Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/b4tof-8MSiQxgTPlQw1-2ILGoVU.roa
File:                     b4tof-8MSiQxgTPlQw1-2ILGoVU.roa (raw, json)
Hash identifier:          UevPOF2sEHyWXPTB2HoO+aTvw16jEl2UdNKx245riwc=
Subject key identifier:   6F:8B:68:7F:EF:0C:4A:24:31:81:33:E5:43:0D:7E:D8:82:C6:A1:55
Certificate issuer:       /CN=5fbe65ae23f207fa695255f55a907ac1608be094
Certificate serial:       018F398212439F273F7F2578D9BAB6BAF01D
Authority key identifier: 5F:BE:65:AE:23:F2:07:FA:69:52:55:F5:5A:90:7A:C1:60:8B:E0:94
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/X75lriPyB_ppUlX1WpB6wWCL4JQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/b4tof-8MSiQxgTPlQw1-2ILGoVU.roa
Signing time:             Thu 02 May 2024 13:32:56 +0000
ROA not before:           Thu 02 May 2024 13:32:56 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     49981
IP address blocks:        5.253.63.0/24 maxlen: 24
                          185.244.48.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 03 May 2024 13:46:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:39:82:12:43:9f:27:3f:7f:25:78:d9:ba:b6:ba:f0:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5fbe65ae23f207fa695255f55a907ac1608be094
        Validity
            Not Before: May  2 13:32:56 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=6f8b687fef0c4a24318133e5430d7ed882c6a155
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:d6:3a:67:d3:92:64:b6:ef:74:33:52:f7:ae:
                    70:5f:55:66:3d:b1:fb:dd:98:a9:63:26:91:39:5a:
                    e0:f3:08:20:aa:e0:c9:f8:16:db:69:77:70:02:e6:
                    e4:d8:86:84:d3:90:fc:11:87:79:18:24:11:80:ed:
                    cf:32:6f:12:72:4d:90:fe:d8:ee:0b:af:41:8a:ce:
                    7f:67:50:7b:11:e9:66:90:5f:ce:7e:6a:f3:ce:fc:
                    a3:1d:7d:27:08:88:5f:4b:7a:6f:d7:72:56:00:5e:
                    a7:02:06:d6:8f:51:96:11:bc:04:68:6b:00:0e:d8:
                    8f:0e:d4:59:71:89:41:3c:d4:f7:73:f8:b6:ac:bc:
                    2a:b9:47:ee:f7:31:47:8c:75:be:55:89:c9:c6:03:
                    1c:a6:18:3e:9e:e2:ca:75:db:87:b5:90:2c:7e:37:
                    0e:18:4c:1a:46:98:1c:73:ed:56:d3:5a:fb:6d:06:
                    f5:19:2c:97:62:ba:e1:a7:05:58:fe:06:8b:49:8e:
                    8e:6b:59:81:88:d4:40:b4:87:3f:f3:71:5f:39:2a:
                    70:30:ba:f7:c1:2f:ae:fc:48:52:1b:d8:c9:f9:db:
                    8e:db:39:9c:1e:6a:00:6d:eb:2c:1b:85:70:4c:53:
                    fc:7b:7d:9c:f7:42:26:e2:e5:8c:8a:dd:be:88:25:
                    e3:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:8B:68:7F:EF:0C:4A:24:31:81:33:E5:43:0D:7E:D8:82:C6:A1:55
            X509v3 Authority Key Identifier:
                keyid:5F:BE:65:AE:23:F2:07:FA:69:52:55:F5:5A:90:7A:C1:60:8B:E0:94

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X75lriPyB_ppUlX1WpB6wWCL4JQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/b4tof-8MSiQxgTPlQw1-2ILGoVU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/X75lriPyB_ppUlX1WpB6wWCL4JQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.253.63.0/24
                  185.244.48.0/24

    Signature Algorithm: sha256WithRSAEncryption
         82:35:3d:20:f5:a8:73:25:1e:22:60:13:12:6f:f0:e1:e6:4b:
         a0:0d:ca:d6:c4:50:83:25:51:5e:d9:2a:6d:f4:82:c2:9c:c0:
         77:6f:7f:d6:d5:f8:fc:77:d5:aa:20:20:f1:61:3d:b1:74:31:
         c4:8e:73:f6:25:a2:7f:b4:c6:dc:b7:0a:82:c4:90:3b:17:f5:
         be:ee:83:60:d8:63:0f:db:c4:27:df:ba:47:4a:7d:5c:d9:77:
         93:a5:df:89:fc:73:0e:94:95:1d:70:d3:3f:f7:04:12:10:50:
         6a:20:05:59:6d:83:81:45:cd:6c:be:03:8b:fb:90:e5:bf:9c:
         db:24:d0:91:0f:77:e4:7a:ef:40:5d:d4:4d:6c:85:10:ec:ad:
         2d:bb:89:c5:9c:18:0f:bb:23:a0:21:4e:d8:ce:e7:13:5b:c5:
         ec:5c:d2:42:55:fb:80:73:11:c4:3f:71:ca:6c:db:27:a4:8a:
         17:c6:ed:f9:62:1b:fa:eb:ac:12:80:b9:c0:b2:3d:d2:b7:63:
         6e:9a:08:34:d0:59:13:55:54:d7:68:08:66:a4:0d:48:9a:d5:
         bb:e6:b9:48:f7:08:4d:84:84:12:75:1e:0f:15:44:46:c3:67:
         8b:7b:62:d3:a2:8f:42:57:58:ed:3f:eb:45:89:1d:be:f3:5c:
         df:29:11:7d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY85ghJDnyc/fyV42bq2uvAdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmYmU2NWFlMjNmMjA3ZmE2OTUyNTVmNTVhOTA3YWMxNjA4
YmUwOTQwHhcNMjQwNTAyMTMzMjU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjhiNjg3ZmVmMGM0YTI0MzE4MTMzZTU0MzBkN2VkODgyYzZhMTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6tY6Z9OSZLbvdDNS965wX1VmPbH7
3ZipYyaROVrg8wggquDJ+BbbaXdwAubk2IaE05D8EYd5GCQRgO3PMm8Sck2Q/tju
C69Bis5/Z1B7EelmkF/OfmrzzvyjHX0nCIhfS3pv13JWAF6nAgbWj1GWEbwEaGsA
DtiPDtRZcYlBPNT3c/i2rLwquUfu9zFHjHW+VYnJxgMcphg+nuLKdduHtZAsfjcO
GEwaRpgcc+1W01r7bQb1GSyXYrrhpwVY/gaLSY6Oa1mBiNRAtIc/83FfOSpwMLr3
wS+u/EhSG9jJ+duO2zmcHmoAbessG4VwTFP8e32c90Im4uWMit2+iCXjVwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFG+LaH/vDEokMYEz5UMNftiCxqFVMB8GA1UdIwQY
MBaAFF++Za4j8gf6aVJV9VqQesFgi+CUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDc1bHJpUHlCX3BwVWxYMVdwQjZ3V0NMNEpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9mNDMxOWYtM2RmYi00MmVhLWJhOTUt
NDkyYWIzNzI2ODlkLzEvYjR0b2YtOE1TaVF4Z1RQbFF3MS0ySUxHb1ZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS9mNDMxOWYtM2RmYi00MmVhLWJhOTUtNDkyYWIzNzI2ODlk
LzEvWDc1bHJpUHlCX3BwVWxYMVdwQjZ3V0NMNEpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABf0/AwQA
ufQwMA0GCSqGSIb3DQEBCwUAA4IBAQCCNT0g9ahzJR4iYBMSb/Dh5kugDcrWxFCD
JVFe2Spt9ILCnMB3b3/W1fj8d9WqICDxYT2xdDHEjnP2JaJ/tMbctwqCxJA7F/W+
7oNg2GMP28Qn37pHSn1c2XeTpd+J/HMOlJUdcNM/9wQSEFBqIAVZbYOBRc1svgOL
+5Dlv5zbJNCRD3fkeu9AXdRNbIUQ7K0tu4nFnBgPuyOgIU7YzucTW8XsXNJCVfuA
cxHEP3HKbNsnpIoXxu35Yhv666wSgLnAsj3St2Numgg00FkTVVTXaAhmpA1ImtW7
5rlI9whNhIQSdR4PFURGw2eLe2LToo9CV1jtP+tFiR2+81zfKRF9
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:59 2024 by rpki-client on console-fra.rpki-client.org