Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/8e7e30-c2b8-4591-8cfe-7b8e9d335ca8/1/CI3A7LaYtzlT18iHTRBvM6HdUhs.roa
File:                     CI3A7LaYtzlT18iHTRBvM6HdUhs.roa (raw, json)
Hash identifier:          Xnv5ESdONnOnCIJSxPima488xCsDOxi7eLN8cn+ZfvA=
Subject key identifier:   08:8D:C0:EC:B6:98:B7:39:53:D7:C8:87:4D:10:6F:33:A1:DD:52:1B
Certificate issuer:       /CN=f7742725862b90bda4510a02e804fef3ad1142dc
Certificate serial:       01856CAF4727F49BE2A09096D363B8FD8AF0
Authority key identifier: F7:74:27:25:86:2B:90:BD:A4:51:0A:02:E8:04:FE:F3:AD:11:42:DC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/93QnJYYrkL2kUQoC6AT-860RQtw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/46/8e7e30-c2b8-4591-8cfe-7b8e9d335ca8/1/CI3A7LaYtzlT18iHTRBvM6HdUhs.roa
Signing time:             Sun 01 Jan 2023 09:35:04 +0000
ROA not before:           Sun 01 Jan 2023 09:35:04 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     208671
IP address blocks:        5.32.174.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:29:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:af:47:27:f4:9b:e2:a0:90:96:d3:63:b8:fd:8a:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f7742725862b90bda4510a02e804fef3ad1142dc
        Validity
            Not Before: Jan  1 09:35:04 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=088dc0ecb698b73953d7c8874d106f33a1dd521b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:63:91:3f:37:88:71:ae:01:97:7e:6f:ae:bd:
                    b1:f8:3e:97:f0:f6:14:6f:ab:c2:51:c2:d7:46:c0:
                    0a:3e:5c:da:c1:8f:b3:2e:38:89:ba:8a:29:ed:38:
                    45:41:d5:40:c0:2f:de:ca:66:ca:4c:ed:51:5f:a0:
                    f9:25:0d:b3:d3:79:6f:10:aa:ad:3e:68:de:51:9a:
                    9a:55:b2:69:7a:ad:65:23:5a:a7:3d:fe:1c:5d:03:
                    70:de:c9:6d:f6:81:5c:dd:40:06:b5:40:f9:27:de:
                    2a:1a:91:26:29:39:f1:e9:f9:65:ea:81:91:21:07:
                    b4:28:70:d7:55:b5:56:fb:28:d3:58:31:aa:fc:2e:
                    ef:53:93:92:3d:f3:82:ef:20:e2:7f:9e:c7:d9:b3:
                    d0:ab:09:d6:14:bf:c3:22:55:18:b8:f9:49:88:7e:
                    14:d6:3c:8a:64:8b:fc:8e:f4:a6:8b:87:a3:0a:05:
                    5b:1d:47:c7:9d:db:48:cb:2e:8e:02:0f:62:e7:18:
                    af:d6:cb:90:9e:7a:89:2e:41:2b:e9:06:6a:5f:1d:
                    d4:27:75:e4:ec:c1:a9:a8:c2:f2:3a:55:53:7c:f9:
                    e9:1b:44:f8:1f:68:6e:64:2e:be:45:bb:63:32:8e:
                    cf:46:b1:6b:87:13:fe:1d:11:5e:ef:cf:ff:4e:db:
                    92:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:8D:C0:EC:B6:98:B7:39:53:D7:C8:87:4D:10:6F:33:A1:DD:52:1B
            X509v3 Authority Key Identifier:
                keyid:F7:74:27:25:86:2B:90:BD:A4:51:0A:02:E8:04:FE:F3:AD:11:42:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/93QnJYYrkL2kUQoC6AT-860RQtw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/8e7e30-c2b8-4591-8cfe-7b8e9d335ca8/1/CI3A7LaYtzlT18iHTRBvM6HdUhs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/46/8e7e30-c2b8-4591-8cfe-7b8e9d335ca8/1/93QnJYYrkL2kUQoC6AT-860RQtw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.32.174.0/24

    Signature Algorithm: sha256WithRSAEncryption
         47:d8:bc:25:cf:ba:88:91:51:61:51:e5:12:a8:bd:64:e3:25:
         74:92:ea:7b:4f:c6:15:a1:8e:a4:b1:29:59:cd:06:3e:67:df:
         94:6b:ca:c5:f8:1e:63:dc:42:1a:3d:ed:d7:42:88:a6:36:0f:
         ed:63:c8:32:04:5c:07:2b:20:9e:47:a1:39:0a:90:0e:e5:af:
         4e:60:a1:1b:94:d7:fe:3e:6a:9b:0c:7c:67:df:85:cd:b5:6d:
         75:a2:91:41:59:33:e4:1d:4f:56:4b:89:57:8d:75:fb:26:8d:
         43:9d:1a:1a:0a:72:79:e1:80:a6:39:47:03:1f:22:40:cb:47:
         bb:1c:18:f7:bc:b6:21:3c:d5:78:17:97:2c:c2:26:ce:e3:9f:
         1e:c1:27:d4:03:6a:a7:46:81:05:f5:6a:d5:e6:a2:53:15:4c:
         fe:93:a3:30:ec:f3:5d:7f:fc:e5:a9:70:09:b9:10:38:2a:00:
         52:4a:22:30:21:b4:7b:6c:fa:44:e5:79:87:d5:09:85:4e:db:
         4a:16:0e:c1:c4:89:b7:ea:ef:a8:e5:ae:65:4b:16:13:a5:5e:
         3a:e3:8f:5c:70:31:9e:04:af:a2:77:99:a1:c4:60:f1:54:47:
         57:ae:be:1e:41:24:4a:d9:ea:ee:24:ed:f8:fd:3b:83:cf:56:
         6b:e5:30:62
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsr0cn9JvioJCW02O4/YrwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3NzQyNzI1ODYyYjkwYmRhNDUxMGEwMmU4MDRmZWYzYWQx
MTQyZGMwHhcNMjMwMTAxMDkzNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODhkYzBlY2I2OThiNzM5NTNkN2M4ODc0ZDEwNmYzM2ExZGQ1MjFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnmORPzeIca4Bl35vrr2x+D6X8PYU
b6vCUcLXRsAKPlzawY+zLjiJuoop7ThFQdVAwC/eymbKTO1RX6D5JQ2z03lvEKqt
PmjeUZqaVbJpeq1lI1qnPf4cXQNw3slt9oFc3UAGtUD5J94qGpEmKTnx6fll6oGR
IQe0KHDXVbVW+yjTWDGq/C7vU5OSPfOC7yDif57H2bPQqwnWFL/DIlUYuPlJiH4U
1jyKZIv8jvSmi4ejCgVbHUfHndtIyy6OAg9i5xiv1suQnnqJLkEr6QZqXx3UJ3Xk
7MGpqMLyOlVTfPnpG0T4H2huZC6+RbtjMo7PRrFrhxP+HRFe78//TtuSeQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAiNwOy2mLc5U9fIh00QbzOh3VIbMB8GA1UdIwQY
MBaAFPd0JyWGK5C9pFEKAugE/vOtEULcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTNRbkpZWXJrTDJrVVFvQzZBVC04NjBSUXR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni84ZTdlMzAtYzJiOC00NTkxLThjZmUt
N2I4ZTlkMzM1Y2E4LzEvQ0kzQTdMYVl0emxUMThpSFRSQnZNNkhkVWhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni84ZTdlMzAtYzJiOC00NTkxLThjZmUtN2I4ZTlkMzM1Y2E4
LzEvOTNRbkpZWXJrTDJrVVFvQzZBVC04NjBSUXR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABSCuMA0G
CSqGSIb3DQEBCwUAA4IBAQBH2Lwlz7qIkVFhUeUSqL1k4yV0kup7T8YVoY6ksSlZ
zQY+Z9+Ua8rF+B5j3EIaPe3XQoimNg/tY8gyBFwHKyCeR6E5CpAO5a9OYKEblNf+
PmqbDHxn34XNtW11opFBWTPkHU9WS4lXjXX7Jo1DnRoaCnJ54YCmOUcDHyJAy0e7
HBj3vLYhPNV4F5cswibO458ewSfUA2qnRoEF9WrV5qJTFUz+k6Mw7PNdf/zlqXAJ
uRA4KgBSSiIwIbR7bPpE5XmH1QmFTttKFg7BxIm36u+o5a5lSxYTpV46449ccDGe
BK+id5mhxGDxVEdXrr4eQSRK2eruJO34/TuDz1Zr5TBi
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:41 2024 by rpki-client on console-fra.rpki-client.org