea:be:
                    cd:3b:91:fb:6d:0e:f0:ea:d8:a9:ac:a2:ea:38:65:
                    f4:3a:38:14:44:5c:7a:10:b5:a6:8d:2f:cd:0a:ae:
                    29:6a:22:ab:ae:a8:cb:ab:3d:d0:ce:d5:b2:46:d3:
                    21:6e:e9:bd:b9:e7:52:f5:fe:ef:ac:f3:d8:4b:e9:
                    ef:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:B8:FF:10:CD:82:CD:64:85:EF:53:3B:E9:DA:BA:21:E4:0F:46:EA
            X509v3 Authority Key Identifier:
                keyid:73:F2:10:F1:29:9A:1E:0A:EE:71:DC:1D:79:E5:FB:12:09:2D:30:A9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c_IQ8SmaHgrucdwdeeX7EgktMKk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/db1b48-1cc5-4833-93d9-b9464718ba37/1/oLj_EM2CzWSF71M76dq6IeQPRuo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/db1b48-1cc5-4833-93d9-b9464718ba37/1/c_IQ8SmaHgrucdwdeeX7EgktMKk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.22.204.0/22

    Signature Algorithm: sha256WithRSAEncryption
         77:8a:e4:b1:aa:89:37:6a:a3:76:bb:8f:61:0b:04:a5:7c:a4:
         2d:8c:01:b5:63:7c:97:df:b1:c3:65:e6:e5:99:80:50:e8:3d:
         e0:e4:d2:8b:46:0f:81:9c:a0:d7:7b:db:b8:60:7b:d8:0b:a6:
         82:ca:53:1a:17:a0:1d:60:5b:10:ad:3f:f3:c3:ab:10:b3:25:
         3b:52:af:78:d7:eb:df:66:40:39:79:c2:44:44:e2:54:e3:aa:
         e3:7e:4c:64:74:34:36:10:a0:ab:f1:12:11:24:58:b6:c5:66:
         ff:b2:e3:29:91:3f:e6:ba:40:52:00:a8:1e:4a:10:52:44:e7:
         c5:51:4b:82:4e:60:08:2e:ed:0e:90:da:f9:eb:25:72:4f:1a:
         fd:22:3b:31:ee:51:07:61:81:77:a2:12:bd:9f:9c:fa:4d:c9:
         08:b2:4a:33:59:79:b1:28:41:90:04:5a:f3:0a:c5:4b:67:c4:
         28:01:c1:4a:a6:c9:1e:15:a0:20:59:75:e9:6b:ad:96:ca:a8:
         55:9c:20:4a:56:ac:0f:e0:80:37:e9:e5:be:60:46:27:e7:f1:
         48:ad:ae:b4:fd:19:09:15:2d:8d:c6:01:8b:87:33:64:10:93:
         62:56:b7:c2:65:b0:5b:5f:d9:67:dd:e8:44:64:a6:26:25:40:
         21:ae:6a:13
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY0dFGNybzVWX+mw5AU27m3CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczZjIxMGYxMjk5YTFlMGFlZTcxZGMxZDc5ZTVmYjEyMDky
ZDMwYTkwHhcNMjQwMTE4MTQ1ODExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGI4ZmYxMGNkODJjZDY0ODVlZjUzM2JlOWRhYmEyMWU0MGY0NmVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoLX/D3ZNpY4gaQ24/Fz92n9lt5RK
X+VexdU+mBvy+EU/uuqy9AJ9k6cA9mkZl7ZQREdemw7lF+1t9O59PG2niHwiaZOR
7X6s6vP6t4MXna4TfZTyEfbEoOJ/lWeDTvto8CjUePfLzY6VRrZcuNTh/g/01gtB
uCy/qM0yPo2/TYdgJZunrXiuAAq44Slm2qYREKIOMiWb0aNHM6pmdWj/nHBpr8ZR
xeFHmIb7lkF9NGOx/OJXEYSt2LuG8HcKbp5W6r7NO5H7bQ7w6tiprKLqOGX0OjgU
RFx6ELWmjS/NCq4paiKrrqjLqz3QztWyRtMhbum9uedS9f7vrPPYS+nv9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKC4/xDNgs1khe9TO+nauiHkD0bqMB8GA1UdIwQY
MBaAFHPyEPEpmh4K7nHcHXnl+xIJLTCpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY19JUThTbWFIZ3J1Y2R3ZGVlWDdFZ2t0TUtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kYjFiNDgtMWNjNS00ODMzLTkzZDkt
Yjk0NjQ3MThiYTM3LzEvb0xqX0VNMkN6V1NGNzFNNzZkcTZJZVFQUnVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kYjFiNDgtMWNjNS00ODMzLTkzZDktYjk0NjQ3MThiYTM3
LzEvY19JUThTbWFIZ3J1Y2R3ZGVlWDdFZ2t0TUtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBRbMMA0G
CSqGSIb3DQEBCwUAA4IBAQB3iuSxqok3aqN2u49hCwSlfKQtjAG1Y3yX37HDZebl
mYBQ6D3g5NKLRg+BnKDXe9u4YHvYC6aCylMaF6AdYFsQrT/zw6sQsyU7Uq941+vf
ZkA5ecJEROJU46rjfkxkdDQ2EKCr8RIRJFi2xWb/suMpkT/mukBSAKgeShBSROfF
UUuCTmAILu0OkNr56yVyTxr9Ijsx7lEHYYF3ohK9n5z6TckIskozWXmxKEGQBFrz
CsVLZ8QoAcFKpskeFaAgWXXpa62WyqhVnCBKVqwP4IA36eW+YEYn5/FIra60/RkJ
FS2NxgGLhzNkEJNiVrfCZbBbX9ln3ehEZKYmJUAhrmoT
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:07 2024 by rpki-client on console-fra.rpki-client.org