Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/5srx1TTQTdgjX5ivzcSXiAE0Ovo.roa
File:                     5srx1TTQTdgjX5ivzcSXiAE0Ovo.roa (raw, json)
Hash identifier:          577YLNrqBLiQcTP3NuFHxu33o8Jc3EPdGoTK8sUNr5s=
Subject key identifier:   E6:CA:F1:D5:34:D0:4D:D8:23:5F:98:AF:CD:C4:97:88:01:34:3A:FA
Certificate issuer:       /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial:       018A6683CBD6025CA67C7F61B435F5FC50AC
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/5srx1TTQTdgjX5ivzcSXiAE0Ovo.roa
Signing time:             Tue 05 Sep 2023 18:03:47 +0000
ROA not before:           Tue 05 Sep 2023 18:03:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     174
IP address blocks:        94.154.180.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:30:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:66:83:cb:d6:02:5c:a6:7c:7f:61:b4:35:f5:fc:50:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
        Validity
            Not Before: Sep  5 18:03:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e6caf1d534d04dd8235f98afcdc4978801343afa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:c3:52:82:04:c0:57:04:20:11:19:6e:17:d0:
                    c2:26:4f:31:38:7a:0f:86:0b:1d:13:4b:71:09:17:
                    1c:e6:02:d7:1e:56:9b:ee:f3:ff:2e:6b:25:26:14:
                    fb:8d:b8:53:54:c1:dc:f8:0f:b3:37:2e:91:89:2c:
                    b4:07:3b:ea:5b:32:6f:ae:96:c8:3a:fc:1a:62:55:
                    a7:40:99:5a:23:41:9d:86:7b:e4:e6:1b:62:49:be:
                    1b:e0:3c:8d:9b:d2:4d:00:0a:be:df:57:c5:1e:2a:
                    2b:01:ab:cb:ae:43:26:eb:70:6c:65:15:9b:0b:a6:
                    8f:30:e0:e5:13:a6:5d:66:f5:b7:6a:d8:27:a1:83:
                    d1:a8:86:cc:ad:42:a4:65:4e:40:b2:39:79:4c:d5:
                    98:bf:12:17:55:c1:64:65:b0:67:01:1d:b2:31:ef:
                    6c:fe:3c:c8:8c:28:61:4b:99:77:f4:82:aa:cf:fd:
                    66:7b:6a:22:21:93:9b:e2:c6:d2:b1:da:3e:2c:e3:
                    26:3f:8d:97:c8:2c:95:8d:39:37:66:ce:bd:ef:1e:
                    1a:49:cd:64:38:a1:4c:1c:6c:ea:35:cc:68:6b:f1:
                    54:e6:df:85:de:49:4e:90:4c:c3:2d:23:09:ae:51:
                    9a:b5:b6:02:12:d2:62:e9:e3:1f:e6:97:55:62:2c:
                    af:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:CA:F1:D5:34:D0:4D:D8:23:5F:98:AF:CD:C4:97:88:01:34:3A:FA
            X509v3 Authority Key Identifier:
                keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/5srx1TTQTdgjX5ivzcSXiAE0Ovo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  94.154.180.0/23

    Signature Algorithm: sha256WithRSAEncryption
         51:4c:42:89:c0:e5:b1:78:01:31:f8:78:64:a5:ac:ae:1d:c7:
         2a:80:49:31:5f:85:fd:46:93:c8:5d:6f:88:b8:44:b1:91:60:
         05:e2:c7:37:93:a8:5f:e7:9d:75:2d:4b:39:6c:fb:e2:4a:6e:
         0a:d2:61:8a:6a:2d:82:77:24:ed:d9:ab:53:30:de:fe:15:80:
         90:55:90:d0:92:30:d8:2c:b8:cd:96:4a:61:a7:26:5e:b0:67:
         95:05:13:1e:e8:b1:9b:59:41:e2:60:68:b7:ed:52:9b:89:c6:
         16:3e:57:b8:80:49:b8:e0:d7:fe:57:9d:57:13:14:e7:9a:2c:
         f0:56:61:31:c5:b4:1b:65:eb:b0:31:ab:a5:2b:68:2f:82:1c:
         c1:dc:54:53:bc:dd:69:98:31:03:0c:43:3e:08:49:39:7d:b3:
         d4:27:d4:12:f3:27:b8:a2:2f:b0:32:79:d1:cf:cb:e7:e8:3e:
         72:32:eb:18:b0:53:9b:8c:af:bb:a4:3e:77:18:15:99:d5:3a:
         94:1a:47:0e:10:bc:e9:b3:a2:01:a0:d5:a5:31:d8:59:ab:4a:
         b2:e3:50:7b:df:9c:db:ef:49:bc:87:14:0e:cb:5f:39:1e:cc:
         c9:66:7f:2a:4b:c1:85:5c:8b:d2:f3:51:9b:eb:64:13:2f:f7:
         6a:36:af:28
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYpmg8vWAlymfH9htDX1/FCsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjMwOTA1MTgwMzQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNmNhZjFkNTM0ZDA0ZGQ4MjM1Zjk4YWZjZGM0OTc4ODAxMzQzYWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApcNSggTAVwQgERluF9DCJk8xOHoP
hgsdE0txCRcc5gLXHlab7vP/LmslJhT7jbhTVMHc+A+zNy6RiSy0BzvqWzJvrpbI
OvwaYlWnQJlaI0Gdhnvk5htiSb4b4DyNm9JNAAq+31fFHiorAavLrkMm63BsZRWb
C6aPMODlE6ZdZvW3atgnoYPRqIbMrUKkZU5Asjl5TNWYvxIXVcFkZbBnAR2yMe9s
/jzIjChhS5l39IKqz/1me2oiIZOb4sbSsdo+LOMmP42XyCyVjTk3Zs697x4aSc1k
OKFMHGzqNcxoa/FU5t+F3klOkEzDLSMJrlGatbYCEtJi6eMf5pdVYiyvjQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFObK8dU00E3YI1+Yr83El4gBNDr6MB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvNXNyeDFUVFFUZGdqWDVpdnpjU1hpQUUwT3ZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBXpq0MA0G
CSqGSIb3DQEBCwUAA4IBAQBRTEKJwOWxeAEx+HhkpayuHccqgEkxX4X9RpPIXW+I
uESxkWAF4sc3k6hf5511LUs5bPviSm4K0mGKai2CdyTt2atTMN7+FYCQVZDQkjDY
LLjNlkphpyZesGeVBRMe6LGbWUHiYGi37VKbicYWPle4gEm44Nf+V51XExTnmizw
VmExxbQbZeuwMaulK2gvghzB3FRTvN1pmDEDDEM+CEk5fbPUJ9QS8ye4oi+wMnnR
z8vn6D5yMusYsFObjK+7pD53GBWZ1TqUGkcOELzps6IBoNWlMdhZq0qy41B735zb
70m8hxQOy185HszJZn8qS8GFXIvS81Gb62QTL/dqNq8o
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:54 2024 by rpki-client on console-fra.rpki-client.org