Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/dSbfmP50O5uwaZSVdgqt0yhnLs8.roa
File:                     dSbfmP50O5uwaZSVdgqt0yhnLs8.roa (raw, json)
Hash identifier:          PGec4DJsS7bOu29F66S5A2+RpG/DfqGkucJTsjMaArs=
Subject key identifier:   75:26:DF:98:FE:74:3B:9B:B0:69:94:95:76:0A:AD:D3:28:67:2E:CF
Certificate issuer:       /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Certificate serial:       018571F108DDD1D84EBF23CEC5ED6601A76A
Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/dSbfmP50O5uwaZSVdgqt0yhnLs8.roa
Signing time:             Mon 02 Jan 2023 10:04:58 +0000
ROA not before:           Mon 02 Jan 2023 10:04:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     206124
IP address blocks:        5.154.103.0/24 maxlen: 24
                          5.154.102.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:32:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:f1:08:dd:d1:d8:4e:bf:23:ce:c5:ed:66:01:a7:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
        Validity
            Not Before: Jan  2 10:04:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7526df98fe743b9bb0699495760aadd328672ecf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:ea:d6:e2:ec:89:7d:39:a9:4d:1e:57:36:d0:
                    00:3d:75:86:23:3e:3e:48:0c:b0:96:e0:cb:9a:a6:
                    a9:bd:7f:31:cc:60:26:98:4d:9e:39:bb:2d:c1:93:
                    56:ca:3e:2e:d3:c0:6e:a9:15:f5:52:77:7b:3c:cd:
                    94:92:3a:3b:55:e9:05:7e:73:ed:a1:67:79:e8:a2:
                    4e:f2:e9:d6:1d:90:42:07:b2:b8:09:0d:90:d9:8f:
                    40:c0:b2:c1:b6:86:b7:59:89:06:d5:24:1a:b8:30:
                    84:7b:8b:05:b5:2e:23:33:81:dc:df:36:17:e6:a1:
                    43:20:15:e5:84:1c:4b:08:bb:e2:56:fe:cb:a3:ee:
                    f3:bc:58:92:08:a6:fa:30:66:86:56:26:ff:f6:c7:
                    bd:12:98:12:41:47:6b:26:74:50:a8:bd:0a:5c:d9:
                    b7:d7:bc:88:cd:51:22:50:9a:ca:16:ef:78:24:9c:
                    06:d3:e0:34:0b:31:43:96:31:22:5f:57:10:84:e9:
                    c7:85:85:d2:35:5e:1e:b4:09:c6:39:ee:76:c7:59:
                    22:6c:65:93:44:92:d5:09:05:75:fb:65:b6:9e:15:
                    e3:d3:38:43:d9:1e:ec:3a:cd:20:a1:28:bb:78:15:
                    61:b1:ce:cb:03:26:1d:97:54:8a:85:6f:75:8d:e8:
                    2d:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:26:DF:98:FE:74:3B:9B:B0:69:94:95:76:0A:AD:D3:28:67:2E:CF
            X509v3 Authority Key Identifier:
                keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/dSbfmP50O5uwaZSVdgqt0yhnLs8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.154.102.0/23

    Signature Algorithm: sha256WithRSAEncryption
         af:db:51:8c:47:44:50:e3:d2:a3:9d:b7:30:33:77:4e:60:18:
         40:7e:08:78:ed:02:38:9a:17:11:e3:1b:10:ed:8d:b9:e6:4a:
         37:40:a5:1e:84:d1:49:80:08:1b:51:06:30:e6:0b:0f:be:80:
         71:31:b3:4e:45:3b:48:c8:cd:69:65:0c:78:89:21:2f:aa:f5:
         b8:dd:03:aa:4b:7e:21:d0:78:ba:86:f2:1e:02:24:b8:11:96:
         1e:5b:b3:c3:52:12:25:38:26:ec:9a:a5:19:fb:74:fa:77:43:
         32:25:ef:35:93:1e:b5:b6:bb:c6:0f:c2:fd:e5:41:0b:fa:cc:
         30:7a:d0:b2:03:af:aa:4b:9a:5e:4a:12:ab:ca:39:b3:79:c3:
         ba:90:7c:5b:5d:6b:2f:ec:c6:6e:1a:55:e6:5f:16:fe:fe:1b:
         00:f6:cf:79:bb:4b:8b:f7:35:4e:6c:05:95:6a:2f:72:b8:c7:
         95:17:15:8c:06:43:28:83:13:17:74:16:15:a5:ac:0d:fb:e8:
         5d:57:09:eb:bf:8b:53:18:ed:5a:7e:08:b2:d5:b6:6a:4b:90:
         2d:d4:46:e6:77:99:2b:a6:3f:81:a3:c6:fb:5b:fa:3d:b2:17:
         9e:89:f5:12:1f:4e:8f:1e:24:16:66:ea:ea:57:05:66:99:85:
         40:cd:60:2a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVx8Qjd0dhOvyPOxe1mAadqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYWYxN2IwMDE1ZGJiN2NkOTkyZjI2Y2RmZjAxYzRlMjYy
MGI3M2UwHhcNMjMwMTAyMTAwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTI2ZGY5OGZlNzQzYjliYjA2OTk0OTU3NjBhYWRkMzI4NjcyZWNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr+rW4uyJfTmpTR5XNtAAPXWGIz4+
SAywluDLmqapvX8xzGAmmE2eObstwZNWyj4u08BuqRX1Und7PM2Ukjo7VekFfnPt
oWd56KJO8unWHZBCB7K4CQ2Q2Y9AwLLBtoa3WYkG1SQauDCEe4sFtS4jM4Hc3zYX
5qFDIBXlhBxLCLviVv7Lo+7zvFiSCKb6MGaGVib/9se9EpgSQUdrJnRQqL0KXNm3
17yIzVEiUJrKFu94JJwG0+A0CzFDljEiX1cQhOnHhYXSNV4etAnGOe52x1kibGWT
RJLVCQV1+2W2nhXj0zhD2R7sOs0goSi7eBVhsc7LAyYdl1SKhW91jegtDQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHUm35j+dDubsGmUlXYKrdMoZy7PMB8GA1UdIwQY
MBaAFNqvF7ABXbt82ZLybN/wHE4mILc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAt
Y2YwNmQxOTgzYmExLzEvZFNiZm1QNTBPNXV3YVpTVmRncXQweWhuTHM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAtY2YwNmQxOTgzYmEx
LzEvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBBZpmMA0G
CSqGSIb3DQEBCwUAA4IBAQCv21GMR0RQ49KjnbcwM3dOYBhAfgh47QI4mhcR4xsQ
7Y255ko3QKUehNFJgAgbUQYw5gsPvoBxMbNORTtIyM1pZQx4iSEvqvW43QOqS34h
0Hi6hvIeAiS4EZYeW7PDUhIlOCbsmqUZ+3T6d0MyJe81kx61trvGD8L95UEL+sww
etCyA6+qS5peShKryjmzecO6kHxbXWsv7MZuGlXmXxb+/hsA9s95u0uL9zVObAWV
ai9yuMeVFxWMBkMogxMXdBYVpawN++hdVwnrv4tTGO1afgiy1bZqS5At1Ebmd5kr
pj+Bo8b7W/o9sheeifUSH06PHiQWZurqVwVmmYVAzWAq
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:01 2024 by rpki-client on console-ams.rpki-client.org