Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/dcdae6-d695-4266-ba9b-93b3a3696d96/1/CdUBzYbqSHXSUgt3ThtwxW9wXAs.roa
File:                     CdUBzYbqSHXSUgt3ThtwxW9wXAs.roa (raw, json)
Hash identifier:          7loTC2y6p9I3hcVA4K5d+vJz4wMlS8nCDPmYQQLxRq4=
Subject key identifier:   09:D5:01:CD:86:EA:48:75:D2:52:0B:77:4E:1B:70:C5:6F:70:5C:0B
Certificate issuer:       /CN=e631b080d4ea6fd0616a6e701c7c815d6ff87c00
Certificate serial:       018962AE348A7D1EF78ECA9E324FCE427213
Authority key identifier: E6:31:B0:80:D4:EA:6F:D0:61:6A:6E:70:1C:7C:81:5D:6F:F8:7C:00
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5jGwgNTqb9Bham5wHHyBXW_4fAA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a4/dcdae6-d695-4266-ba9b-93b3a3696d96/1/CdUBzYbqSHXSUgt3ThtwxW9wXAs.roa
Signing time:             Mon 17 Jul 2023 07:08:51 +0000
ROA not before:           Mon 17 Jul 2023 07:08:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     39686
IP address blocks:        185.144.196.0/22 maxlen: 22
                          5.180.140.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:30:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:62:ae:34:8a:7d:1e:f7:8e:ca:9e:32:4f:ce:42:72:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e631b080d4ea6fd0616a6e701c7c815d6ff87c00
        Validity
            Not Before: Jul 17 07:08:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=09d501cd86ea4875d2520b774e1b70c56f705c0b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:2d:c5:d2:5b:38:91:c6:aa:09:46:ec:40:d7:
                    bd:b2:4f:f7:d5:ab:36:51:50:ff:37:42:df:93:1f:
                    00:9b:f2:cb:4d:28:64:85:a6:ed:2c:fe:23:98:94:
                    16:03:5b:ff:ac:17:71:ec:bc:b4:de:9b:4a:b2:57:
                    24:22:03:21:d3:fb:e3:bd:fa:ab:22:f6:22:a8:89:
                    b7:f3:8f:cc:3b:b2:15:f0:8d:ce:c9:d4:ff:d3:10:
                    1f:4c:4c:61:00:9b:48:8d:fb:36:f2:26:3c:4f:30:
                    26:60:93:e1:0e:a3:cb:b1:7f:92:91:cd:49:c5:4f:
                    a9:bc:05:02:7d:5f:53:a1:f0:37:79:8e:d9:dd:a3:
                    9d:83:d5:8c:6b:9e:d2:1c:b8:27:dd:3d:3b:ae:d7:
                    04:34:d6:85:40:f3:d3:65:10:6a:b4:51:3f:69:ab:
                    e0:36:5a:fb:97:77:7d:38:ed:c1:f9:27:4a:ef:26:
                    bd:f4:d3:39:21:e1:e7:65:b5:c2:5e:1c:30:18:45:
                    d9:8c:ef:a9:84:f7:19:a1:51:5c:a5:8c:8c:dc:c1:
                    6c:5a:07:7a:c5:91:ff:d3:7a:04:b5:54:86:8b:f5:
                    c1:ba:0c:00:56:5f:b5:c0:07:b0:22:e4:58:2e:69:
                    ff:fe:d9:e6:77:41:61:e7:df:c6:66:66:4c:5a:ac:
                    d3:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:D5:01:CD:86:EA:48:75:D2:52:0B:77:4E:1B:70:C5:6F:70:5C:0B
            X509v3 Authority Key Identifier:
                keyid:E6:31:B0:80:D4:EA:6F:D0:61:6A:6E:70:1C:7C:81:5D:6F:F8:7C:00

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5jGwgNTqb9Bham5wHHyBXW_4fAA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/dcdae6-d695-4266-ba9b-93b3a3696d96/1/CdUBzYbqSHXSUgt3ThtwxW9wXAs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/dcdae6-d695-4266-ba9b-93b3a3696d96/1/5jGwgNTqb9Bham5wHHyBXW_4fAA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.180.140.0/22
                  185.144.196.0/22

    Signature Algorithm: sha256WithRSAEncryption
         20:9f:d2:97:f3:d2:8d:98:9f:83:16:4b:77:af:fe:42:7c:91:
         63:33:6b:8a:30:4d:57:de:36:46:f2:a3:40:dd:a5:91:62:fc:
         0b:d6:e5:7c:dd:2c:86:58:5f:51:eb:bf:ec:c7:e9:d6:21:9a:
         9e:75:e1:9a:19:2b:63:d5:5d:8d:d5:97:bf:5b:49:97:55:25:
         d2:3e:30:68:5a:ef:d5:ec:95:f4:c1:06:0a:e7:15:4e:73:46:
         e0:9c:18:05:70:32:8d:c4:07:da:b9:4d:cf:70:8e:79:b4:ac:
         02:36:25:c9:4c:3d:3b:c8:71:ed:39:3e:a9:9c:5b:3e:50:6e:
         92:1e:bb:04:75:9c:6e:71:43:c1:4a:86:3b:39:8f:9a:0b:f2:
         b9:4f:2e:3d:80:91:6b:49:a7:45:84:5e:b3:23:23:34:0f:bd:
         21:57:e9:6c:d4:b2:de:fc:f2:c8:73:af:85:d4:a5:b2:2d:ce:
         bc:44:eb:f1:c3:74:8b:35:cc:d6:4d:ca:4b:a1:44:62:48:79:
         6c:ae:d1:01:e4:ec:13:0a:c4:68:c2:2f:84:56:09:89:c2:b5:
         65:5f:ed:9d:8f:80:30:e8:bd:f4:55:c1:92:81:dc:60:a9:ff:
         69:03:81:5f:7b:2c:b0:6c:b6:0e:9a:43:e2:fd:7b:45:8a:6c:
         92:d1:98:df
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYlirjSKfR73jsqeMk/OQnITMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2MzFiMDgwZDRlYTZmZDA2MTZhNmU3MDFjN2M4MTVkNmZm
ODdjMDAwHhcNMjMwNzE3MDcwODUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWQ1MDFjZDg2ZWE0ODc1ZDI1MjBiNzc0ZTFiNzBjNTZmNzA1YzBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApS3F0ls4kcaqCUbsQNe9sk/31as2
UVD/N0Lfkx8Am/LLTShkhabtLP4jmJQWA1v/rBdx7Ly03ptKslckIgMh0/vjvfqr
IvYiqIm384/MO7IV8I3OydT/0xAfTExhAJtIjfs28iY8TzAmYJPhDqPLsX+Skc1J
xU+pvAUCfV9TofA3eY7Z3aOdg9WMa57SHLgn3T07rtcENNaFQPPTZRBqtFE/aavg
Nlr7l3d9OO3B+SdK7ya99NM5IeHnZbXCXhwwGEXZjO+phPcZoVFcpYyM3MFsWgd6
xZH/03oEtVSGi/XBugwAVl+1wAewIuRYLmn//tnmd0Fh59/GZmZMWqzTkwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAnVAc2G6kh10lILd04bcMVvcFwLMB8GA1UdIwQY
MBaAFOYxsIDU6m/QYWpucBx8gV1v+HwAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWpHd2dOVHFiOUJoYW01d0hIeUJYV180ZkFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC9kY2RhZTYtZDY5NS00MjY2LWJhOWIt
OTNiM2EzNjk2ZDk2LzEvQ2RVQnpZYnFTSFhTVWd0M1RodHd4Vzl3WEFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC9kY2RhZTYtZDY5NS00MjY2LWJhOWItOTNiM2EzNjk2ZDk2
LzEvNWpHd2dOVHFiOUJoYW01d0hIeUJYV180ZkFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCBbSMAwQC
uZDEMA0GCSqGSIb3DQEBCwUAA4IBAQAgn9KX89KNmJ+DFkt3r/5CfJFjM2uKME1X
3jZG8qNA3aWRYvwL1uV83SyGWF9R67/sx+nWIZqedeGaGStj1V2N1Ze/W0mXVSXS
PjBoWu/V7JX0wQYK5xVOc0bgnBgFcDKNxAfauU3PcI55tKwCNiXJTD07yHHtOT6p
nFs+UG6SHrsEdZxucUPBSoY7OY+aC/K5Ty49gJFrSadFhF6zIyM0D70hV+ls1LLe
/PLIc6+F1KWyLc68ROvxw3SLNczWTcpLoURiSHlsrtEB5OwTCsRowi+EVgmJwrVl
X+2dj4Aw6L30VcGSgdxgqf9pA4FfeyywbLYOmkPi/XtFimyS0Zjf
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:22 2024 by rpki-client on console-fra.rpki-client.org