Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/86fb46-d712-4602-9cce-3aa7daa9d3ec/1/KAMQjxPSIEE25-Dlrmi-pIVb1HY.roa
File:                     KAMQjxPSIEE25-Dlrmi-pIVb1HY.roa (raw, json)
Hash identifier:          ofe0Ih5nIkl3CMmjGTLqVXr17icGQYR4fUHBrmMioI8=
Subject key identifier:   28:03:10:8F:13:D2:20:41:36:E7:E0:E5:AE:68:BE:A4:85:5B:D4:76
Certificate issuer:       /CN=5c892aed3833e6100f5e0cf12271fd80b755c361
Certificate serial:       018CC8018B7A5977C6757EA050C5365EA1B8
Authority key identifier: 5C:89:2A:ED:38:33:E6:10:0F:5E:0C:F1:22:71:FD:80:B7:55:C3:61
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XIkq7Tgz5hAPXgzxInH9gLdVw2E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5f/86fb46-d712-4602-9cce-3aa7daa9d3ec/1/KAMQjxPSIEE25-Dlrmi-pIVb1HY.roa
Signing time:             Tue 02 Jan 2024 02:29:53 +0000
ROA not before:           Tue 02 Jan 2024 02:29:53 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     61112
IP address blocks:        103.75.70.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 08 Apr 2024 07:34:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:01:8b:7a:59:77:c6:75:7e:a0:50:c5:36:5e:a1:b8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5c892aed3833e6100f5e0cf12271fd80b755c361
        Validity
            Not Before: Jan  2 02:29:53 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=2803108f13d2204136e7e0e5ae68bea4855bd476
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:a4:3a:d6:a0:05:ec:df:a1:00:f8:36:fe:92:
                    2f:7a:57:10:f9:0a:16:13:be:b6:a2:22:f0:1b:f3:
                    bd:7f:7c:b4:1a:94:b6:41:95:bd:82:b0:47:da:29:
                    6a:d2:02:67:80:00:d0:0c:15:17:55:46:49:0a:40:
                    24:4c:a5:ec:32:b9:28:bf:c7:42:4b:5b:22:3d:28:
                    a1:c7:6f:9c:e9:de:66:a2:1c:5a:28:03:62:46:3f:
                    26:93:09:de:3d:d3:44:50:92:62:34:20:e9:25:bb:
                    e7:6e:ed:b6:5f:86:0f:63:cb:97:17:45:5c:b9:bb:
                    95:f3:fa:6f:89:16:ff:79:64:c4:46:ed:2c:44:7c:
                    6f:3f:1f:9d:f4:8c:d4:49:b4:90:fb:f6:4c:fd:27:
                    84:15:35:42:b1:be:71:f6:34:f0:fe:df:8d:9c:de:
                    9c:ff:d6:f6:e4:5f:e4:50:54:dd:88:b3:df:c1:e3:
                    46:44:32:22:29:79:09:6c:f3:a1:7d:3c:57:cb:99:
                    f1:d9:5d:55:07:af:7d:02:53:8e:ca:f4:97:d1:06:
                    82:21:fb:ae:ca:7a:ec:fb:97:ce:9f:05:ce:6e:6c:
                    19:47:03:2f:52:90:e1:c1:6e:ef:e9:ec:75:4f:db:
                    83:68:da:ca:cf:8b:a2:4b:c7:2d:68:29:17:ed:1c:
                    c6:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:03:10:8F:13:D2:20:41:36:E7:E0:E5:AE:68:BE:A4:85:5B:D4:76
            X509v3 Authority Key Identifier:
                keyid:5C:89:2A:ED:38:33:E6:10:0F:5E:0C:F1:22:71:FD:80:B7:55:C3:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XIkq7Tgz5hAPXgzxInH9gLdVw2E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/86fb46-d712-4602-9cce-3aa7daa9d3ec/1/KAMQjxPSIEE25-Dlrmi-pIVb1HY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/86fb46-d712-4602-9cce-3aa7daa9d3ec/1/XIkq7Tgz5hAPXgzxInH9gLdVw2E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.75.70.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b7:7b:0e:32:16:14:38:fc:f5:be:48:3e:bd:08:2b:44:09:00:
         24:93:71:ba:62:bb:00:57:58:63:c8:36:98:52:85:08:8a:e9:
         61:02:94:09:aa:34:d7:3b:7b:42:a2:c0:18:74:d1:b9:04:3f:
         0d:b2:b6:dc:17:b6:cd:7d:a8:c8:74:fa:7e:11:9f:13:cc:87:
         d0:03:49:c3:7c:69:64:d4:58:71:b7:64:73:96:43:d8:e5:3e:
         57:d3:e9:c4:be:df:66:84:d9:ac:33:37:fd:bf:53:c0:37:49:
         54:38:4c:8a:ca:01:9c:ad:57:fe:e4:f5:4e:6c:a9:21:4e:0a:
         14:b6:62:6a:1e:98:8b:eb:5c:6a:a9:07:63:43:ff:9f:53:72:
         a3:15:31:10:ec:2e:82:f8:de:6d:eb:6b:38:7a:01:e7:db:6c:
         e6:2d:76:2b:fc:79:55:24:3d:23:cf:97:89:7b:10:52:79:53:
         c5:3d:b9:cb:9e:31:90:68:78:c4:c4:a4:46:3f:cd:4a:44:47:
         df:d7:a3:b2:3e:f0:7c:35:cd:fd:ce:81:1e:e8:92:e6:16:e5:
         d8:14:68:1d:98:52:6a:69:43:63:7c:eb:db:a8:24:4a:60:00:
         a2:56:55:83:f6:1d:ac:48:23:8a:2c:91:f9:6e:30:c1:1f:db:
         e4:59:d2:bd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIAYt6WXfGdX6gUMU2XqG4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjODkyYWVkMzgzM2U2MTAwZjVlMGNmMTIyNzFmZDgwYjc1
NWMzNjEwHhcNMjQwMTAyMDIyOTUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODAzMTA4ZjEzZDIyMDQxMzZlN2UwZTVhZTY4YmVhNDg1NWJkNDc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiKQ61qAF7N+hAPg2/pIvelcQ+QoW
E762oiLwG/O9f3y0GpS2QZW9grBH2ilq0gJngADQDBUXVUZJCkAkTKXsMrkov8dC
S1siPSihx2+c6d5mohxaKANiRj8mkwnePdNEUJJiNCDpJbvnbu22X4YPY8uXF0Vc
ubuV8/pviRb/eWTERu0sRHxvPx+d9IzUSbSQ+/ZM/SeEFTVCsb5x9jTw/t+NnN6c
/9b25F/kUFTdiLPfweNGRDIiKXkJbPOhfTxXy5nx2V1VB699AlOOyvSX0QaCIfuu
ynrs+5fOnwXObmwZRwMvUpDhwW7v6ex1T9uDaNrKz4uiS8ctaCkX7RzGGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCgDEI8T0iBBNufg5a5ovqSFW9R2MB8GA1UdIwQY
MBaAFFyJKu04M+YQD14M8SJx/YC3VcNhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWElrcTdUZ3o1aEFQWGd6eEluSDlnTGRWdzJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi84NmZiNDYtZDcxMi00NjAyLTljY2Ut
M2FhN2RhYTlkM2VjLzEvS0FNUWp4UFNJRUUyNS1EbHJtaS1wSVZiMUhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi84NmZiNDYtZDcxMi00NjAyLTljY2UtM2FhN2RhYTlkM2Vj
LzEvWElrcTdUZ3o1aEFQWGd6eEluSDlnTGRWdzJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ0tGMA0G
CSqGSIb3DQEBCwUAA4IBAQC3ew4yFhQ4/PW+SD69CCtECQAkk3G6YrsAV1hjyDaY
UoUIiulhApQJqjTXO3tCosAYdNG5BD8NsrbcF7bNfajIdPp+EZ8TzIfQA0nDfGlk
1Fhxt2RzlkPY5T5X0+nEvt9mhNmsMzf9v1PAN0lUOEyKygGcrVf+5PVObKkhTgoU
tmJqHpiL61xqqQdjQ/+fU3KjFTEQ7C6C+N5t62s4egHn22zmLXYr/HlVJD0jz5eJ
exBSeVPFPbnLnjGQaHjExKRGP81KREff16OyPvB8Nc39zoEe6JLmFuXYFGgdmFJq
aUNjfOvbqCRKYACiVlWD9h2sSCOKLJH5bjDBH9vkWdK9
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:03 2024 by rpki-client on console-fra.rpki-client.org