Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/a6def1-f425-49a5-aaaf-07cbeddd6418/1/1KDiu18aeE_wcwvK2OMqDJpcwhk.roa
File:                     1KDiu18aeE_wcwvK2OMqDJpcwhk.roa (raw, json)
Hash identifier:          9s710YdQnKbW7SpcNv7wvRr1JSFRS8XNkWi2ROnXWZw=
Subject key identifier:   D4:A0:E2:BB:5F:1A:78:4F:F0:73:0B:CA:D8:E3:2A:0C:9A:5C:C2:19
Certificate issuer:       /CN=284e5eb112e13a42703dbb387ba577a2e793ac3a
Certificate serial:       01856D38705B3F0CF80A823ABC41A18C66D3
Authority key identifier: 28:4E:5E:B1:12:E1:3A:42:70:3D:BB:38:7B:A5:77:A2:E7:93:AC:3A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KE5esRLhOkJwPbs4e6V3oueTrDo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/47/a6def1-f425-49a5-aaaf-07cbeddd6418/1/1KDiu18aeE_wcwvK2OMqDJpcwhk.roa
Signing time:             Sun 01 Jan 2023 12:04:53 +0000
ROA not before:           Sun 01 Jan 2023 12:04:53 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     60475
IP address blocks:        5.253.196.0/24 maxlen: 24
                          5.253.196.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:29:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:38:70:5b:3f:0c:f8:0a:82:3a:bc:41:a1:8c:66:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=284e5eb112e13a42703dbb387ba577a2e793ac3a
        Validity
            Not Before: Jan  1 12:04:53 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d4a0e2bb5f1a784ff0730bcad8e32a0c9a5cc219
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:74:01:89:98:6e:30:f4:c9:26:f5:8e:96:08:
                    49:2e:a6:7e:c6:cd:70:20:96:65:c6:cb:ce:dc:92:
                    d5:77:4b:78:8d:7f:48:79:8c:d9:e8:0e:80:7d:2e:
                    f0:c3:c6:0f:74:ca:47:c9:70:74:86:f6:01:a2:62:
                    6b:ec:f8:75:78:c3:b6:6e:e0:b7:cd:e3:46:45:56:
                    06:df:a8:b9:88:e5:23:53:a2:ec:b1:6d:f4:e2:7c:
                    7c:43:b8:c9:54:6d:2c:b6:da:3f:8e:4b:64:8b:ff:
                    a7:84:87:0c:db:28:a3:7f:30:22:13:34:4d:92:cb:
                    9c:85:01:fb:33:77:28:d6:e4:f7:bc:a9:97:e8:a3:
                    d1:2a:1a:33:43:4e:f0:ea:9a:2d:06:5d:a8:e0:de:
                    47:7a:34:de:a8:3e:37:56:4a:b3:48:ef:08:e5:91:
                    7b:ff:73:8b:e9:ac:d6:ad:0a:27:51:06:66:8a:d6:
                    83:89:37:4b:3b:52:f3:f6:0f:b4:87:d2:92:90:b1:
                    1d:06:12:dc:16:e9:93:20:9a:ae:23:7e:66:27:ff:
                    fb:ac:89:74:69:51:38:28:38:b6:ba:ff:51:3f:7c:
                    8e:3b:5c:5a:46:d7:ef:80:75:47:f4:31:05:39:a6:
                    25:62:33:15:32:ae:16:27:99:39:e5:51:3e:68:57:
                    fd:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:A0:E2:BB:5F:1A:78:4F:F0:73:0B:CA:D8:E3:2A:0C:9A:5C:C2:19
            X509v3 Authority Key Identifier:
                keyid:28:4E:5E:B1:12:E1:3A:42:70:3D:BB:38:7B:A5:77:A2:E7:93:AC:3A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KE5esRLhOkJwPbs4e6V3oueTrDo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/a6def1-f425-49a5-aaaf-07cbeddd6418/1/1KDiu18aeE_wcwvK2OMqDJpcwhk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/47/a6def1-f425-49a5-aaaf-07cbeddd6418/1/KE5esRLhOkJwPbs4e6V3oueTrDo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.253.196.0/22

    Signature Algorithm: sha256WithRSAEncryption
         3b:d7:37:88:c8:35:ce:46:a6:7f:d2:ec:9b:39:4e:b1:84:d2:
         d2:27:ce:ab:e7:92:cd:46:33:ca:ca:70:95:5c:b9:2c:f2:48:
         74:87:61:fd:8d:87:67:6b:fa:63:1b:0a:8a:57:e9:97:fa:92:
         df:04:0e:71:71:96:bf:19:ba:cb:f2:9b:02:66:05:b9:31:01:
         e8:74:c3:22:2e:43:c4:ef:cb:d9:9b:69:3b:c5:43:6f:15:86:
         f5:2b:2a:99:a5:7c:79:38:f0:e5:9b:f5:72:8f:8d:fa:48:b4:
         57:8e:f1:f8:35:b6:53:73:6c:5c:39:03:26:90:8e:f6:dc:bc:
         5b:7a:4a:37:3c:0d:de:5e:c5:2b:c5:dd:ce:c5:66:fe:1a:95:
         7e:64:f0:41:56:6b:1b:52:d7:f0:fa:30:0a:99:50:62:ec:6f:
         e9:f3:df:51:da:b6:8e:c8:b3:d2:17:c7:48:17:f6:18:d9:3f:
         bb:e9:dc:18:4d:96:fb:80:d2:6d:7c:29:71:8d:ac:81:ad:4c:
         1f:d0:ad:af:50:9f:d9:26:1f:66:8d:db:7c:b7:22:3c:12:e4:
         0f:e7:2c:58:e9:79:80:fa:57:99:a6:98:45:96:2c:f6:2a:a0:
         0a:20:8c:8e:bc:d1:61:1b:c0:8b:00:c7:1f:d0:a2:53:c7:40:
         63:55:04:b0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtOHBbPwz4CoI6vEGhjGbTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4NGU1ZWIxMTJlMTNhNDI3MDNkYmIzODdiYTU3N2EyZTc5
M2FjM2EwHhcNMjMwMTAxMTIwNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGEwZTJiYjVmMWE3ODRmZjA3MzBiY2FkOGUzMmEwYzlhNWNjMjE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwnQBiZhuMPTJJvWOlghJLqZ+xs1w
IJZlxsvO3JLVd0t4jX9IeYzZ6A6AfS7ww8YPdMpHyXB0hvYBomJr7Ph1eMO2buC3
zeNGRVYG36i5iOUjU6LssW304nx8Q7jJVG0stto/jktki/+nhIcM2yijfzAiEzRN
ksuchQH7M3co1uT3vKmX6KPRKhozQ07w6potBl2o4N5HejTeqD43VkqzSO8I5ZF7
/3OL6azWrQonUQZmitaDiTdLO1Lz9g+0h9KSkLEdBhLcFumTIJquI35mJ//7rIl0
aVE4KDi2uv9RP3yOO1xaRtfvgHVH9DEFOaYlYjMVMq4WJ5k55VE+aFf99wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNSg4rtfGnhP8HMLytjjKgyaXMIZMB8GA1UdIwQY
MBaAFChOXrES4TpCcD27OHuld6Lnk6w6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0U1ZXNSTGhPa0p3UGJzNGU2VjNvdWVUckRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hNmRlZjEtZjQyNS00OWE1LWFhYWYt
MDdjYmVkZGQ2NDE4LzEvMUtEaXUxOGFlRV93Y3d2SzJPTXFESnBjd2hrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hNmRlZjEtZjQyNS00OWE1LWFhYWYtMDdjYmVkZGQ2NDE4
LzEvS0U1ZXNSTGhPa0p3UGJzNGU2VjNvdWVUckRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBf3EMA0G
CSqGSIb3DQEBCwUAA4IBAQA71zeIyDXORqZ/0uybOU6xhNLSJ86r55LNRjPKynCV
XLks8kh0h2H9jYdna/pjGwqKV+mX+pLfBA5xcZa/GbrL8psCZgW5MQHodMMiLkPE
78vZm2k7xUNvFYb1KyqZpXx5OPDlm/Vyj436SLRXjvH4NbZTc2xcOQMmkI723Lxb
eko3PA3eXsUrxd3OxWb+GpV+ZPBBVmsbUtfw+jAKmVBi7G/p899R2raOyLPSF8dI
F/YY2T+76dwYTZb7gNJtfClxjayBrUwf0K2vUJ/ZJh9mjdt8tyI8EuQP5yxY6XmA
+leZpphFliz2KqAKIIyOvNFhG8CLAMcf0KJTx0BjVQSw
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:49 2024 by rpki-client on console-fra.rpki-client.org