Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/95ff8f-66bc-4b11-98f0-0ab21b2f2754/1/vmBH6pWLCxT67j9ly1Sgj54T20I.roa
File:                     vmBH6pWLCxT67j9ly1Sgj54T20I.roa (raw, json)
Hash identifier:          3xLQtl2QbXZ2u/aM0kLZdKrpQC+XdIEAeyBLwvrr5R0=
Subject key identifier:   BE:60:47:EA:95:8B:0B:14:FA:EE:3F:65:CB:54:A0:8F:9E:13:DB:42
Certificate issuer:       /CN=597b44c4a7931c66a6ff9e92dbb32ca723d4ccf7
Certificate serial:       01856BE58BBD73DC9EA47EB16B2DEEE826C0
Authority key identifier: 59:7B:44:C4:A7:93:1C:66:A6:FF:9E:92:DB:B3:2C:A7:23:D4:CC:F7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WXtExKeTHGam_56S27MspyPUzPc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7e/95ff8f-66bc-4b11-98f0-0ab21b2f2754/1/vmBH6pWLCxT67j9ly1Sgj54T20I.roa
Signing time:             Sun 01 Jan 2023 05:54:43 +0000
ROA not before:           Sun 01 Jan 2023 05:54:43 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     39743
IP address blocks:        5.254.28.0/24 maxlen: 24
                          5.254.49.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:29:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:e5:8b:bd:73:dc:9e:a4:7e:b1:6b:2d:ee:e8:26:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=597b44c4a7931c66a6ff9e92dbb32ca723d4ccf7
        Validity
            Not Before: Jan  1 05:54:43 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=be6047ea958b0b14faee3f65cb54a08f9e13db42
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:7c:48:ae:24:e3:dc:b5:9a:8b:91:62:0e:c0:
                    57:34:31:b9:f5:ba:30:79:29:32:fd:11:42:42:70:
                    6e:f7:10:33:c7:08:43:e9:76:ec:84:90:f9:8b:c5:
                    8f:50:c8:a7:38:61:ac:d3:49:05:0f:72:41:82:ed:
                    a6:80:ac:fd:32:55:b3:eb:22:fa:c8:00:b2:8f:75:
                    58:f5:f6:ee:77:9d:2b:26:00:3f:d3:62:ea:1b:1b:
                    4b:de:ba:e5:97:c1:d0:36:02:17:16:98:49:4a:cd:
                    6a:4e:d1:c0:0b:9d:7d:31:49:0c:d5:ab:6d:09:bf:
                    8a:2a:b4:a0:84:c2:d2:37:74:6c:65:5e:0e:a7:b5:
                    1a:f5:a4:36:42:4f:7c:9d:4c:14:59:1e:a1:7d:e2:
                    d9:75:58:aa:c0:ea:72:45:76:01:6c:60:34:59:b1:
                    cb:8c:b7:47:d7:8e:bd:cf:9c:93:f9:10:f6:8a:3c:
                    ef:6b:3f:fc:b7:78:a3:48:9c:fd:8b:9e:8b:c1:64:
                    90:32:1d:a8:4d:4f:ef:91:95:68:67:b1:83:eb:32:
                    25:6b:bc:48:81:42:41:d5:02:f9:09:67:e7:9e:17:
                    12:1b:63:d1:24:bc:54:26:5f:2a:15:ed:60:2e:1f:
                    69:12:92:03:b0:67:ce:9f:d9:9f:1a:19:46:5c:9a:
                    d2:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:60:47:EA:95:8B:0B:14:FA:EE:3F:65:CB:54:A0:8F:9E:13:DB:42
            X509v3 Authority Key Identifier:
                keyid:59:7B:44:C4:A7:93:1C:66:A6:FF:9E:92:DB:B3:2C:A7:23:D4:CC:F7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WXtExKeTHGam_56S27MspyPUzPc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/95ff8f-66bc-4b11-98f0-0ab21b2f2754/1/vmBH6pWLCxT67j9ly1Sgj54T20I.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/95ff8f-66bc-4b11-98f0-0ab21b2f2754/1/WXtExKeTHGam_56S27MspyPUzPc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.254.28.0/24
                  5.254.49.0/24

    Signature Algorithm: sha256WithRSAEncryption
         aa:71:51:7f:e8:9a:0a:4e:c0:f5:ff:0d:2e:d3:0d:dd:bb:06:
         11:6a:93:1d:76:04:d0:9f:97:1b:d8:24:cf:da:50:65:5f:52:
         80:ec:c7:f7:91:44:f6:26:30:42:fa:26:c5:9d:bb:40:d1:da:
         c7:bb:b3:c8:20:52:83:70:b3:fa:7a:38:44:98:70:ab:ca:d2:
         29:0f:50:dc:b0:4e:10:b7:4d:a5:b8:08:32:b4:a1:9f:56:e8:
         66:88:b5:b0:ad:6c:fe:3b:f2:d6:44:69:09:90:31:38:e9:8f:
         81:cd:8c:4d:82:58:f1:16:20:63:ce:6b:a3:30:8c:0c:7b:18:
         1a:7f:7a:9b:ab:4c:77:7f:19:a5:57:e8:25:3c:cd:34:3a:d3:
         dc:17:ee:5e:19:8a:c8:20:9f:42:fe:72:ea:e8:da:45:03:d9:
         61:29:ae:9c:9a:a9:5e:9f:6e:84:22:aa:e2:f2:e0:91:ac:32:
         50:d2:70:23:67:bc:eb:68:37:1b:50:a6:10:60:7b:68:b9:ff:
         7c:86:17:d9:ea:a1:02:09:61:6f:17:08:69:06:ae:88:28:fd:
         6c:11:65:14:d9:06:27:de:71:ef:e2:7d:37:f1:4e:21:0a:34:
         84:05:2e:27:e4:84:81:48:bd:51:07:ad:14:5b:40:b2:98:d8:
         72:f6:a7:66
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVr5Yu9c9yepH6xay3u6CbAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5N2I0NGM0YTc5MzFjNjZhNmZmOWU5MmRiYjMyY2E3MjNk
NGNjZjcwHhcNMjMwMTAxMDU1NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTYwNDdlYTk1OGIwYjE0ZmFlZTNmNjVjYjU0YTA4ZjllMTNkYjQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApHxIriTj3LWai5FiDsBXNDG59bow
eSky/RFCQnBu9xAzxwhD6XbshJD5i8WPUMinOGGs00kFD3JBgu2mgKz9MlWz6yL6
yACyj3VY9fbud50rJgA/02LqGxtL3rrll8HQNgIXFphJSs1qTtHAC519MUkM1att
Cb+KKrSghMLSN3RsZV4Op7Ua9aQ2Qk98nUwUWR6hfeLZdViqwOpyRXYBbGA0WbHL
jLdH1469z5yT+RD2ijzvaz/8t3ijSJz9i56LwWSQMh2oTU/vkZVoZ7GD6zIla7xI
gUJB1QL5CWfnnhcSG2PRJLxUJl8qFe1gLh9pEpIDsGfOn9mfGhlGXJrSxQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFL5gR+qViwsU+u4/ZctUoI+eE9tCMB8GA1UdIwQY
MBaAFFl7RMSnkxxmpv+ektuzLKcj1Mz3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1h0RXhLZVRIR2FtXzU2UzI3TXNweVBVelBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS85NWZmOGYtNjZiYy00YjExLTk4ZjAt
MGFiMjFiMmYyNzU0LzEvdm1CSDZwV0xDeFQ2N2o5bHkxU2dqNTRUMjBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS85NWZmOGYtNjZiYy00YjExLTk4ZjAtMGFiMjFiMmYyNzU0
LzEvV1h0RXhLZVRIR2FtXzU2UzI3TXNweVBVelBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABf4cAwQA
Bf4xMA0GCSqGSIb3DQEBCwUAA4IBAQCqcVF/6JoKTsD1/w0u0w3duwYRapMddgTQ
n5cb2CTP2lBlX1KA7Mf3kUT2JjBC+ibFnbtA0drHu7PIIFKDcLP6ejhEmHCrytIp
D1DcsE4Qt02luAgytKGfVuhmiLWwrWz+O/LWRGkJkDE46Y+BzYxNgljxFiBjzmuj
MIwMexgaf3qbq0x3fxmlV+glPM00OtPcF+5eGYrIIJ9C/nLq6NpFA9lhKa6cmqle
n26EIqri8uCRrDJQ0nAjZ7zraDcbUKYQYHtouf98hhfZ6qECCWFvFwhpBq6IKP1s
EWUU2QYn3nHv4n038U4hCjSEBS4n5ISBSL1RB60UW0CymNhy9qdm
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:01 2024 by rpki-client on console-ams.rpki-client.org