Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/u0xE71cN5aXxdnYkVYvyojy215o.roa
File:                     u0xE71cN5aXxdnYkVYvyojy215o.roa (raw, json)
Hash identifier:          SCwlYNzQ4gb1T25vX223Z1kTw3jti31Xiei3eyU4GNY=
Subject key identifier:   BB:4C:44:EF:57:0D:E5:A5:F1:76:76:24:55:8B:F2:A2:3C:B6:D7:9A
Certificate issuer:       /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial:       018E526B42E31CC0EA8778CDA0D835113BB3
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/u0xE71cN5aXxdnYkVYvyojy215o.roa
Signing time:             Mon 18 Mar 2024 16:35:44 +0000
ROA not before:           Mon 18 Mar 2024 16:35:44 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     55154
IP address blocks:        5.181.182.0/24 maxlen: 24
                          5.181.183.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 19 Apr 2024 17:52:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:52:6b:42:e3:1c:c0:ea:87:78:cd:a0:d8:35:11:3b:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
        Validity
            Not Before: Mar 18 16:35:44 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=bb4c44ef570de5a5f1767624558bf2a23cb6d79a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:cb:94:ce:3b:fd:f3:7d:b2:fd:58:d5:15:43:
                    83:0e:19:4e:2a:cf:10:d8:cf:56:06:4a:8b:63:8a:
                    a3:66:34:b3:5b:0b:20:74:61:78:cf:15:41:5a:6e:
                    9b:9c:ce:82:c9:c4:fd:52:63:f1:78:35:9c:0d:c4:
                    d7:39:68:90:f6:f5:3a:79:61:16:26:a1:6a:da:da:
                    56:a5:bb:23:42:4e:25:ff:8a:7d:f3:22:0d:90:f6:
                    3a:f4:20:bd:16:e2:d6:37:14:7a:48:4a:c1:4a:c6:
                    ce:88:e1:85:fc:e8:99:36:52:07:2c:36:03:34:c3:
                    86:e2:ad:cf:00:07:be:12:ff:c6:7e:40:2f:c2:5b:
                    4f:87:56:e2:99:70:72:83:41:91:b3:fc:11:56:95:
                    08:c2:ff:b2:33:9a:2e:f1:e7:f6:60:4c:1a:df:e6:
                    75:3e:77:b5:d7:17:42:58:27:9d:2d:a7:29:cd:75:
                    ac:14:b3:a5:8e:b7:e2:8a:f0:91:13:59:7b:e8:49:
                    a5:3b:2b:de:c5:9e:a7:80:9c:72:40:27:47:e4:f7:
                    5a:a3:6e:32:5c:de:f3:43:a3:02:5b:ff:b6:64:12:
                    5c:22:92:24:f3:4b:8d:c9:0e:74:f3:f1:c7:72:fb:
                    83:e9:e1:a7:5e:f8:e9:b0:9e:08:28:6c:cc:a9:46:
                    64:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:4C:44:EF:57:0D:E5:A5:F1:76:76:24:55:8B:F2:A2:3C:B6:D7:9A
            X509v3 Authority Key Identifier:
                keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/u0xE71cN5aXxdnYkVYvyojy215o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.181.182.0/23

    Signature Algorithm: sha256WithRSAEncryption
         2d:c3:75:d6:67:68:db:57:09:fd:6e:6d:ea:f5:f6:12:fd:e9:
         69:79:90:da:6e:31:5e:1d:ed:65:06:f9:9f:b6:77:c8:9b:e3:
         0b:df:b4:61:f7:8b:e2:61:6c:02:42:4d:68:7a:c9:e9:11:7c:
         c9:7e:6b:e3:94:37:62:2f:42:77:70:88:23:5a:c6:99:da:8c:
         25:70:80:59:87:19:49:41:9a:30:fb:b1:72:de:a2:11:4b:79:
         0e:2d:96:7a:ed:d3:5a:72:a6:4a:2e:24:37:8b:ad:c5:fb:5c:
         75:1c:38:a7:da:2c:81:19:ba:20:55:bb:30:6f:c1:5d:dd:fb:
         68:a5:9f:ab:3f:8d:ff:4a:3f:06:6f:a4:33:61:d7:4e:e3:c0:
         7d:c7:c3:4e:3d:bc:89:ea:6d:f4:4d:5a:f5:81:23:42:5e:82:
         e6:de:60:5a:24:45:aa:c5:01:eb:8b:e7:9e:94:2b:48:4a:45:
         0d:b3:79:94:45:3f:91:ad:0d:f8:a1:6b:3e:24:2e:86:6c:60:
         87:09:27:21:48:2d:e1:f2:c4:44:bf:a4:df:8d:01:44:37:01:
         5c:47:df:a5:63:2d:a9:dc:95:04:fa:fe:58:0d:17:9d:67:ec:
         d6:e0:ea:e3:24:6b:84:7a:c4:7c:b6:a2:96:2e:26:a0:99:d9:
         a7:50:a8:16
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY5Sa0LjHMDqh3jNoNg1ETuzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjQwMzE4MTYzNTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjRjNDRlZjU3MGRlNWE1ZjE3Njc2MjQ1NThiZjJhMjNjYjZkNzlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvsuUzjv9832y/VjVFUODDhlOKs8Q
2M9WBkqLY4qjZjSzWwsgdGF4zxVBWm6bnM6CycT9UmPxeDWcDcTXOWiQ9vU6eWEW
JqFq2tpWpbsjQk4l/4p98yINkPY69CC9FuLWNxR6SErBSsbOiOGF/OiZNlIHLDYD
NMOG4q3PAAe+Ev/GfkAvwltPh1bimXByg0GRs/wRVpUIwv+yM5ou8ef2YEwa3+Z1
Pne11xdCWCedLacpzXWsFLOljrfiivCRE1l76EmlOyvexZ6ngJxyQCdH5Pdao24y
XN7zQ6MCW/+2ZBJcIpIk80uNyQ508/HHcvuD6eGnXvjpsJ4IKGzMqUZkDQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLtMRO9XDeWl8XZ2JFWL8qI8tteaMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvdTB4RTcxY041YVh4ZG5Za1ZZdnlvankyMTVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBBbW2MA0G
CSqGSIb3DQEBCwUAA4IBAQAtw3XWZ2jbVwn9bm3q9fYS/elpeZDabjFeHe1lBvmf
tnfIm+ML37Rh94viYWwCQk1oesnpEXzJfmvjlDdiL0J3cIgjWsaZ2owlcIBZhxlJ
QZow+7Fy3qIRS3kOLZZ67dNacqZKLiQ3i63F+1x1HDin2iyBGbogVbswb8Fd3fto
pZ+rP43/Sj8Gb6QzYddO48B9x8NOPbyJ6m30TVr1gSNCXoLm3mBaJEWqxQHri+ee
lCtISkUNs3mURT+RrQ34oWs+JC6GbGCHCSchSC3h8sREv6TfjQFENwFcR9+lYy2p
3JUE+v5YDRedZ+zW4OrjJGuEesR8tqKWLiagmdmnUKgW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:47 2024 by rpki-client on console-fra.rpki-client.org