Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/5suELtFpelnbYvySVS7naUV1HnY.roa
File:                     5suELtFpelnbYvySVS7naUV1HnY.roa (raw, json)
Hash identifier:          ij4JSuJdDuVjrz0Rp/v4WDy+yBupd6rl+g5NuNwR9R0=
Subject key identifier:   E6:CB:84:2E:D1:69:7A:59:DB:62:FC:92:55:2E:E7:69:45:75:1E:76
Certificate issuer:       /CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Certificate serial:       018570671A3BD237F8C4F28E8FE13AF521C7
Authority key identifier: 9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/5suELtFpelnbYvySVS7naUV1HnY.roa
Signing time:             Mon 02 Jan 2023 02:54:43 +0000
ROA not before:           Mon 02 Jan 2023 02:54:43 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     39650
IP address blocks:        185.125.244.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:29:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:67:1a:3b:d2:37:f8:c4:f2:8e:8f:e1:3a:f5:21:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9a1e69368abd34538fe77ddaabcdc835af595eba
        Validity
            Not Before: Jan  2 02:54:43 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e6cb842ed1697a59db62fc92552ee76945751e76
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:1c:db:4f:94:ce:53:4a:6b:67:8b:1f:c6:11:
                    ae:e7:df:ae:c2:39:9e:32:35:a6:f2:d7:d1:33:2f:
                    a3:f1:37:69:e0:52:f5:01:95:ee:d0:ee:37:11:cc:
                    68:3e:65:5d:92:bf:6d:bb:d5:d7:f8:76:7c:7b:46:
                    2a:ad:57:03:cf:3a:b2:e0:8d:15:28:dc:2b:31:bb:
                    c0:6e:bd:61:7e:5d:f6:b1:90:32:9d:60:1a:15:f0:
                    01:8f:c3:43:2b:e2:77:ac:0d:50:2a:1e:78:b1:aa:
                    b9:b4:c0:50:1e:a2:4b:75:44:f8:4a:ad:e2:89:c8:
                    b9:6a:b8:22:d9:69:ba:d6:76:f4:fb:a5:9a:25:9e:
                    e4:cf:32:65:fc:5d:fa:42:a7:3a:6c:e3:84:e6:1a:
                    e7:ad:0a:43:93:ea:7f:ed:d7:0a:d3:de:b9:e3:b6:
                    29:2f:72:99:f3:9e:65:56:58:ce:ce:82:c9:af:0d:
                    d9:ec:02:03:f4:99:d7:f6:92:53:87:04:be:29:83:
                    50:b3:e9:a3:ae:24:06:a4:dd:cc:33:b2:b4:95:18:
                    2e:82:c8:4d:a8:42:ba:0b:7d:14:eb:da:05:e7:aa:
                    31:25:4f:1a:5a:52:c3:44:4f:c5:13:30:68:1a:ee:
                    60:13:48:73:3b:9b:8c:d1:3a:a8:5d:96:96:1a:2a:
                    94:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:CB:84:2E:D1:69:7A:59:DB:62:FC:92:55:2E:E7:69:45:75:1E:76
            X509v3 Authority Key Identifier:
                keyid:9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/5suELtFpelnbYvySVS7naUV1HnY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/mh5pNoq9NFOP533aq83INa9ZXro.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.125.244.0/22

    Signature Algorithm: sha256WithRSAEncryption
         13:be:8d:91:7f:8f:fd:72:6a:66:c9:d4:18:7c:5d:60:5e:10:
         9a:a7:54:fa:cd:b7:fd:b8:fd:8a:83:87:81:3e:e5:e2:42:25:
         c2:3c:d2:d1:7b:21:8f:ef:75:26:f4:5b:73:60:c0:cd:ea:9d:
         56:da:62:61:17:97:12:4c:b9:bb:ea:6e:bd:54:c5:7f:51:0a:
         90:74:1c:6f:84:a3:4f:f1:b0:f4:bf:8b:3c:ee:77:5b:97:50:
         91:c4:fd:04:4d:a4:4d:ef:0e:70:82:1f:71:9e:48:83:5f:4e:
         48:50:40:02:f5:d8:d3:d8:9f:cb:2e:d5:ec:7c:34:32:2f:c1:
         c0:94:66:2f:83:f6:91:68:2f:80:1c:9a:2d:f8:72:de:d8:61:
         de:f7:2e:ca:b6:7e:33:d9:05:63:6f:71:32:85:8d:0a:f5:e6:
         51:f3:5d:3d:93:e8:ee:4c:7e:85:ba:c3:82:72:64:cd:35:c0:
         d6:d2:ae:98:a9:7d:e5:26:66:69:c6:d5:67:b9:dc:56:8e:4a:
         20:9c:c5:2b:10:58:c3:bc:d4:c5:98:30:58:81:0e:aa:44:d4:
         b5:6c:81:36:84:ba:80:ed:d0:21:45:f9:7b:e5:af:63:5f:ad:
         6b:5e:3e:f9:be:e9:4b:14:40:5c:4b:5a:c2:94:5c:2f:62:f1:
         ca:1c:a5:15
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwZxo70jf4xPKOj+E69SHHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMWU2OTM2OGFiZDM0NTM4ZmU3N2RkYWFiY2RjODM1YWY1
OTVlYmEwHhcNMjMwMTAyMDI1NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNmNiODQyZWQxNjk3YTU5ZGI2MmZjOTI1NTJlZTc2OTQ1NzUxZTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0BzbT5TOU0prZ4sfxhGu59+uwjme
MjWm8tfRMy+j8Tdp4FL1AZXu0O43EcxoPmVdkr9tu9XX+HZ8e0YqrVcDzzqy4I0V
KNwrMbvAbr1hfl32sZAynWAaFfABj8NDK+J3rA1QKh54saq5tMBQHqJLdUT4Sq3i
ici5argi2Wm61nb0+6WaJZ7kzzJl/F36Qqc6bOOE5hrnrQpDk+p/7dcK096547Yp
L3KZ855lVljOzoLJrw3Z7AID9JnX9pJThwS+KYNQs+mjriQGpN3MM7K0lRgugshN
qEK6C30U69oF56oxJU8aWlLDRE/FEzBoGu5gE0hzO5uM0TqoXZaWGiqU8QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFObLhC7RaXpZ22L8klUu52lFdR52MB8GA1UdIwQY
MBaAFJoeaTaKvTRTj+d92qvNyDWvWV66MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjIt
MTA5ODJlMDQwZDUzLzEvNXN1RUx0RnBlbG5iWXZ5U1ZTN25hVVYxSG5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjItMTA5ODJlMDQwZDUz
LzEvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuX30MA0G
CSqGSIb3DQEBCwUAA4IBAQATvo2Rf4/9cmpmydQYfF1gXhCap1T6zbf9uP2Kg4eB
PuXiQiXCPNLReyGP73Um9FtzYMDN6p1W2mJhF5cSTLm76m69VMV/UQqQdBxvhKNP
8bD0v4s87ndbl1CRxP0ETaRN7w5wgh9xnkiDX05IUEAC9djT2J/LLtXsfDQyL8HA
lGYvg/aRaC+AHJot+HLe2GHe9y7Ktn4z2QVjb3EyhY0K9eZR8109k+juTH6FusOC
cmTNNcDW0q6YqX3lJmZpxtVnudxWjkognMUrEFjDvNTFmDBYgQ6qRNS1bIE2hLqA
7dAhRfl75a9jX61rXj75vulLFEBcS1rClFwvYvHKHKUV
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:33 2024 by rpki-client on console-ams.rpki-client.org