Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/4c15d9-79e6-452f-aa32-02db8b77d087/1/5HWpbQSaYrtcFld42hEGLFccoYE.roa
File:                     5HWpbQSaYrtcFld42hEGLFccoYE.roa (raw, json)
Hash identifier:          1sxwCA7RVtY7VyQKaLup4h7MuZMqEIX0wiZccM4aPpk=
Subject key identifier:   E4:75:A9:6D:04:9A:62:BB:5C:16:57:78:DA:11:06:2C:57:1C:A1:81
Certificate issuer:       /CN=a8305c6e58294ad0ed5162fa8429da5165653930
Certificate serial:       01857139DC9CC063F0297479684F23C71F7C
Authority key identifier: A8:30:5C:6E:58:29:4A:D0:ED:51:62:FA:84:29:DA:51:65:65:39:30
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qDBcblgpStDtUWL6hCnaUWVlOTA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/71/4c15d9-79e6-452f-aa32-02db8b77d087/1/5HWpbQSaYrtcFld42hEGLFccoYE.roa
Signing time:             Mon 02 Jan 2023 06:44:55 +0000
ROA not before:           Mon 02 Jan 2023 06:44:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     57118
IP address blocks:        91.199.218.0/24 maxlen: 24
                          2001:67c:2d70::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 02:29:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:39:dc:9c:c0:63:f0:29:74:79:68:4f:23:c7:1f:7c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a8305c6e58294ad0ed5162fa8429da5165653930
        Validity
            Not Before: Jan  2 06:44:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e475a96d049a62bb5c165778da11062c571ca181
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:59:77:80:1a:5b:d2:20:80:fe:92:a6:24:4d:
                    28:28:bb:54:fa:ef:c1:a6:ab:ca:89:f3:f4:55:7b:
                    d4:cb:6f:c3:03:b6:60:6f:69:44:ea:2b:4c:f2:b7:
                    74:39:8f:84:6f:e7:6a:ed:e5:96:d0:28:d6:c7:cf:
                    a1:e9:79:f4:f4:43:8c:16:5f:28:85:7f:81:48:5f:
                    da:89:76:86:28:5d:4b:b2:61:de:6f:e8:5b:65:01:
                    10:e1:ab:cb:e7:1c:8a:70:14:75:eb:63:2c:e4:ab:
                    67:ad:20:b3:52:05:e3:38:97:0d:09:e8:ea:29:ec:
                    40:7f:bb:ff:a2:11:78:5f:4c:2d:80:76:0c:1e:23:
                    49:be:3c:18:c0:26:1e:ee:eb:1d:87:c7:f0:61:be:
                    4c:b0:15:00:77:91:e6:48:65:ba:d0:bc:3b:7f:1e:
                    87:a4:db:40:2f:c2:fe:ee:da:fe:67:03:47:e8:83:
                    55:0a:f0:67:9f:65:68:df:b3:c9:ba:b1:39:5d:8d:
                    34:e2:1e:33:ba:8e:04:59:8e:e3:73:dd:e9:76:de:
                    20:0e:d5:25:e5:cf:16:27:51:64:f9:a4:37:16:01:
                    b5:8c:96:24:04:49:c5:3a:af:d2:af:11:aa:0f:ee:
                    d7:ff:09:55:2f:d7:9a:61:0e:5e:5f:d0:86:e6:4d:
                    cb:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:75:A9:6D:04:9A:62:BB:5C:16:57:78:DA:11:06:2C:57:1C:A1:81
            X509v3 Authority Key Identifier:
                keyid:A8:30:5C:6E:58:29:4A:D0:ED:51:62:FA:84:29:DA:51:65:65:39:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qDBcblgpStDtUWL6hCnaUWVlOTA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/4c15d9-79e6-452f-aa32-02db8b77d087/1/5HWpbQSaYrtcFld42hEGLFccoYE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/71/4c15d9-79e6-452f-aa32-02db8b77d087/1/qDBcblgpStDtUWL6hCnaUWVlOTA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.199.218.0/24
                IPv6:
                  2001:67c:2d70::/48

    Signature Algorithm: sha256WithRSAEncryption
         4f:9b:90:59:6b:07:e6:51:d9:c8:0f:64:11:13:2e:c3:74:7b:
         3c:38:a4:b6:43:bb:93:3c:1c:c2:49:1c:6c:f3:3b:4c:7e:18:
         b9:f9:ed:32:83:a5:10:0c:4f:dd:74:ab:e1:0d:19:05:dc:b8:
         f9:c4:b2:70:14:4b:5f:aa:fe:f8:15:c3:01:eb:31:22:52:7f:
         c0:83:69:90:9e:fb:37:a8:a5:7f:48:92:68:f1:2a:79:9a:a3:
         03:b5:db:99:ad:0c:ae:2a:a3:8d:47:d3:fc:d9:d9:6a:dd:a5:
         c9:06:8b:dd:f2:01:3b:d2:3d:3a:51:7b:97:57:ef:1a:f9:44:
         14:5a:91:9f:d3:9d:34:5a:8c:ee:b7:a7:40:53:26:48:c6:4c:
         4c:5f:ac:b3:9a:95:1f:0d:4a:6b:ab:76:df:bf:62:f7:24:1f:
         3c:5e:c1:13:06:2c:7b:35:3a:57:85:21:80:15:2d:75:97:f5:
         e7:a1:52:1e:2d:c8:62:78:21:4f:2c:c0:5b:0e:d4:ec:46:08:
         f0:c5:e5:dd:97:80:dd:33:41:70:58:73:f8:e9:02:65:34:ee:
         12:51:54:fa:63:fe:c9:35:20:0c:4b:75:ed:e3:48:f2:e6:96:
         15:a1:36:82:5f:d1:4b:db:e3:58:f2:a1:81:b5:be:f5:39:38:
         99:09:3c:4f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVxOdycwGPwKXR5aE8jxx98MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4MzA1YzZlNTgyOTRhZDBlZDUxNjJmYTg0MjlkYTUxNjU2
NTM5MzAwHhcNMjMwMTAyMDY0NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDc1YTk2ZDA0OWE2MmJiNWMxNjU3NzhkYTExMDYyYzU3MWNhMTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmVl3gBpb0iCA/pKmJE0oKLtU+u/B
pqvKifP0VXvUy2/DA7Zgb2lE6itM8rd0OY+Eb+dq7eWW0CjWx8+h6Xn09EOMFl8o
hX+BSF/aiXaGKF1LsmHeb+hbZQEQ4avL5xyKcBR162Ms5KtnrSCzUgXjOJcNCejq
KexAf7v/ohF4X0wtgHYMHiNJvjwYwCYe7usdh8fwYb5MsBUAd5HmSGW60Lw7fx6H
pNtAL8L+7tr+ZwNH6INVCvBnn2Vo37PJurE5XY004h4zuo4EWY7jc93pdt4gDtUl
5c8WJ1Fk+aQ3FgG1jJYkBEnFOq/SrxGqD+7X/wlVL9eaYQ5eX9CG5k3LhQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOR1qW0EmmK7XBZXeNoRBixXHKGBMB8GA1UdIwQY
MBaAFKgwXG5YKUrQ7VFi+oQp2lFlZTkwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcURCY2JsZ3BTdER0VVdMNmhDbmFVV1ZsT1RBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS80YzE1ZDktNzllNi00NTJmLWFhMzIt
MDJkYjhiNzdkMDg3LzEvNUhXcGJRU2FZcnRjRmxkNDJoRUdMRmNjb1lFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS80YzE1ZDktNzllNi00NTJmLWFhMzItMDJkYjhiNzdkMDg3
LzEvcURCY2JsZ3BTdER0VVdMNmhDbmFVV1ZsT1RBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW8faMA8E
AgACMAkDBwAgAQZ8LXAwDQYJKoZIhvcNAQELBQADggEBAE+bkFlrB+ZR2cgPZBET
LsN0ezw4pLZDu5M8HMJJHGzzO0x+GLn57TKDpRAMT910q+ENGQXcuPnEsnAUS1+q
/vgVwwHrMSJSf8CDaZCe+zeopX9IkmjxKnmaowO125mtDK4qo41H0/zZ2WrdpckG
i93yATvSPTpRe5dX7xr5RBRakZ/TnTRajO63p0BTJkjGTExfrLOalR8NSmurdt+/
YvckHzxewRMGLHs1OleFIYAVLXWX9eehUh4tyGJ4IU8swFsO1OxGCPDF5d2XgN0z
QXBYc/jpAmU07hJRVPpj/sk1IAxLde3jSPLmlhWhNoJf0Uvb41jyoYG1vvU5OJkJ
PE8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:27 2024 by rpki-client on console-ams.rpki-client.org