Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/VDvwKufybQ9U0R3l7n2ateWG5ik.roa
File:                     VDvwKufybQ9U0R3l7n2ateWG5ik.roa (raw, json)
Hash identifier:          r1xV4xnJ00h0fLC80wXJOBl90NuHkbygJi+SllAaZRo=
Subject key identifier:   54:3B:F0:2A:E7:F2:6D:0F:54:D1:1D:E5:EE:7D:9A:B5:E5:86:E6:29
Certificate issuer:       /CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Certificate serial:       018570671B6C98FDE1DC7A4E2BF9487F0C5A
Authority key identifier: 9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/VDvwKufybQ9U0R3l7n2ateWG5ik.roa
Signing time:             Mon 02 Jan 2023 02:54:43 +0000
ROA not before:           Mon 02 Jan 2023 02:54:43 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     41689
IP address blocks:        5.202.135.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:29:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:67:1b:6c:98:fd:e1:dc:7a:4e:2b:f9:48:7f:0c:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9a1e69368abd34538fe77ddaabcdc835af595eba
        Validity
            Not Before: Jan  2 02:54:43 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=543bf02ae7f26d0f54d11de5ee7d9ab5e586e629
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:b6:c7:b1:6a:f4:65:1c:66:76:00:e2:f8:e0:
                    15:98:d6:7b:94:21:48:44:b2:36:c3:5d:fc:2a:20:
                    17:1b:65:c1:80:29:2c:ca:a4:9b:66:77:55:30:5f:
                    06:07:01:03:56:ff:93:0f:38:7f:2a:5c:d3:63:50:
                    ff:a3:d9:94:ae:9b:12:89:26:8c:c2:fa:19:19:a9:
                    30:da:33:d2:a7:b4:2a:89:bf:2e:27:b8:3d:a1:2f:
                    9c:1d:6b:f0:55:f3:68:4f:21:92:c5:39:aa:0d:04:
                    67:ca:da:07:5a:7b:a5:d0:15:5e:00:d1:1f:ab:f6:
                    1c:30:d2:f4:2f:3e:68:b7:97:df:35:07:f5:41:17:
                    a8:b9:c0:f8:02:a9:46:f5:30:23:09:20:c8:59:cf:
                    62:d5:98:66:03:ff:29:33:3a:13:7c:52:a6:d9:00:
                    f3:54:0c:83:f8:80:f9:70:11:52:17:ae:af:54:58:
                    16:a6:48:e6:ec:96:89:32:ad:cd:ce:02:0a:92:df:
                    b6:41:3d:21:7f:ac:c6:71:fc:f7:7e:ce:2b:aa:4f:
                    6e:73:54:9c:34:a3:64:d5:a7:a3:d8:c3:9d:3f:6e:
                    6f:8a:91:ae:55:df:37:ec:e1:c4:dd:db:10:7b:ba:
                    65:f0:2f:b1:1e:d5:92:f4:4d:37:f9:2a:3a:f8:e4:
                    00:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:3B:F0:2A:E7:F2:6D:0F:54:D1:1D:E5:EE:7D:9A:B5:E5:86:E6:29
            X509v3 Authority Key Identifier:
                keyid:9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/VDvwKufybQ9U0R3l7n2ateWG5ik.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/mh5pNoq9NFOP533aq83INa9ZXro.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.202.135.0/24

    Signature Algorithm: sha256WithRSAEncryption
         81:9b:5a:4b:a4:06:34:8e:00:c4:87:5f:b5:94:bc:6f:30:4b:
         d4:21:99:92:4e:c7:5a:a5:39:e9:ff:92:7f:21:50:09:17:df:
         7b:a2:4a:da:78:47:8d:c4:e9:3a:af:73:13:9b:ef:64:86:24:
         fa:cd:e6:c1:3c:7e:90:a2:b9:7a:00:0d:5d:dc:4b:64:13:53:
         63:4e:27:63:7c:0a:0b:63:a6:91:03:6b:a5:2c:ba:64:c4:73:
         57:1f:12:2f:49:c4:da:46:c7:ef:7b:48:bd:ad:da:7c:7e:5c:
         ae:da:7c:25:dd:58:c7:33:a7:f1:62:20:81:aa:b5:35:dc:91:
         4c:86:71:6e:0f:43:fb:eb:88:21:16:44:3f:04:66:81:d3:3e:
         e5:52:9a:24:0c:05:77:d8:db:fc:0c:f2:69:f5:fb:7b:b9:3d:
         74:57:a9:52:ea:ce:9a:4c:73:dd:76:fa:0d:ad:80:59:69:3b:
         da:2a:b1:06:9e:fd:28:4f:bd:77:ad:c2:54:9d:f4:89:e7:81:
         3f:64:17:ee:ed:de:a0:50:0e:1d:55:3c:4c:8d:6d:e9:1a:0d:
         03:78:82:86:6c:e7:7b:e6:c3:ba:e5:c9:3f:c0:22:00:cd:74:
         f6:1a:09:bc:fd:84:2f:1a:ef:6b:81:c9:f5:21:20:d4:76:7c:
         92:51:bf:93
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwZxtsmP3h3HpOK/lIfwxaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMWU2OTM2OGFiZDM0NTM4ZmU3N2RkYWFiY2RjODM1YWY1
OTVlYmEwHhcNMjMwMTAyMDI1NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDNiZjAyYWU3ZjI2ZDBmNTRkMTFkZTVlZTdkOWFiNWU1ODZlNjI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwLbHsWr0ZRxmdgDi+OAVmNZ7lCFI
RLI2w138KiAXG2XBgCksyqSbZndVMF8GBwEDVv+TDzh/KlzTY1D/o9mUrpsSiSaM
wvoZGakw2jPSp7Qqib8uJ7g9oS+cHWvwVfNoTyGSxTmqDQRnytoHWnul0BVeANEf
q/YcMNL0Lz5ot5ffNQf1QReoucD4AqlG9TAjCSDIWc9i1ZhmA/8pMzoTfFKm2QDz
VAyD+ID5cBFSF66vVFgWpkjm7JaJMq3NzgIKkt+2QT0hf6zGcfz3fs4rqk9uc1Sc
NKNk1aej2MOdP25vipGuVd837OHE3dsQe7pl8C+xHtWS9E03+So6+OQArQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFQ78Crn8m0PVNEd5e59mrXlhuYpMB8GA1UdIwQY
MBaAFJoeaTaKvTRTj+d92qvNyDWvWV66MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjIt
MTA5ODJlMDQwZDUzLzEvVkR2d0t1ZnliUTlVMFIzbDduMmF0ZVdHNWlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjItMTA5ODJlMDQwZDUz
LzEvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABcqHMA0G
CSqGSIb3DQEBCwUAA4IBAQCBm1pLpAY0jgDEh1+1lLxvMEvUIZmSTsdapTnp/5J/
IVAJF997okraeEeNxOk6r3MTm+9khiT6zebBPH6Qorl6AA1d3EtkE1NjTidjfAoL
Y6aRA2ulLLpkxHNXHxIvScTaRsfve0i9rdp8flyu2nwl3VjHM6fxYiCBqrU13JFM
hnFuD0P764ghFkQ/BGaB0z7lUpokDAV32Nv8DPJp9ft7uT10V6lS6s6aTHPddvoN
rYBZaTvaKrEGnv0oT713rcJUnfSJ54E/ZBfu7d6gUA4dVTxMjW3pGg0DeIKGbOd7
5sO65ck/wCIAzXT2Ggm8/YQvGu9rgcn1ISDUdnySUb+T
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:33 2024 by rpki-client on console-ams.rpki-client.org