Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/xnRG1AusC-tDudmSictJy0B2UIg.roa
File:                     xnRG1AusC-tDudmSictJy0B2UIg.roa (raw, json)
Hash identifier:          qW+8NLhB1WbN26N2dAISxcDOwOYvCzy+5ul1LnJO2lw=
Subject key identifier:   C6:74:46:D4:0B:AC:0B:EB:43:B9:D9:92:89:CB:49:CB:40:76:50:88
Certificate issuer:       /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial:       018570FBB6D56D948F34DFF968C33A3D73B2
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/xnRG1AusC-tDudmSictJy0B2UIg.roa
Signing time:             Mon 02 Jan 2023 05:37:02 +0000
ROA not before:           Mon 02 Jan 2023 05:37:02 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     22400
IP address blocks:        5.1.92.0/23 maxlen: 32

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 18:30:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:fb:b6:d5:6d:94:8f:34:df:f9:68:c3:3a:3d:73:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
        Validity
            Not Before: Jan  2 05:37:02 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c67446d40bac0beb43b9d99289cb49cb40765088
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:66:98:13:d6:28:26:6f:73:c7:da:54:f4:79:
                    1b:bd:ee:19:55:20:ea:fb:ed:77:24:42:80:4a:ce:
                    05:8d:00:b4:67:22:a8:0f:f2:ac:49:46:c1:fc:53:
                    e3:cd:79:92:4f:33:bd:85:61:f3:56:56:7b:6d:41:
                    64:65:22:71:66:c2:07:90:75:5a:0f:83:3a:4e:f1:
                    62:d9:73:25:09:5b:19:d0:24:e3:d1:7e:3d:ad:33:
                    1f:a0:79:65:80:b8:5c:a3:c9:92:1a:91:c9:0c:8e:
                    c5:c5:19:98:5f:4f:8f:7b:a1:9e:36:97:55:0a:71:
                    35:67:6c:b1:98:57:d5:f6:31:a5:a6:4d:a6:07:76:
                    dc:79:6c:d9:0b:63:50:b5:aa:f1:e2:d8:a0:a8:fb:
                    0c:38:b5:1a:e9:f4:d2:0d:c4:eb:96:70:67:31:0f:
                    1f:40:ce:0f:cc:59:65:0a:2b:97:0f:ed:51:da:5d:
                    94:e2:9f:a8:94:dc:7b:2e:8d:cc:69:91:e8:dd:2f:
                    24:7c:5f:5d:e4:5f:aa:c0:cc:8b:c6:4a:60:ed:d6:
                    cb:92:fb:98:85:73:73:12:05:7a:9c:97:1a:af:8d:
                    85:7c:56:4b:21:40:e8:12:2d:e9:14:32:f8:04:c8:
                    37:36:38:5a:b0:b1:80:08:57:25:cc:7d:fa:2e:29:
                    0d:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:74:46:D4:0B:AC:0B:EB:43:B9:D9:92:89:CB:49:CB:40:76:50:88
            X509v3 Authority Key Identifier:
                keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/xnRG1AusC-tDudmSictJy0B2UIg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.1.92.0/23

    Signature Algorithm: sha256WithRSAEncryption
         2e:5e:23:0d:21:ba:2d:c6:22:9b:9e:4d:56:d9:d9:a1:e1:dd:
         79:3b:a4:25:a6:34:ef:90:77:ca:ae:9d:ef:51:40:c8:f2:3c:
         2a:8d:48:4c:d8:9d:af:1f:17:aa:ea:d1:0c:93:df:4f:13:da:
         25:89:20:74:4d:e1:ff:0b:ac:6f:4c:c0:46:f8:a8:0b:ac:7a:
         95:e9:f4:ed:62:f5:7e:e7:a7:68:a8:75:7f:5b:0c:b9:4c:28:
         52:18:eb:d3:ef:38:b9:a2:69:21:98:ac:93:7e:1f:f9:10:13:
         f2:81:4a:ca:26:ea:59:1a:cc:94:d2:a3:b6:ce:1a:c8:31:da:
         7f:68:53:98:72:63:22:52:ce:61:e3:46:c7:f5:9c:4d:4e:e5:
         32:aa:76:3e:b4:08:51:34:8f:71:95:01:15:b3:0c:ea:76:0f:
         ea:22:4d:ff:61:fb:ff:7f:61:38:f9:6c:4a:c4:09:a3:05:d3:
         67:35:31:a7:ef:32:6e:05:7e:80:03:36:7e:b4:d2:82:dd:00:
         35:1f:4b:60:d8:c4:72:e3:7b:67:27:cb:84:1b:c7:df:93:04:
         f6:89:78:c5:39:f3:63:39:98:32:e0:58:59:47:a2:7a:e2:99:
         7f:05:6e:3d:0c:49:0d:e2:17:1a:a6:e2:53:98:0e:3d:b2:bb:
         b5:94:e5:fc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw+7bVbZSPNN/5aMM6PXOyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MjUzYzRmMjMzY2U5ODQ3Njk5YWU2OGVjYmY1ZDc1MTRi
MGZhZGIwHhcNMjMwMTAyMDUzNzAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjc0NDZkNDBiYWMwYmViNDNiOWQ5OTI4OWNiNDljYjQwNzY1MDg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlGaYE9YoJm9zx9pU9Hkbve4ZVSDq
++13JEKASs4FjQC0ZyKoD/KsSUbB/FPjzXmSTzO9hWHzVlZ7bUFkZSJxZsIHkHVa
D4M6TvFi2XMlCVsZ0CTj0X49rTMfoHllgLhco8mSGpHJDI7FxRmYX0+Pe6GeNpdV
CnE1Z2yxmFfV9jGlpk2mB3bceWzZC2NQtarx4tigqPsMOLUa6fTSDcTrlnBnMQ8f
QM4PzFllCiuXD+1R2l2U4p+olNx7Lo3MaZHo3S8kfF9d5F+qwMyLxkpg7dbLkvuY
hXNzEgV6nJcar42FfFZLIUDoEi3pFDL4BMg3NjhasLGACFclzH36LikN6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMZ0RtQLrAvrQ7nZkonLSctAdlCIMB8GA1UdIwQY
MBaAFLQlPE8jPOmEdpmuaOy/XXUUsPrbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMt
NThiMzhmNWFjODBiLzEveG5SRzFBdXNDLXREdWRtU2ljdEp5MEIyVUlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMtNThiMzhmNWFjODBi
LzEvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBBQFcMA0G
CSqGSIb3DQEBCwUAA4IBAQAuXiMNIbotxiKbnk1W2dmh4d15O6QlpjTvkHfKrp3v
UUDI8jwqjUhM2J2vHxeq6tEMk99PE9oliSB0TeH/C6xvTMBG+KgLrHqV6fTtYvV+
56doqHV/Wwy5TChSGOvT7zi5omkhmKyTfh/5EBPygUrKJupZGsyU0qO2zhrIMdp/
aFOYcmMiUs5h40bH9ZxNTuUyqnY+tAhRNI9xlQEVswzqdg/qIk3/Yfv/f2E4+WxK
xAmjBdNnNTGn7zJuBX6AAzZ+tNKC3QA1H0tg2MRy43tnJ8uEG8ffkwT2iXjFOfNj
OZgy4FhZR6J64pl/BW49DEkN4hcapuJTmA49sru1lOX8
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:45 2024 by rpki-client on console-fra.rpki-client.org