Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/8b141b-494e-466b-a22c-a224fefac218/1/u38kPPdVcwDHJ3WFUe8Ga_R13fo.roa
File:                     u38kPPdVcwDHJ3WFUe8Ga_R13fo.roa (raw, json)
Hash identifier:          l9hFTy23313g8dkpSrqZochWs7b2Hl6sW66jqv3n8aI=
Subject key identifier:   BB:7F:24:3C:F7:55:73:00:C7:27:75:85:51:EF:06:6B:F4:75:DD:FA
Certificate issuer:       /CN=137f3372df57c814aba8b51a907861d92b9e4f55
Certificate serial:       018571276D8F5FEDB5B6E7C1756A99C2464B
Authority key identifier: 13:7F:33:72:DF:57:C8:14:AB:A8:B5:1A:90:78:61:D9:2B:9E:4F:55
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/E38zct9XyBSrqLUakHhh2SueT1U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c3/8b141b-494e-466b-a22c-a224fefac218/1/u38kPPdVcwDHJ3WFUe8Ga_R13fo.roa
Signing time:             Mon 02 Jan 2023 06:24:47 +0000
ROA not before:           Mon 02 Jan 2023 06:24:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     209459
IP address blocks:        5.253.24.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 16:29:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:27:6d:8f:5f:ed:b5:b6:e7:c1:75:6a:99:c2:46:4b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=137f3372df57c814aba8b51a907861d92b9e4f55
        Validity
            Not Before: Jan  2 06:24:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=bb7f243cf7557300c727758551ef066bf475ddfa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:dc:74:26:fa:bd:0d:f8:a0:43:48:df:0d:58:
                    1b:56:ec:f6:51:bf:18:8d:a7:bb:12:94:53:f6:31:
                    3e:d5:ef:dd:69:a4:1d:11:92:8c:be:61:79:ab:13:
                    49:cb:7b:d4:54:c5:51:bd:7b:41:69:22:75:a9:91:
                    87:cd:94:2b:6c:cb:f9:74:fe:48:35:55:79:da:d4:
                    11:8d:71:08:99:ef:95:70:7c:54:db:98:37:75:a0:
                    b2:16:b6:70:da:a7:01:72:33:d1:9f:e8:9a:db:54:
                    d6:c4:0f:ff:83:c4:1d:08:c4:bf:25:cf:27:a7:d4:
                    03:3d:df:02:af:33:19:77:b9:b4:e4:6c:0c:35:1e:
                    ce:07:83:5a:2c:ce:10:d8:20:02:ea:d4:38:11:90:
                    1d:ad:c1:14:0a:4f:1a:48:c6:d0:cc:69:a1:99:0b:
                    99:25:0f:01:6e:d7:79:15:ad:2c:2a:ab:19:b7:25:
                    a3:54:17:4d:c8:54:74:6d:5a:49:02:3b:77:7c:84:
                    44:28:df:9d:76:f4:a9:2a:27:c4:32:db:c5:4a:c0:
                    9d:52:fa:2c:28:4c:a7:18:53:32:0c:9c:b8:bd:e2:
                    90:e8:12:5b:a4:54:3a:81:f8:fe:08:c2:df:c2:06:
                    a5:ae:f7:5e:31:0e:73:d0:16:95:0d:47:b7:21:79:
                    16:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:7F:24:3C:F7:55:73:00:C7:27:75:85:51:EF:06:6B:F4:75:DD:FA
            X509v3 Authority Key Identifier:
                keyid:13:7F:33:72:DF:57:C8:14:AB:A8:B5:1A:90:78:61:D9:2B:9E:4F:55

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E38zct9XyBSrqLUakHhh2SueT1U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/8b141b-494e-466b-a22c-a224fefac218/1/u38kPPdVcwDHJ3WFUe8Ga_R13fo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/8b141b-494e-466b-a22c-a224fefac218/1/E38zct9XyBSrqLUakHhh2SueT1U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.253.24.0/22

    Signature Algorithm: sha256WithRSAEncryption
         0b:ac:9d:8e:6d:ff:0f:68:4a:8c:bf:24:02:2c:f5:5a:4f:82:
         40:0a:c0:f4:98:2a:01:1c:92:4e:10:39:3c:ae:7c:54:c8:8c:
         e0:a4:66:03:ff:a0:c1:ce:0d:e3:13:f1:f8:77:c7:45:70:d3:
         20:ed:11:3e:fd:53:ea:a0:bf:de:1a:46:a6:6d:fa:35:6f:36:
         f4:aa:10:ea:bd:15:2d:56:6d:f6:78:e9:e2:70:46:cd:5c:8b:
         5e:4a:61:09:02:39:44:f4:6d:74:8c:35:c2:c9:06:f7:2c:34:
         61:14:7f:86:20:f7:1b:fd:74:95:06:01:b7:5e:7f:71:42:4b:
         e1:f4:e2:3e:8e:6d:a8:24:05:5c:90:67:a8:5a:c7:b4:d9:7e:
         e2:02:86:bf:4f:19:0b:3d:96:a1:94:96:4c:8a:d6:2a:0c:63:
         25:53:42:45:b5:94:ef:21:94:df:1d:23:59:af:bf:48:0a:c1:
         ea:8f:48:3f:6c:cd:9d:5b:6c:fc:a9:3d:38:de:20:bc:73:9c:
         ea:de:72:6a:76:bd:37:a6:a2:11:40:55:81:6f:cf:58:16:c6:
         09:03:4b:e0:fd:d6:0b:0f:4b:6a:b9:f0:90:34:fc:24:02:e6:
         d8:11:f0:46:ff:8a:23:c7:81:d0:38:3d:9e:1c:cb:a4:1c:52:
         aa:6e:02:c3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxJ22PX+21tufBdWqZwkZLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzN2YzMzcyZGY1N2M4MTRhYmE4YjUxYTkwNzg2MWQ5MmI5
ZTRmNTUwHhcNMjMwMTAyMDYyNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjdmMjQzY2Y3NTU3MzAwYzcyNzc1ODU1MWVmMDY2YmY0NzVkZGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAndx0Jvq9DfigQ0jfDVgbVuz2Ub8Y
jae7EpRT9jE+1e/daaQdEZKMvmF5qxNJy3vUVMVRvXtBaSJ1qZGHzZQrbMv5dP5I
NVV52tQRjXEIme+VcHxU25g3daCyFrZw2qcBcjPRn+ia21TWxA//g8QdCMS/Jc8n
p9QDPd8CrzMZd7m05GwMNR7OB4NaLM4Q2CAC6tQ4EZAdrcEUCk8aSMbQzGmhmQuZ
JQ8Bbtd5Fa0sKqsZtyWjVBdNyFR0bVpJAjt3fIREKN+ddvSpKifEMtvFSsCdUvos
KEynGFMyDJy4veKQ6BJbpFQ6gfj+CMLfwgalrvdeMQ5z0BaVDUe3IXkWPQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLt/JDz3VXMAxyd1hVHvBmv0dd36MB8GA1UdIwQY
MBaAFBN/M3LfV8gUq6i1GpB4Ydkrnk9VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTM4emN0OVh5QlNycUxVYWtIaGgyU3VlVDFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy84YjE0MWItNDk0ZS00NjZiLWEyMmMt
YTIyNGZlZmFjMjE4LzEvdTM4a1BQZFZjd0RISjNXRlVlOEdhX1IxM2ZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy84YjE0MWItNDk0ZS00NjZiLWEyMmMtYTIyNGZlZmFjMjE4
LzEvRTM4emN0OVh5QlNycUxVYWtIaGgyU3VlVDFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBf0YMA0G
CSqGSIb3DQEBCwUAA4IBAQALrJ2Obf8PaEqMvyQCLPVaT4JACsD0mCoBHJJOEDk8
rnxUyIzgpGYD/6DBzg3jE/H4d8dFcNMg7RE+/VPqoL/eGkambfo1bzb0qhDqvRUt
Vm32eOnicEbNXIteSmEJAjlE9G10jDXCyQb3LDRhFH+GIPcb/XSVBgG3Xn9xQkvh
9OI+jm2oJAVckGeoWse02X7iAoa/TxkLPZahlJZMitYqDGMlU0JFtZTvIZTfHSNZ
r79ICsHqj0g/bM2dW2z8qT043iC8c5zq3nJqdr03pqIRQFWBb89YFsYJA0vg/dYL
D0tqufCQNPwkAubYEfBG/4ojx4HQOD2eHMukHFKqbgLD
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:52 2024 by rpki-client on console-fra.rpki-client.org