Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/h7L0fPaqNpDzSIG3mgufwgKzQ84.roa
File:                     h7L0fPaqNpDzSIG3mgufwgKzQ84.roa (raw, json)
Hash identifier:          mWCM428bWU302C2iuSwaspOzFqpGNpJzGMPuqxhHJMw=
Subject key identifier:   87:B2:F4:7C:F6:AA:36:90:F3:48:81:B7:9A:0B:9F:C2:02:B3:43:CE
Certificate issuer:       /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial:       01886CB6945A9B4FC8844FBB09E959E98330
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/h7L0fPaqNpDzSIG3mgufwgKzQ84.roa
Signing time:             Tue 30 May 2023 12:51:24 +0000
ROA not before:           Tue 30 May 2023 12:51:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     49999
IP address blocks:        5.182.113.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 30 Jun 2023 15:15:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:6c:b6:94:5a:9b:4f:c8:84:4f:bb:09:e9:59:e9:83:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
        Validity
            Not Before: May 30 12:51:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=87b2f47cf6aa3690f34881b79a0b9fc202b343ce
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:f9:fc:46:ce:e9:ba:fb:2e:3c:1a:2f:3a:c2:
                    1f:a9:35:02:ef:f8:6c:43:c2:47:7b:18:59:3a:07:
                    79:35:16:c8:4c:39:e2:41:d3:2f:ef:94:55:76:72:
                    11:f0:0b:ad:2e:29:1e:bc:08:a5:89:9d:00:a5:3b:
                    eb:26:57:12:8e:7c:76:d5:49:b0:a4:de:f6:0a:81:
                    aa:70:fc:fa:be:16:a9:85:1d:50:cf:58:c5:41:c7:
                    11:d3:23:dd:a2:a3:6f:a3:56:15:f0:4e:8f:f9:8b:
                    bf:5f:e3:77:83:fb:d6:52:28:08:9f:4c:f8:fe:b0:
                    19:07:8d:6d:1b:91:64:3d:ca:82:3b:20:ba:55:12:
                    d9:79:73:de:fd:55:f0:7b:6e:22:40:cf:a9:dc:e3:
                    6b:30:4b:51:aa:d1:8d:73:0d:c8:26:cf:88:4c:89:
                    48:37:e7:ae:69:fb:02:cb:22:4e:35:a6:91:ca:69:
                    ad:16:ab:17:94:62:01:5c:99:23:46:e2:a8:d2:cb:
                    02:6a:c8:7f:64:59:d9:c9:63:0d:d1:32:2d:a4:bf:
                    4c:16:67:a0:36:8d:9b:45:d9:1f:69:1f:9f:57:68:
                    ad:9f:28:87:7e:82:38:47:8b:be:a8:a6:58:99:92:
                    2d:b1:32:be:49:61:d0:fa:79:7c:e3:b7:e7:85:a2:
                    1f:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:B2:F4:7C:F6:AA:36:90:F3:48:81:B7:9A:0B:9F:C2:02:B3:43:CE
            X509v3 Authority Key Identifier:
                keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/h7L0fPaqNpDzSIG3mgufwgKzQ84.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.182.113.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ae:2a:5a:c3:6b:02:88:23:e5:83:44:61:bf:c4:26:86:03:dc:
         35:a2:c1:98:65:2d:d7:62:95:ad:03:69:43:94:b9:c6:17:86:
         33:e2:aa:8f:d1:f0:d3:16:3d:1a:88:b1:58:f5:f4:3d:53:7d:
         ab:29:93:0c:b8:af:82:c8:59:bb:99:79:e5:9f:7d:5c:02:ff:
         af:2f:7f:dc:fb:49:51:37:2e:4f:d5:13:a9:7a:a6:1d:c2:48:
         ef:9b:e8:b2:fd:1a:58:a0:86:21:73:56:a5:1d:eb:7e:98:56:
         c1:09:04:44:3e:65:fb:89:75:e7:60:9b:75:ea:75:2f:a1:cf:
         02:b8:26:2d:25:3a:b6:64:aa:0a:9a:bb:16:e9:92:0f:8f:9d:
         c9:1f:91:0a:60:6e:b0:16:33:39:f7:bc:5e:a6:47:f8:27:0a:
         92:83:95:26:6e:14:9e:a1:2c:3b:62:fe:91:5c:b2:ac:bb:aa:
         21:06:72:ee:56:ed:82:cd:fe:bd:de:9d:94:86:81:7e:ea:d6:
         d4:e1:e0:29:e6:9f:8c:47:fb:1d:99:50:70:bf:47:00:01:6d:
         a4:81:d2:80:3d:5d:67:27:73:15:35:0f:8e:08:88:aa:72:44:
         ca:98:ba:af:6f:c0:ae:63:a0:b0:ec:97:ea:24:40:3c:e1:a5:
         35:f1:50:a7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYhstpRam0/IhE+7CelZ6YMwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwNTMwMTI1MTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2IyZjQ3Y2Y2YWEzNjkwZjM0ODgxYjc5YTBiOWZjMjAyYjM0M2NlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhPn8Rs7puvsuPBovOsIfqTUC7/hs
Q8JHexhZOgd5NRbITDniQdMv75RVdnIR8AutLikevAiliZ0ApTvrJlcSjnx21Umw
pN72CoGqcPz6vhaphR1Qz1jFQccR0yPdoqNvo1YV8E6P+Yu/X+N3g/vWUigIn0z4
/rAZB41tG5FkPcqCOyC6VRLZeXPe/VXwe24iQM+p3ONrMEtRqtGNcw3IJs+ITIlI
N+euafsCyyJONaaRymmtFqsXlGIBXJkjRuKo0ssCash/ZFnZyWMN0TItpL9MFmeg
No2bRdkfaR+fV2itnyiHfoI4R4u+qKZYmZItsTK+SWHQ+nl847fnhaIftQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIey9Hz2qjaQ80iBt5oLn8ICs0POMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvaDdMMGZQYXFOcER6U0lHM21ndWZ3Z0t6UTg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABbZxMA0G
CSqGSIb3DQEBCwUAA4IBAQCuKlrDawKII+WDRGG/xCaGA9w1osGYZS3XYpWtA2lD
lLnGF4Yz4qqP0fDTFj0aiLFY9fQ9U32rKZMMuK+CyFm7mXnln31cAv+vL3/c+0lR
Ny5P1ROpeqYdwkjvm+iy/RpYoIYhc1alHet+mFbBCQREPmX7iXXnYJt16nUvoc8C
uCYtJTq2ZKoKmrsW6ZIPj53JH5EKYG6wFjM597xepkf4JwqSg5UmbhSeoSw7Yv6R
XLKsu6ohBnLuVu2Czf693p2UhoF+6tbU4eAp5p+MR/sdmVBwv0cAAW2kgdKAPV1n
J3MVNQ+OCIiqckTKmLqvb8CuY6Cw7JfqJEA84aU18VCn
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:28 2024 by rpki-client on console-fra.rpki-client.org