Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/grRrbq7P5Nhh1IO_O8jc7l-uhPY.roa
File:                     grRrbq7P5Nhh1IO_O8jc7l-uhPY.roa (raw, json)
Hash identifier:          xMwcLpfja4I6ZAS/Wxy40wKLpoj3uq7HNDHf1qrhOL4=
Subject key identifier:   82:B4:6B:6E:AE:CF:E4:D8:61:D4:83:BF:3B:C8:DC:EE:5F:AE:84:F6
Certificate issuer:       /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial:       0187BD782AF73E3457038DCB1A338A00EEB2
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/grRrbq7P5Nhh1IO_O8jc7l-uhPY.roa
Signing time:             Wed 26 Apr 2023 12:09:41 +0000
ROA not before:           Wed 26 Apr 2023 12:09:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61317
IP address blocks:        5.180.195.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 28 Apr 2023 12:36:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:bd:78:2a:f7:3e:34:57:03:8d:cb:1a:33:8a:00:ee:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
        Validity
            Not Before: Apr 26 12:09:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=82b46b6eaecfe4d861d483bf3bc8dcee5fae84f6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:70:95:74:a9:5f:46:18:d4:01:aa:15:17:a9:
                    2b:83:86:c8:e2:e4:f6:f4:a8:cc:54:b7:cf:74:dd:
                    5a:04:73:a1:c6:b9:e0:bb:45:63:b3:0b:24:a2:83:
                    52:3d:61:70:d5:21:35:7f:57:8c:19:b5:0c:79:2a:
                    1a:67:b9:28:d6:50:36:bc:db:ed:0e:bf:78:78:0e:
                    97:5e:c8:74:73:3c:35:da:eb:27:58:c0:d5:f9:73:
                    8f:62:3a:15:66:92:45:a4:d8:d9:71:59:9d:83:c5:
                    5b:ae:5f:c4:b5:ae:a1:b9:60:43:02:f1:cd:06:6b:
                    6e:d6:cb:66:b7:f7:dd:20:8f:dc:78:25:0c:10:f3:
                    0c:74:39:28:45:d1:a5:4c:bd:97:e9:fe:81:43:49:
                    9d:eb:c1:4b:56:b1:ac:2e:dc:c8:93:37:9e:70:d9:
                    f9:7b:34:d4:7a:09:0d:15:cb:9b:d9:ef:29:c7:1a:
                    51:e0:91:43:6f:ef:0a:10:57:e9:6e:7c:05:25:3e:
                    5b:22:f2:d8:42:b5:b0:d6:91:3c:99:82:f7:7b:54:
                    9d:85:c9:46:73:7c:f8:d6:c8:a6:fe:34:74:39:a1:
                    39:fa:60:9f:59:22:1f:fd:66:2c:cd:07:18:d3:8a:
                    e3:bc:72:6f:d9:e5:ae:cc:2f:39:88:f7:17:db:c8:
                    0e:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:B4:6B:6E:AE:CF:E4:D8:61:D4:83:BF:3B:C8:DC:EE:5F:AE:84:F6
            X509v3 Authority Key Identifier:
                keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/grRrbq7P5Nhh1IO_O8jc7l-uhPY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.180.195.0/24

    Signature Algorithm: sha256WithRSAEncryption
         00:e2:44:5d:0b:1a:80:6e:62:f9:df:3a:4b:93:9b:db:ba:99:
         7a:05:30:15:17:26:e3:f7:3a:fb:29:fe:03:d6:ce:14:fd:7d:
         78:a3:67:46:30:c9:bb:59:73:e1:e5:d3:cd:15:39:9d:94:86:
         6d:95:0d:4a:f4:55:31:f4:e1:79:f2:fb:e4:a2:25:f3:d1:0e:
         5d:a7:95:74:e7:22:f0:4e:48:5c:9d:36:12:21:6b:a7:19:c0:
         9a:4b:a9:e1:39:b1:b3:5c:45:f7:f7:d5:2c:77:5e:90:fc:c4:
         e6:8b:4c:bd:8d:d4:e9:26:7a:b3:d1:d4:8d:cf:ec:9a:1a:d8:
         86:13:82:ab:65:96:c2:99:de:c4:58:73:45:17:fc:ae:11:f6:
         aa:8d:88:e2:ff:6e:14:a8:37:6b:f9:a2:35:ed:f3:ab:78:0c:
         72:c4:96:a8:f3:cf:7a:17:17:7a:4f:2a:06:99:77:8a:b9:58:
         ef:e8:1e:e7:50:f8:82:94:d2:4f:be:93:e6:65:9a:40:15:54:
         69:7a:f0:ec:a3:8c:0b:88:02:c0:58:49:56:c0:ca:e9:fa:92:
         e7:dc:9a:fc:19:10:a2:56:60:2d:0b:17:b5:65:ee:74:77:7c:
         35:59:83:31:c0:36:2f:ae:62:da:99:62:37:bd:bb:f5:97:06:
         2c:df:7e:9a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYe9eCr3PjRXA43LGjOKAO6yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MjUzYzRmMjMzY2U5ODQ3Njk5YWU2OGVjYmY1ZDc1MTRi
MGZhZGIwHhcNMjMwNDI2MTIwOTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmI0NmI2ZWFlY2ZlNGQ4NjFkNDgzYmYzYmM4ZGNlZTVmYWU4NGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq3CVdKlfRhjUAaoVF6krg4bI4uT2
9KjMVLfPdN1aBHOhxrngu0VjswskooNSPWFw1SE1f1eMGbUMeSoaZ7ko1lA2vNvt
Dr94eA6XXsh0czw12usnWMDV+XOPYjoVZpJFpNjZcVmdg8Vbrl/Eta6huWBDAvHN
Bmtu1stmt/fdII/ceCUMEPMMdDkoRdGlTL2X6f6BQ0md68FLVrGsLtzIkzeecNn5
ezTUegkNFcub2e8pxxpR4JFDb+8KEFfpbnwFJT5bIvLYQrWw1pE8mYL3e1SdhclG
c3z41sim/jR0OaE5+mCfWSIf/WYszQcY04rjvHJv2eWuzC85iPcX28gO8QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIK0a26uz+TYYdSDvzvI3O5froT2MB8GA1UdIwQY
MBaAFLQlPE8jPOmEdpmuaOy/XXUUsPrbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMt
NThiMzhmNWFjODBiLzEvZ3JScmJxN1A1TmhoMUlPX084amM3bC11aFBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMtNThiMzhmNWFjODBi
LzEvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABbTDMA0G
CSqGSIb3DQEBCwUAA4IBAQAA4kRdCxqAbmL53zpLk5vbupl6BTAVFybj9zr7Kf4D
1s4U/X14o2dGMMm7WXPh5dPNFTmdlIZtlQ1K9FUx9OF58vvkoiXz0Q5dp5V05yLw
TkhcnTYSIWunGcCaS6nhObGzXEX399Usd16Q/MTmi0y9jdTpJnqz0dSNz+yaGtiG
E4KrZZbCmd7EWHNFF/yuEfaqjYji/24UqDdr+aI17fOreAxyxJao8896Fxd6TyoG
mXeKuVjv6B7nUPiClNJPvpPmZZpAFVRpevDso4wLiALAWElWwMrp+pLn3Jr8GRCi
VmAtCxe1Ze50d3w1WYMxwDYvrmLamWI3vbv1lwYs336a
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:31 2024 by rpki-client on console-ams.rpki-client.org