Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/2vkASf-hdUr1w99fI4lSsg6_Cpc.roa
File:                     2vkASf-hdUr1w99fI4lSsg6_Cpc.roa (raw, json)
Hash identifier:          baWtOC/dpSEq59TOI2XJ0GkAEwBhp5fTUhH3lPKa59Q=
Subject key identifier:   DA:F9:00:49:FF:A1:75:4A:F5:C3:DF:5F:23:89:52:B2:0E:BF:0A:97
Certificate issuer:       /CN=2e82963ff1aa70ab10d1d33e86b1d6d494d6ce51
Certificate serial:       01856BC11D6531954877548BDB7E22DE5AA1
Authority key identifier: 2E:82:96:3F:F1:AA:70:AB:10:D1:D3:3E:86:B1:D6:D4:94:D6:CE:51
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/2vkASf-hdUr1w99fI4lSsg6_Cpc.roa
Signing time:             Sun 01 Jan 2023 05:14:56 +0000
ROA not before:           Sun 01 Jan 2023 05:14:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     207326
IP address blocks:        5.249.188.0/22 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:c1:1d:65:31:95:48:77:54:8b:db:7e:22:de:5a:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2e82963ff1aa70ab10d1d33e86b1d6d494d6ce51
        Validity
            Not Before: Jan  1 05:14:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=daf90049ffa1754af5c3df5f238952b20ebf0a97
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:b4:41:88:43:a0:ec:f7:7e:f0:6f:de:51:ef:
                    6d:3b:db:94:01:0f:56:af:74:83:7c:8c:8a:0b:a2:
                    ee:a8:fa:e7:09:4f:f9:31:79:b4:bf:2a:88:7a:0b:
                    69:ff:ab:81:1f:8b:cf:63:b1:b0:2c:98:d1:a8:55:
                    cc:f7:8e:89:00:ac:d6:be:44:1d:54:ec:f0:b8:36:
                    4e:fe:36:3c:d9:22:e7:05:69:93:3f:b7:21:88:8e:
                    d1:09:58:bb:5d:46:f7:36:9a:e0:a0:04:66:fb:0c:
                    bb:56:26:f9:e6:9d:46:f4:cb:1c:36:1b:f5:3b:01:
                    92:ac:69:ee:09:d7:c6:81:ef:6d:8b:04:79:18:a5:
                    b7:b1:0f:d9:a0:55:26:3b:71:2a:b2:62:41:ba:32:
                    86:dc:43:8a:03:a7:41:6b:b5:55:ec:15:3a:8f:37:
                    d4:b9:1f:0b:df:07:62:05:89:61:78:94:09:fe:11:
                    ed:4c:e4:5d:d8:33:47:5c:fa:e8:c2:fc:1c:c2:b9:
                    3a:ac:e0:8f:bf:73:c1:62:52:3f:9d:2d:90:45:ef:
                    0e:db:15:28:5f:1e:8e:a1:e4:12:6e:38:69:ce:36:
                    86:06:db:db:3c:ed:98:64:2f:02:9e:d3:ee:89:3e:
                    67:36:df:2c:cf:50:18:07:59:83:8b:35:ac:9e:46:
                    20:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:F9:00:49:FF:A1:75:4A:F5:C3:DF:5F:23:89:52:B2:0E:BF:0A:97
            X509v3 Authority Key Identifier:
                keyid:2E:82:96:3F:F1:AA:70:AB:10:D1:D3:3E:86:B1:D6:D4:94:D6:CE:51

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/2vkASf-hdUr1w99fI4lSsg6_Cpc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.249.188.0/22

    Signature Algorithm: sha256WithRSAEncryption
         47:ed:41:db:f8:1f:28:52:15:d0:a1:68:b3:e1:70:d6:1d:7f:
         54:c4:60:ed:5d:ed:0b:fa:ac:e1:3f:bf:28:0a:92:9e:48:2d:
         ce:5a:cd:d1:a6:83:f2:c8:b9:b2:96:ce:6f:83:69:f0:83:4a:
         ed:de:13:f3:dc:1d:2c:2a:f1:35:04:1f:e6:2f:f3:08:6a:88:
         6d:9f:a6:ea:6b:8b:a1:02:74:be:62:82:23:c6:60:14:68:2e:
         d6:57:0f:eb:60:1c:cf:20:d0:ef:0e:c7:56:33:4d:06:9f:ef:
         3e:d0:48:2c:da:83:a2:6d:f9:6b:aa:21:97:ac:22:6b:5b:1d:
         fd:f8:80:01:51:38:c0:9e:f4:84:90:9e:cc:40:e5:0f:72:4a:
         77:a1:1b:c0:f3:b1:75:26:c6:52:e3:88:c2:de:0e:b8:a4:8f:
         1e:a0:fc:fd:88:ae:7f:a8:70:ef:72:31:f4:4e:45:52:c0:4f:
         ff:b5:90:76:51:f0:01:fe:7d:e8:63:30:cb:9d:88:27:bd:1a:
         c7:0c:30:69:71:63:5c:ec:05:eb:cc:66:9a:60:74:7f:4c:3f:
         58:71:9d:39:e0:15:26:55:3d:50:96:22:bd:5f:c5:ed:24:59:
         88:55:14:25:a9:14:6c:3a:fd:a1:20:08:81:30:6d:be:2a:fb:
         c0:17:48:f4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrwR1lMZVId1SL234i3lqhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlODI5NjNmZjFhYTcwYWIxMGQxZDMzZTg2YjFkNmQ0OTRk
NmNlNTEwHhcNMjMwMTAxMDUxNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWY5MDA0OWZmYTE3NTRhZjVjM2RmNWYyMzg5NTJiMjBlYmYwYTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs7RBiEOg7Pd+8G/eUe9tO9uUAQ9W
r3SDfIyKC6LuqPrnCU/5MXm0vyqIegtp/6uBH4vPY7GwLJjRqFXM946JAKzWvkQd
VOzwuDZO/jY82SLnBWmTP7chiI7RCVi7XUb3NprgoARm+wy7Vib55p1G9MscNhv1
OwGSrGnuCdfGge9tiwR5GKW3sQ/ZoFUmO3EqsmJBujKG3EOKA6dBa7VV7BU6jzfU
uR8L3wdiBYlheJQJ/hHtTORd2DNHXProwvwcwrk6rOCPv3PBYlI/nS2QRe8O2xUo
Xx6OoeQSbjhpzjaGBtvbPO2YZC8CntPuiT5nNt8sz1AYB1mDizWsnkYglwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNr5AEn/oXVK9cPfXyOJUrIOvwqXMB8GA1UdIwQY
MBaAFC6Clj/xqnCrENHTPoax1tSU1s5RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG9LV1BfR3FjS3NRMGRNLWhySFcxSlRXemxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi85NTdjNjgtNmYyNy00MGVkLWFiZWQt
ZGY2NGYwZTgyMzYwLzEvMnZrQVNmLWhkVXIxdzk5Zkk0bFNzZzZfQ3BjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi85NTdjNjgtNmYyNy00MGVkLWFiZWQtZGY2NGYwZTgyMzYw
LzEvTG9LV1BfR3FjS3NRMGRNLWhySFcxSlRXemxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBfm8MA0G
CSqGSIb3DQEBCwUAA4IBAQBH7UHb+B8oUhXQoWiz4XDWHX9UxGDtXe0L+qzhP78o
CpKeSC3OWs3RpoPyyLmyls5vg2nwg0rt3hPz3B0sKvE1BB/mL/MIaohtn6bqa4uh
AnS+YoIjxmAUaC7WVw/rYBzPINDvDsdWM00Gn+8+0Egs2oOibflrqiGXrCJrWx39
+IABUTjAnvSEkJ7MQOUPckp3oRvA87F1JsZS44jC3g64pI8eoPz9iK5/qHDvcjH0
TkVSwE//tZB2UfAB/n3oYzDLnYgnvRrHDDBpcWNc7AXrzGaaYHR/TD9YcZ054BUm
VT1QliK9X8XtJFmIVRQlqRRsOv2hIAiBMG2+KvvAF0j0
-----END CERTIFICATE-----
Generated at Thu Aug 17 12:34:43 2023 by rpki-client on console-ams.rpki-client.org