Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/75e36c-db1f-483e-b0ef-229051879b74/1/YwUP8UoLesoEpIwSV4_ibg7I-E8.roa
File:                     YwUP8UoLesoEpIwSV4_ibg7I-E8.roa (raw, json)
Hash identifier:          IPa0GCIMdg/sIyKD32t/LIi7DSOssz6NoKSocrMhi64=
Subject key identifier:   63:05:0F:F1:4A:0B:7A:CA:04:A4:8C:12:57:8F:E2:6E:0E:C8:F8:4F
Certificate issuer:       /CN=ae29751a0ac81a657190546ea4780cd86140dc9f
Certificate serial:       018570C2AD9736AA18043DF3960A9189CF0B
Authority key identifier: AE:29:75:1A:0A:C8:1A:65:71:90:54:6E:A4:78:0C:D8:61:40:DC:9F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ril1GgrIGmVxkFRupHgM2GFA3J8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7c/75e36c-db1f-483e-b0ef-229051879b74/1/YwUP8UoLesoEpIwSV4_ibg7I-E8.roa
Signing time:             Mon 02 Jan 2023 04:34:44 +0000
ROA not before:           Mon 02 Jan 2023 04:34:44 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     29119
IP address blocks:        5.252.0.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 22:31:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:c2:ad:97:36:aa:18:04:3d:f3:96:0a:91:89:cf:0b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ae29751a0ac81a657190546ea4780cd86140dc9f
        Validity
            Not Before: Jan  2 04:34:44 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=63050ff14a0b7aca04a48c12578fe26e0ec8f84f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:56:a5:82:18:9a:ac:b6:a8:35:49:74:14:78:
                    40:cd:ec:ae:77:bc:40:cc:89:16:d2:f2:51:ec:35:
                    df:71:3e:3a:10:74:db:c4:5b:6e:6f:e6:38:e4:15:
                    c7:9d:91:cd:77:2e:73:6c:d0:7b:00:b5:d5:e5:ae:
                    b3:30:82:45:18:7f:d7:7a:42:a7:da:00:00:71:85:
                    9a:04:08:60:a9:4c:ff:26:15:9b:9d:48:72:1f:68:
                    57:33:e2:70:2c:00:ce:6d:14:15:7f:74:cc:45:db:
                    ce:4a:e1:1f:65:f4:c9:63:6c:33:d6:49:a9:6e:c6:
                    80:ab:7e:04:d4:10:e6:ae:0d:f6:8c:e4:50:17:2a:
                    1e:66:56:59:93:34:7a:58:b9:0e:8a:fb:d0:9a:08:
                    41:73:26:88:8d:de:bd:39:c2:ef:05:1c:ae:1c:98:
                    7f:85:dd:e6:67:2d:20:ce:d4:8a:be:e3:3a:d0:9c:
                    a9:e2:dd:3f:6a:b0:b8:50:d6:b0:37:d2:da:be:6a:
                    93:fc:6c:32:a1:a3:25:2e:82:3a:0d:61:e0:3f:95:
                    a2:94:48:96:4f:e1:ad:16:ce:33:64:70:6f:85:4c:
                    d3:c7:14:b8:a1:91:f3:21:f5:13:d8:25:62:4b:3f:
                    97:d5:b2:f0:76:b8:21:9a:9f:41:b2:78:4f:8d:06:
                    fa:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:05:0F:F1:4A:0B:7A:CA:04:A4:8C:12:57:8F:E2:6E:0E:C8:F8:4F
            X509v3 Authority Key Identifier:
                keyid:AE:29:75:1A:0A:C8:1A:65:71:90:54:6E:A4:78:0C:D8:61:40:DC:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ril1GgrIGmVxkFRupHgM2GFA3J8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/75e36c-db1f-483e-b0ef-229051879b74/1/YwUP8UoLesoEpIwSV4_ibg7I-E8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/75e36c-db1f-483e-b0ef-229051879b74/1/ril1GgrIGmVxkFRupHgM2GFA3J8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.252.0.0/22

    Signature Algorithm: sha256WithRSAEncryption
         b9:5f:5f:b8:48:1f:f2:3d:1b:3d:e7:e6:a4:0f:e2:03:8a:02:
         89:cb:1f:17:fd:8b:a5:36:c2:8d:6a:a5:79:d2:20:6b:e2:59:
         e6:9d:a3:67:29:65:d6:b1:f8:d3:26:76:93:d9:37:7e:9e:3e:
         34:a0:c6:b8:ed:fc:09:43:10:eb:cf:79:c2:6f:19:4c:18:a4:
         7f:31:59:aa:05:85:58:33:94:d2:f5:0a:65:3a:9e:3b:14:77:
         b9:9d:88:1f:c0:35:9a:70:01:0d:65:b0:50:d9:28:f5:6d:4c:
         01:91:d2:c1:e3:c7:b7:4d:87:25:7d:5e:12:4a:67:16:79:1a:
         11:9d:3f:9d:96:fd:ed:41:47:33:eb:f3:ac:1d:56:92:62:aa:
         5d:8b:a0:ce:53:d2:3b:71:3c:c1:e9:9d:95:63:49:5f:a5:37:
         ad:db:29:c3:f3:b0:01:8a:90:be:83:38:a2:19:48:e0:08:0c:
         bf:fa:2b:e3:0b:a9:7a:06:c5:c4:44:76:e4:04:20:b0:4e:8a:
         b5:17:77:43:52:70:96:8e:73:f2:13:ea:ff:09:82:06:33:75:
         86:58:c3:86:b2:8f:1d:83:1e:a1:d1:34:2e:a6:a8:81:bd:99:
         f1:48:26:50:0f:3f:29:d5:aa:b1:e3:47:bd:be:97:62:5a:ec:
         bc:f3:62:9c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwwq2XNqoYBD3zlgqRic8LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlMjk3NTFhMGFjODFhNjU3MTkwNTQ2ZWE0NzgwY2Q4NjE0
MGRjOWYwHhcNMjMwMTAyMDQzNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzA1MGZmMTRhMGI3YWNhMDRhNDhjMTI1NzhmZTI2ZTBlYzhmODRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm1alghiarLaoNUl0FHhAzeyud7xA
zIkW0vJR7DXfcT46EHTbxFtub+Y45BXHnZHNdy5zbNB7ALXV5a6zMIJFGH/XekKn
2gAAcYWaBAhgqUz/JhWbnUhyH2hXM+JwLADObRQVf3TMRdvOSuEfZfTJY2wz1kmp
bsaAq34E1BDmrg32jORQFyoeZlZZkzR6WLkOivvQmghBcyaIjd69OcLvBRyuHJh/
hd3mZy0gztSKvuM60Jyp4t0/arC4UNawN9LavmqT/GwyoaMlLoI6DWHgP5WilEiW
T+GtFs4zZHBvhUzTxxS4oZHzIfUT2CViSz+X1bLwdrghmp9BsnhPjQb63QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGMFD/FKC3rKBKSMEleP4m4OyPhPMB8GA1UdIwQY
MBaAFK4pdRoKyBplcZBUbqR4DNhhQNyfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmlsMUdncklHbVZ4a0ZSdXBIZ00yR0ZBM0o4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy83NWUzNmMtZGIxZi00ODNlLWIwZWYt
MjI5MDUxODc5Yjc0LzEvWXdVUDhVb0xlc29FcEl3U1Y0X2liZzdJLUU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy83NWUzNmMtZGIxZi00ODNlLWIwZWYtMjI5MDUxODc5Yjc0
LzEvcmlsMUdncklHbVZ4a0ZSdXBIZ00yR0ZBM0o4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBfwAMA0G
CSqGSIb3DQEBCwUAA4IBAQC5X1+4SB/yPRs95+akD+IDigKJyx8X/YulNsKNaqV5
0iBr4lnmnaNnKWXWsfjTJnaT2Td+nj40oMa47fwJQxDrz3nCbxlMGKR/MVmqBYVY
M5TS9QplOp47FHe5nYgfwDWacAENZbBQ2Sj1bUwBkdLB48e3TYclfV4SSmcWeRoR
nT+dlv3tQUcz6/OsHVaSYqpdi6DOU9I7cTzB6Z2VY0lfpTet2ynD87ABipC+gzii
GUjgCAy/+ivjC6l6BsXERHbkBCCwToq1F3dDUnCWjnPyE+r/CYIGM3WGWMOGso8d
gx6h0TQupqiBvZnxSCZQDz8p1aqx40e9vpdiWuy882Kc
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:40 2024 by rpki-client on console-ams.rpki-client.org