Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/a273e8-67dc-4782-9a34-4aeb6a795511/1/5fWobjzboJDfP7bYyvzBvjBhc6g.roa
File:                     5fWobjzboJDfP7bYyvzBvjBhc6g.roa (raw, json)
Hash identifier:          52VUCU0FN1Tt+Gco02wR/wh0QtzuLG+GdqJVoakQ7Uk=
Subject key identifier:   E5:F5:A8:6E:3C:DB:A0:90:DF:3F:B6:D8:CA:FC:C1:BE:30:61:73:A8
Certificate issuer:       /CN=b17050d8caf09a91d00f1c090a0b752cd1b3d57c
Certificate serial:       018572714481CB539C9A280D06BBC282B0F3
Authority key identifier: B1:70:50:D8:CA:F0:9A:91:D0:0F:1C:09:0A:0B:75:2C:D1:B3:D5:7C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sXBQ2MrwmpHQDxwJCgt1LNGz1Xw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a7/a273e8-67dc-4782-9a34-4aeb6a795511/1/5fWobjzboJDfP7bYyvzBvjBhc6g.roa
Signing time:             Mon 02 Jan 2023 12:25:03 +0000
ROA not before:           Mon 02 Jan 2023 12:25:03 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     14618
IP address blocks:        185.53.16.0/22 maxlen: 22
                          2a04:c980::/29 maxlen: 29

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 16:30:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:71:44:81:cb:53:9c:9a:28:0d:06:bb:c2:82:b0:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b17050d8caf09a91d00f1c090a0b752cd1b3d57c
        Validity
            Not Before: Jan  2 12:25:03 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e5f5a86e3cdba090df3fb6d8cafcc1be306173a8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:c9:60:32:d0:40:cf:75:6e:2f:fb:7e:1b:4d:
                    64:bc:f5:bd:25:87:57:2b:be:64:d5:8d:03:d0:08:
                    25:f7:e2:80:b6:45:85:57:44:26:f2:33:3c:62:cd:
                    54:82:97:87:b8:8e:45:f1:08:0c:61:5b:a3:da:0e:
                    58:36:84:a0:a9:b1:5f:2e:40:a4:1e:df:70:df:c2:
                    45:d9:e5:74:6c:60:e5:57:d8:28:d3:0a:99:e0:7a:
                    ae:3b:ed:d9:58:ac:76:ab:4d:17:c9:ff:a2:24:d5:
                    70:09:08:75:10:2a:bc:21:85:d5:ad:73:cc:68:6d:
                    98:8b:d0:be:d6:00:31:e7:7f:fc:21:01:5c:79:59:
                    4d:35:3d:2a:ea:9e:c1:f1:df:a1:b8:dd:e7:ea:cd:
                    86:a6:61:04:4a:a7:20:da:19:bd:1c:a0:0f:e6:60:
                    b6:02:ad:e5:eb:98:b3:f7:bb:9a:5c:0b:3a:28:66:
                    a6:f0:08:54:b7:89:14:3d:fa:4e:eb:28:23:70:17:
                    b8:dc:44:0d:56:51:b4:f9:5c:76:bd:79:c9:0a:fe:
                    68:64:fc:6c:f9:f9:7f:03:a2:38:30:3b:fc:b6:28:
                    76:6e:d4:f8:8f:83:fc:1b:e6:a7:d4:c0:73:a3:5c:
                    cd:2b:f9:8c:dc:16:52:b2:7b:32:eb:33:f8:29:d4:
                    d4:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E5:F5:A8:6E:3C:DB:A0:90:DF:3F:B6:D8:CA:FC:C1:BE:30:61:73:A8
            X509v3 Authority Key Identifier:
                keyid:B1:70:50:D8:CA:F0:9A:91:D0:0F:1C:09:0A:0B:75:2C:D1:B3:D5:7C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sXBQ2MrwmpHQDxwJCgt1LNGz1Xw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/a273e8-67dc-4782-9a34-4aeb6a795511/1/5fWobjzboJDfP7bYyvzBvjBhc6g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/a273e8-67dc-4782-9a34-4aeb6a795511/1/sXBQ2MrwmpHQDxwJCgt1LNGz1Xw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.53.16.0/22
                IPv6:
                  2a04:c980::/29

    Signature Algorithm: sha256WithRSAEncryption
         6d:2a:52:81:df:dd:4c:70:4e:c8:72:07:30:02:87:ab:0f:6f:
         d4:67:3f:5e:af:8e:be:95:7c:e8:60:bd:b4:be:6b:52:c1:50:
         2c:2c:57:f3:4a:6c:ea:2e:04:03:97:2d:a1:54:4d:a3:b2:af:
         80:0f:93:99:76:f9:17:d7:3c:0d:52:48:fb:cf:52:68:87:9b:
         c8:50:e3:b4:9a:a9:19:25:df:54:78:36:b9:7d:2f:78:1a:dd:
         84:2a:c1:ae:12:26:4b:a9:bb:0f:16:99:b1:6a:97:c1:43:09:
         e3:b7:ff:cd:55:8b:a7:4d:ca:b5:2e:76:ed:ee:80:82:d1:f3:
         95:18:8d:3f:64:02:84:ea:58:c2:06:be:74:0f:38:ec:4d:4a:
         cd:88:e3:0a:11:89:ff:04:55:11:44:cc:57:61:9f:56:c2:f8:
         df:74:f6:b0:60:48:17:e6:21:de:52:21:78:39:a9:9f:da:ea:
         d4:a6:36:cd:e5:d5:86:9a:1d:5c:d0:6e:64:7e:be:b6:13:35:
         03:ed:06:9a:07:bb:37:8b:82:6a:02:58:ac:16:5f:82:6d:21:
         99:88:0e:55:99:7b:7e:0d:b9:04:43:cf:55:4a:d9:cd:f3:ce:
         1a:25:95:05:17:76:b9:b1:ea:f4:09:eb:dc:5f:84:4f:09:73:
         27:f9:ab:e1
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVycUSBy1OcmigNBrvCgrDzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNzA1MGQ4Y2FmMDlhOTFkMDBmMWMwOTBhMGI3NTJjZDFi
M2Q1N2MwHhcNMjMwMTAyMTIyNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWY1YTg2ZTNjZGJhMDkwZGYzZmI2ZDhjYWZjYzFiZTMwNjE3M2E4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0slgMtBAz3VuL/t+G01kvPW9JYdX
K75k1Y0D0Agl9+KAtkWFV0Qm8jM8Ys1UgpeHuI5F8QgMYVuj2g5YNoSgqbFfLkCk
Ht9w38JF2eV0bGDlV9go0wqZ4HquO+3ZWKx2q00Xyf+iJNVwCQh1ECq8IYXVrXPM
aG2Yi9C+1gAx53/8IQFceVlNNT0q6p7B8d+huN3n6s2GpmEESqcg2hm9HKAP5mC2
Aq3l65iz97uaXAs6KGam8AhUt4kUPfpO6ygjcBe43EQNVlG0+Vx2vXnJCv5oZPxs
+fl/A6I4MDv8tih2btT4j4P8G+an1MBzo1zNK/mM3BZSsnsy6zP4KdTU1QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOX1qG4826CQ3z+22Mr8wb4wYXOoMB8GA1UdIwQY
MBaAFLFwUNjK8JqR0A8cCQoLdSzRs9V8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1hCUTJNcndtcEhRRHh3SkNndDFMTkd6MVh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy9hMjczZTgtNjdkYy00NzgyLTlhMzQt
NGFlYjZhNzk1NTExLzEvNWZXb2JqemJvSkRmUDdiWXl2ekJ2akJoYzZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy9hMjczZTgtNjdkYy00NzgyLTlhMzQtNGFlYjZhNzk1NTEx
LzEvc1hCUTJNcndtcEhRRHh3SkNndDFMTkd6MVh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuTUQMA0E
AgACMAcDBQMqBMmAMA0GCSqGSIb3DQEBCwUAA4IBAQBtKlKB391McE7IcgcwAoer
D2/UZz9er46+lXzoYL20vmtSwVAsLFfzSmzqLgQDly2hVE2jsq+AD5OZdvkX1zwN
Ukj7z1Joh5vIUOO0mqkZJd9UeDa5fS94Gt2EKsGuEiZLqbsPFpmxapfBQwnjt//N
VYunTcq1Lnbt7oCC0fOVGI0/ZAKE6ljCBr50DzjsTUrNiOMKEYn/BFURRMxXYZ9W
wvjfdPawYEgX5iHeUiF4Oamf2urUpjbN5dWGmh1c0G5kfr62EzUD7QaaB7s3i4Jq
AlisFl+CbSGZiA5VmXt+DbkEQ89VStnN884aJZUFF3a5ser0CevcX4RPCXMn+avh
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:03 2024 by rpki-client on console-ams.rpki-client.org