Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/298898-7454-402b-81e9-ee1bd344f015/1/5UZ4QsMUCveN0tda9ZdgidOJADw.roa
File:                     5UZ4QsMUCveN0tda9ZdgidOJADw.roa (raw, json)
Hash identifier:          kA5+iUeRVF4TqQV15GosxWeDsBwJ7vac3YYnZNsybrU=
Subject key identifier:   E5:46:78:42:C3:14:0A:F7:8D:D2:D7:5A:F5:97:60:89:D3:89:00:3C
Certificate issuer:       /CN=1e8d205c798ed78f3c44ca0c8f2852e8bec8eaa2
Certificate serial:       01880435B82F2065B68D07A5268D82A22D4F
Authority key identifier: 1E:8D:20:5C:79:8E:D7:8F:3C:44:CA:0C:8F:28:52:E8:BE:C8:EA:A2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ho0gXHmO1488RMoMjyhS6L7I6qI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/298898-7454-402b-81e9-ee1bd344f015/1/5UZ4QsMUCveN0tda9ZdgidOJADw.roa
Signing time:             Wed 10 May 2023 05:50:09 +0000
ROA not before:           Wed 10 May 2023 05:50:09 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     43766
IP address blocks:        2a00:5400:f004::/48 maxlen: 48
                          2a00:5400:f007::/48 maxlen: 48
                          2a00:5400:f002::/48 maxlen: 48
                          2a00:5400:f005::/48 maxlen: 48
                          2a00:5400:f000::/48 maxlen: 48
                          2a00:5400:f003::/48 maxlen: 48
                          2a00:5400:f006::/48 maxlen: 48
                          2a00:5400:f001::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:32:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:04:35:b8:2f:20:65:b6:8d:07:a5:26:8d:82:a2:2d:4f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1e8d205c798ed78f3c44ca0c8f2852e8bec8eaa2
        Validity
            Not Before: May 10 05:50:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e5467842c3140af78dd2d75af5976089d389003c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:d4:b6:a2:8e:85:b8:18:a9:ab:ac:16:70:9b:
                    61:87:0b:db:84:8a:20:4e:9b:46:a7:92:ff:07:b1:
                    2e:2d:94:32:af:4c:44:5a:6b:c7:3d:e4:72:a7:09:
                    c7:63:1c:f3:12:42:ce:78:2e:ce:3c:24:4a:e5:32:
                    47:7a:a5:6d:1b:8f:cb:8b:62:4d:aa:7c:a0:70:8a:
                    ea:7a:d7:b6:c4:32:43:d7:46:f0:32:7e:c8:62:56:
                    19:65:6d:62:a9:fe:7a:7b:b0:85:ec:f6:0b:03:04:
                    0d:08:63:58:9c:11:d0:75:9e:49:86:bd:3b:19:dc:
                    01:e8:96:cd:8b:a7:e4:94:44:bc:96:27:94:c9:fd:
                    2f:e9:10:5e:d8:63:e2:9f:92:66:3e:37:82:cf:98:
                    8c:5a:79:6d:49:9f:df:df:a6:d3:3e:a2:4d:18:72:
                    cb:2b:f7:d8:8b:30:56:44:db:05:e1:86:5c:5c:f8:
                    7f:a0:3c:c7:34:ab:ae:14:5f:aa:b3:64:7f:52:5c:
                    d3:43:af:f8:eb:18:75:62:05:91:31:41:16:77:58:
                    71:d9:a7:0e:d8:3d:15:23:40:42:21:8f:8c:e4:66:
                    c7:64:33:53:6e:ba:19:b4:59:12:4e:44:f2:cb:e7:
                    bc:fa:bb:49:e1:c5:c2:bd:5e:93:17:d3:2f:10:9f:
                    6c:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E5:46:78:42:C3:14:0A:F7:8D:D2:D7:5A:F5:97:60:89:D3:89:00:3C
            X509v3 Authority Key Identifier:
                keyid:1E:8D:20:5C:79:8E:D7:8F:3C:44:CA:0C:8F:28:52:E8:BE:C8:EA:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ho0gXHmO1488RMoMjyhS6L7I6qI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/298898-7454-402b-81e9-ee1bd344f015/1/5UZ4QsMUCveN0tda9ZdgidOJADw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/298898-7454-402b-81e9-ee1bd344f015/1/Ho0gXHmO1488RMoMjyhS6L7I6qI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a00:5400:f000::/45

    Signature Algorithm: sha256WithRSAEncryption
         61:ef:e5:8a:da:1c:21:76:b2:cd:91:a3:e1:21:1d:65:09:3d:
         7c:81:60:b4:4d:65:ff:10:49:70:24:93:35:73:68:14:47:73:
         1d:80:5b:0c:32:cc:fe:84:40:f1:fb:d5:fd:63:0d:5e:35:ca:
         a4:ae:d8:eb:98:43:b8:a4:43:4a:69:a3:55:88:da:30:fe:0c:
         d1:34:82:e0:46:c1:71:b2:dd:99:c0:04:37:ed:f8:e3:e7:37:
         44:da:cf:4e:e1:32:90:8c:66:e2:f2:86:59:38:04:3a:a2:ff:
         d1:be:93:23:ee:7e:64:3b:da:d7:3d:7c:d5:63:1f:15:22:ac:
         f0:a2:2d:e5:29:b1:8e:34:20:c9:7c:5a:79:58:5a:36:4b:67:
         72:24:e8:60:8c:a2:f7:ed:b5:4a:d5:9a:e2:fd:0d:30:11:78:
         21:d7:0d:5a:2f:f0:6f:49:24:ef:e8:ce:9a:21:48:54:45:95:
         3c:9e:f9:2d:fa:68:e8:6c:03:ba:c1:23:6c:48:45:cd:36:2a:
         ef:62:14:6a:7c:80:65:80:84:2a:60:d5:b8:39:37:73:fc:e3:
         ee:85:47:15:c1:fd:54:01:dd:fb:5d:f2:ff:fa:ee:3b:f2:62:
         ef:bb:97:1e:2d:f2:9f:39:90:90:4b:12:e6:f5:47:76:02:35:
         97:36:73:b8
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYgENbgvIGW2jQelJo2Coi1PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlOGQyMDVjNzk4ZWQ3OGYzYzQ0Y2EwYzhmMjg1MmU4YmVj
OGVhYTIwHhcNMjMwNTEwMDU1MDA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTQ2Nzg0MmMzMTQwYWY3OGRkMmQ3NWFmNTk3NjA4OWQzODkwMDNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAldS2oo6FuBipq6wWcJthhwvbhIog
TptGp5L/B7EuLZQyr0xEWmvHPeRypwnHYxzzEkLOeC7OPCRK5TJHeqVtG4/Li2JN
qnygcIrqete2xDJD10bwMn7IYlYZZW1iqf56e7CF7PYLAwQNCGNYnBHQdZ5Jhr07
GdwB6JbNi6fklES8lieUyf0v6RBe2GPin5JmPjeCz5iMWnltSZ/f36bTPqJNGHLL
K/fYizBWRNsF4YZcXPh/oDzHNKuuFF+qs2R/UlzTQ6/46xh1YgWRMUEWd1hx2acO
2D0VI0BCIY+M5GbHZDNTbroZtFkSTkTyy+e8+rtJ4cXCvV6TF9MvEJ9snQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFOVGeELDFAr3jdLXWvWXYInTiQA8MB8GA1UdIwQY
MBaAFB6NIFx5jtePPETKDI8oUui+yOqiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSG8wZ1hIbU8xNDg4Uk1vTWp5aFM2TDdJNnFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yOTg4OTgtNzQ1NC00MDJiLTgxZTkt
ZWUxYmQzNDRmMDE1LzEvNVVaNFFzTVVDdmVOMHRkYTlaZGdpZE9KQUR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yOTg4OTgtNzQ1NC00MDJiLTgxZTktZWUxYmQzNDRmMDE1
LzEvSG8wZ1hIbU8xNDg4Uk1vTWp5aFM2TDdJNnFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcDKgBUAPAA
MA0GCSqGSIb3DQEBCwUAA4IBAQBh7+WK2hwhdrLNkaPhIR1lCT18gWC0TWX/EElw
JJM1c2gUR3MdgFsMMsz+hEDx+9X9Yw1eNcqkrtjrmEO4pENKaaNViNow/gzRNILg
RsFxst2ZwAQ37fjj5zdE2s9O4TKQjGbi8oZZOAQ6ov/RvpMj7n5kO9rXPXzVYx8V
Iqzwoi3lKbGONCDJfFp5WFo2S2dyJOhgjKL37bVK1Zri/Q0wEXgh1w1aL/BvSSTv
6M6aIUhURZU8nvkt+mjobAO6wSNsSEXNNirvYhRqfIBlgIQqYNW4OTdz/OPuhUcV
wf1UAd37XfL/+u478mLvu5ceLfKfOZCQSxLm9Ud2AjWXNnO4
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:19 2024 by rpki-client on console-ams.rpki-client.org