Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/17527b-ecc2-4498-9208-e22b8c0a1726/1/1IOSAzHSESoHa3d9lH7jrrBVexI.roa
File:                     1IOSAzHSESoHa3d9lH7jrrBVexI.roa (raw, json)
Hash identifier:          ToLx62EOFy/D3NWpmJKJTqMK1t/bjDlMcA19vmbJQWo=
Subject key identifier:   D4:83:92:03:31:D2:11:2A:07:6B:77:7D:94:7E:E3:AE:B0:55:7B:12
Certificate issuer:       /CN=d56c5074e66f43ce578a3d4a2e7bcc215cb5e960
Certificate serial:       01856ECB6637D3F309C7DD1244D07D7BD4B3
Authority key identifier: D5:6C:50:74:E6:6F:43:CE:57:8A:3D:4A:2E:7B:CC:21:5C:B5:E9:60
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1WxQdOZvQ85Xij1KLnvMIVy16WA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/17527b-ecc2-4498-9208-e22b8c0a1726/1/1IOSAzHSESoHa3d9lH7jrrBVexI.roa
Signing time:             Sun 01 Jan 2023 19:25:01 +0000
ROA not before:           Sun 01 Jan 2023 19:25:01 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     209426
IP address blocks:        5.253.135.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:32:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:cb:66:37:d3:f3:09:c7:dd:12:44:d0:7d:7b:d4:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d56c5074e66f43ce578a3d4a2e7bcc215cb5e960
        Validity
            Not Before: Jan  1 19:25:01 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d483920331d2112a076b777d947ee3aeb0557b12
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:ae:87:db:29:99:ad:d6:c5:bb:81:d1:b3:20:
                    17:18:ce:f1:06:54:99:67:32:6a:ad:ad:81:42:cb:
                    64:d4:8f:19:e9:4e:5c:01:11:b6:15:a0:71:a2:86:
                    48:18:12:f5:05:5c:f4:be:4b:25:9b:bb:cf:a5:d9:
                    c9:46:29:e4:03:b3:d0:6a:8d:72:da:f2:54:a4:ef:
                    76:aa:fc:d2:6d:7b:28:7f:fa:67:d7:9d:10:db:fc:
                    bf:6b:12:da:f4:02:54:d5:e4:6d:bc:41:01:db:e9:
                    3d:65:20:3d:76:e0:e0:81:c5:d9:de:61:9a:ee:9d:
                    e3:2e:06:2d:4a:70:b9:2b:ab:20:3c:f9:f1:25:f6:
                    37:63:6f:63:96:06:bc:a9:9e:f0:05:9d:97:f3:ee:
                    0a:8c:61:6a:61:fd:6f:07:38:23:9e:0a:4f:fe:e7:
                    6b:a4:95:1b:0d:29:1f:d3:dc:c8:ef:2a:22:74:e1:
                    58:4e:48:49:5d:0b:45:ae:5d:7e:0a:fb:5d:e1:59:
                    5c:6a:49:61:2f:01:09:df:42:bd:e7:cf:44:b2:5f:
                    2b:86:4e:4c:8f:b3:68:76:39:ae:00:96:7e:e7:d3:
                    61:f8:7b:5c:2e:80:53:b4:91:4b:8a:89:29:05:fb:
                    82:82:61:c8:7d:39:3e:af:0c:17:e2:09:fb:a8:b5:
                    b5:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:83:92:03:31:D2:11:2A:07:6B:77:7D:94:7E:E3:AE:B0:55:7B:12
            X509v3 Authority Key Identifier:
                keyid:D5:6C:50:74:E6:6F:43:CE:57:8A:3D:4A:2E:7B:CC:21:5C:B5:E9:60

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1WxQdOZvQ85Xij1KLnvMIVy16WA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/17527b-ecc2-4498-9208-e22b8c0a1726/1/1IOSAzHSESoHa3d9lH7jrrBVexI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/17527b-ecc2-4498-9208-e22b8c0a1726/1/1WxQdOZvQ85Xij1KLnvMIVy16WA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.253.135.0/24

    Signature Algorithm: sha256WithRSAEncryption
         01:fa:b7:6a:f1:4e:9c:9c:5e:52:67:d4:27:4a:ed:53:2b:a4:
         59:77:5e:43:d8:ed:33:7e:21:43:f1:46:15:7f:c8:9f:85:a6:
         bf:47:de:fc:d8:24:b7:8a:16:f4:c2:46:e3:da:f2:6e:6c:ba:
         b5:f9:84:55:b7:2e:40:9f:1f:bf:7a:cc:14:02:f2:a2:81:ac:
         01:fd:78:ed:c8:74:1b:82:ac:f3:43:bd:99:71:f7:de:fe:8d:
         6e:85:b7:0e:8e:c4:45:9e:8d:46:16:bf:3d:1f:00:48:be:b1:
         f4:69:0e:cf:e9:72:18:62:ba:97:75:cf:ec:5d:55:62:39:c2:
         62:e2:2f:b6:2c:05:11:4b:19:d3:8a:fa:64:93:f5:de:3e:67:
         25:f1:16:34:74:2a:35:d0:90:99:ed:91:fb:3a:36:11:b1:d5:
         d1:1b:b0:cc:4a:d3:4d:a1:f9:47:1f:ef:a6:5c:d8:aa:21:cb:
         f5:7f:9e:53:0d:39:f6:a6:65:74:e9:e9:8a:14:18:2e:4e:5f:
         5a:52:48:59:c1:10:0f:b1:d5:98:fe:9f:b6:72:30:53:e2:4b:
         36:dc:66:71:ae:01:60:69:49:cd:30:87:47:f0:cc:49:b4:f8:
         32:47:a9:73:bf:15:54:38:96:f7:94:91:1d:cc:b1:95:25:cb:
         74:89:63:41
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuy2Y30/MJx90SRNB9e9SzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmM1MDc0ZTY2ZjQzY2U1NzhhM2Q0YTJlN2JjYzIxNWNi
NWU5NjAwHhcNMjMwMTAxMTkyNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDgzOTIwMzMxZDIxMTJhMDc2Yjc3N2Q5NDdlZTNhZWIwNTU3YjEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhq6H2ymZrdbFu4HRsyAXGM7xBlSZ
ZzJqra2BQstk1I8Z6U5cARG2FaBxooZIGBL1BVz0vkslm7vPpdnJRinkA7PQao1y
2vJUpO92qvzSbXsof/pn150Q2/y/axLa9AJU1eRtvEEB2+k9ZSA9duDggcXZ3mGa
7p3jLgYtSnC5K6sgPPnxJfY3Y29jlga8qZ7wBZ2X8+4KjGFqYf1vBzgjngpP/udr
pJUbDSkf09zI7yoidOFYTkhJXQtFrl1+Cvtd4VlcaklhLwEJ30K9589Esl8rhk5M
j7NodjmuAJZ+59Nh+HtcLoBTtJFLiokpBfuCgmHIfTk+rwwX4gn7qLW1lwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNSDkgMx0hEqB2t3fZR+466wVXsSMB8GA1UdIwQY
MBaAFNVsUHTmb0POV4o9Si57zCFctelgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVd4UWRPWnZRODVYaWoxS0xudk1JVnkxNldBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi8xNzUyN2ItZWNjMi00NDk4LTkyMDgt
ZTIyYjhjMGExNzI2LzEvMUlPU0F6SFNFU29IYTNkOWxIN2pyckJWZXhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi8xNzUyN2ItZWNjMi00NDk4LTkyMDgtZTIyYjhjMGExNzI2
LzEvMVd4UWRPWnZRODVYaWoxS0xudk1JVnkxNldBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABf2HMA0G
CSqGSIb3DQEBCwUAA4IBAQAB+rdq8U6cnF5SZ9QnSu1TK6RZd15D2O0zfiFD8UYV
f8ifhaa/R9782CS3ihb0wkbj2vJubLq1+YRVty5Anx+/eswUAvKigawB/XjtyHQb
gqzzQ72Zcffe/o1uhbcOjsRFno1GFr89HwBIvrH0aQ7P6XIYYrqXdc/sXVViOcJi
4i+2LAURSxnTivpkk/XePmcl8RY0dCo10JCZ7ZH7OjYRsdXRG7DMStNNoflHH++m
XNiqIcv1f55TDTn2pmV06emKFBguTl9aUkhZwRAPsdWY/p+2cjBT4ks23GZxrgFg
aUnNMIdH8MxJtPgyR6lzvxVUOJb3lJEdzLGVJct0iWNB
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:22 2024 by rpki-client on console-ams.rpki-client.org