Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/5f-yr7ZkJdy5vfjZ5lbggdE3nJY.roa
File:                     5f-yr7ZkJdy5vfjZ5lbggdE3nJY.roa (raw, json)
Hash identifier:          8oD+jiiJ2dyg4h0kcKeLOnFZZPNdlVJfkSKEkJuh1lI=
Subject key identifier:   E5:FF:B2:AF:B6:64:25:DC:B9:BD:F8:D9:E6:56:E0:81:D1:37:9C:96
Certificate issuer:       /CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Certificate serial:       018B6B5EC9F056668C7BB81D9B4F85ABDA10
Authority key identifier: 17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/5f-yr7ZkJdy5vfjZ5lbggdE3nJY.roa
Signing time:             Thu 26 Oct 2023 09:44:16 +0000
ROA not before:           Thu 26 Oct 2023 09:44:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     400402
IP address blocks:        185.245.1.0/24 maxlen: 24
                          185.245.2.0/24 maxlen: 24
                          185.245.3.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 28 Nov 2023 03:31:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:6b:5e:c9:f0:56:66:8c:7b:b8:1d:9b:4f:85:ab:da:10
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
        Validity
            Not Before: Oct 26 09:44:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e5ffb2afb66425dcb9bdf8d9e656e081d1379c96
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:68:4b:9a:4d:aa:32:14:68:57:ce:97:2e:e2:
                    c0:ce:37:4d:c2:7a:45:e9:cf:45:f1:a7:a3:c4:ea:
                    d6:c0:6d:42:64:48:a8:1d:0f:88:11:e8:e7:d5:fa:
                    3c:3b:af:65:53:7d:2e:22:27:e0:81:80:66:4a:8b:
                    4b:b6:71:39:96:90:15:13:44:95:9f:62:5e:ad:67:
                    d0:2d:95:99:f2:eb:7f:3c:87:93:0a:f1:40:0b:83:
                    65:b6:88:87:0c:34:1d:e6:e7:a1:d3:c5:39:89:6e:
                    45:aa:25:bd:d2:e2:c1:58:47:a1:55:eb:f3:39:01:
                    6a:12:48:06:7c:27:fb:4a:e6:c7:ae:31:ea:4d:81:
                    26:2f:53:ab:b3:9c:bd:65:35:6d:da:a8:1a:3c:65:
                    63:dd:df:e8:85:4a:53:66:22:ca:f7:05:57:11:56:
                    2a:8f:07:14:18:85:91:75:16:df:bc:c1:30:5d:dd:
                    98:a6:1a:34:a8:9b:5c:aa:38:95:77:d3:9c:6d:2a:
                    e3:40:13:d1:5a:59:dc:7f:ef:dd:75:1a:8f:0e:d3:
                    6d:fa:40:4f:7d:84:ba:05:e0:c5:ca:5c:c5:44:fc:
                    a4:35:e3:10:7d:12:d0:0b:4f:0e:f8:a4:b4:d8:23:
                    9f:43:3b:3a:f1:68:bd:94:c1:fc:87:0c:f3:06:c5:
                    92:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E5:FF:B2:AF:B6:64:25:DC:B9:BD:F8:D9:E6:56:E0:81:D1:37:9C:96
            X509v3 Authority Key Identifier:
                keyid:17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/5f-yr7ZkJdy5vfjZ5lbggdE3nJY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.245.1.0-185.245.3.255

    Signature Algorithm: sha256WithRSAEncryption
         29:80:36:5c:3e:d2:0b:f6:4a:9b:cb:5f:fc:90:b8:fc:8b:02:
         aa:a5:73:74:08:18:b0:33:f3:35:00:52:02:3b:dd:4c:cc:d7:
         7a:04:80:32:57:a2:4e:c7:09:33:44:6c:ad:66:b4:4d:ec:de:
         a3:32:a2:7f:f9:1b:4c:bf:d8:58:9e:f2:2f:79:2d:e8:b3:37:
         6d:22:bf:c5:e5:21:4d:4e:35:ac:db:93:67:20:6a:31:6f:ef:
         37:18:19:e0:f2:dc:02:bb:0a:6e:44:ca:35:5e:df:cf:b0:fa:
         b1:d6:14:c5:0c:d3:63:26:40:8a:1f:73:51:d9:e5:f8:b6:e2:
         ee:c7:6b:00:31:9f:44:33:45:9f:ff:d3:9d:56:4b:ce:d3:f4:
         e5:2a:08:d3:30:51:e6:2f:cf:ba:ec:ab:06:ff:56:50:26:b5:
         94:43:9b:3b:c6:d2:22:d4:62:a0:d1:38:48:55:22:bc:da:86:
         cb:76:18:1a:59:25:37:4f:1c:41:2c:b5:0c:69:b4:6e:8f:0e:
         12:cb:0a:14:05:11:93:85:cf:f3:f7:ca:b0:48:c2:a0:2d:87:
         72:12:5c:c4:0c:b5:12:67:1d:78:20:63:e8:46:89:70:21:71:
         da:a2:25:0f:c7:65:16:19:98:69:f3:08:8d:33:7e:f2:cd:59:
         0a:6b:4c:b4
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYtrXsnwVmaMe7gdm0+Fq9oQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZDAzZjI5ODE4MGNjMTA5ZjE5ZDRiMTk5MmM3ZDcxYzU2
YzhkY2MwHhcNMjMxMDI2MDk0NDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWZmYjJhZmI2NjQyNWRjYjliZGY4ZDllNjU2ZTA4MWQxMzc5Yzk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsmhLmk2qMhRoV86XLuLAzjdNwnpF
6c9F8aejxOrWwG1CZEioHQ+IEejn1fo8O69lU30uIifggYBmSotLtnE5lpAVE0SV
n2JerWfQLZWZ8ut/PIeTCvFAC4NltoiHDDQd5ueh08U5iW5FqiW90uLBWEehVevz
OQFqEkgGfCf7SubHrjHqTYEmL1Ors5y9ZTVt2qgaPGVj3d/ohUpTZiLK9wVXEVYq
jwcUGIWRdRbfvMEwXd2Ypho0qJtcqjiVd9OcbSrjQBPRWlncf+/ddRqPDtNt+kBP
fYS6BeDFylzFRPykNeMQfRLQC08O+KS02COfQzs68Wi9lMH8hwzzBsWSvQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFOX/sq+2ZCXcub342eZW4IHRN5yWMB8GA1UdIwQY
MBaAFBfQPymBgMwQnxnUsZksfXHFbI3MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUt
OTE4YWM2NDYyNjc5LzEvNWYteXI3WmtKZHk1dmZqWjVsYmdnZEUzbkpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUtOTE4YWM2NDYyNjc5
LzEvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAC59QED
BAK59QAwDQYJKoZIhvcNAQELBQADggEBACmANlw+0gv2SpvLX/yQuPyLAqqlc3QI
GLAz8zUAUgI73UzM13oEgDJXok7HCTNEbK1mtE3s3qMyon/5G0y/2Fie8i95Leiz
N20iv8XlIU1ONazbk2cgajFv7zcYGeDy3AK7Cm5EyjVe38+w+rHWFMUM02MmQIof
c1HZ5fi24u7HawAxn0QzRZ//051WS87T9OUqCNMwUeYvz7rsqwb/VlAmtZRDmzvG
0iLUYqDROEhVIrzahst2GBpZJTdPHEEstQxptG6PDhLLChQFEZOFz/P3yrBIwqAt
h3ISXMQMtRJnHXggY+hGiXAhcdqiJQ/HZRYZmGnzCI0zfvLNWQprTLQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:03 2024 by rpki-client on console-ams.rpki-client.org