Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/9ca446-fc5c-4746-b26f-30ce83701b39/1/SAYGJX3DlPA_FVw1qsJDpe_Io64.roa
File:                     SAYGJX3DlPA_FVw1qsJDpe_Io64.roa (raw, json)
Hash identifier:          fcWYA4Cv6lMgEuNtPSN6XAaNhmC0HKWeHuDWZnnOXCk=
Subject key identifier:   48:06:06:25:7D:C3:94:F0:3F:15:5C:35:AA:C2:43:A5:EF:C8:A3:AE
Certificate issuer:       /CN=3433ae1c60672c7591a8f97d68f79fb2a5ee8da7
Certificate serial:       018AB7AAAD152070F0FBE1F95BBEF8F01E68
Authority key identifier: 34:33:AE:1C:60:67:2C:75:91:A8:F9:7D:68:F7:9F:B2:A5:EE:8D:A7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NDOuHGBnLHWRqPl9aPefsqXujac.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/9ca446-fc5c-4746-b26f-30ce83701b39/1/SAYGJX3DlPA_FVw1qsJDpe_Io64.roa
Signing time:             Thu 21 Sep 2023 12:15:30 +0000
ROA not before:           Thu 21 Sep 2023 12:15:30 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     216444
IP address blocks:        5.199.164.0/22 maxlen: 32

Validation:               Failed, certificate revoked on Wed 11 Oct 2023 09:51:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:b7:aa:ad:15:20:70:f0:fb:e1:f9:5b:be:f8:f0:1e:68
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3433ae1c60672c7591a8f97d68f79fb2a5ee8da7
        Validity
            Not Before: Sep 21 12:15:30 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=480606257dc394f03f155c35aac243a5efc8a3ae
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:89:96:78:79:06:74:78:42:e6:4f:86:21:58:
                    ff:eb:8f:b8:4c:a0:77:72:fb:7c:d8:df:66:b6:a5:
                    1b:70:18:96:a1:12:e0:c1:8a:a0:9b:d0:3a:2f:71:
                    59:a5:5c:f1:5d:3a:66:ce:0a:22:f8:35:48:0e:7c:
                    6e:b9:85:7d:bc:55:2e:5f:0a:9f:8c:77:14:ad:be:
                    7f:b8:75:5d:26:dc:3a:6e:40:8c:17:17:57:64:5d:
                    a1:5b:8f:0e:b8:6f:6a:df:ad:0c:1f:c7:a3:52:7b:
                    10:28:ee:08:84:05:a2:e2:ea:fd:e9:2f:b0:fe:f7:
                    92:47:84:75:46:02:1a:45:10:36:e7:1f:a8:f3:34:
                    83:20:42:ad:5a:a0:99:38:8e:c4:93:7e:e5:ed:03:
                    53:5d:ce:e0:0c:7b:19:6d:7b:91:4d:84:e7:83:71:
                    73:cf:2e:f5:90:fa:c2:6e:ee:f8:e6:b9:16:9d:cc:
                    67:5d:a5:0e:cc:35:84:53:c3:65:f6:4c:9a:63:2b:
                    b2:6a:78:0d:47:96:4e:35:4a:ec:76:c3:4e:f5:fc:
                    3a:a9:ab:5f:ea:09:f3:de:f2:ff:46:1f:19:8d:0f:
                    fd:58:67:f1:ea:f5:d3:dd:84:14:23:13:33:c4:68:
                    9c:7f:5c:25:0c:8a:ec:6f:e5:a1:5e:47:31:de:f7:
                    6b:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:06:06:25:7D:C3:94:F0:3F:15:5C:35:AA:C2:43:A5:EF:C8:A3:AE
            X509v3 Authority Key Identifier:
                keyid:34:33:AE:1C:60:67:2C:75:91:A8:F9:7D:68:F7:9F:B2:A5:EE:8D:A7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NDOuHGBnLHWRqPl9aPefsqXujac.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/9ca446-fc5c-4746-b26f-30ce83701b39/1/SAYGJX3DlPA_FVw1qsJDpe_Io64.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/9ca446-fc5c-4746-b26f-30ce83701b39/1/NDOuHGBnLHWRqPl9aPefsqXujac.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.199.164.0/22

    Signature Algorithm: sha256WithRSAEncryption
         0b:c3:2e:95:cb:a1:ef:07:2f:b7:4e:8d:9c:73:a1:b6:1e:b8:
         a5:e3:95:c5:5a:57:5d:76:1e:05:e5:35:c5:09:c8:b3:0a:5d:
         67:dd:63:9c:f2:27:81:94:ae:2b:7d:e2:66:e1:4c:c6:ea:ab:
         6a:85:7e:96:7b:77:7b:26:88:b9:f3:e1:62:c3:13:1d:6c:dd:
         13:b2:b7:48:17:16:3f:f2:7b:d6:2f:aa:1e:cd:82:13:04:e1:
         e7:f7:ed:27:59:44:47:71:a4:52:bb:4a:6f:78:ea:ea:ff:89:
         34:ce:d3:55:fc:52:a8:a4:c3:38:e5:0b:16:cb:31:8e:92:a9:
         fa:76:92:e0:21:70:e9:f9:24:8a:82:c1:8c:41:32:c2:c2:a7:
         6d:6d:25:c5:47:0e:4d:fd:05:39:a5:6e:c8:e4:e4:91:04:f6:
         48:4b:90:1f:85:0e:e5:38:69:3d:fe:6c:4e:a1:2b:f8:40:3a:
         81:1c:38:82:ae:f5:35:05:69:3f:21:5b:9d:52:b9:40:77:86:
         a0:04:3e:4f:c4:43:a9:94:8a:8a:16:94:2d:b0:f7:09:11:dc:
         c0:ed:f0:cd:38:c1:84:ae:dd:99:39:23:b7:09:d6:ae:32:59:
         8a:1e:90:99:bb:5d:6f:41:f9:36:92:87:04:a9:03:00:d3:63:
         0d:9d:df:32
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYq3qq0VIHDw++H5W7748B5oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0MzNhZTFjNjA2NzJjNzU5MWE4Zjk3ZDY4Zjc5ZmIyYTVl
ZThkYTcwHhcNMjMwOTIxMTIxNTMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODA2MDYyNTdkYzM5NGYwM2YxNTVjMzVhYWMyNDNhNWVmYzhhM2FlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvImWeHkGdHhC5k+GIVj/64+4TKB3
cvt82N9mtqUbcBiWoRLgwYqgm9A6L3FZpVzxXTpmzgoi+DVIDnxuuYV9vFUuXwqf
jHcUrb5/uHVdJtw6bkCMFxdXZF2hW48OuG9q360MH8ejUnsQKO4IhAWi4ur96S+w
/veSR4R1RgIaRRA25x+o8zSDIEKtWqCZOI7Ek37l7QNTXc7gDHsZbXuRTYTng3Fz
zy71kPrCbu745rkWncxnXaUOzDWEU8Nl9kyaYyuyangNR5ZONUrsdsNO9fw6qatf
6gnz3vL/Rh8ZjQ/9WGfx6vXT3YQUIxMzxGicf1wlDIrsb+WhXkcx3vdr7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEgGBiV9w5TwPxVcNarCQ6XvyKOuMB8GA1UdIwQY
MBaAFDQzrhxgZyx1kaj5fWj3n7Kl7o2nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkRPdUhHQm5MSFdScVBsOWFQZWZzcVh1amFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My85Y2E0NDYtZmM1Yy00NzQ2LWIyNmYt
MzBjZTgzNzAxYjM5LzEvU0FZR0pYM0RsUEFfRlZ3MXFzSkRwZV9JbzY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My85Y2E0NDYtZmM1Yy00NzQ2LWIyNmYtMzBjZTgzNzAxYjM5
LzEvTkRPdUhHQm5MSFdScVBsOWFQZWZzcVh1amFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBcekMA0G
CSqGSIb3DQEBCwUAA4IBAQALwy6Vy6HvBy+3To2cc6G2Hril45XFWldddh4F5TXF
CcizCl1n3WOc8ieBlK4rfeJm4UzG6qtqhX6We3d7Joi58+FiwxMdbN0TsrdIFxY/
8nvWL6oezYITBOHn9+0nWURHcaRSu0pveOrq/4k0ztNV/FKopMM45QsWyzGOkqn6
dpLgIXDp+SSKgsGMQTLCwqdtbSXFRw5N/QU5pW7I5OSRBPZIS5AfhQ7lOGk9/mxO
oSv4QDqBHDiCrvU1BWk/IVudUrlAd4agBD5PxEOplIqKFpQtsPcJEdzA7fDNOMGE
rt2ZOSO3CdauMlmKHpCZu11vQfk2kocEqQMA02MNnd8y
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:13 2024 by rpki-client on console-fra.rpki-client.org