Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/5RNeCtL6NFlcqWaSKZd3ucriZ-c.roa
File:                     5RNeCtL6NFlcqWaSKZd3ucriZ-c.roa (raw, json)
Hash identifier:          fZd0jyS7e97lfb5UoXkTjdQFqD0O7azdRsAQawan1Go=
Subject key identifier:   E5:13:5E:0A:D2:FA:34:59:5C:A9:66:92:29:97:77:B9:CA:E2:67:E7
Certificate issuer:       /CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Certificate serial:       018570306185E155B67821B09063CA19F409
Authority key identifier: F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/5RNeCtL6NFlcqWaSKZd3ucriZ-c.roa
Signing time:             Mon 02 Jan 2023 01:54:56 +0000
ROA not before:           Mon 02 Jan 2023 01:54:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     29183
IP address blocks:        81.182.255.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:32:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:30:61:85:e1:55:b6:78:21:b0:90:63:ca:19:f4:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
        Validity
            Not Before: Jan  2 01:54:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e5135e0ad2fa34595ca96692299777b9cae267e7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:54:37:3b:f7:ee:7b:77:03:e0:75:39:dd:f3:
                    c8:5a:82:fb:82:64:3f:61:f2:5f:50:9a:a8:7a:94:
                    ee:56:b6:54:fe:23:ff:39:f7:08:ed:6c:84:27:93:
                    e1:47:3f:65:34:97:5b:12:67:09:7e:41:c8:38:bf:
                    ad:1a:ba:08:a2:27:4d:88:b1:18:ef:6f:58:20:b4:
                    67:8c:b4:98:3f:ff:ef:ac:58:8c:6d:65:23:d4:55:
                    c8:91:3f:89:a0:c4:23:e4:de:6d:d9:f4:10:9c:b7:
                    81:39:5f:5c:15:0f:e3:5c:c5:72:7e:77:4c:e1:a2:
                    43:0d:5b:17:90:df:85:b5:5b:25:26:8e:19:92:64:
                    f5:8d:58:cc:8a:04:4f:ce:0a:3d:c7:0b:3c:89:78:
                    b0:84:88:50:ef:e3:df:91:64:12:df:04:98:c7:f3:
                    58:1d:09:b6:94:e4:13:55:e7:f7:fc:ff:ee:5f:eb:
                    78:b5:c8:dc:c4:2f:20:8e:e3:84:b5:1d:79:28:85:
                    8d:be:36:ce:b4:09:db:e6:96:ef:88:e9:af:c8:a5:
                    d8:35:b6:93:95:a7:04:75:6a:fb:0f:5f:9d:d0:79:
                    8d:e5:34:64:4d:fe:98:71:f9:10:5c:35:6f:3c:13:
                    9b:dc:53:ad:a0:c6:9e:67:13:fa:72:5b:29:fa:bc:
                    7d:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E5:13:5E:0A:D2:FA:34:59:5C:A9:66:92:29:97:77:B9:CA:E2:67:E7
            X509v3 Authority Key Identifier:
                keyid:F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/5RNeCtL6NFlcqWaSKZd3ucriZ-c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.182.255.0/24

    Signature Algorithm: sha256WithRSAEncryption
         70:da:0a:37:4a:d0:80:df:0f:ce:50:4f:77:43:fc:a6:73:fa:
         54:9b:cd:a8:12:ff:71:56:b2:ae:ba:d9:55:d2:66:c7:77:ad:
         3f:5b:b3:3d:ae:5a:af:af:e7:2a:5f:6c:ae:20:19:51:65:fc:
         34:39:f7:8f:83:a2:83:7b:87:43:b4:d7:fb:b7:32:a8:5a:21:
         ea:6c:aa:46:3e:5d:6e:95:3a:cd:36:b0:12:c1:06:95:2e:ec:
         65:d7:bb:ae:e2:03:0a:cf:1e:bc:68:4f:9a:51:e8:19:88:5e:
         48:f3:dc:c7:aa:71:1f:d9:e8:36:07:1c:ff:4c:ef:fc:3e:d1:
         32:08:87:1a:ad:f0:c1:92:b5:8d:32:5e:9a:c1:e7:5d:1b:9d:
         4f:1f:c1:2b:5a:4b:ac:96:b2:6a:d1:d2:2a:55:d6:db:48:51:
         a3:b5:65:08:b9:c4:d6:57:00:3d:44:f3:4d:91:d4:ca:95:7e:
         b8:5f:fb:30:f4:5b:30:8b:f8:da:4a:07:5d:9d:af:f9:6a:84:
         66:06:e8:fe:d6:27:b6:7f:82:c5:a5:5a:6d:4a:54:f0:d9:40:
         61:57:19:a1:9d:c4:ce:28:00:7b:2a:7f:ed:98:1c:0f:58:77:
         03:02:62:1c:50:aa:6e:44:08:19:39:0d:d4:24:9f:ba:f9:68:
         d7:c4:19:93
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwMGGF4VW2eCGwkGPKGfQJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMmRhYzYwNWY0NjU5NzE4YzBhMTVlMWY3MzJjYmQ0ZjQ4
YWFlN2IwHhcNMjMwMTAyMDE1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTEzNWUwYWQyZmEzNDU5NWNhOTY2OTIyOTk3NzdiOWNhZTI2N2U3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhFQ3O/fue3cD4HU53fPIWoL7gmQ/
YfJfUJqoepTuVrZU/iP/OfcI7WyEJ5PhRz9lNJdbEmcJfkHIOL+tGroIoidNiLEY
729YILRnjLSYP//vrFiMbWUj1FXIkT+JoMQj5N5t2fQQnLeBOV9cFQ/jXMVyfndM
4aJDDVsXkN+FtVslJo4ZkmT1jVjMigRPzgo9xws8iXiwhIhQ7+PfkWQS3wSYx/NY
HQm2lOQTVef3/P/uX+t4tcjcxC8gjuOEtR15KIWNvjbOtAnb5pbviOmvyKXYNbaT
lacEdWr7D1+d0HmN5TRkTf6YcfkQXDVvPBOb3FOtoMaeZxP6clsp+rx9dQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOUTXgrS+jRZXKlmkimXd7nK4mfnMB8GA1UdIwQY
MBaAFPAtrGBfRllxjAoV4fcyy9T0iq57MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYt
MjkyYWU0NmU2MzAyLzEvNVJOZUN0TDZORmxjcVdhU0taZDN1Y3JpWi1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYtMjkyYWU0NmU2MzAy
LzEvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUbb/MA0G
CSqGSIb3DQEBCwUAA4IBAQBw2go3StCA3w/OUE93Q/ymc/pUm82oEv9xVrKuutlV
0mbHd60/W7M9rlqvr+cqX2yuIBlRZfw0OfePg6KDe4dDtNf7tzKoWiHqbKpGPl1u
lTrNNrASwQaVLuxl17uu4gMKzx68aE+aUegZiF5I89zHqnEf2eg2Bxz/TO/8PtEy
CIcarfDBkrWNMl6aweddG51PH8ErWkuslrJq0dIqVdbbSFGjtWUIucTWVwA9RPNN
kdTKlX64X/sw9Fswi/jaSgddna/5aoRmBuj+1ie2f4LFpVptSlTw2UBhVxmhncTO
KAB7Kn/tmBwPWHcDAmIcUKpuRAgZOQ3UJJ+6+WjXxBmT
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:47 2024 by rpki-client on console-fra.rpki-client.org