Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/ea1cff-ae8f-4719-89b3-003a1568bf3f/1/rWrqnD9mwKKle8S9xeTOIyzPAJ0.roa
File:                     rWrqnD9mwKKle8S9xeTOIyzPAJ0.roa (raw, json)
Hash identifier:          AR0nfdiy2RSzOXVn2U/2wK+O/VeEjcw1n5SBSWYtxS8=
Subject key identifier:   AD:6A:EA:9C:3F:66:C0:A2:A5:7B:C4:BD:C5:E4:CE:23:2C:CF:00:9D
Certificate issuer:       /CN=29be02dea0a086e9880f564c86872bbc597cc672
Certificate serial:       01856F14D2AD5963E9603961D7D7E71A0106
Authority key identifier: 29:BE:02:DE:A0:A0:86:E9:88:0F:56:4C:86:87:2B:BC:59:7C:C6:72
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Kb4C3qCghumID1ZMhocrvFl8xnI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4a/ea1cff-ae8f-4719-89b3-003a1568bf3f/1/rWrqnD9mwKKle8S9xeTOIyzPAJ0.roa
Signing time:             Sun 01 Jan 2023 20:45:13 +0000
ROA not before:           Sun 01 Jan 2023 20:45:13 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     209447
IP address blocks:        5.253.168.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:30:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:14:d2:ad:59:63:e9:60:39:61:d7:d7:e7:1a:01:06
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=29be02dea0a086e9880f564c86872bbc597cc672
        Validity
            Not Before: Jan  1 20:45:13 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ad6aea9c3f66c0a2a57bc4bdc5e4ce232ccf009d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:14:92:a9:2c:fa:fd:ac:a9:28:29:2b:5e:21:
                    57:a8:91:33:b2:63:cf:1b:9a:75:59:a3:09:5a:86:
                    73:d5:f5:13:42:0f:30:74:dc:a9:d2:85:16:69:7a:
                    88:d0:e4:be:4c:7c:33:dd:c1:2a:85:e3:07:51:01:
                    46:3d:44:2a:58:f9:d9:e3:fe:27:e6:22:0a:5a:d2:
                    fc:89:38:4e:dc:8e:98:48:46:6d:3f:b7:5f:1d:61:
                    50:ce:7d:60:94:5e:2e:5e:7a:59:ff:2c:d0:9d:a1:
                    15:80:d4:59:7b:85:68:c0:66:7f:73:96:b5:3d:ff:
                    af:7c:15:61:65:8f:82:03:09:fc:42:cd:16:a2:54:
                    1c:e4:89:d2:88:39:99:52:f5:2d:ee:be:70:de:28:
                    f3:c3:fd:c1:c5:d3:fa:35:8f:49:76:4e:1f:ac:be:
                    d8:a1:7a:2d:a5:96:bd:7e:56:b2:1a:b9:f4:ce:4c:
                    a4:f7:ee:56:6f:ba:f5:5d:fa:f7:bd:8b:21:17:a5:
                    a7:c2:eb:12:06:d2:29:66:e1:3d:11:0a:2f:17:32:
                    7f:b6:c9:e7:d0:30:03:f0:f7:03:0c:29:3b:e4:fa:
                    fc:06:43:21:3d:7d:d1:04:4a:58:2f:12:26:3b:0b:
                    13:7d:8e:09:ff:cc:52:2e:d5:b7:64:ef:4f:2c:ba:
                    f5:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:6A:EA:9C:3F:66:C0:A2:A5:7B:C4:BD:C5:E4:CE:23:2C:CF:00:9D
            X509v3 Authority Key Identifier:
                keyid:29:BE:02:DE:A0:A0:86:E9:88:0F:56:4C:86:87:2B:BC:59:7C:C6:72

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kb4C3qCghumID1ZMhocrvFl8xnI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/ea1cff-ae8f-4719-89b3-003a1568bf3f/1/rWrqnD9mwKKle8S9xeTOIyzPAJ0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/ea1cff-ae8f-4719-89b3-003a1568bf3f/1/Kb4C3qCghumID1ZMhocrvFl8xnI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.253.168.0/22

    Signature Algorithm: sha256WithRSAEncryption
         53:f4:c7:3d:33:ca:e4:63:95:01:99:d7:2a:8e:19:06:22:89:
         44:c0:b1:80:82:18:8a:16:f1:9e:ac:81:33:4c:dd:74:b2:4b:
         4d:7d:02:8b:27:0b:22:6a:b3:78:a5:ca:09:97:a7:47:24:48:
         15:ec:7e:0b:26:2c:38:6e:c4:0d:f1:13:70:db:52:99:e8:d5:
         0e:b6:8e:11:d2:ca:cd:61:c1:32:90:bf:7a:26:df:1f:84:1d:
         d5:0a:f6:1f:d2:b7:7d:8d:cc:3b:c6:ce:af:7a:f0:1c:72:3d:
         fa:96:7e:bb:f8:be:85:69:19:97:d8:b5:1b:30:b7:de:15:00:
         b5:54:49:b9:f3:30:fc:77:9f:9f:f6:99:c7:b2:57:0b:cf:2a:
         ed:78:d6:75:e6:38:47:85:ab:d1:49:b0:5a:5f:3c:cc:3d:d2:
         89:88:e9:4f:b2:16:c2:a8:0d:1a:1d:d9:c4:8c:85:10:4f:71:
         03:eb:00:5b:37:d4:fc:d0:36:42:d3:a2:40:1f:88:fc:15:b3:
         9a:5d:c3:c9:f8:3b:77:b1:17:1d:15:60:b6:65:49:e7:ec:18:
         69:16:b3:ef:b1:0e:fd:9b:28:dc:8c:19:f5:a2:85:63:b1:26:
         15:fa:18:e1:9f:5a:67:f6:65:74:12:fd:02:1a:dd:31:74:c5:
         fd:dd:fc:9c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvFNKtWWPpYDlh19fnGgEGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5YmUwMmRlYTBhMDg2ZTk4ODBmNTY0Yzg2ODcyYmJjNTk3
Y2M2NzIwHhcNMjMwMTAxMjA0NTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDZhZWE5YzNmNjZjMGEyYTU3YmM0YmRjNWU0Y2UyMzJjY2YwMDlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAihSSqSz6/aypKCkrXiFXqJEzsmPP
G5p1WaMJWoZz1fUTQg8wdNyp0oUWaXqI0OS+THwz3cEqheMHUQFGPUQqWPnZ4/4n
5iIKWtL8iThO3I6YSEZtP7dfHWFQzn1glF4uXnpZ/yzQnaEVgNRZe4VowGZ/c5a1
Pf+vfBVhZY+CAwn8Qs0WolQc5InSiDmZUvUt7r5w3ijzw/3BxdP6NY9Jdk4frL7Y
oXotpZa9flayGrn0zkyk9+5Wb7r1Xfr3vYshF6WnwusSBtIpZuE9EQovFzJ/tsnn
0DAD8PcDDCk75Pr8BkMhPX3RBEpYLxImOwsTfY4J/8xSLtW3ZO9PLLr1nQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK1q6pw/ZsCipXvEvcXkziMszwCdMB8GA1UdIwQY
MBaAFCm+At6goIbpiA9WTIaHK7xZfMZyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2I0QzNxQ2dodW1JRDFaTWhvY3J2Rmw4eG5JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9lYTFjZmYtYWU4Zi00NzE5LTg5YjMt
MDAzYTE1NjhiZjNmLzEvcldycW5EOW13S0tsZThTOXhlVE9JeXpQQUowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS9lYTFjZmYtYWU4Zi00NzE5LTg5YjMtMDAzYTE1NjhiZjNm
LzEvS2I0QzNxQ2dodW1JRDFaTWhvY3J2Rmw4eG5JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBf2oMA0G
CSqGSIb3DQEBCwUAA4IBAQBT9Mc9M8rkY5UBmdcqjhkGIolEwLGAghiKFvGerIEz
TN10sktNfQKLJwsiarN4pcoJl6dHJEgV7H4LJiw4bsQN8RNw21KZ6NUOto4R0srN
YcEykL96Jt8fhB3VCvYf0rd9jcw7xs6vevAccj36ln67+L6FaRmX2LUbMLfeFQC1
VEm58zD8d5+f9pnHslcLzyrteNZ15jhHhavRSbBaXzzMPdKJiOlPshbCqA0aHdnE
jIUQT3ED6wBbN9T80DZC06JAH4j8FbOaXcPJ+Dt3sRcdFWC2ZUnn7BhpFrPvsQ79
myjcjBn1ooVjsSYV+hjhn1pn9mV0Ev0CGt0xdMX93fyc
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:09 2024 by rpki-client on console-ams.rpki-client.org