Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/655006-6275-4d24-b3db-02c47b9ea49d/1/5_MkeakGNKh2yei0wRdwK_yM5Ak.roa
File:                     5_MkeakGNKh2yei0wRdwK_yM5Ak.roa (raw, json)
Hash identifier:          ILqv+q7EhdHL7P3n6wjQ7JD+s/6DeDBZIKry2H6J4Ts=
Subject key identifier:   E7:F3:24:79:A9:06:34:A8:76:C9:E8:B4:C1:17:70:2B:FC:8C:E4:09
Certificate issuer:       /CN=1b6f07474f12f7a33e5c21bc2ffbb075a17bd13f
Certificate serial:       01856F5DC2A22324F16908F6FACB867DD4C6
Authority key identifier: 1B:6F:07:47:4F:12:F7:A3:3E:5C:21:BC:2F:FB:B0:75:A1:7B:D1:3F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/G28HR08S96M-XCG8L_uwdaF70T8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/655006-6275-4d24-b3db-02c47b9ea49d/1/5_MkeakGNKh2yei0wRdwK_yM5Ak.roa
Signing time:             Sun 01 Jan 2023 22:04:53 +0000
ROA not before:           Sun 01 Jan 2023 22:04:53 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     29549
IP address blocks:        195.177.206.0/24 maxlen: 24
                          195.177.207.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 06:29:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:5d:c2:a2:23:24:f1:69:08:f6:fa:cb:86:7d:d4:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1b6f07474f12f7a33e5c21bc2ffbb075a17bd13f
        Validity
            Not Before: Jan  1 22:04:53 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e7f32479a90634a876c9e8b4c117702bfc8ce409
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:9b:df:1d:ac:1d:63:c4:69:f8:2d:e7:f8:ea:
                    0d:f3:d3:79:a4:ac:6a:78:32:1a:65:f9:80:0a:54:
                    44:43:63:24:c8:18:6e:1d:dd:05:93:89:84:07:ac:
                    24:23:ca:b9:d1:1f:13:c5:ab:4d:10:17:14:1c:b7:
                    21:11:b8:ab:5c:de:d2:c4:c7:8b:05:36:af:1e:c1:
                    d7:8d:f1:53:f5:06:35:1a:46:fd:5a:7f:3b:61:89:
                    78:cc:6c:23:87:7e:6f:06:0b:c5:a3:bb:b5:c5:77:
                    d7:04:21:71:dd:59:a4:83:4f:b7:22:99:94:d0:e4:
                    97:f0:5c:de:aa:95:60:c6:31:b1:9e:4e:a8:52:55:
                    43:d7:94:cf:a1:b3:6e:47:a6:8b:70:ba:9a:33:10:
                    c9:e7:1a:b9:76:7a:4d:68:71:34:06:d6:45:54:2b:
                    1e:d5:59:47:12:a6:84:10:ae:7d:45:ff:b4:67:ab:
                    9c:99:09:17:13:f8:08:77:4f:60:d4:08:c9:35:69:
                    b8:b8:e1:3f:a6:25:24:07:28:81:f7:98:a4:34:f7:
                    d0:c9:af:6d:70:ef:b8:38:1a:0c:0e:68:7b:15:d1:
                    f7:9b:5e:50:a9:bc:0e:45:0b:dc:4c:07:98:8a:61:
                    48:7f:9e:5f:18:e5:bf:bc:3d:e4:e2:4b:81:84:91:
                    38:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:F3:24:79:A9:06:34:A8:76:C9:E8:B4:C1:17:70:2B:FC:8C:E4:09
            X509v3 Authority Key Identifier:
                keyid:1B:6F:07:47:4F:12:F7:A3:3E:5C:21:BC:2F:FB:B0:75:A1:7B:D1:3F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G28HR08S96M-XCG8L_uwdaF70T8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/655006-6275-4d24-b3db-02c47b9ea49d/1/5_MkeakGNKh2yei0wRdwK_yM5Ak.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/655006-6275-4d24-b3db-02c47b9ea49d/1/G28HR08S96M-XCG8L_uwdaF70T8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.177.206.0/23

    Signature Algorithm: sha256WithRSAEncryption
         12:6a:dd:eb:14:c8:f8:0c:7f:4c:d9:e5:c6:10:0e:9e:be:ff:
         78:07:32:11:c6:37:11:f6:7f:ff:21:dd:3b:93:98:cd:3d:8c:
         24:83:c6:4b:87:f0:bb:b7:43:df:1c:97:28:ae:df:63:29:50:
         6c:36:26:ad:4e:75:a5:70:b6:dc:6c:95:cb:c3:de:6b:90:d1:
         c2:0f:e1:8c:27:f9:f0:82:27:a6:8f:42:4a:ba:3a:20:f4:9b:
         fd:9b:4a:27:61:31:c3:94:9f:88:f5:1a:ea:70:11:31:9d:42:
         17:35:3e:b5:a9:77:2e:32:c7:6f:b9:94:c7:92:6e:a5:80:5e:
         2e:42:bd:a5:c7:da:a5:b0:9c:1d:a4:63:b3:e4:af:78:c2:36:
         49:1c:0b:85:06:fb:45:e9:d1:38:ff:cb:56:ea:8f:2d:79:2d:
         e8:b4:27:67:c1:07:a3:05:cf:1e:dd:e2:93:7e:8c:2f:00:85:
         37:32:62:19:d1:d3:5e:4a:bd:0e:c6:49:93:66:34:01:67:6c:
         19:e9:1c:4c:c9:78:6f:9c:32:23:59:f9:e1:fd:9c:3b:56:c2:
         59:59:45:33:54:7c:5a:94:fd:c9:c2:97:d1:d2:29:f1:db:2a:
         56:3c:29:c3:96:07:7e:b2:2b:70:89:d9:e7:5f:f3:02:9e:d3:
         72:6e:d1:5f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvXcKiIyTxaQj2+suGfdTGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiNmYwNzQ3NGYxMmY3YTMzZTVjMjFiYzJmZmJiMDc1YTE3
YmQxM2YwHhcNMjMwMTAxMjIwNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2YzMjQ3OWE5MDYzNGE4NzZjOWU4YjRjMTE3NzAyYmZjOGNlNDA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl5vfHawdY8Rp+C3n+OoN89N5pKxq
eDIaZfmAClREQ2MkyBhuHd0Fk4mEB6wkI8q50R8TxatNEBcUHLchEbirXN7SxMeL
BTavHsHXjfFT9QY1Gkb9Wn87YYl4zGwjh35vBgvFo7u1xXfXBCFx3Vmkg0+3IpmU
0OSX8FzeqpVgxjGxnk6oUlVD15TPobNuR6aLcLqaMxDJ5xq5dnpNaHE0BtZFVCse
1VlHEqaEEK59Rf+0Z6ucmQkXE/gId09g1AjJNWm4uOE/piUkByiB95ikNPfQya9t
cO+4OBoMDmh7FdH3m15QqbwORQvcTAeYimFIf55fGOW/vD3k4kuBhJE4TwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOfzJHmpBjSodsnotMEXcCv8jOQJMB8GA1UdIwQY
MBaAFBtvB0dPEvejPlwhvC/7sHWhe9E/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzI4SFIwOFM5Nk0tWENHOExfdXdkYUY3MFQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC82NTUwMDYtNjI3NS00ZDI0LWIzZGIt
MDJjNDdiOWVhNDlkLzEvNV9Na2Vha0dOS2gyeWVpMHdSZHdLX3lNNUFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC82NTUwMDYtNjI3NS00ZDI0LWIzZGItMDJjNDdiOWVhNDlk
LzEvRzI4SFIwOFM5Nk0tWENHOExfdXdkYUY3MFQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw7HOMA0G
CSqGSIb3DQEBCwUAA4IBAQASat3rFMj4DH9M2eXGEA6evv94BzIRxjcR9n//Id07
k5jNPYwkg8ZLh/C7t0PfHJcort9jKVBsNiatTnWlcLbcbJXLw95rkNHCD+GMJ/nw
giemj0JKujog9Jv9m0onYTHDlJ+I9RrqcBExnUIXNT61qXcuMsdvuZTHkm6lgF4u
Qr2lx9qlsJwdpGOz5K94wjZJHAuFBvtF6dE4/8tW6o8teS3otCdnwQejBc8e3eKT
fowvAIU3MmIZ0dNeSr0OxkmTZjQBZ2wZ6RxMyXhvnDIjWfnh/Zw7VsJZWUUzVHxa
lP3JwpfR0inx2ypWPCnDlgd+sitwidnnX/MCntNybtFf
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:02 2024 by rpki-client on console-ams.rpki-client.org