Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/5EsMQtgF_r65_uq741BK1vm1q6s.roa
File:                     5EsMQtgF_r65_uq741BK1vm1q6s.roa (raw, json)
Hash identifier:          hCvhbCUfvdTznNYhN1ta3m7YwhyviQRvvFZfsoYNaCA=
Subject key identifier:   E4:4B:0C:42:D8:05:FE:BE:B9:FE:EA:BB:E3:50:4A:D6:F9:B5:AB:AB
Certificate issuer:       /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial:       018CC79414AB4EC8642522E477F0FD0F93E8
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/5EsMQtgF_r65_uq741BK1vm1q6s.roa
Signing time:             Tue 02 Jan 2024 00:30:19 +0000
ROA not before:           Tue 02 Jan 2024 00:30:19 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     8342
IP address blocks:        188.130.200.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Mon 15 Apr 2024 12:18:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c7:94:14:ab:4e:c8:64:25:22:e4:77:f0:fd:0f:93:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
        Validity
            Not Before: Jan  2 00:30:19 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=e44b0c42d805febeb9feeabbe3504ad6f9b5abab
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:7d:4a:db:13:f2:95:51:90:ae:c7:2c:76:10:
                    03:e1:b3:ee:a3:e2:0d:6b:fb:85:42:97:7e:65:5d:
                    1e:48:10:03:73:bb:59:e4:10:3c:48:96:57:ed:4c:
                    52:23:fc:a0:22:89:b4:38:f6:92:11:09:5e:71:40:
                    53:d3:fc:e2:a6:ae:c6:69:f6:e3:dd:64:8a:4f:51:
                    ab:f0:9d:e4:cc:90:6b:51:7f:82:99:18:ea:b9:8b:
                    9b:b1:db:ab:10:d3:23:59:13:08:cc:f2:e0:87:81:
                    61:a6:b5:6e:c1:ad:fb:76:f4:9f:a1:74:cb:f2:fc:
                    10:82:cf:ea:53:f3:02:07:54:aa:54:37:ae:08:b9:
                    e2:61:9b:ef:89:4e:34:1a:60:e0:6e:33:02:2a:06:
                    b9:64:b0:1e:fb:88:e2:e4:aa:88:af:a8:f2:5c:23:
                    37:19:62:b6:db:20:bd:4f:dd:13:de:3a:27:51:d1:
                    28:3c:40:45:ec:76:fd:79:8b:2c:43:f2:2c:29:7a:
                    86:ac:30:47:97:54:8d:82:af:da:9a:23:4d:ba:c8:
                    98:cd:f3:62:0d:ff:de:03:56:9e:64:2a:36:be:44:
                    cb:0c:34:5d:b9:24:35:aa:3e:06:6c:5c:0d:84:a1:
                    0d:7d:4b:ad:d9:0d:10:81:51:d5:4b:f5:0c:46:20:
                    61:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:4B:0C:42:D8:05:FE:BE:B9:FE:EA:BB:E3:50:4A:D6:F9:B5:AB:AB
            X509v3 Authority Key Identifier:
                keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/5EsMQtgF_r65_uq741BK1vm1q6s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.130.200.0/22

    Signature Algorithm: sha256WithRSAEncryption
         3f:2e:c7:96:d4:6a:6f:2b:b4:48:d9:d1:a1:5c:3f:86:9d:50:
         8e:c8:11:65:bc:a7:68:fb:db:2f:26:db:3c:88:79:85:62:fa:
         ac:be:65:93:1a:a3:1b:2a:f2:8d:18:96:6b:05:62:cb:2b:f7:
         82:5f:49:32:ca:e8:8a:48:bd:4f:71:c6:a3:98:21:46:a0:17:
         7a:c8:39:ec:49:01:fc:58:b5:fa:25:c6:b7:f2:3d:d3:43:70:
         2c:2c:f3:1f:b5:8a:16:10:6b:53:85:b3:6e:e2:31:e9:a1:cc:
         f0:d6:4f:6f:38:b0:2e:8c:70:a0:4a:f4:f3:71:c3:49:e5:c3:
         10:86:75:f5:d8:eb:ba:65:0d:97:0a:f0:f4:dd:73:15:e1:3a:
         a5:fc:6e:6b:cf:76:83:ce:f9:7c:3e:0f:44:de:f3:2e:a3:57:
         f9:a2:d3:4b:7d:bc:5d:31:20:6f:76:f3:88:8f:0f:8c:ef:c8:
         32:91:7c:1f:ae:b0:b2:e8:20:40:b3:87:54:21:30:a8:2e:69:
         da:65:2d:11:50:eb:5a:a7:60:0d:61:96:2d:4e:dc:26:14:d0:
         b1:b9:a8:4c:ef:d3:e4:41:84:26:fe:14:9e:90:6b:9a:32:f4:
         02:5f:a1:18:93:84:8a:90:08:eb:89:cf:88:8a:f3:7d:2e:6c:
         d4:f3:e2:1a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlBSrTshkJSLkd/D9D5PoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjQwMTAyMDAzMDE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDRiMGM0MmQ4MDVmZWJlYjlmZWVhYmJlMzUwNGFkNmY5YjVhYmFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsn1K2xPylVGQrscsdhAD4bPuo+IN
a/uFQpd+ZV0eSBADc7tZ5BA8SJZX7UxSI/ygIom0OPaSEQlecUBT0/zipq7Gafbj
3WSKT1Gr8J3kzJBrUX+CmRjquYubsdurENMjWRMIzPLgh4FhprVuwa37dvSfoXTL
8vwQgs/qU/MCB1SqVDeuCLniYZvviU40GmDgbjMCKga5ZLAe+4ji5KqIr6jyXCM3
GWK22yC9T90T3jonUdEoPEBF7Hb9eYssQ/IsKXqGrDBHl1SNgq/amiNNusiYzfNi
Df/eA1aeZCo2vkTLDDRduSQ1qj4GbFwNhKENfUut2Q0QgVHVS/UMRiBhFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFORLDELYBf6+uf7qu+NQStb5taurMB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEvNUVzTVF0Z0ZfcjY1X3VxNzQxQksxdm0xcTZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCvILIMA0G
CSqGSIb3DQEBCwUAA4IBAQA/LseW1GpvK7RI2dGhXD+GnVCOyBFlvKdo+9svJts8
iHmFYvqsvmWTGqMbKvKNGJZrBWLLK/eCX0kyyuiKSL1PccajmCFGoBd6yDnsSQH8
WLX6Jca38j3TQ3AsLPMftYoWEGtThbNu4jHpoczw1k9vOLAujHCgSvTzccNJ5cMQ
hnX12Ou6ZQ2XCvD03XMV4Tql/G5rz3aDzvl8Pg9E3vMuo1f5otNLfbxdMSBvdvOI
jw+M78gykXwfrrCy6CBAs4dUITCoLmnaZS0RUOtap2ANYZYtTtwmFNCxuahM79Pk
QYQm/hSekGuaMvQCX6EYk4SKkAjric+IivN9LmzU8+Ia
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:57 2024 by rpki-client on console-fra.rpki-client.org