Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/wW10LfZOIijt9s4bdKRwA5N58VQ.roa
File:                     wW10LfZOIijt9s4bdKRwA5N58VQ.roa (raw, json)
Hash identifier:          uBntbExdQJ7hF+A5L3quVeZktRJppVOZvUZ+47rBXLM=
Subject key identifier:   C1:6D:74:2D:F6:4E:22:28:ED:F6:CE:1B:74:A4:70:03:93:79:F1:54
Certificate issuer:       /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial:       0186C24C6A02842A8FA2BFCD2D766273D781
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/wW10LfZOIijt9s4bdKRwA5N58VQ.roa
Signing time:             Wed 08 Mar 2023 17:37:13 +0000
ROA not before:           Wed 08 Mar 2023 17:37:13 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     207994
IP address blocks:        5.253.37.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:31:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:c2:4c:6a:02:84:2a:8f:a2:bf:cd:2d:76:62:73:d7:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
        Validity
            Not Before: Mar  8 17:37:13 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c16d742df64e2228edf6ce1b74a470039379f154
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:2a:5a:71:6f:ab:d7:23:bf:fc:ff:31:b5:54:
                    60:86:b5:23:99:16:d7:6a:ce:ca:06:a0:91:ff:3e:
                    43:bd:ec:66:1c:c6:60:dc:5c:ff:db:f4:39:7a:1f:
                    d3:09:5c:a0:0a:23:ce:08:dc:21:0d:4e:db:de:9c:
                    21:69:2f:57:c4:9d:e0:01:35:ab:b4:dd:64:be:9c:
                    75:c5:2d:ae:7a:a3:e2:4d:23:86:65:cb:ee:3d:5e:
                    6f:d3:43:15:5e:3b:79:4e:3d:42:b6:17:6a:69:ec:
                    82:ea:c8:7a:75:41:71:39:ca:5d:1d:20:ad:ea:ca:
                    9e:6d:7e:45:df:6e:20:8d:1f:9f:d2:d5:a2:b9:1e:
                    9d:25:30:38:39:99:c0:4e:4e:ed:06:07:cd:f9:8a:
                    06:2b:01:4c:73:4d:68:3c:73:dd:29:78:9f:0b:3f:
                    da:1d:51:1a:2b:c7:b8:7e:ac:2f:8c:31:c2:ec:b9:
                    3a:34:d6:c2:c9:cd:fd:5b:74:60:7e:68:f5:a7:d5:
                    13:f3:dd:c6:02:2a:1f:0a:28:e1:bc:f4:09:b0:cb:
                    0f:81:cc:71:ce:e7:b1:9e:33:c2:cc:c7:03:3e:57:
                    5c:65:d5:a5:e6:6f:d9:bf:c6:cf:c3:36:55:c3:dc:
                    43:5c:8b:69:41:e2:a3:97:41:9d:57:f9:e7:be:6e:
                    56:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:6D:74:2D:F6:4E:22:28:ED:F6:CE:1B:74:A4:70:03:93:79:F1:54
            X509v3 Authority Key Identifier:
                keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/wW10LfZOIijt9s4bdKRwA5N58VQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.253.37.0/24

    Signature Algorithm: sha256WithRSAEncryption
         69:a6:7d:47:49:73:af:9c:55:47:37:a3:26:e2:3a:8e:cf:59:
         18:06:a2:03:b8:e4:a9:33:60:36:72:43:36:73:02:fa:d9:3f:
         f3:80:9f:f7:b9:52:89:8d:14:64:54:5c:c2:c3:59:1b:67:84:
         d0:7e:ef:d7:87:0c:e5:ae:30:81:1a:17:9c:b5:78:fe:a7:cc:
         5e:6e:83:64:64:88:90:7a:12:46:8f:ff:94:89:d5:69:31:b2:
         5f:97:5c:6a:de:52:80:e6:c6:2e:95:02:d7:fd:4d:57:f0:b1:
         2a:8d:63:32:d3:4a:0d:af:24:96:26:d2:00:7f:35:d6:5e:30:
         a1:85:ad:91:ed:f6:a0:8b:2f:4e:79:c4:f3:4b:82:bb:e7:00:
         3d:d9:79:57:33:4e:e7:f3:b2:8b:20:6e:a5:83:1f:0b:ad:d8:
         11:5a:f0:ce:e7:c2:fb:90:81:ce:39:e8:c9:34:f7:1e:17:37:
         09:8b:6f:79:36:29:4b:a2:a7:6d:fc:67:58:fa:48:a3:08:e5:
         54:21:21:4c:2e:f9:0e:20:4a:6e:65:f6:9e:8b:35:a5:ed:5f:
         16:34:d0:34:1d:7d:e0:39:23:40:59:2c:3c:05:9a:43:00:52:
         1a:54:7d:44:db:52:fb:3c:f4:7e:98:ba:59:88:38:83:fe:30:
         a3:a3:bc:45
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYbCTGoChCqPor/NLXZic9eBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjMwMzA4MTczNzEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTZkNzQyZGY2NGUyMjI4ZWRmNmNlMWI3NGE0NzAwMzkzNzlmMTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuypacW+r1yO//P8xtVRghrUjmRbX
as7KBqCR/z5DvexmHMZg3Fz/2/Q5eh/TCVygCiPOCNwhDU7b3pwhaS9XxJ3gATWr
tN1kvpx1xS2ueqPiTSOGZcvuPV5v00MVXjt5Tj1CthdqaeyC6sh6dUFxOcpdHSCt
6sqebX5F324gjR+f0tWiuR6dJTA4OZnATk7tBgfN+YoGKwFMc01oPHPdKXifCz/a
HVEaK8e4fqwvjDHC7Lk6NNbCyc39W3Rgfmj1p9UT893GAiofCijhvPQJsMsPgcxx
zuexnjPCzMcDPldcZdWl5m/Zv8bPwzZVw9xDXItpQeKjl0GdV/nnvm5WgwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMFtdC32TiIo7fbOG3SkcAOTefFUMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvd1cxMExmWk9JaWp0OXM0YmRLUndBNU41OFZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABf0lMA0G
CSqGSIb3DQEBCwUAA4IBAQBppn1HSXOvnFVHN6Mm4jqOz1kYBqIDuOSpM2A2ckM2
cwL62T/zgJ/3uVKJjRRkVFzCw1kbZ4TQfu/XhwzlrjCBGhectXj+p8xeboNkZIiQ
ehJGj/+UidVpMbJfl1xq3lKA5sYulQLX/U1X8LEqjWMy00oNrySWJtIAfzXWXjCh
ha2R7fagiy9OecTzS4K75wA92XlXM07n87KLIG6lgx8LrdgRWvDO58L7kIHOOejJ
NPceFzcJi295NilLoqdt/GdY+kijCOVUISFMLvkOIEpuZfaeizWl7V8WNNA0HX3g
OSNAWSw8BZpDAFIaVH1E21L7PPR+mLpZiDiD/jCjo7xF
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:21 2024 by rpki-client on console-ams.rpki-client.org