Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/5lUUQjBpRHgSG7_9I9cSQ_okBIE.roa
File:                     5lUUQjBpRHgSG7_9I9cSQ_okBIE.roa (raw, json)
Hash identifier:          aAZPDm6OwVnMAtPNmy2jiUWAhaQcubXam2huh1yLGfo=
Subject key identifier:   E6:55:14:42:30:69:44:78:12:1B:BF:FD:23:D7:12:43:FA:24:04:81
Certificate issuer:       /CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Certificate serial:       01857067226B34A717625E3F792E804FDE9C
Authority key identifier: 9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/5lUUQjBpRHgSG7_9I9cSQ_okBIE.roa
Signing time:             Mon 02 Jan 2023 02:54:45 +0000
ROA not before:           Mon 02 Jan 2023 02:54:45 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     200645
IP address blocks:        185.177.232.0/22 maxlen: 22
                          5.202.208.0/20 maxlen: 20

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:29:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:67:22:6b:34:a7:17:62:5e:3f:79:2e:80:4f:de:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9a1e69368abd34538fe77ddaabcdc835af595eba
        Validity
            Not Before: Jan  2 02:54:45 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e655144230694478121bbffd23d71243fa240481
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:f5:67:f6:b9:7c:38:e5:56:d0:af:4d:80:14:
                    42:60:78:c6:f9:92:e5:91:88:28:c7:13:e9:2d:29:
                    8f:de:b3:c1:03:0e:08:a9:7a:fb:5e:5a:58:ab:b1:
                    b8:e0:63:5e:c9:57:a4:a1:66:9f:66:ca:55:74:1b:
                    9f:05:2d:70:48:0c:9b:9d:aa:be:51:81:ba:c2:8d:
                    ec:83:e4:9d:3e:9e:47:48:45:60:70:cc:c9:9e:c9:
                    75:6c:1b:9d:0a:bc:de:e1:d4:d9:d2:3a:0a:46:76:
                    2a:46:b0:40:f4:34:2b:a7:10:65:7b:02:c9:22:10:
                    81:be:52:b4:7e:f3:29:87:9a:c3:22:6b:eb:52:bc:
                    be:92:fb:ad:0f:c9:05:d6:eb:35:b2:39:5b:49:61:
                    7b:b9:b3:f8:0c:4d:fc:75:3b:05:d0:10:f5:17:22:
                    e3:29:61:7f:2f:83:16:87:1e:7f:0a:48:b9:24:ab:
                    df:94:78:48:e3:27:26:46:fe:55:7d:cf:94:41:2a:
                    45:1e:41:04:5e:5f:9d:84:14:12:32:55:0b:8d:1c:
                    c6:ad:ca:34:44:57:63:d9:b1:12:54:f5:dc:71:28:
                    71:41:f6:29:c0:4a:96:63:bb:39:b6:00:0c:be:7f:
                    2b:42:6c:47:d8:a6:c2:6d:53:2d:0a:fc:5f:c8:11:
                    00:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:55:14:42:30:69:44:78:12:1B:BF:FD:23:D7:12:43:FA:24:04:81
            X509v3 Authority Key Identifier:
                keyid:9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/5lUUQjBpRHgSG7_9I9cSQ_okBIE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/mh5pNoq9NFOP533aq83INa9ZXro.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.202.208.0/20
                  185.177.232.0/22

    Signature Algorithm: sha256WithRSAEncryption
         12:de:fc:0f:ee:05:a0:23:56:3e:55:c1:16:76:d2:2e:c9:71:
         d1:a6:5e:5e:55:e2:60:b2:03:56:35:cb:b3:0b:7e:d9:31:e7:
         f1:10:6b:33:93:c7:38:a9:ca:d6:96:b8:16:dc:88:13:9a:fd:
         07:11:05:97:07:02:e7:95:91:f3:51:d5:31:74:17:0e:75:56:
         83:0c:b3:d7:c7:c2:79:7e:cf:7b:b7:4b:a9:c2:85:df:22:45:
         06:3a:d7:02:30:14:26:2c:8b:40:6c:6c:1e:29:2c:fc:2a:d5:
         c6:5c:48:d4:36:5c:10:03:9f:17:83:9a:4b:8b:c5:e5:7b:8e:
         45:fc:51:4d:dd:05:3b:84:d1:83:7f:86:ad:8d:e2:c6:5c:fd:
         a8:c2:c2:b8:a1:9e:c6:0c:7a:c6:a9:4d:47:c3:de:02:ea:fc:
         21:8c:b0:c2:45:b9:53:cb:73:89:2b:70:64:e9:84:2f:1b:0d:
         36:d7:1c:4f:40:92:94:57:24:cb:6b:bc:df:1d:f9:92:2a:30:
         26:0d:9a:26:bc:66:f7:fc:f2:d9:01:a7:21:94:57:13:22:bf:
         ca:ec:88:63:c0:18:b0:f9:7a:5f:a8:96:94:45:24:c5:dd:39:
         f1:23:bc:8f:af:c7:64:0d:cc:a2:6c:df:d4:db:bd:83:a0:db:
         8a:4b:2f:70
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVwZyJrNKcXYl4/eS6AT96cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMWU2OTM2OGFiZDM0NTM4ZmU3N2RkYWFiY2RjODM1YWY1
OTVlYmEwHhcNMjMwMTAyMDI1NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjU1MTQ0MjMwNjk0NDc4MTIxYmJmZmQyM2Q3MTI0M2ZhMjQwNDgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArPVn9rl8OOVW0K9NgBRCYHjG+ZLl
kYgoxxPpLSmP3rPBAw4IqXr7XlpYq7G44GNeyVekoWafZspVdBufBS1wSAybnaq+
UYG6wo3sg+SdPp5HSEVgcMzJnsl1bBudCrze4dTZ0joKRnYqRrBA9DQrpxBlewLJ
IhCBvlK0fvMph5rDImvrUry+kvutD8kF1us1sjlbSWF7ubP4DE38dTsF0BD1FyLj
KWF/L4MWhx5/Cki5JKvflHhI4ycmRv5Vfc+UQSpFHkEEXl+dhBQSMlULjRzGrco0
RFdj2bESVPXccShxQfYpwEqWY7s5tgAMvn8rQmxH2KbCbVMtCvxfyBEAcwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOZVFEIwaUR4Ehu//SPXEkP6JASBMB8GA1UdIwQY
MBaAFJoeaTaKvTRTj+d92qvNyDWvWV66MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjIt
MTA5ODJlMDQwZDUzLzEvNWxVVVFqQnBSSGdTRzdfOUk5Y1NRX29rQklFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjItMTA5ODJlMDQwZDUz
LzEvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEBcrQAwQC
ubHoMA0GCSqGSIb3DQEBCwUAA4IBAQAS3vwP7gWgI1Y+VcEWdtIuyXHRpl5eVeJg
sgNWNcuzC37ZMefxEGszk8c4qcrWlrgW3IgTmv0HEQWXBwLnlZHzUdUxdBcOdVaD
DLPXx8J5fs97t0upwoXfIkUGOtcCMBQmLItAbGweKSz8KtXGXEjUNlwQA58Xg5pL
i8Xle45F/FFN3QU7hNGDf4atjeLGXP2owsK4oZ7GDHrGqU1Hw94C6vwhjLDCRblT
y3OJK3Bk6YQvGw021xxPQJKUVyTLa7zfHfmSKjAmDZomvGb3/PLZAachlFcTIr/K
7IhjwBiw+XpfqJaURSTF3TnxI7yPr8dkDcyibN/U272DoNuKSy9w
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:10 2024 by rpki-client on console-fra.rpki-client.org