Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/cwyCI0DyYVNxvgO1YAT76uqMvkE.roa
File:                     cwyCI0DyYVNxvgO1YAT76uqMvkE.roa (raw, json)
Hash identifier:          NvaSYArc+YYOYZ2MVKCdZfcDADVJ7Zu53SKByBL5cPQ=
Subject key identifier:   73:0C:82:23:40:F2:61:53:71:BE:03:B5:60:04:FB:EA:EA:8C:BE:41
Certificate issuer:       /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial:       018AD7281136D07CE418FDD03998CF60C13E
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/cwyCI0DyYVNxvgO1YAT76uqMvkE.roa
Signing time:             Wed 27 Sep 2023 15:00:41 +0000
ROA not before:           Wed 27 Sep 2023 15:00:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     207532
IP address blocks:        109.248.5.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:30:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:d7:28:11:36:d0:7c:e4:18:fd:d0:39:98:cf:60:c1:3e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
        Validity
            Not Before: Sep 27 15:00:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=730c822340f2615371be03b56004fbeaea8cbe41
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:45:f4:db:b1:c8:ff:78:59:6f:f5:28:b1:a1:
                    64:c4:d8:a9:54:7a:ba:d5:9a:72:43:0b:5e:17:b2:
                    06:82:53:c7:13:29:72:00:a6:98:da:ba:c1:83:2e:
                    99:ea:50:b8:93:b8:90:50:77:96:fb:e2:ed:e7:c2:
                    d6:72:21:b6:09:8c:55:9f:a8:a3:42:02:9c:e9:2d:
                    2d:78:a8:1f:67:c8:59:28:03:3f:11:25:e9:12:b4:
                    fa:9f:e5:8e:2e:ed:7b:88:e4:55:df:91:9a:6f:a4:
                    d1:47:46:60:3d:39:d0:63:93:a4:b8:7a:de:da:f3:
                    cb:5d:2e:39:3f:58:51:80:37:ed:53:13:70:13:4c:
                    89:c6:59:06:ef:e7:a1:c5:b4:49:3a:ba:53:7c:40:
                    c8:f3:cd:f4:ab:b1:b9:a7:74:6d:7b:95:8f:6a:ab:
                    7b:75:a9:de:c6:9e:6e:8f:92:7c:d2:5f:73:ec:a3:
                    88:20:57:f3:57:97:c3:bd:96:c1:cc:51:f8:a8:ba:
                    ce:78:6c:df:69:c8:33:c0:22:91:75:45:81:b7:b0:
                    21:ba:2f:86:85:4b:14:ec:ff:b6:f9:4b:9e:d1:db:
                    0d:df:52:38:ec:00:91:19:2c:6e:c7:3c:69:1c:d7:
                    2e:5d:80:ac:5b:c5:b5:be:bf:c3:0a:10:cb:78:4f:
                    68:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:0C:82:23:40:F2:61:53:71:BE:03:B5:60:04:FB:EA:EA:8C:BE:41
            X509v3 Authority Key Identifier:
                keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/cwyCI0DyYVNxvgO1YAT76uqMvkE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.248.5.0/24

    Signature Algorithm: sha256WithRSAEncryption
         75:1d:d8:c5:68:c6:ef:d7:e9:c5:5b:42:75:5a:74:0e:b4:05:
         ac:50:53:3e:09:1d:68:57:e8:07:a2:41:f1:48:62:dd:e6:b7:
         c0:7d:34:05:30:cb:75:0b:92:fc:7e:a7:e5:97:ac:42:d1:60:
         60:8c:d0:61:7e:1d:e9:4a:50:ba:e2:6a:ec:18:f9:0c:26:9d:
         83:52:53:41:ed:4d:6c:46:8d:ad:32:ce:42:e9:c1:46:50:56:
         f7:01:f8:62:86:8b:76:65:46:ea:ee:61:bf:31:b2:8e:5b:06:
         cd:52:b2:ca:52:bd:01:7b:92:9f:49:4c:96:96:05:d9:b9:3a:
         76:02:2d:72:18:5b:39:f1:7a:ef:83:20:6a:e5:9a:e4:03:d0:
         58:75:79:a7:03:90:9f:6f:95:24:af:2d:5c:10:52:6f:d2:2d:
         e2:9e:a6:dd:39:0a:0d:5b:85:71:00:64:10:ee:f6:25:4d:9d:
         69:7a:5d:6b:ca:8b:d5:59:c1:e7:f4:97:cc:a1:e2:37:66:79:
         e6:25:d6:3b:e6:5a:05:6e:3f:79:ed:46:80:9f:4c:f1:cd:2d:
         3e:22:8d:96:53:8e:b0:3d:a6:b2:52:0f:dd:27:02:90:48:a7:
         f4:58:22:f6:97:da:fc:5f:98:2f:16:12:1f:8f:fd:51:56:77:
         06:4d:9f:40
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYrXKBE20HzkGP3QOZjPYME+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjMwOTI3MTUwMDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzBjODIyMzQwZjI2MTUzNzFiZTAzYjU2MDA0ZmJlYWVhOGNiZTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp0X027HI/3hZb/UosaFkxNipVHq6
1ZpyQwteF7IGglPHEylyAKaY2rrBgy6Z6lC4k7iQUHeW++Lt58LWciG2CYxVn6ij
QgKc6S0teKgfZ8hZKAM/ESXpErT6n+WOLu17iORV35Gab6TRR0ZgPTnQY5OkuHre
2vPLXS45P1hRgDftUxNwE0yJxlkG7+ehxbRJOrpTfEDI8830q7G5p3Rte5WPaqt7
danexp5uj5J80l9z7KOIIFfzV5fDvZbBzFH4qLrOeGzfacgzwCKRdUWBt7Ahui+G
hUsU7P+2+Uue0dsN31I47ACRGSxuxzxpHNcuXYCsW8W1vr/DChDLeE9o4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHMMgiNA8mFTcb4DtWAE++rqjL5BMB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEvY3d5Q0kwRHlZVk54dmdPMVlBVDc2dXFNdmtFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbfgFMA0G
CSqGSIb3DQEBCwUAA4IBAQB1HdjFaMbv1+nFW0J1WnQOtAWsUFM+CR1oV+gHokHx
SGLd5rfAfTQFMMt1C5L8fqfll6xC0WBgjNBhfh3pSlC64mrsGPkMJp2DUlNB7U1s
Ro2tMs5C6cFGUFb3Afhihot2ZUbq7mG/MbKOWwbNUrLKUr0Be5KfSUyWlgXZuTp2
Ai1yGFs58XrvgyBq5ZrkA9BYdXmnA5Cfb5Ukry1cEFJv0i3inqbdOQoNW4VxAGQQ
7vYlTZ1pel1ryovVWcHn9JfMoeI3ZnnmJdY75loFbj957UaAn0zxzS0+Io2WU46w
PaayUg/dJwKQSKf0WCL2l9r8X5gvFhIfj/1RVncGTZ9A
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:57 2024 by rpki-client on console-fra.rpki-client.org