Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/_sBtt35HJUsjz4Ev-hCAHvjuDC4.roa
File:                     _sBtt35HJUsjz4Ev-hCAHvjuDC4.roa (raw, json)
Hash identifier:          inBuDWYaiULTtJHV0Yd9xacWTyO8zIb/y0X0io+k5Os=
Subject key identifier:   FE:C0:6D:B7:7E:47:25:4B:23:CF:81:2F:FA:10:80:1E:F8:EE:0C:2E
Certificate issuer:       /CN=2e82963ff1aa70ab10d1d33e86b1d6d494d6ce51
Certificate serial:       018C05BCB1EF4F2AA5FF0A4A6A083F6D41B3
Authority key identifier: 2E:82:96:3F:F1:AA:70:AB:10:D1:D3:3E:86:B1:D6:D4:94:D6:CE:51
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/_sBtt35HJUsjz4Ev-hCAHvjuDC4.roa
Signing time:             Sat 25 Nov 2023 09:08:21 +0000
ROA not before:           Sat 25 Nov 2023 09:08:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     980
IP address blocks:        5.249.180.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:30:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:05:bc:b1:ef:4f:2a:a5:ff:0a:4a:6a:08:3f:6d:41:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2e82963ff1aa70ab10d1d33e86b1d6d494d6ce51
        Validity
            Not Before: Nov 25 09:08:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=fec06db77e47254b23cf812ffa10801ef8ee0c2e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:fb:e5:5a:3b:f6:51:da:00:f3:3a:f3:a2:78:
                    ee:a9:dd:24:db:76:47:10:ab:e8:a1:c9:19:2b:24:
                    de:c9:14:26:df:b8:2c:be:45:6a:96:bb:ec:e3:b0:
                    e2:ce:d8:f3:3c:8e:c1:dc:26:7a:17:cd:cf:ec:52:
                    ed:89:c0:88:46:38:67:ed:f5:a1:5e:91:8f:eb:b2:
                    b2:34:ad:39:91:3d:c3:9d:99:1a:94:b6:06:ad:fc:
                    f3:0e:87:75:ab:71:3f:c7:09:a4:cc:ef:d9:0e:66:
                    48:31:47:f3:01:ad:0b:6e:e6:8e:7f:2a:91:54:a3:
                    f5:69:ae:88:78:f1:91:02:97:5e:9f:06:12:cd:0f:
                    d5:3b:58:58:0e:6f:a6:62:45:72:bd:92:13:9e:aa:
                    4b:e6:08:ef:52:d6:0c:af:dc:66:6b:d9:97:7a:ce:
                    c6:9f:85:0c:38:12:bd:45:f6:c6:38:c1:a4:c3:ee:
                    e3:a4:00:66:76:e5:84:96:10:0f:be:70:df:74:26:
                    1f:4e:6d:58:23:fb:22:47:93:9d:90:92:f8:bb:34:
                    7c:d0:51:32:3f:0f:a7:ed:7a:ca:cd:a5:98:ff:87:
                    c9:f1:ba:a7:ec:e2:ec:14:68:f1:f1:5e:56:72:c0:
                    86:8c:22:17:c1:88:3d:5d:bd:df:8d:1a:c4:13:a8:
                    dd:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:C0:6D:B7:7E:47:25:4B:23:CF:81:2F:FA:10:80:1E:F8:EE:0C:2E
            X509v3 Authority Key Identifier:
                keyid:2E:82:96:3F:F1:AA:70:AB:10:D1:D3:3E:86:B1:D6:D4:94:D6:CE:51

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/_sBtt35HJUsjz4Ev-hCAHvjuDC4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.249.180.0/22

    Signature Algorithm: sha256WithRSAEncryption
         9b:19:88:e3:b4:06:8b:ec:81:93:54:d8:5a:29:44:b9:fe:10:
         4d:b8:91:83:c8:91:79:57:45:da:12:7e:9c:90:2a:67:a9:6f:
         1e:61:33:2f:c3:4b:7d:c6:70:90:a0:88:bb:62:c8:ba:bd:f1:
         7c:08:4a:be:08:24:02:4d:fa:6d:d7:32:22:00:eb:1c:e9:b6:
         61:d6:d9:d0:ac:99:c4:43:49:2b:0d:47:23:cc:85:9d:3d:53:
         a3:a3:09:32:df:4a:5b:f7:ee:18:1d:3f:72:c7:32:24:4b:ac:
         1d:df:16:86:1d:54:87:ec:09:06:97:53:19:4b:06:93:37:10:
         62:50:9f:23:af:fe:4a:f2:ef:c3:04:87:81:e0:05:0a:e1:65:
         11:1b:34:59:81:40:4a:8e:54:a7:ab:2e:e8:7a:6a:99:f7:01:
         ef:50:ef:95:c7:7a:b2:98:ff:1e:74:ea:a3:54:eb:6b:16:04:
         02:af:d9:0b:f0:9b:37:5d:40:d2:c7:69:a8:76:98:b1:98:00:
         b4:87:1e:7b:94:b0:9a:8f:a8:c1:16:06:59:6f:cc:c2:d8:03:
         17:53:cd:a8:81:02:01:33:c1:d1:02:dd:eb:cc:63:e5:5f:48:
         75:f1:de:ff:b2:38:6b:03:6b:62:4a:12:2b:95:ac:82:f3:e9:
         70:0f:e9:2d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYwFvLHvTyql/wpKagg/bUGzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlODI5NjNmZjFhYTcwYWIxMGQxZDMzZTg2YjFkNmQ0OTRk
NmNlNTEwHhcNMjMxMTI1MDkwODIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZWMwNmRiNzdlNDcyNTRiMjNjZjgxMmZmYTEwODAxZWY4ZWUwYzJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi/vlWjv2UdoA8zrzonjuqd0k23ZH
EKvoockZKyTeyRQm37gsvkVqlrvs47DiztjzPI7B3CZ6F83P7FLticCIRjhn7fWh
XpGP67KyNK05kT3DnZkalLYGrfzzDod1q3E/xwmkzO/ZDmZIMUfzAa0LbuaOfyqR
VKP1aa6IePGRApdenwYSzQ/VO1hYDm+mYkVyvZITnqpL5gjvUtYMr9xma9mXes7G
n4UMOBK9RfbGOMGkw+7jpABmduWElhAPvnDfdCYfTm1YI/siR5OdkJL4uzR80FEy
Pw+n7XrKzaWY/4fJ8bqn7OLsFGjx8V5WcsCGjCIXwYg9Xb3fjRrEE6jdzwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP7Abbd+RyVLI8+BL/oQgB747gwuMB8GA1UdIwQY
MBaAFC6Clj/xqnCrENHTPoax1tSU1s5RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG9LV1BfR3FjS3NRMGRNLWhySFcxSlRXemxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi85NTdjNjgtNmYyNy00MGVkLWFiZWQt
ZGY2NGYwZTgyMzYwLzEvX3NCdHQzNUhKVXNqejRFdi1oQ0FIdmp1REM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi85NTdjNjgtNmYyNy00MGVkLWFiZWQtZGY2NGYwZTgyMzYw
LzEvTG9LV1BfR3FjS3NRMGRNLWhySFcxSlRXemxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBfm0MA0G
CSqGSIb3DQEBCwUAA4IBAQCbGYjjtAaL7IGTVNhaKUS5/hBNuJGDyJF5V0XaEn6c
kCpnqW8eYTMvw0t9xnCQoIi7Ysi6vfF8CEq+CCQCTfpt1zIiAOsc6bZh1tnQrJnE
Q0krDUcjzIWdPVOjowky30pb9+4YHT9yxzIkS6wd3xaGHVSH7AkGl1MZSwaTNxBi
UJ8jr/5K8u/DBIeB4AUK4WURGzRZgUBKjlSnqy7oemqZ9wHvUO+Vx3qymP8edOqj
VOtrFgQCr9kL8Js3XUDSx2modpixmAC0hx57lLCaj6jBFgZZb8zC2AMXU82ogQIB
M8HRAt3rzGPlX0h18d7/sjhrA2tiShIrlayC8+lwD+kt
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:05 2024 by rpki-client on console-fra.rpki-client.org