Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/1XBrx_oc4fgqMLb2wTQzhgfkL4E.roa
File:                     1XBrx_oc4fgqMLb2wTQzhgfkL4E.roa (raw, json)
Hash identifier:          j126E3He1EHYSJXCHGbzDJ3mKj/RWOAiGkq3RKPAu1E=
Subject key identifier:   D5:70:6B:C7:FA:1C:E1:F8:2A:30:B6:F6:C1:34:33:86:07:E4:2F:81
Certificate issuer:       /CN=c66d9d50b3b89d51c8aa2493e7ef4701d6251dad
Certificate serial:       018FC5476B19593E88312A568D1E0E96D771
Authority key identifier: C6:6D:9D:50:B3:B8:9D:51:C8:AA:24:93:E7:EF:47:01:D6:25:1D:AD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xm2dULO4nVHIqiST5-9HAdYlHa0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/1XBrx_oc4fgqMLb2wTQzhgfkL4E.roa
Signing time:             Wed 29 May 2024 16:55:42 +0000
ROA not before:           Wed 29 May 2024 16:55:42 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     16509
IP address blocks:        5.181.200.0/24 maxlen: 24
                          5.181.201.0/24 maxlen: 24
                          45.158.83.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 06 Sep 2024 05:56:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:c5:47:6b:19:59:3e:88:31:2a:56:8d:1e:0e:96:d7:71
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c66d9d50b3b89d51c8aa2493e7ef4701d6251dad
        Validity
            Not Before: May 29 16:55:42 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=d5706bc7fa1ce1f82a30b6f6c134338607e42f81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:1f:6f:75:12:81:c9:9f:fa:6e:b3:f3:59:61:
                    01:94:85:b0:0d:b6:4c:8e:b4:94:c8:63:0d:e6:23:
                    e5:fb:59:0c:89:6b:46:30:4b:b5:31:c9:ae:6f:0d:
                    43:5c:f0:34:bd:96:0d:e5:2f:a9:46:d5:fe:8d:d9:
                    3f:41:64:d7:0e:17:fb:3d:35:74:ac:cb:e3:1f:63:
                    aa:5f:40:97:f2:27:96:6a:67:1f:4d:da:73:b0:f3:
                    3e:e6:c7:71:ca:36:87:fd:1e:73:c1:b0:e6:be:f2:
                    27:7d:cf:8d:a8:c3:54:9b:ce:2f:d7:a2:9b:c4:ac:
                    54:6e:ee:3f:5f:6b:b7:95:53:b8:51:3d:67:27:01:
                    cd:23:d0:33:2d:c7:9b:7a:5d:7e:94:56:9c:7b:50:
                    b4:83:6c:63:81:21:2a:22:57:e6:92:f8:ff:ab:1a:
                    0d:7e:18:c0:7d:f2:01:f0:cf:23:89:11:61:ea:52:
                    05:7b:5a:58:9f:a3:20:f1:71:97:20:ce:1c:ba:34:
                    2d:4c:03:d5:be:3b:2d:7e:29:b2:65:14:26:a7:02:
                    b8:9e:29:b3:cd:f0:8e:06:63:5b:16:55:95:2e:fe:
                    87:be:0b:30:bd:79:98:07:22:29:37:fd:3d:7f:b8:
                    a4:ad:e2:4f:6a:84:41:a6:85:6c:52:0b:cc:17:6b:
                    58:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:70:6B:C7:FA:1C:E1:F8:2A:30:B6:F6:C1:34:33:86:07:E4:2F:81
            X509v3 Authority Key Identifier:
                keyid:C6:6D:9D:50:B3:B8:9D:51:C8:AA:24:93:E7:EF:47:01:D6:25:1D:AD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xm2dULO4nVHIqiST5-9HAdYlHa0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/1XBrx_oc4fgqMLb2wTQzhgfkL4E.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/xm2dULO4nVHIqiST5-9HAdYlHa0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.181.200.0/23
                  45.158.83.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a6:79:1d:e9:14:e2:03:ee:f0:c5:eb:d1:a2:8e:bb:44:16:a1:
         d1:b4:cc:65:78:df:58:8f:e0:88:bb:b6:ec:f6:47:cb:ee:8b:
         68:05:87:20:37:8c:65:32:81:65:da:22:72:8c:01:93:7a:6d:
         07:f4:78:c3:a1:44:63:9d:bf:c5:5d:c1:4e:6b:b0:dc:49:21:
         d0:b0:13:09:d4:4e:11:d2:7a:e8:1c:14:c3:2c:16:6e:80:e4:
         b8:95:72:5f:ae:d6:f3:c7:fb:cc:59:62:72:c9:f1:f4:55:19:
         ce:cb:49:40:9a:0a:e7:f4:76:1b:a6:99:2f:c5:b6:6b:82:39:
         97:2e:02:86:d0:f2:51:03:ab:8e:ab:8e:f5:c8:b6:46:a4:0d:
         f2:55:89:74:47:74:4a:8f:dc:e2:86:87:fb:e5:34:f4:05:4a:
         68:fa:d2:aa:31:b8:a5:27:23:ce:61:1c:ef:6b:f1:25:cd:07:
         e1:d1:5a:b0:84:20:df:06:db:2d:0c:33:2e:86:80:0b:d5:5d:
         0b:23:eb:23:de:a1:b2:40:d7:9b:24:2b:90:ec:e0:53:dd:c8:
         b0:f4:73:ff:25:2b:c7:8e:2f:ae:c3:14:c8:d6:87:c6:af:d4:
         b9:43:2b:a4:2c:21:51:df:3d:97:e1:7a:a6:99:61:dd:b1:82:
         8a:36:62:f3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY/FR2sZWT6IMSpWjR4OltdxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NmQ5ZDUwYjNiODlkNTFjOGFhMjQ5M2U3ZWY0NzAxZDYy
NTFkYWQwHhcNMjQwNTI5MTY1NTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTcwNmJjN2ZhMWNlMWY4MmEzMGI2ZjZjMTM0MzM4NjA3ZTQyZjgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3R9vdRKByZ/6brPzWWEBlIWwDbZM
jrSUyGMN5iPl+1kMiWtGMEu1Mcmubw1DXPA0vZYN5S+pRtX+jdk/QWTXDhf7PTV0
rMvjH2OqX0CX8ieWamcfTdpzsPM+5sdxyjaH/R5zwbDmvvInfc+NqMNUm84v16Kb
xKxUbu4/X2u3lVO4UT1nJwHNI9AzLcebel1+lFace1C0g2xjgSEqIlfmkvj/qxoN
fhjAffIB8M8jiRFh6lIFe1pYn6Mg8XGXIM4cujQtTAPVvjstfimyZRQmpwK4nimz
zfCOBmNbFlWVLv6HvgswvXmYByIpN/09f7ikreJPaoRBpoVsUgvMF2tY/wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNVwa8f6HOH4KjC29sE0M4YH5C+BMB8GA1UdIwQY
MBaAFMZtnVCzuJ1RyKokk+fvRwHWJR2tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG0yZFVMTzRuVkhJcWlTVDUtOUhBZFlsSGEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS80YmI3NGItOGQ2ZC00NTE0LWEzOWMt
YjdjNTc4Yjc0ZTM1LzEvMVhCcnhfb2M0ZmdxTUxiMndUUXpoZ2ZrTDRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS80YmI3NGItOGQ2ZC00NTE0LWEzOWMtYjdjNTc4Yjc0ZTM1
LzEveG0yZFVMTzRuVkhJcWlTVDUtOUhBZFlsSGEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBBbXIAwQA
LZ5TMA0GCSqGSIb3DQEBCwUAA4IBAQCmeR3pFOID7vDF69GijrtEFqHRtMxleN9Y
j+CIu7bs9kfL7otoBYcgN4xlMoFl2iJyjAGTem0H9HjDoURjnb/FXcFOa7DcSSHQ
sBMJ1E4R0nroHBTDLBZugOS4lXJfrtbzx/vMWWJyyfH0VRnOy0lAmgrn9HYbppkv
xbZrgjmXLgKG0PJRA6uOq471yLZGpA3yVYl0R3RKj9zihof75TT0BUpo+tKqMbil
JyPOYRzva/ElzQfh0VqwhCDfBtstDDMuhoAL1V0LI+sj3qGyQNebJCuQ7OBT3ciw
9HP/JSvHji+uwxTI1ofGr9S5QyukLCFR3z2X4XqmmWHdsYKKNmLz
-----END CERTIFICATE-----
Generated at Fri Sep 6 08:35:59 2024 by rpki-client on console-ams.rpki-client.org