Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/dU9SVtlMUMjcqqfBon73DejNh2A.roa
File:                     dU9SVtlMUMjcqqfBon73DejNh2A.roa (raw, json)
Hash identifier:          Pg4moYwaJs4NVUnXu2USJWBcY875nkxoL0VZzWcaQyI=
Subject key identifier:   75:4F:52:56:D9:4C:50:C8:DC:AA:A7:C1:A2:7E:F7:0D:E8:CD:87:60
Certificate issuer:       /CN=2e82963ff1aa70ab10d1d33e86b1d6d494d6ce51
Certificate serial:       018EA84AE7BBB15483BB174DDFE95D9A919C
Authority key identifier: 2E:82:96:3F:F1:AA:70:AB:10:D1:D3:3E:86:B1:D6:D4:94:D6:CE:51
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/dU9SVtlMUMjcqqfBon73DejNh2A.roa
Signing time:             Thu 04 Apr 2024 08:47:45 +0000
ROA not before:           Thu 04 Apr 2024 08:47:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     834
IP address blocks:        5.249.184.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Fri 19 Apr 2024 07:13:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:a8:4a:e7:bb:b1:54:83:bb:17:4d:df:e9:5d:9a:91:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2e82963ff1aa70ab10d1d33e86b1d6d494d6ce51
        Validity
            Not Before: Apr  4 08:47:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=754f5256d94c50c8dcaaa7c1a27ef70de8cd8760
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:b0:7b:d5:a9:87:70:f7:cb:98:fe:24:0e:b2:
                    ec:98:00:3b:79:3d:a7:1e:f9:fc:36:f2:27:8f:d1:
                    50:3b:b7:8d:d0:eb:7b:83:47:9b:0b:db:50:76:c7:
                    53:f0:e5:f6:6a:71:eb:41:93:f7:bc:c0:f3:2f:54:
                    08:17:32:42:7f:21:7d:fb:0a:ff:53:d0:84:67:e5:
                    b0:f6:93:d2:8e:fb:1e:e2:6e:ae:fc:0c:03:c4:d4:
                    74:3e:99:f0:59:2e:bb:ac:d1:71:66:c1:b7:ff:00:
                    4c:fc:ea:c6:b3:52:b2:55:8c:5f:37:65:9f:a6:c9:
                    cc:2f:6d:8d:e4:dd:c8:d8:12:fe:11:9c:bd:e4:c7:
                    6f:1f:d5:d4:27:9a:9c:49:2c:d5:4e:d3:4b:f6:30:
                    8c:06:cd:61:f2:f2:d3:2d:c5:17:e3:82:df:25:c1:
                    d0:9f:28:6a:3c:76:29:25:42:7c:af:d6:58:61:af:
                    11:2c:8f:07:55:e9:6f:b1:b1:2d:29:17:db:cc:1e:
                    e0:e6:5d:77:b2:cb:60:82:a5:58:91:13:95:15:11:
                    ae:8e:04:bc:19:b7:a0:38:9e:bb:ab:4e:91:f8:dd:
                    11:13:45:6a:e7:8a:e6:8c:66:18:0b:a5:bc:a9:53:
                    fc:49:70:c7:cc:ab:b8:16:df:cb:47:aa:3e:15:d5:
                    d6:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:4F:52:56:D9:4C:50:C8:DC:AA:A7:C1:A2:7E:F7:0D:E8:CD:87:60
            X509v3 Authority Key Identifier:
                keyid:2E:82:96:3F:F1:AA:70:AB:10:D1:D3:3E:86:B1:D6:D4:94:D6:CE:51

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/dU9SVtlMUMjcqqfBon73DejNh2A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.249.184.0/22

    Signature Algorithm: sha256WithRSAEncryption
         5a:d5:3e:e7:70:69:4f:50:06:81:95:c3:5d:6c:56:12:cb:38:
         00:48:1c:e5:57:10:5e:bc:63:f9:8d:ac:a7:75:28:12:9d:bc:
         6d:28:e1:3a:08:d1:ff:95:66:d0:84:a7:d7:df:26:db:36:5a:
         8a:05:d9:2a:37:da:34:8a:cc:60:fa:83:de:93:58:b9:2c:39:
         de:8c:9f:1c:86:90:b1:84:5a:ec:06:0f:7d:e4:c7:c3:5a:f7:
         31:a3:86:5d:03:3c:6b:4a:5a:b1:b3:2f:12:0f:fd:9d:9b:19:
         08:11:f7:1c:ce:59:f4:d6:aa:28:5c:ae:28:36:e1:e9:25:59:
         3f:3e:b9:55:f5:e1:e5:8d:0b:38:4e:32:ff:c9:34:48:76:03:
         05:53:b4:0c:19:c4:5e:e0:22:34:a2:89:3f:f9:34:52:a8:ce:
         a8:f3:38:af:70:10:66:99:0b:43:30:7e:ab:63:8b:c8:c7:40:
         0e:e7:cb:08:8e:63:40:57:26:88:df:be:3a:96:e8:e3:d9:58:
         2a:9f:d0:f2:b6:91:66:be:46:40:64:db:aa:e3:4a:b8:52:a1:
         13:62:9f:4d:ce:f2:53:79:e1:f2:cc:87:02:29:84:25:60:85:
         3b:82:10:c5:25:9e:28:2f:b0:fa:d3:a1:50:60:0e:aa:9e:8b:
         c6:89:1e:ec
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY6oSue7sVSDuxdN3+ldmpGcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlODI5NjNmZjFhYTcwYWIxMGQxZDMzZTg2YjFkNmQ0OTRk
NmNlNTEwHhcNMjQwNDA0MDg0NzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTRmNTI1NmQ5NGM1MGM4ZGNhYWE3YzFhMjdlZjcwZGU4Y2Q4NzYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvrB71amHcPfLmP4kDrLsmAA7eT2n
Hvn8NvInj9FQO7eN0Ot7g0ebC9tQdsdT8OX2anHrQZP3vMDzL1QIFzJCfyF9+wr/
U9CEZ+Ww9pPSjvse4m6u/AwDxNR0PpnwWS67rNFxZsG3/wBM/OrGs1KyVYxfN2Wf
psnML22N5N3I2BL+EZy95MdvH9XUJ5qcSSzVTtNL9jCMBs1h8vLTLcUX44LfJcHQ
nyhqPHYpJUJ8r9ZYYa8RLI8HVelvsbEtKRfbzB7g5l13sstggqVYkROVFRGujgS8
GbegOJ67q06R+N0RE0Vq54rmjGYYC6W8qVP8SXDHzKu4Ft/LR6o+FdXWuQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHVPUlbZTFDI3KqnwaJ+9w3ozYdgMB8GA1UdIwQY
MBaAFC6Clj/xqnCrENHTPoax1tSU1s5RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG9LV1BfR3FjS3NRMGRNLWhySFcxSlRXemxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi85NTdjNjgtNmYyNy00MGVkLWFiZWQt
ZGY2NGYwZTgyMzYwLzEvZFU5U1Z0bE1VTWpjcXFmQm9uNzNEZWpOaDJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi85NTdjNjgtNmYyNy00MGVkLWFiZWQtZGY2NGYwZTgyMzYw
LzEvTG9LV1BfR3FjS3NRMGRNLWhySFcxSlRXemxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBfm4MA0G
CSqGSIb3DQEBCwUAA4IBAQBa1T7ncGlPUAaBlcNdbFYSyzgASBzlVxBevGP5jayn
dSgSnbxtKOE6CNH/lWbQhKfX3ybbNlqKBdkqN9o0isxg+oPek1i5LDnejJ8chpCx
hFrsBg995MfDWvcxo4ZdAzxrSlqxsy8SD/2dmxkIEfcczln01qooXK4oNuHpJVk/
PrlV9eHljQs4TjL/yTRIdgMFU7QMGcRe4CI0ook/+TRSqM6o8zivcBBmmQtDMH6r
Y4vIx0AO58sIjmNAVyaI3746lujj2Vgqn9DytpFmvkZAZNuq40q4UqETYp9NzvJT
eeHyzIcCKYQlYIU7ghDFJZ4oL7D606FQYA6qnovGiR7s
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:05 2024 by rpki-client on console-fra.rpki-client.org