Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/0c3c4d-01d2-440a-a51f-9195d02ded55/1/fPPJJr9XKw1i1brCdLp5i2eu60g.roa
File:                     fPPJJr9XKw1i1brCdLp5i2eu60g.roa (raw, json)
Hash identifier:          i5/VyP9V3YnuIvVJ9GwLK19s8xsPBcoVJuEbKaAbqPA=
Subject key identifier:   7C:F3:C9:26:BF:57:2B:0D:62:D5:BA:C2:74:BA:79:8B:67:AE:EB:48
Certificate issuer:       /CN=ef5082d37fbc81998bfcf948a5bbdda63edfdee0
Certificate serial:       018570DE6DCEC1CFA07E03A1A3A5474BE086
Authority key identifier: EF:50:82:D3:7F:BC:81:99:8B:FC:F9:48:A5:BB:DD:A6:3E:DF:DE:E0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/71CC03-8gZmL_PlIpbvdpj7f3uA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8e/0c3c4d-01d2-440a-a51f-9195d02ded55/1/fPPJJr9XKw1i1brCdLp5i2eu60g.roa
Signing time:             Mon 02 Jan 2023 05:05:03 +0000
ROA not before:           Mon 02 Jan 2023 05:05:03 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     198977
IP address blocks:        5.104.16.0/21 maxlen: 21

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 06:30:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:de:6d:ce:c1:cf:a0:7e:03:a1:a3:a5:47:4b:e0:86
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ef5082d37fbc81998bfcf948a5bbdda63edfdee0
        Validity
            Not Before: Jan  2 05:05:03 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7cf3c926bf572b0d62d5bac274ba798b67aeeb48
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:2e:84:85:36:fa:53:b6:1b:cb:16:bc:75:d0:
                    22:f6:1b:03:1f:52:5d:a9:98:d2:93:91:34:68:7b:
                    13:c0:bc:39:20:fa:63:9f:b5:77:1a:1a:a9:20:ca:
                    06:8b:1f:77:88:5b:81:13:99:a0:86:8d:d4:9a:15:
                    72:97:12:aa:52:63:f2:aa:42:f3:c9:15:d8:75:d5:
                    49:fd:61:17:f7:a4:ee:10:b9:d9:ae:1b:f9:81:72:
                    6b:d7:b5:58:53:b8:91:43:8d:87:7d:16:6c:ff:8a:
                    6a:80:32:65:8c:3f:d1:f4:cc:e0:eb:c0:ec:03:55:
                    4b:37:f6:2b:08:60:d3:ab:64:3c:35:7d:96:86:0e:
                    9e:c7:ba:5b:22:33:87:20:34:c9:5e:f7:c8:f7:45:
                    33:d7:8a:02:72:12:e8:1b:71:1a:1e:5b:b7:eb:64:
                    04:63:28:0c:5c:76:a5:13:0c:06:6f:21:04:00:4d:
                    58:1f:78:e9:95:da:58:e4:b9:69:7b:61:0f:ad:f6:
                    4b:98:7a:df:a2:8a:d0:83:29:b6:24:9c:14:3e:2b:
                    35:02:5e:14:20:6f:08:92:41:7a:06:f2:4a:8b:b9:
                    c6:37:eb:fd:f0:6c:ec:34:97:30:17:da:dd:de:b6:
                    fe:46:3a:d2:a7:5b:cb:54:96:fb:3b:ff:89:f8:57:
                    59:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:F3:C9:26:BF:57:2B:0D:62:D5:BA:C2:74:BA:79:8B:67:AE:EB:48
            X509v3 Authority Key Identifier:
                keyid:EF:50:82:D3:7F:BC:81:99:8B:FC:F9:48:A5:BB:DD:A6:3E:DF:DE:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/71CC03-8gZmL_PlIpbvdpj7f3uA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/0c3c4d-01d2-440a-a51f-9195d02ded55/1/fPPJJr9XKw1i1brCdLp5i2eu60g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/0c3c4d-01d2-440a-a51f-9195d02ded55/1/71CC03-8gZmL_PlIpbvdpj7f3uA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.104.16.0/21

    Signature Algorithm: sha256WithRSAEncryption
         98:b1:f9:c3:62:78:4b:d0:eb:28:3f:37:17:17:8f:7f:0a:63:
         4c:07:9d:1b:f5:6a:c9:52:d5:b0:60:0c:a7:4f:0e:23:25:42:
         7f:b3:06:fa:80:48:5e:46:a4:97:2b:f4:1e:3a:84:3b:18:0f:
         36:da:85:eb:de:41:eb:6e:f1:ff:bc:1a:5c:7e:29:3d:bf:ec:
         07:44:18:3f:1d:ab:19:8c:75:a4:68:dd:cd:1c:ea:1b:13:20:
         54:d9:83:ef:94:86:8b:a4:0a:f9:4f:c2:1a:b6:e8:a3:39:16:
         fc:ae:b8:77:0f:87:49:8b:0d:bb:40:a7:6d:2f:b7:ec:7c:40:
         79:a6:e0:1f:72:e7:31:db:a1:1c:34:57:f7:86:3d:d3:43:a2:
         a5:ac:82:3f:95:a1:b2:d1:01:55:2e:94:bd:a8:83:15:05:5c:
         23:b1:f1:43:34:ca:6c:98:7b:f7:c3:50:89:04:28:df:9f:d7:
         75:7c:4f:92:ac:b2:a7:40:de:2c:1a:fd:e2:0b:7b:34:1d:32:
         e7:ea:d5:0a:22:9a:7d:76:f4:1d:71:ee:04:58:54:e8:d0:eb:
         1b:89:48:ac:6e:a4:e8:da:34:70:db:dc:2e:fc:19:d7:1c:25:
         91:b9:da:50:75:72:34:3d:ad:58:b6:e0:ac:4a:6d:ba:89:ed:
         91:c3:06:da
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw3m3Owc+gfgOho6VHS+CGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNTA4MmQzN2ZiYzgxOTk4YmZjZjk0OGE1YmJkZGE2M2Vk
ZmRlZTAwHhcNMjMwMTAyMDUwNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2YzYzkyNmJmNTcyYjBkNjJkNWJhYzI3NGJhNzk4YjY3YWVlYjQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzy6EhTb6U7Ybyxa8ddAi9hsDH1Jd
qZjSk5E0aHsTwLw5IPpjn7V3GhqpIMoGix93iFuBE5mgho3UmhVylxKqUmPyqkLz
yRXYddVJ/WEX96TuELnZrhv5gXJr17VYU7iRQ42HfRZs/4pqgDJljD/R9Mzg68Ds
A1VLN/YrCGDTq2Q8NX2Whg6ex7pbIjOHIDTJXvfI90Uz14oCchLoG3EaHlu362QE
YygMXHalEwwGbyEEAE1YH3jpldpY5Llpe2EPrfZLmHrfoorQgym2JJwUPis1Al4U
IG8IkkF6BvJKi7nGN+v98GzsNJcwF9rd3rb+RjrSp1vLVJb7O/+J+FdZxwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHzzySa/VysNYtW6wnS6eYtnrutIMB8GA1UdIwQY
MBaAFO9QgtN/vIGZi/z5SKW73aY+397gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzFDQzAzLThnWm1MX1BsSXBidmRwajdmM3VBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wYzNjNGQtMDFkMi00NDBhLWE1MWYt
OTE5NWQwMmRlZDU1LzEvZlBQSkpyOVhLdzFpMWJyQ2RMcDVpMmV1NjBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wYzNjNGQtMDFkMi00NDBhLWE1MWYtOTE5NWQwMmRlZDU1
LzEvNzFDQzAzLThnWm1MX1BsSXBidmRwajdmM3VBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDBWgQMA0G
CSqGSIb3DQEBCwUAA4IBAQCYsfnDYnhL0OsoPzcXF49/CmNMB50b9WrJUtWwYAyn
Tw4jJUJ/swb6gEheRqSXK/QeOoQ7GA822oXr3kHrbvH/vBpcfik9v+wHRBg/HasZ
jHWkaN3NHOobEyBU2YPvlIaLpAr5T8IatuijORb8rrh3D4dJiw27QKdtL7fsfEB5
puAfcucx26EcNFf3hj3TQ6KlrII/laGy0QFVLpS9qIMVBVwjsfFDNMpsmHv3w1CJ
BCjfn9d1fE+SrLKnQN4sGv3iC3s0HTLn6tUKIpp9dvQdce4EWFTo0OsbiUisbqTo
2jRw29wu/BnXHCWRudpQdXI0Pa1YtuCsSm26ie2Rwwba
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:52 2024 by rpki-client on console-fra.rpki-client.org