Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/8d1167-0c4d-488f-9a83-c0177dfda847/1/OBhDsDT1EVPV_QBouDxPzrAdug8.roa
File:                     OBhDsDT1EVPV_QBouDxPzrAdug8.roa (raw, json)
Hash identifier:          zLi002nqO3ERgroK3B5hEDk6aW6qORLU+THAZ/llOVk=
Subject key identifier:   38:18:43:B0:34:F5:11:53:D5:FD:00:68:B8:3C:4F:CE:B0:1D:BA:0F
Certificate issuer:       /CN=374f6f3e3cb973bac8a43f6c0b806b3d11c9adc3
Certificate serial:       018F83FECAEDF53D625E7FDABE547C1EB112
Authority key identifier: 37:4F:6F:3E:3C:B9:73:BA:C8:A4:3F:6C:0B:80:6B:3D:11:C9:AD:C3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/N09vPjy5c7rIpD9sC4BrPRHJrcM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4f/8d1167-0c4d-488f-9a83-c0177dfda847/1/OBhDsDT1EVPV_QBouDxPzrAdug8.roa
Signing time:             Fri 17 May 2024 00:41:04 +0000
ROA not before:           Fri 17 May 2024 00:41:04 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     210392
IP address blocks:        5.22.202.0/24 maxlen: 24
                          5.22.203.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 17 May 2024 07:19:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:83:fe:ca:ed:f5:3d:62:5e:7f:da:be:54:7c:1e:b1:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=374f6f3e3cb973bac8a43f6c0b806b3d11c9adc3
        Validity
            Not Before: May 17 00:41:04 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=381843b034f51153d5fd0068b83c4fceb01dba0f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:e7:06:5b:69:a9:47:e6:98:28:1a:75:2a:20:
                    d9:b8:84:dd:1d:42:05:a3:e4:bb:e3:78:b1:bb:2e:
                    d4:b0:2b:0a:cf:4f:2f:78:9a:71:cb:ed:cf:c7:62:
                    68:f8:2d:69:fb:63:ea:2f:15:01:f9:26:a2:d8:82:
                    6a:4f:28:77:b2:d3:56:00:d8:ef:c4:71:4a:8e:a0:
                    77:ba:ad:c0:b8:11:52:f8:be:0c:c3:72:b0:1b:52:
                    94:e0:ce:c3:a8:9b:12:f4:55:60:9c:4b:97:38:2d:
                    9e:fa:e0:f0:04:e5:e1:64:d0:f7:69:fd:06:e8:3e:
                    bc:c5:aa:c5:86:fc:5d:37:45:49:dd:24:cd:1b:9e:
                    25:d8:7d:a6:c9:08:0a:40:69:ed:c2:d7:7c:01:f5:
                    55:8f:bc:ed:f3:1c:83:f3:0c:40:33:b1:76:b4:8c:
                    c6:a8:ee:32:0d:ab:4e:7e:66:79:1c:9a:6a:cc:bc:
                    84:0a:1a:95:11:38:9c:f2:56:da:97:ac:9f:3f:12:
                    00:4b:e3:6b:1c:55:8d:29:92:73:59:46:99:24:d5:
                    31:96:69:41:72:97:91:4d:f1:3d:63:24:79:0e:59:
                    d1:17:42:c7:ff:c3:3d:46:e5:7a:39:5e:47:85:c5:
                    ab:1e:6f:3e:60:54:28:d8:75:b9:d2:26:33:98:99:
                    c5:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:18:43:B0:34:F5:11:53:D5:FD:00:68:B8:3C:4F:CE:B0:1D:BA:0F
            X509v3 Authority Key Identifier:
                keyid:37:4F:6F:3E:3C:B9:73:BA:C8:A4:3F:6C:0B:80:6B:3D:11:C9:AD:C3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N09vPjy5c7rIpD9sC4BrPRHJrcM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/8d1167-0c4d-488f-9a83-c0177dfda847/1/OBhDsDT1EVPV_QBouDxPzrAdug8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/8d1167-0c4d-488f-9a83-c0177dfda847/1/N09vPjy5c7rIpD9sC4BrPRHJrcM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.22.202.0/23

    Signature Algorithm: sha256WithRSAEncryption
         a2:77:73:17:63:ca:4f:b8:d4:2a:3e:62:bb:03:8e:41:e0:ec:
         6c:d9:34:59:d5:2d:8d:d5:c4:b1:d4:9e:e7:5e:ef:3c:ed:24:
         eb:b6:cc:b8:f6:42:da:74:db:5b:c3:d1:65:f5:2a:69:8b:c5:
         fd:af:93:51:73:07:43:e4:db:42:2f:39:de:e9:fb:8a:ae:37:
         87:fb:59:8e:b3:e2:94:7c:29:df:90:43:cc:62:da:2f:94:28:
         c6:14:57:f4:26:e6:41:9d:0e:6e:11:f6:22:85:e4:e7:7e:de:
         3a:2b:80:51:43:46:bd:62:57:17:af:8a:7f:19:67:a4:cb:0f:
         39:c7:0b:0a:68:36:38:5c:80:08:af:ac:00:33:90:4a:7c:e9:
         30:4a:d1:75:2d:0c:bb:36:b8:28:13:5c:d1:48:14:b6:08:ea:
         53:e1:aa:2d:ee:91:06:c8:a9:17:68:e2:6b:f5:8e:aa:0f:09:
         77:f7:83:eb:03:86:2c:14:31:e4:00:b3:43:7e:bd:9b:3c:44:
         ad:b4:37:12:0d:d9:41:5d:ad:a5:fb:6a:ae:73:f6:00:83:b4:
         78:06:ac:ab:43:ab:8e:d7:f8:c2:d4:35:5a:f9:50:66:9b:39:
         82:87:cc:c1:f6:82:81:52:49:08:0c:8f:03:f3:26:16:d8:32:
         d7:5f:1b:6f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY+D/srt9T1iXn/avlR8HrESMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3NGY2ZjNlM2NiOTczYmFjOGE0M2Y2YzBiODA2YjNkMTFj
OWFkYzMwHhcNMjQwNTE3MDA0MTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODE4NDNiMDM0ZjUxMTUzZDVmZDAwNjhiODNjNGZjZWIwMWRiYTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1OcGW2mpR+aYKBp1KiDZuITdHUIF
o+S743ixuy7UsCsKz08veJpxy+3Px2Jo+C1p+2PqLxUB+Sai2IJqTyh3stNWANjv
xHFKjqB3uq3AuBFS+L4Mw3KwG1KU4M7DqJsS9FVgnEuXOC2e+uDwBOXhZND3af0G
6D68xarFhvxdN0VJ3STNG54l2H2myQgKQGntwtd8AfVVj7zt8xyD8wxAM7F2tIzG
qO4yDatOfmZ5HJpqzLyEChqVETic8lbal6yfPxIAS+NrHFWNKZJzWUaZJNUxlmlB
cpeRTfE9YyR5DlnRF0LH/8M9RuV6OV5HhcWrHm8+YFQo2HW50iYzmJnFjwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDgYQ7A09RFT1f0AaLg8T86wHboPMB8GA1UdIwQY
MBaAFDdPbz48uXO6yKQ/bAuAaz0Rya3DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjA5dlBqeTVjN3JJcEQ5c0M0QnJQUkhKcmNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi84ZDExNjctMGM0ZC00ODhmLTlhODMt
YzAxNzdkZmRhODQ3LzEvT0JoRHNEVDFFVlBWX1FCb3VEeFB6ckFkdWc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi84ZDExNjctMGM0ZC00ODhmLTlhODMtYzAxNzdkZmRhODQ3
LzEvTjA5dlBqeTVjN3JJcEQ5c0M0QnJQUkhKcmNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBBRbKMA0G
CSqGSIb3DQEBCwUAA4IBAQCid3MXY8pPuNQqPmK7A45B4Oxs2TRZ1S2N1cSx1J7n
Xu887STrtsy49kLadNtbw9Fl9Sppi8X9r5NRcwdD5NtCLzne6fuKrjeH+1mOs+KU
fCnfkEPMYtovlCjGFFf0JuZBnQ5uEfYiheTnft46K4BRQ0a9YlcXr4p/GWekyw85
xwsKaDY4XIAIr6wAM5BKfOkwStF1LQy7NrgoE1zRSBS2COpT4aot7pEGyKkXaOJr
9Y6qDwl394PrA4YsFDHkALNDfr2bPESttDcSDdlBXa2l+2quc/YAg7R4BqyrQ6uO
1/jC1DVa+VBmmzmCh8zB9oKBUkkIDI8D8yYW2DLXXxtv
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:02 2024 by rpki-client on console-fra.rpki-client.org