Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/htFXt7HXKQKN_dznbCthhcQGJHY.roa
File:                     htFXt7HXKQKN_dznbCthhcQGJHY.roa (raw, json)
Hash identifier:          +sy9hn24BUV0kh8ivugfBNfkqs2B+TpMxnM80gVQ35I=
Subject key identifier:   86:D1:57:B7:B1:D7:29:02:8D:FD:DC:E7:6C:2B:61:85:C4:06:24:76
Certificate issuer:       /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial:       0189DEB4D0395EC28C32DC749741C49BEF94
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/htFXt7HXKQKN_dznbCthhcQGJHY.roa
Signing time:             Thu 10 Aug 2023 09:08:58 +0000
ROA not before:           Thu 10 Aug 2023 09:08:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        5.180.49.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 11 Aug 2023 07:57:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:de:b4:d0:39:5e:c2:8c:32:dc:74:97:41:c4:9b:ef:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
        Validity
            Not Before: Aug 10 09:08:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=86d157b7b1d729028dfddce76c2b6185c4062476
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:16:d8:13:d7:ac:ba:ca:8a:fc:f6:5f:1c:c9:
                    f2:30:fb:6f:fd:40:6c:f5:21:63:e0:16:01:23:23:
                    ef:34:47:f5:72:3b:19:18:ae:78:f4:8c:c2:9f:f7:
                    3c:0b:c4:b2:d4:44:45:6f:e5:5f:4b:ad:23:5b:25:
                    53:de:d1:60:90:84:17:fd:28:26:32:4d:c8:c6:dc:
                    ed:ad:63:8d:61:55:bc:3d:b8:75:fa:63:73:a1:7c:
                    5c:81:20:35:04:4e:05:c0:d6:bc:78:79:26:2c:7a:
                    02:0f:ae:95:02:fd:b0:ea:43:12:91:98:95:dd:e4:
                    b8:b6:7b:fb:77:50:a2:95:0c:63:6b:6f:47:f8:2f:
                    a6:bf:bc:38:a2:8a:e9:b7:5a:13:05:66:1c:06:cd:
                    77:26:f5:7d:da:5b:14:f4:e5:b3:1a:c3:e2:24:b4:
                    d1:55:b5:fc:82:3c:aa:24:7a:21:06:3e:3c:05:a9:
                    d1:8d:ef:7b:13:fb:c0:f7:d9:4e:60:4b:72:8b:26:
                    09:3d:28:f6:1b:f3:b0:cf:83:08:2a:64:e3:94:88:
                    d3:1b:73:2e:f5:3c:6d:be:3f:3b:61:fe:37:e2:1d:
                    0c:a6:b2:2e:95:4e:86:c3:5d:17:78:28:07:a1:43:
                    65:91:b7:58:9c:97:7a:6e:a1:71:34:ef:ca:f7:8c:
                    11:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:D1:57:B7:B1:D7:29:02:8D:FD:DC:E7:6C:2B:61:85:C4:06:24:76
            X509v3 Authority Key Identifier:
                keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/htFXt7HXKQKN_dznbCthhcQGJHY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.180.49.0/24

    Signature Algorithm: sha256WithRSAEncryption
         99:38:a9:52:79:a0:e4:7a:38:ab:0f:7c:dd:35:7f:c4:4e:fb:
         a4:c5:96:8e:1a:97:2c:41:97:ac:af:a4:a7:2e:56:b1:2b:66:
         f0:29:fa:80:d7:20:14:93:46:18:17:cf:5e:15:ba:8a:61:27:
         54:ca:9e:a7:da:45:fc:fc:8d:3f:cb:00:ad:d3:c9:5e:28:73:
         71:5c:0d:39:bf:e3:96:e6:aa:1d:8e:2c:53:10:d7:5e:0c:6b:
         75:e1:34:0b:a3:33:6c:43:cf:25:2a:f2:6d:fc:f7:d5:16:b1:
         15:7c:77:08:a9:60:42:33:79:e7:b8:90:83:fa:fa:9f:e5:1a:
         6b:f4:0e:bb:ec:07:04:cc:77:19:2b:ec:13:ef:e5:27:ee:a4:
         e2:4d:97:d2:d6:7a:7e:4d:5b:37:f4:8f:d3:ac:8a:eb:45:a2:
         af:4c:f0:10:b6:f0:5a:f4:d3:cc:86:f5:85:42:52:02:f8:c3:
         c3:ac:54:c2:be:fd:77:1f:ee:da:08:e7:be:45:af:70:52:e4:
         ee:df:85:1f:7e:a1:e4:44:89:4f:14:fb:2a:f5:4f:24:fc:d8:
         fc:12:e6:9e:10:e3:18:4f:b3:96:b2:37:bb:99:10:90:19:c5:
         21:27:2a:3f:cb:82:7e:52:24:07:22:8d:d6:48:22:02:d8:65:
         97:3a:a0:96
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYnetNA5XsKMMtx0l0HEm++UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjMwODEwMDkwODU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmQxNTdiN2IxZDcyOTAyOGRmZGRjZTc2YzJiNjE4NWM0MDYyNDc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiBbYE9esusqK/PZfHMnyMPtv/UBs
9SFj4BYBIyPvNEf1cjsZGK549IzCn/c8C8Sy1ERFb+VfS60jWyVT3tFgkIQX/Sgm
Mk3IxtztrWONYVW8Pbh1+mNzoXxcgSA1BE4FwNa8eHkmLHoCD66VAv2w6kMSkZiV
3eS4tnv7d1CilQxja29H+C+mv7w4oorpt1oTBWYcBs13JvV92lsU9OWzGsPiJLTR
VbX8gjyqJHohBj48BanRje97E/vA99lOYEtyiyYJPSj2G/Owz4MIKmTjlIjTG3Mu
9Txtvj87Yf434h0MprIulU6Gw10XeCgHoUNlkbdYnJd6bqFxNO/K94wR2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIbRV7ex1ykCjf3c52wrYYXEBiR2MB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvaHRGWHQ3SFhLUUtOX2R6bmJDdGhoY1FHSkhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABbQxMA0G
CSqGSIb3DQEBCwUAA4IBAQCZOKlSeaDkejirD3zdNX/ETvukxZaOGpcsQZesr6Sn
LlaxK2bwKfqA1yAUk0YYF89eFbqKYSdUyp6n2kX8/I0/ywCt08leKHNxXA05v+OW
5qodjixTENdeDGt14TQLozNsQ88lKvJt/PfVFrEVfHcIqWBCM3nnuJCD+vqf5Rpr
9A677AcEzHcZK+wT7+Un7qTiTZfS1np+TVs39I/TrIrrRaKvTPAQtvBa9NPMhvWF
QlIC+MPDrFTCvv13H+7aCOe+Ra9wUuTu34UffqHkRIlPFPsq9U8k/Nj8EuaeEOMY
T7OWsje7mRCQGcUhJyo/y4J+UiQHIo3WSCIC2GWXOqCW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:25 2024 by rpki-client on console-fra.rpki-client.org