Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/fe2d72-c2dd-46c1-9429-e66369649411/1/x5L5H_GhH3VKrhxCZt-HNBgjoUs.roa
File:                     x5L5H_GhH3VKrhxCZt-HNBgjoUs.roa (raw, json)
Hash identifier:          kEvIzEK3g9c5IgjRYvmJXqrCffwn13v963QGjTdqrzg=
Subject key identifier:   C7:92:F9:1F:F1:A1:1F:75:4A:AE:1C:42:66:DF:87:34:18:23:A1:4B
Certificate issuer:       /CN=8817aafec61c3a6b024b6a9f54ffb764ca3df922
Certificate serial:       01856C813EAFCD53AEE91C663DB2C24DC8AD
Authority key identifier: 88:17:AA:FE:C6:1C:3A:6B:02:4B:6A:9F:54:FF:B7:64:CA:3D:F9:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iBeq_sYcOmsCS2qfVP-3ZMo9-SI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/73/fe2d72-c2dd-46c1-9429-e66369649411/1/x5L5H_GhH3VKrhxCZt-HNBgjoUs.roa
Signing time:             Sun 01 Jan 2023 08:44:47 +0000
ROA not before:           Sun 01 Jan 2023 08:44:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     25152
IP address blocks:        193.0.16.0/23 maxlen: 24
                          193.0.15.0/24 maxlen: 24
                          193.0.14.0/23 maxlen: 23
                          193.0.14.0/24 maxlen: 24
                          2001:7fd::/48 maxlen: 48
                          2001:7fd:16::/48 maxlen: 48
                          2001:7fd:17::/48 maxlen: 48
                          2001:7fd:15::/48 maxlen: 48
                          2001:7fd::/32 maxlen: 32

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:31:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:81:3e:af:cd:53:ae:e9:1c:66:3d:b2:c2:4d:c8:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8817aafec61c3a6b024b6a9f54ffb764ca3df922
        Validity
            Not Before: Jan  1 08:44:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c792f91ff1a11f754aae1c4266df87341823a14b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:fc:67:ad:56:34:36:54:36:35:4e:6f:13:69:
                    a0:e9:82:22:f9:28:fd:06:cc:ea:99:80:95:ab:68:
                    5f:74:79:78:1c:77:87:dc:f2:fe:ed:01:9b:74:c5:
                    94:f8:45:1e:42:e7:09:b3:d9:ea:94:56:75:5d:a6:
                    79:a3:f7:8e:2a:2e:ac:8d:03:45:21:09:bd:78:e0:
                    a8:94:3b:b9:0a:8e:3d:ef:58:46:16:32:56:22:07:
                    f5:d5:2c:c9:16:bf:6f:f5:86:d1:bf:4f:a6:68:ee:
                    b6:7b:62:3b:8a:77:57:fc:7c:bd:6b:e9:86:94:bb:
                    64:5e:8a:25:b6:54:1b:44:bd:51:31:c0:a9:92:6d:
                    a7:fe:1c:6e:b8:88:bc:a4:b9:0b:d9:6f:af:15:06:
                    f2:d1:35:c5:23:36:5a:b4:f5:5e:74:88:51:1c:ed:
                    b7:23:0a:e0:f6:7b:a6:da:91:d9:71:63:74:cc:86:
                    c7:6b:31:d9:c0:ad:25:ed:dc:d4:c6:e3:b5:67:2b:
                    26:b1:83:32:9a:2c:be:6f:6c:b6:d6:a2:d4:d9:c7:
                    9b:19:3b:eb:ac:2f:29:b0:3c:70:26:5e:e7:17:09:
                    fc:f2:fc:79:7d:cb:a7:91:e2:ae:44:af:6a:aa:ff:
                    ca:81:90:55:a2:a6:0c:57:72:ba:dd:e6:b2:47:a7:
                    92:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:92:F9:1F:F1:A1:1F:75:4A:AE:1C:42:66:DF:87:34:18:23:A1:4B
            X509v3 Authority Key Identifier:
                keyid:88:17:AA:FE:C6:1C:3A:6B:02:4B:6A:9F:54:FF:B7:64:CA:3D:F9:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iBeq_sYcOmsCS2qfVP-3ZMo9-SI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/fe2d72-c2dd-46c1-9429-e66369649411/1/x5L5H_GhH3VKrhxCZt-HNBgjoUs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/73/fe2d72-c2dd-46c1-9429-e66369649411/1/iBeq_sYcOmsCS2qfVP-3ZMo9-SI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.14.0-193.0.17.255
                IPv6:
                  2001:7fd::/32

    Signature Algorithm: sha256WithRSAEncryption
         d1:4f:e6:e6:08:d9:d6:6f:cc:63:0f:7b:d0:91:71:31:e3:e7:
         d4:65:8b:4c:39:82:03:cf:fe:92:85:f9:28:2a:00:af:bb:b8:
         58:90:85:ad:0b:e8:e1:c9:5a:4b:0e:29:1e:d3:80:75:38:1f:
         7b:ce:20:6b:37:41:db:e5:a2:dd:01:64:3f:b6:c2:a5:18:86:
         8c:b1:7c:52:72:cf:21:07:96:2d:ac:22:d1:ab:b3:9b:05:33:
         64:98:eb:8c:c9:35:03:00:38:21:8c:4d:6d:7e:22:f3:e8:74:
         9a:fc:af:9f:5b:be:04:98:d9:5c:1e:26:6d:b2:fd:cc:ba:7c:
         79:5d:02:b5:58:6c:b8:7e:6f:ba:a0:1e:41:b1:38:ea:d5:2d:
         fc:22:b1:82:5d:30:90:4b:0f:13:64:ea:44:4a:5c:29:66:90:
         fa:18:54:42:91:90:8a:fb:a1:d1:26:b7:74:5b:e8:bb:6d:d5:
         e6:0a:7f:b5:78:af:93:05:f4:69:f3:85:ff:2c:f7:dd:20:e0:
         6b:bd:17:ba:d7:8d:a4:18:fa:c6:22:95:e9:86:fd:8d:ec:ae:
         1b:88:75:30:97:0c:b7:d6:eb:40:c4:fa:24:b7:d1:c3:0e:00:
         c1:db:bf:52:65:21:4f:c0:df:5b:3d:6d:75:15:64:c8:cf:84:
         e7:a0:6b:59
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVsgT6vzVOu6RxmPbLCTcitMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4MTdhYWZlYzYxYzNhNmIwMjRiNmE5ZjU0ZmZiNzY0Y2Ez
ZGY5MjIwHhcNMjMwMTAxMDg0NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzkyZjkxZmYxYTExZjc1NGFhZTFjNDI2NmRmODczNDE4MjNhMTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyPxnrVY0NlQ2NU5vE2mg6YIi+Sj9
BszqmYCVq2hfdHl4HHeH3PL+7QGbdMWU+EUeQucJs9nqlFZ1XaZ5o/eOKi6sjQNF
IQm9eOColDu5Co4971hGFjJWIgf11SzJFr9v9YbRv0+maO62e2I7indX/Hy9a+mG
lLtkXooltlQbRL1RMcCpkm2n/hxuuIi8pLkL2W+vFQby0TXFIzZatPVedIhRHO23
Iwrg9num2pHZcWN0zIbHazHZwK0l7dzUxuO1ZysmsYMymiy+b2y21qLU2cebGTvr
rC8psDxwJl7nFwn88vx5fcunkeKuRK9qqv/KgZBVoqYMV3K63eayR6eSAwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFMeS+R/xoR91Sq4cQmbfhzQYI6FLMB8GA1UdIwQY
MBaAFIgXqv7GHDprAktqn1T/t2TKPfkiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUJlcV9zWWNPbXNDUzJxZlZQLTNaTW85LVNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My9mZTJkNzItYzJkZC00NmMxLTk0Mjkt
ZTY2MzY5NjQ5NDExLzEveDVMNUhfR2hIM1ZLcmh4Q1p0LUhOQmdqb1VzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My9mZTJkNzItYzJkZC00NmMxLTk0MjktZTY2MzY5NjQ5NDEx
LzEvaUJlcV9zWWNPbXNDUzJxZlZQLTNaTW85LVNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAHBAA4D
BAHBABAwDQQCAAIwBwMFACABB/0wDQYJKoZIhvcNAQELBQADggEBANFP5uYI2dZv
zGMPe9CRcTHj59Rli0w5ggPP/pKF+SgqAK+7uFiQha0L6OHJWksOKR7TgHU4H3vO
IGs3Qdvlot0BZD+2wqUYhoyxfFJyzyEHli2sItGrs5sFM2SY64zJNQMAOCGMTW1+
IvPodJr8r59bvgSY2VweJm2y/cy6fHldArVYbLh+b7qgHkGxOOrVLfwisYJdMJBL
DxNk6kRKXClmkPoYVEKRkIr7odEmt3Rb6Ltt1eYKf7V4r5MF9Gnzhf8s990g4Gu9
F7rXjaQY+sYilemG/Y3srhuIdTCXDLfW60DE+iS30cMOAMHbv1JlIU/A31s9bXUV
ZMjPhOega1k=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:02 2024 by rpki-client on console-fra.rpki-client.org