Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/1Z45kR7mpYKNipM1TBDL0daifu8.roa
File:                     1Z45kR7mpYKNipM1TBDL0daifu8.roa (raw, json)
Hash identifier:          ooULmV/mmz9Ed6+8OnBqfKoZod7NV4XN1ekhUofplEk=
Subject key identifier:   D5:9E:39:91:1E:E6:A5:82:8D:8A:93:35:4C:10:CB:D1:D6:A2:7E:EF
Certificate issuer:       /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial:       0185710C1AC01F93EE61519728507DE7B524
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/1Z45kR7mpYKNipM1TBDL0daifu8.roa
Signing time:             Mon 02 Jan 2023 05:54:56 +0000
ROA not before:           Mon 02 Jan 2023 05:54:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     29802
IP address blocks:        213.108.198.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:32:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:0c:1a:c0:1f:93:ee:61:51:97:28:50:7d:e7:b5:24
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
        Validity
            Not Before: Jan  2 05:54:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d59e39911ee6a5828d8a93354c10cbd1d6a27eef
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f8:7b:26:56:4f:fd:e1:94:8e:ab:25:ba:dd:82:
                    33:e0:32:81:1b:c2:d0:b0:53:e5:66:1f:ef:17:3a:
                    53:a2:c2:ab:be:e7:15:78:e4:c5:70:eb:63:3c:a4:
                    5f:f0:55:c4:21:45:6a:ae:48:3c:57:2b:64:42:9a:
                    e1:c8:2b:d3:84:45:02:7d:99:12:88:5d:95:1f:7d:
                    6f:8c:d3:3c:f6:38:0e:f9:4f:c8:56:91:b9:e4:5e:
                    68:b7:ee:0b:11:47:38:e9:d7:23:bc:ab:62:65:47:
                    e3:96:27:f6:0b:51:17:2c:3d:fc:af:26:9f:82:cc:
                    58:37:eb:8b:1c:f2:b3:35:fe:c7:be:2a:33:f3:d2:
                    e9:ba:7f:9f:83:d0:7f:35:23:3c:99:fe:a8:c4:68:
                    42:4c:34:d4:a0:43:98:e3:ba:d3:6f:0c:4d:4f:fe:
                    a9:e6:d9:5c:98:5c:a4:36:9a:ce:72:cd:d4:72:73:
                    4f:c6:d6:bf:d9:89:d6:af:42:78:28:35:49:00:7c:
                    14:18:ec:dd:c2:57:c1:0c:70:92:3a:87:fd:f6:1b:
                    a8:3a:9e:d2:13:46:1c:4d:45:32:69:9f:6f:ad:bd:
                    b3:44:da:aa:9d:7d:7d:9d:24:e1:c9:65:3b:3f:0e:
                    00:71:f8:d2:83:42:34:9a:58:16:c1:04:b8:57:09:
                    e2:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:9E:39:91:1E:E6:A5:82:8D:8A:93:35:4C:10:CB:D1:D6:A2:7E:EF
            X509v3 Authority Key Identifier:
                keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/1Z45kR7mpYKNipM1TBDL0daifu8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.108.198.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1b:d7:3a:84:4d:31:f4:c7:3f:5d:33:c0:ae:75:a0:ea:ac:15:
         3e:a1:ad:7f:6c:4c:f7:ba:30:2f:c4:79:b5:da:fe:8a:93:c6:
         ba:80:9d:18:cb:a9:2b:e5:77:e2:17:bc:ed:2a:15:6a:de:d8:
         2a:fa:74:31:fb:3a:f7:5a:22:ef:93:18:76:48:36:01:32:3b:
         74:4d:f9:e8:4d:00:1d:5e:16:5f:22:ca:29:0e:62:8a:24:ff:
         0f:e8:aa:1f:ac:cb:65:f4:61:23:3a:d4:7e:af:0c:bc:a5:78:
         ae:21:ba:d5:e9:ae:04:57:cd:54:c6:74:0f:03:ac:ea:51:da:
         76:8f:c1:d6:01:8d:a3:3f:14:21:72:eb:e8:52:60:51:a1:78:
         9e:88:4e:c8:cc:51:5c:5a:4a:ff:3a:5f:93:a1:2f:1b:e5:91:
         2e:b0:a2:a5:4f:08:d3:28:0f:43:af:1f:9e:24:37:38:ce:1e:
         6f:2e:fe:c7:32:dc:e9:10:20:3c:6f:a7:c0:a6:30:4d:e3:34:
         1f:33:95:54:e4:e5:c6:a2:f8:02:8a:8f:62:ef:b1:e1:5b:b8:
         2c:1a:04:ca:1d:2d:5a:e2:dc:58:73:9a:49:0e:92:d7:60:03:
         7d:10:3a:2c:8f:5d:9f:92:4b:de:56:fa:10:29:f2:d9:a6:90:
         8a:41:a8:9a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxDBrAH5PuYVGXKFB957UkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjMwMTAyMDU1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTllMzk5MTFlZTZhNTgyOGQ4YTkzMzU0YzEwY2JkMWQ2YTI3ZWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+HsmVk/94ZSOqyW63YIz4DKBG8LQ
sFPlZh/vFzpTosKrvucVeOTFcOtjPKRf8FXEIUVqrkg8VytkQprhyCvThEUCfZkS
iF2VH31vjNM89jgO+U/IVpG55F5ot+4LEUc46dcjvKtiZUfjlif2C1EXLD38ryaf
gsxYN+uLHPKzNf7Hvioz89Lpun+fg9B/NSM8mf6oxGhCTDTUoEOY47rTbwxNT/6p
5tlcmFykNprOcs3UcnNPxta/2YnWr0J4KDVJAHwUGOzdwlfBDHCSOof99huoOp7S
E0YcTUUyaZ9vrb2zRNqqnX19nSThyWU7Pw4AcfjSg0I0mlgWwQS4VwninwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNWeOZEe5qWCjYqTNUwQy9HWon7vMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvMVo0NWtSN21wWUtOaXBNMVRCREwwZGFpZnU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1WzGMA0G
CSqGSIb3DQEBCwUAA4IBAQAb1zqETTH0xz9dM8CudaDqrBU+oa1/bEz3ujAvxHm1
2v6Kk8a6gJ0Yy6kr5XfiF7ztKhVq3tgq+nQx+zr3WiLvkxh2SDYBMjt0TfnoTQAd
XhZfIsopDmKKJP8P6KofrMtl9GEjOtR+rwy8pXiuIbrV6a4EV81UxnQPA6zqUdp2
j8HWAY2jPxQhcuvoUmBRoXieiE7IzFFcWkr/Ol+ToS8b5ZEusKKlTwjTKA9Drx+e
JDc4zh5vLv7HMtzpECA8b6fApjBN4zQfM5VU5OXGovgCio9i77HhW7gsGgTKHS1a
4txYc5pJDpLXYAN9EDosj12fkkveVvoQKfLZppCKQaia
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:08 2024 by rpki-client on console-ams.rpki-client.org