Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/5-XLQmTQAwxsTFBylrwS6EVmG7k.roa
File:                     5-XLQmTQAwxsTFBylrwS6EVmG7k.roa (raw, json)
Hash identifier:          ZNYhIdexcfUsUpiESALp7kLS+OqmLkHnvtelvnyBmzY=
Subject key identifier:   E7:E5:CB:42:64:D0:03:0C:6C:4C:50:72:96:BC:12:E8:45:66:1B:B9
Certificate issuer:       /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial:       018A12053523B684BBCDB6C815AE36E8C664
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/5-XLQmTQAwxsTFBylrwS6EVmG7k.roa
Signing time:             Sun 20 Aug 2023 08:17:25 +0000
ROA not before:           Sun 20 Aug 2023 08:17:25 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     59432
IP address blocks:        178.253.40.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Sat 26 Aug 2023 07:52:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:12:05:35:23:b6:84:bb:cd:b6:c8:15:ae:36:e8:c6:64
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
        Validity
            Not Before: Aug 20 08:17:25 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e7e5cb4264d0030c6c4c507296bc12e845661bb9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:de:ab:d7:d0:a4:04:c3:57:80:70:95:84:b9:
                    be:de:1b:78:e8:b2:ad:eb:73:c3:32:50:ed:4b:db:
                    45:52:1b:37:bc:7a:61:ac:44:e8:b6:59:3a:d8:82:
                    e4:62:84:94:04:de:3a:32:f5:2e:cd:8f:7f:2a:f4:
                    cf:47:b9:fa:9e:0e:f5:27:e9:09:57:bd:77:68:9d:
                    71:64:a5:6d:9f:88:5d:3f:98:5c:c3:02:ba:8c:95:
                    49:c1:34:78:4c:2f:6f:dc:6a:6c:c5:a9:ed:cc:de:
                    cd:b7:b1:74:a8:f5:53:92:2d:68:ee:18:50:b7:c9:
                    06:51:92:46:b1:11:06:8e:c2:f7:e7:30:41:a6:ce:
                    46:79:35:da:42:e9:78:a6:7a:08:ef:d7:43:67:68:
                    51:a4:5a:ee:e0:f3:9d:c3:05:e3:39:9b:6b:da:ac:
                    ee:9f:9f:f0:d4:33:39:b4:df:f3:34:87:d8:bd:bf:
                    2e:30:4f:41:2c:2b:db:37:36:bd:43:b6:41:26:2e:
                    ed:29:ad:20:50:f1:ca:da:a6:c9:a3:b6:c9:66:6a:
                    f5:66:89:b8:9a:d4:24:be:4e:e0:fc:14:ce:50:3e:
                    1d:3f:ef:5e:e9:80:70:88:f1:17:d1:ce:07:40:5a:
                    80:65:2c:b7:9e:eb:32:ff:94:66:20:ce:75:2b:6f:
                    cb:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:E5:CB:42:64:D0:03:0C:6C:4C:50:72:96:BC:12:E8:45:66:1B:B9
            X509v3 Authority Key Identifier:
                keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/5-XLQmTQAwxsTFBylrwS6EVmG7k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.253.40.0/22

    Signature Algorithm: sha256WithRSAEncryption
         2b:1c:33:2a:6c:39:55:a2:97:a0:7c:fc:8e:58:9e:65:e5:cf:
         39:df:93:1c:93:f7:07:0b:3d:7b:9f:e6:ec:75:32:26:54:f3:
         15:02:b1:2b:db:64:6f:45:2c:6f:5f:80:24:0a:2d:5f:c2:fa:
         99:89:56:72:4d:16:1d:4e:ac:af:b7:69:59:78:6e:24:e8:db:
         fe:3f:9d:cc:f5:22:6d:7f:b9:37:17:66:dd:1c:92:e8:de:e0:
         d0:69:67:58:b6:a1:c3:75:f2:78:6c:3a:de:f2:5f:a8:52:a3:
         61:27:9e:ae:c5:c9:42:bb:b0:26:1b:68:0e:94:c3:e0:a0:7b:
         0d:c6:98:79:4c:50:8a:b4:e6:fd:8f:d2:70:3d:12:18:1e:bb:
         75:53:5d:c3:e6:93:bc:f9:55:f0:81:f5:1d:b5:f2:77:62:87:
         36:0c:ef:3d:dc:bf:ca:93:80:af:9a:db:f0:fb:77:4e:5b:f0:
         57:76:70:94:1e:97:c1:7f:80:d2:e8:ac:6a:fe:85:ed:d0:77:
         a3:54:df:4c:c6:9b:ed:27:90:a8:fe:6a:5e:96:10:ca:bf:79:
         0f:53:46:ff:fb:cc:fd:d3:69:b3:b0:b8:80:ec:c8:6b:db:be:
         34:21:7c:b1:06:20:0a:1e:98:31:89:f4:e8:fb:22:5d:1a:6b:
         21:27:95:09
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYoSBTUjtoS7zbbIFa426MZkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjMwODIwMDgxNzI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2U1Y2I0MjY0ZDAwMzBjNmM0YzUwNzI5NmJjMTJlODQ1NjYxYmI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAht6r19CkBMNXgHCVhLm+3ht46LKt
63PDMlDtS9tFUhs3vHphrETotlk62ILkYoSUBN46MvUuzY9/KvTPR7n6ng71J+kJ
V713aJ1xZKVtn4hdP5hcwwK6jJVJwTR4TC9v3GpsxantzN7Nt7F0qPVTki1o7hhQ
t8kGUZJGsREGjsL35zBBps5GeTXaQul4pnoI79dDZ2hRpFru4POdwwXjOZtr2qzu
n5/w1DM5tN/zNIfYvb8uME9BLCvbNza9Q7ZBJi7tKa0gUPHK2qbJo7bJZmr1Zom4
mtQkvk7g/BTOUD4dP+9e6YBwiPEX0c4HQFqAZSy3nusy/5RmIM51K2/LUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOfly0Jk0AMMbExQcpa8EuhFZhu5MB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvNS1YTFFtVFFBd3hzVEZCeWxyd1M2RVZtRzdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCsv0oMA0G
CSqGSIb3DQEBCwUAA4IBAQArHDMqbDlVopegfPyOWJ5l5c8535Mck/cHCz17n+bs
dTImVPMVArEr22RvRSxvX4AkCi1fwvqZiVZyTRYdTqyvt2lZeG4k6Nv+P53M9SJt
f7k3F2bdHJLo3uDQaWdYtqHDdfJ4bDre8l+oUqNhJ56uxclCu7AmG2gOlMPgoHsN
xph5TFCKtOb9j9JwPRIYHrt1U13D5pO8+VXwgfUdtfJ3Yoc2DO893L/Kk4Cvmtvw
+3dOW/BXdnCUHpfBf4DS6Kxq/oXt0HejVN9MxpvtJ5Co/mpelhDKv3kPU0b/+8z9
02mzsLiA7Mhr2740IXyxBiAKHpgxifTo+yJdGmshJ5UJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:09 2024 by rpki-client on console-fra.rpki-client.org