Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/EkwNUh6wZ7sjxRj9eJ3SdwYXaKI.roa
File:                     EkwNUh6wZ7sjxRj9eJ3SdwYXaKI.roa (raw, json)
Hash identifier:          eVGJEDXkVcnitd2lU+yWuRDUH3IKgBkL8vt8Yud2oGQ=
Subject key identifier:   12:4C:0D:52:1E:B0:67:BB:23:C5:18:FD:78:9D:D2:77:06:17:68:A2
Certificate issuer:       /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial:       018CFC738F186CE259ADE8B38245A33EA7E7
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/EkwNUh6wZ7sjxRj9eJ3SdwYXaKI.roa
Signing time:             Fri 12 Jan 2024 06:54:40 +0000
ROA not before:           Fri 12 Jan 2024 06:54:40 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     834
IP address blocks:        5.180.34.0/24 maxlen: 24
                          45.8.253.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 13 Jan 2024 09:57:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:fc:73:8f:18:6c:e2:59:ad:e8:b3:82:45:a3:3e:a7:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
        Validity
            Not Before: Jan 12 06:54:40 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=124c0d521eb067bb23c518fd789dd277061768a2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:65:1c:93:67:eb:a5:0d:86:fd:b9:32:e7:68:
                    e3:98:99:46:66:91:54:b6:82:bd:db:46:3b:52:72:
                    ff:75:27:d6:5b:9d:3a:5a:3a:25:e7:4f:74:9a:c7:
                    d0:b5:44:80:e6:20:1f:24:27:d3:1a:66:a4:3e:ac:
                    c5:ef:2b:f2:b3:e7:cd:1c:00:d7:c1:68:6e:d2:7f:
                    2f:12:ad:e1:20:3b:d8:34:75:2e:21:d7:74:db:39:
                    97:dc:01:36:24:df:36:ed:d9:93:83:10:40:9d:b1:
                    fa:4b:6a:3b:1e:ea:d0:28:83:f6:47:64:bd:41:23:
                    8b:a5:68:b3:03:b1:24:71:f3:48:33:33:bd:e4:c6:
                    fd:50:ad:40:7b:5e:9d:41:fa:66:8f:72:3a:66:29:
                    35:62:e9:78:b8:97:3a:c0:32:71:ac:82:03:92:d8:
                    46:fe:c3:34:be:1a:bf:4e:f0:89:bf:15:64:d1:d2:
                    96:0d:25:2a:66:ce:d8:fd:dd:21:3e:fc:6b:ad:b0:
                    c2:b4:0a:6c:78:b1:f0:86:63:2f:40:2b:e0:72:a3:
                    ca:22:55:de:34:2e:96:1e:c9:e4:06:6a:96:14:ec:
                    e3:64:f7:20:51:f9:68:16:c1:59:ea:86:25:ec:cc:
                    75:5a:8b:76:39:b0:b7:c6:13:67:fd:83:4f:2e:f8:
                    67:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:4C:0D:52:1E:B0:67:BB:23:C5:18:FD:78:9D:D2:77:06:17:68:A2
            X509v3 Authority Key Identifier:
                keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/EkwNUh6wZ7sjxRj9eJ3SdwYXaKI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.180.34.0/24
                  45.8.253.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5d:48:e1:24:6d:fd:1e:c2:4c:62:01:bc:2e:0f:1a:9b:2c:9a:
         dd:07:aa:4e:97:d2:80:f5:22:3b:fa:e1:68:b6:5e:1a:98:3e:
         be:c0:48:7a:ec:c5:db:0d:0e:67:fd:3e:b4:33:1f:28:57:10:
         5b:bb:90:3b:57:c2:9e:87:5b:39:b9:ae:8c:99:9d:53:cd:73:
         4b:cb:d9:67:10:07:66:8b:fb:14:ea:15:b8:e0:ea:55:ca:5b:
         fd:f4:d8:23:65:4c:bf:9c:65:f4:7e:da:ce:16:d7:ff:0a:97:
         86:3e:b7:b2:a9:74:5b:d1:0c:26:ab:7d:04:cb:05:0d:e1:36:
         14:67:4d:0b:e7:12:b8:fd:22:3a:cb:00:17:93:fa:5c:c9:4a:
         83:50:10:1a:0c:b4:66:a7:ae:32:3d:c8:dd:01:a9:a0:cc:5e:
         87:6c:0f:db:2a:d2:7d:a6:63:c8:77:cd:ef:af:f2:e3:21:69:
         82:cc:59:f5:3f:1c:a8:cc:62:f7:99:af:ef:cd:c6:0f:95:26:
         94:93:39:ee:4e:15:bd:21:3c:98:25:19:c3:26:4d:4f:25:56:
         c9:ee:2a:bf:b6:d2:eb:a9:0a:4c:77:b4:98:c5:e0:e1:62:4b:
         db:03:0b:f6:59:51:90:da:3e:c1:74:15:9c:f7:a3:6e:15:bb:
         7e:ec:29:73
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYz8c48YbOJZreizgkWjPqfnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjQwMTEyMDY1NDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjRjMGQ1MjFlYjA2N2JiMjNjNTE4ZmQ3ODlkZDI3NzA2MTc2OGEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAomUck2frpQ2G/bky52jjmJlGZpFU
toK920Y7UnL/dSfWW506Wjol5090msfQtUSA5iAfJCfTGmakPqzF7yvys+fNHADX
wWhu0n8vEq3hIDvYNHUuIdd02zmX3AE2JN827dmTgxBAnbH6S2o7HurQKIP2R2S9
QSOLpWizA7EkcfNIMzO95Mb9UK1Ae16dQfpmj3I6Zik1Yul4uJc6wDJxrIIDkthG
/sM0vhq/TvCJvxVk0dKWDSUqZs7Y/d0hPvxrrbDCtApseLHwhmMvQCvgcqPKIlXe
NC6WHsnkBmqWFOzjZPcgUfloFsFZ6oYl7Mx1Wot2ObC3xhNn/YNPLvhnywIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBJMDVIesGe7I8UY/Xid0ncGF2iiMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvRWt3TlVoNndaN3NqeFJqOWVKM1Nkd1lYYUtJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABbQiAwQA
LQj9MA0GCSqGSIb3DQEBCwUAA4IBAQBdSOEkbf0ewkxiAbwuDxqbLJrdB6pOl9KA
9SI7+uFotl4amD6+wEh67MXbDQ5n/T60Mx8oVxBbu5A7V8Keh1s5ua6MmZ1TzXNL
y9lnEAdmi/sU6hW44OpVylv99NgjZUy/nGX0ftrOFtf/CpeGPreyqXRb0Qwmq30E
ywUN4TYUZ00L5xK4/SI6ywAXk/pcyUqDUBAaDLRmp64yPcjdAamgzF6HbA/bKtJ9
pmPId83vr/LjIWmCzFn1PxyozGL3ma/vzcYPlSaUkznuThW9ITyYJRnDJk1PJVbJ
7iq/ttLrqQpMd7SYxeDhYkvbAwv2WVGQ2j7BdBWc96NuFbt+7Clz
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:19 2024 by rpki-client on console-ams.rpki-client.org