Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/d19fc2-8949-4fe6-931b-1c4bb58ab720/1/YCmC0As4LlVcE81Fg4eRYVsL878.roa
File:                     YCmC0As4LlVcE81Fg4eRYVsL878.roa (raw, json)
Hash identifier:          BkCfEzqLBy8IO+pfQLdsVAsjbYhcX/EuMeU8kxhuXek=
Subject key identifier:   60:29:82:D0:0B:38:2E:55:5C:13:CD:45:83:87:91:61:5B:0B:F3:BF
Certificate issuer:       /CN=4a8e68702ef5d48c4f2b072d9cb473e62b87b3e4
Certificate serial:       018570C2DFA6D9F25E3BC23B8A1C64B31544
Authority key identifier: 4A:8E:68:70:2E:F5:D4:8C:4F:2B:07:2D:9C:B4:73:E6:2B:87:B3:E4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/So5ocC711IxPKwctnLRz5iuHs-Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b2/d19fc2-8949-4fe6-931b-1c4bb58ab720/1/YCmC0As4LlVcE81Fg4eRYVsL878.roa
Signing time:             Mon 02 Jan 2023 04:34:57 +0000
ROA not before:           Mon 02 Jan 2023 04:34:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     196763
IP address blocks:        5.28.47.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:29:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:c2:df:a6:d9:f2:5e:3b:c2:3b:8a:1c:64:b3:15:44
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4a8e68702ef5d48c4f2b072d9cb473e62b87b3e4
        Validity
            Not Before: Jan  2 04:34:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=602982d00b382e555c13cd45838791615b0bf3bf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:cf:2c:67:f5:cd:6a:88:8c:b8:1e:6d:1d:7d:
                    ef:9b:f8:c4:a1:c9:c9:d5:ed:dd:ff:c3:38:aa:97:
                    82:b9:d6:60:dd:f5:9d:59:48:e0:27:e4:46:ab:cd:
                    9b:8a:2c:0c:b8:5a:6e:bd:57:6c:e5:5b:d9:f5:65:
                    f9:43:c4:f5:09:d1:33:0f:0c:a8:15:ea:9c:29:a8:
                    34:f1:83:dc:d2:a1:63:55:30:cb:a2:05:d9:25:4d:
                    8a:63:5d:60:98:1d:8a:bd:dd:fe:99:4d:a8:1e:45:
                    c5:f1:a7:a6:37:00:42:38:29:54:86:f2:fa:37:23:
                    be:eb:65:17:d8:ea:22:66:a4:c2:44:05:88:75:5e:
                    33:8c:f0:d0:d1:3a:8d:51:ca:bb:e4:87:9a:fd:dc:
                    1f:00:99:ab:17:28:d6:56:3d:73:99:87:af:8d:65:
                    76:41:b1:ad:5c:9c:83:7a:55:db:79:34:14:c6:50:
                    f0:36:03:77:92:28:a4:70:7a:81:f1:36:32:46:d2:
                    35:0a:6c:a8:65:60:a8:b4:e9:f7:37:98:f9:f7:0e:
                    a1:94:6c:19:ca:ba:cd:a5:0b:3a:a6:61:12:49:8f:
                    9d:9b:aa:1e:d4:8e:9d:b4:8f:c8:23:7e:5d:24:08:
                    e9:52:ba:14:57:30:b0:39:ac:7d:7c:fe:00:bd:89:
                    f7:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:29:82:D0:0B:38:2E:55:5C:13:CD:45:83:87:91:61:5B:0B:F3:BF
            X509v3 Authority Key Identifier:
                keyid:4A:8E:68:70:2E:F5:D4:8C:4F:2B:07:2D:9C:B4:73:E6:2B:87:B3:E4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/So5ocC711IxPKwctnLRz5iuHs-Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/d19fc2-8949-4fe6-931b-1c4bb58ab720/1/YCmC0As4LlVcE81Fg4eRYVsL878.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/d19fc2-8949-4fe6-931b-1c4bb58ab720/1/So5ocC711IxPKwctnLRz5iuHs-Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.28.47.0/24

    Signature Algorithm: sha256WithRSAEncryption
         23:36:eb:0d:63:1a:83:5f:59:2b:4b:d0:83:d9:5a:67:3d:f1:
         6e:10:e7:45:58:8a:e7:1e:81:d1:98:4c:9f:9c:96:eb:91:86:
         39:e0:3c:38:e7:5d:49:ad:89:cd:6a:b8:e9:87:0d:98:1e:b5:
         0c:4f:82:cd:99:8e:c7:ff:36:05:34:f2:44:b0:fc:10:64:3f:
         9f:b6:aa:3a:7d:8d:2e:da:54:0f:05:d6:39:9f:82:fc:9e:ff:
         0a:0a:a7:ed:1c:51:a1:59:aa:e0:c4:5b:c4:90:a3:47:38:69:
         ed:bc:c8:83:8e:6b:ea:8b:a5:24:9c:ba:b8:77:56:94:01:14:
         ae:c3:e4:c6:93:46:ce:b1:30:2e:ac:87:d9:c9:18:f5:aa:03:
         6c:fd:1e:67:c2:cd:1c:96:d8:34:8d:4a:2e:c1:86:3c:79:45:
         d9:8d:ae:0a:37:7e:b1:3e:3c:d5:0f:c3:1a:97:47:19:92:64:
         00:a0:63:ba:5e:f7:61:ce:9a:76:a5:a4:a4:b7:6a:2f:9e:e4:
         52:55:4f:a2:b0:0b:83:ef:7e:6b:99:d3:e8:c3:b1:7f:3f:0c:
         5c:f0:65:d2:95:d7:97:60:87:22:0a:f8:47:1b:f2:ed:a3:66:
         32:db:7c:78:fe:92:11:c2:b9:c3:68:07:f9:73:f1:da:31:f5:
         1c:ab:3e:37
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwwt+m2fJeO8I7ihxksxVEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhOGU2ODcwMmVmNWQ0OGM0ZjJiMDcyZDljYjQ3M2U2MmI4
N2IzZTQwHhcNMjMwMTAyMDQzNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDI5ODJkMDBiMzgyZTU1NWMxM2NkNDU4Mzg3OTE2MTViMGJmM2JmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr88sZ/XNaoiMuB5tHX3vm/jEocnJ
1e3d/8M4qpeCudZg3fWdWUjgJ+RGq82biiwMuFpuvVds5VvZ9WX5Q8T1CdEzDwyo
FeqcKag08YPc0qFjVTDLogXZJU2KY11gmB2Kvd3+mU2oHkXF8aemNwBCOClUhvL6
NyO+62UX2OoiZqTCRAWIdV4zjPDQ0TqNUcq75Iea/dwfAJmrFyjWVj1zmYevjWV2
QbGtXJyDelXbeTQUxlDwNgN3kiikcHqB8TYyRtI1CmyoZWCotOn3N5j59w6hlGwZ
yrrNpQs6pmESSY+dm6oe1I6dtI/II35dJAjpUroUVzCwOax9fP4AvYn3SwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGApgtALOC5VXBPNRYOHkWFbC/O/MB8GA1UdIwQY
MBaAFEqOaHAu9dSMTysHLZy0c+Yrh7PkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU281b2NDNzExSXhQS3djdG5MUno1aXVIcy1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi9kMTlmYzItODk0OS00ZmU2LTkzMWIt
MWM0YmI1OGFiNzIwLzEvWUNtQzBBczRMbFZjRTgxRmc0ZVJZVnNMODc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi9kMTlmYzItODk0OS00ZmU2LTkzMWItMWM0YmI1OGFiNzIw
LzEvU281b2NDNzExSXhQS3djdG5MUno1aXVIcy1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABRwvMA0G
CSqGSIb3DQEBCwUAA4IBAQAjNusNYxqDX1krS9CD2VpnPfFuEOdFWIrnHoHRmEyf
nJbrkYY54Dw4511JrYnNarjphw2YHrUMT4LNmY7H/zYFNPJEsPwQZD+ftqo6fY0u
2lQPBdY5n4L8nv8KCqftHFGhWargxFvEkKNHOGntvMiDjmvqi6UknLq4d1aUARSu
w+TGk0bOsTAurIfZyRj1qgNs/R5nws0cltg0jUouwYY8eUXZja4KN36xPjzVD8Ma
l0cZkmQAoGO6Xvdhzpp2paSkt2ovnuRSVU+isAuD735rmdPow7F/Pwxc8GXSldeX
YIciCvhHG/Lto2Yy23x4/pIRwrnDaAf5c/HaMfUcqz43
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:28 2024 by rpki-client on console-fra.rpki-client.org