Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/757fc5-8029-4828-8547-62e260313e4c/1/ou5dROpzHNsuGIy6CkAsav6kblc.roa
File:                     ou5dROpzHNsuGIy6CkAsav6kblc.roa (raw, json)
Hash identifier:          dptEW3Iy6uc8jxlKlZnRauui3mvl3kiia+nH8hW96Dc=
Subject key identifier:   A2:EE:5D:44:EA:73:1C:DB:2E:18:8C:BA:0A:40:2C:6A:FE:A4:6E:57
Certificate issuer:       /CN=9b89b8cf47f7c485d628d0a359a16a815cd004ab
Certificate serial:       018926A00DD7E23F2ED10490DAE730290CB6
Authority key identifier: 9B:89:B8:CF:47:F7:C4:85:D6:28:D0:A3:59:A1:6A:81:5C:D0:04:AB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/m4m4z0f3xIXWKNCjWaFqgVzQBKs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ae/757fc5-8029-4828-8547-62e260313e4c/1/ou5dROpzHNsuGIy6CkAsav6kblc.roa
Signing time:             Wed 05 Jul 2023 15:16:10 +0000
ROA not before:           Wed 05 Jul 2023 15:16:10 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     14618
IP address blocks:        185.185.77.0/24 maxlen: 24
                          185.185.78.0/24 maxlen: 24
                          5.180.188.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:31:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:26:a0:0d:d7:e2:3f:2e:d1:04:90:da:e7:30:29:0c:b6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9b89b8cf47f7c485d628d0a359a16a815cd004ab
        Validity
            Not Before: Jul  5 15:16:10 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a2ee5d44ea731cdb2e188cba0a402c6afea46e57
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:3a:01:06:b5:01:42:f8:02:a8:59:a5:91:18:
                    66:9e:d3:67:48:99:87:4d:75:88:a7:50:40:e3:23:
                    1e:f7:36:93:2f:87:86:9d:1b:16:63:c4:d9:45:fa:
                    e6:be:4e:d1:66:13:5f:5d:43:73:e7:22:5d:ad:48:
                    1d:f0:78:61:26:56:2a:5e:11:a5:bd:48:f0:f0:37:
                    ab:5c:5c:10:0b:a3:20:56:7c:da:bf:28:ec:3f:e1:
                    63:fd:72:2e:c6:84:37:fe:74:82:1b:55:28:fc:a1:
                    da:75:06:68:f4:9b:40:ef:bb:2c:ce:0c:fe:ff:20:
                    9b:90:a4:44:e7:c1:15:52:ed:77:35:be:94:a3:a2:
                    1e:e5:e1:35:2b:03:94:14:f7:c5:26:1c:f3:ea:1e:
                    a0:02:ec:2c:58:7d:78:0a:da:6a:dc:5e:e3:dc:3a:
                    b9:18:9d:66:9f:38:7a:0b:b5:94:f6:02:77:70:bf:
                    38:03:fb:2f:e5:93:3c:0b:5e:70:b3:cf:05:d5:1a:
                    ba:bb:1a:5f:83:70:dd:01:76:88:c3:f3:5e:16:7a:
                    d3:12:4e:f0:6d:20:7e:e7:d6:35:9d:25:86:d6:c2:
                    a5:a6:e0:00:fe:2a:b3:89:36:d7:33:ac:4e:3b:46:
                    d1:59:b9:fb:a8:75:38:94:d3:e0:ca:37:0a:71:36:
                    d9:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:EE:5D:44:EA:73:1C:DB:2E:18:8C:BA:0A:40:2C:6A:FE:A4:6E:57
            X509v3 Authority Key Identifier:
                keyid:9B:89:B8:CF:47:F7:C4:85:D6:28:D0:A3:59:A1:6A:81:5C:D0:04:AB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m4m4z0f3xIXWKNCjWaFqgVzQBKs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/757fc5-8029-4828-8547-62e260313e4c/1/ou5dROpzHNsuGIy6CkAsav6kblc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/757fc5-8029-4828-8547-62e260313e4c/1/m4m4z0f3xIXWKNCjWaFqgVzQBKs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.180.188.0/22
                  185.185.77.0-185.185.78.255

    Signature Algorithm: sha256WithRSAEncryption
         66:ad:43:d0:73:20:71:f1:a7:b1:9b:ee:0c:94:bd:6c:c1:c9:
         42:d6:87:c7:02:46:a7:7e:31:2e:3c:6e:07:83:c3:a2:d8:57:
         13:ab:01:d3:52:4e:3d:b6:9a:c3:f3:0e:42:63:e2:92:94:1a:
         71:73:27:8a:bd:c7:5a:02:5b:9a:99:7f:3f:0e:41:c9:ad:69:
         91:c7:f5:cb:5f:36:bd:03:1d:b5:19:ec:21:7a:a6:96:72:31:
         13:43:08:8a:a1:29:c5:f3:ac:cb:21:f9:4e:5b:3e:93:34:cc:
         3a:56:7b:0c:fe:0d:ab:da:0e:f0:4f:40:10:85:7e:63:13:69:
         c4:db:ba:eb:66:8a:48:07:d0:2e:c7:42:d7:ff:17:25:c5:4d:
         5c:fe:f0:ad:8e:e4:b1:74:d1:7e:c8:2f:74:5f:d6:7f:7b:89:
         e8:03:39:7d:6a:d0:0b:c1:de:fb:06:3f:b7:aa:65:34:01:4f:
         7b:15:ad:06:a8:24:d5:8c:04:e5:9c:b8:98:e7:ae:9f:ed:68:
         dd:d7:87:54:91:9c:17:84:8c:20:c9:18:4b:59:f7:5b:8a:9c:
         31:2b:2a:f1:57:ed:9c:14:0c:ae:d8:31:52:aa:d5:d8:f0:54:
         59:c4:90:4f:5f:93:26:42:ec:75:3f:b0:4f:e0:bd:f1:a1:80:
         36:b5:fa:e5
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYkmoA3X4j8u0QSQ2ucwKQy2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliODliOGNmNDdmN2M0ODVkNjI4ZDBhMzU5YTE2YTgxNWNk
MDA0YWIwHhcNMjMwNzA1MTUxNjEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmVlNWQ0NGVhNzMxY2RiMmUxODhjYmEwYTQwMmM2YWZlYTQ2ZTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjjoBBrUBQvgCqFmlkRhmntNnSJmH
TXWIp1BA4yMe9zaTL4eGnRsWY8TZRfrmvk7RZhNfXUNz5yJdrUgd8HhhJlYqXhGl
vUjw8DerXFwQC6MgVnzavyjsP+Fj/XIuxoQ3/nSCG1Uo/KHadQZo9JtA77sszgz+
/yCbkKRE58EVUu13Nb6Uo6Ie5eE1KwOUFPfFJhzz6h6gAuwsWH14Ctpq3F7j3Dq5
GJ1mnzh6C7WU9gJ3cL84A/sv5ZM8C15ws88F1Rq6uxpfg3DdAXaIw/NeFnrTEk7w
bSB+59Y1nSWG1sKlpuAA/iqziTbXM6xOO0bRWbn7qHU4lNPgyjcKcTbZfwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFKLuXUTqcxzbLhiMugpALGr+pG5XMB8GA1UdIwQY
MBaAFJuJuM9H98SF1ijQo1mhaoFc0ASrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbTRtNHowZjN4SVhXS05DaldhRnFnVnpRQktzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS83NTdmYzUtODAyOS00ODI4LTg1NDct
NjJlMjYwMzEzZTRjLzEvb3U1ZFJPcHpITnN1R0l5NkNrQXNhdjZrYmxjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS83NTdmYzUtODAyOS00ODI4LTg1NDctNjJlMjYwMzEzZTRj
LzEvbTRtNHowZjN4SVhXS05DaldhRnFnVnpRQktzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQCBbS8MAwD
BAC5uU0DBAC5uU4wDQYJKoZIhvcNAQELBQADggEBAGatQ9BzIHHxp7Gb7gyUvWzB
yULWh8cCRqd+MS48bgeDw6LYVxOrAdNSTj22msPzDkJj4pKUGnFzJ4q9x1oCW5qZ
fz8OQcmtaZHH9ctfNr0DHbUZ7CF6ppZyMRNDCIqhKcXzrMsh+U5bPpM0zDpWewz+
DavaDvBPQBCFfmMTacTbuutmikgH0C7HQtf/FyXFTVz+8K2O5LF00X7IL3Rf1n97
iegDOX1q0AvB3vsGP7eqZTQBT3sVrQaoJNWMBOWcuJjnrp/taN3Xh1SRnBeEjCDJ
GEtZ91uKnDErKvFX7ZwUDK7YMVKq1djwVFnEkE9fkyZC7HU/sE/gvfGhgDa1+uU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:44 2024 by rpki-client on console-fra.rpki-client.org