Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/d53c78-0d5b-4237-9999-0e2d697b27e3/1/oN5xJf9ja4SgH_5nO2H6jvwTK8I.roa
File:                     oN5xJf9ja4SgH_5nO2H6jvwTK8I.roa (raw, json)
Hash identifier:          Fhf/Qui1rEcimJtb+0hoOqiUX0fFpw4YdT28qTTVG68=
Subject key identifier:   A0:DE:71:25:FF:63:6B:84:A0:1F:FE:67:3B:61:FA:8E:FC:13:2B:C2
Certificate issuer:       /CN=005ff9cc89c66a8a3a5d734a0d65c61fdc8518be
Certificate serial:       018CC6B8F7B95FBEB64C3BA3FF80D712CD41
Authority key identifier: 00:5F:F9:CC:89:C6:6A:8A:3A:5D:73:4A:0D:65:C6:1F:DC:85:18:BE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AF_5zInGaoo6XXNKDWXGH9yFGL4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f8/d53c78-0d5b-4237-9999-0e2d697b27e3/1/oN5xJf9ja4SgH_5nO2H6jvwTK8I.roa
Signing time:             Mon 01 Jan 2024 20:30:59 +0000
ROA not before:           Mon 01 Jan 2024 20:30:59 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     31400
IP address blocks:        194.126.196.0/24 maxlen: 24
                          2a03:2902::/32 maxlen: 32

Validation:               Failed, certificate revoked on Fri 19 Jan 2024 10:32:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c6:b8:f7:b9:5f:be:b6:4c:3b:a3:ff:80:d7:12:cd:41
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=005ff9cc89c66a8a3a5d734a0d65c61fdc8518be
        Validity
            Not Before: Jan  1 20:30:59 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=a0de7125ff636b84a01ffe673b61fa8efc132bc2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:00:e2:ee:ca:1f:ad:5c:6d:86:32:da:cb:87:
                    1d:59:05:aa:29:b1:7b:95:5f:c8:f7:74:e1:ca:57:
                    47:88:8c:52:d4:8a:ec:aa:95:a5:13:8a:b9:cd:38:
                    6e:0a:7c:9d:7d:95:f2:17:30:04:36:90:87:a9:0c:
                    2e:2d:0f:a9:52:5e:72:cd:f8:91:80:01:07:ab:d5:
                    e8:f9:2c:8a:0e:e6:be:2a:21:d1:f5:8c:0a:e6:a8:
                    5e:f2:25:9e:f9:5f:d0:75:56:9c:9b:13:b2:3e:a5:
                    b8:91:c7:3f:8f:02:d5:2d:a3:a4:1a:68:eb:12:bd:
                    27:f8:2e:03:e6:96:23:13:2c:ce:0f:67:4b:ec:36:
                    18:e1:16:64:83:fa:34:a3:0b:9e:5c:8b:8a:33:6f:
                    c7:49:b2:7c:70:25:9f:81:bb:b7:7e:5a:0a:69:04:
                    78:68:e7:f5:5b:fc:14:a6:4d:55:79:78:a1:a7:9f:
                    d5:e4:d1:a9:d6:74:7d:b2:8e:0a:e0:45:85:51:b2:
                    32:33:02:19:26:8e:9d:2a:63:f8:d9:db:3f:06:8c:
                    2f:cb:92:9c:ef:e7:e1:e9:d6:f3:50:15:9e:40:a2:
                    60:08:73:1c:67:b6:72:f8:b9:98:d1:8c:a4:8b:11:
                    81:cf:d1:d6:a4:cc:56:95:8d:38:fd:95:79:96:1e:
                    77:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:DE:71:25:FF:63:6B:84:A0:1F:FE:67:3B:61:FA:8E:FC:13:2B:C2
            X509v3 Authority Key Identifier:
                keyid:00:5F:F9:CC:89:C6:6A:8A:3A:5D:73:4A:0D:65:C6:1F:DC:85:18:BE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AF_5zInGaoo6XXNKDWXGH9yFGL4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/d53c78-0d5b-4237-9999-0e2d697b27e3/1/oN5xJf9ja4SgH_5nO2H6jvwTK8I.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/d53c78-0d5b-4237-9999-0e2d697b27e3/1/AF_5zInGaoo6XXNKDWXGH9yFGL4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.126.196.0/24
                IPv6:
                  2a03:2902::/32

    Signature Algorithm: sha256WithRSAEncryption
         7f:48:43:cb:e3:0f:73:a7:d8:3d:71:69:c6:f7:a9:04:69:c3:
         b2:55:d5:03:dc:57:82:b6:b4:6b:6f:53:bb:f2:9b:c3:d1:e5:
         ca:6b:bb:a8:0d:0b:27:77:42:4b:9e:5f:d1:a2:13:90:c1:6d:
         44:d1:ee:9e:1b:c5:40:ca:81:82:12:10:57:08:b6:a5:81:0e:
         57:8f:f5:e0:86:00:07:15:7b:78:4f:1a:74:21:70:70:2b:1b:
         de:d6:dc:a7:87:91:00:e1:16:d4:1b:73:89:e5:53:b8:f5:30:
         20:e3:6f:fb:7f:66:b7:2e:1b:8d:dc:4a:9d:8c:d5:cc:e3:70:
         38:3c:ef:91:9b:8c:6e:e6:aa:59:b9:91:59:14:c0:04:f0:01:
         44:8a:f4:34:8f:d1:8f:84:e0:cc:4a:d4:5c:7e:d7:2d:c4:2b:
         fc:33:6e:26:ab:d1:17:81:fc:39:78:ad:aa:9d:c6:2b:7f:aa:
         f0:c5:93:4f:20:03:56:10:a9:7d:e6:dd:b1:e4:ef:8f:4d:1a:
         32:30:08:a7:6e:85:40:10:29:d8:3a:e8:f2:4b:ba:9f:59:7f:
         79:31:2d:fe:18:7c:06:8d:db:e6:43:28:fc:dd:ab:74:05:fa:
         f3:0a:3f:53:68:90:f6:56:e9:8a:71:d7:59:a9:f6:a9:db:13:
         99:90:06:3c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzGuPe5X762TDuj/4DXEs1BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNWZmOWNjODljNjZhOGEzYTVkNzM0YTBkNjVjNjFmZGM4
NTE4YmUwHhcNMjQwMTAxMjAzMDU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGRlNzEyNWZmNjM2Yjg0YTAxZmZlNjczYjYxZmE4ZWZjMTMyYmMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqgDi7sofrVxthjLay4cdWQWqKbF7
lV/I93ThyldHiIxS1IrsqpWlE4q5zThuCnydfZXyFzAENpCHqQwuLQ+pUl5yzfiR
gAEHq9Xo+SyKDua+KiHR9YwK5qhe8iWe+V/QdVacmxOyPqW4kcc/jwLVLaOkGmjr
Er0n+C4D5pYjEyzOD2dL7DYY4RZkg/o0owueXIuKM2/HSbJ8cCWfgbu3floKaQR4
aOf1W/wUpk1VeXihp5/V5NGp1nR9so4K4EWFUbIyMwIZJo6dKmP42ds/Bowvy5Kc
7+fh6dbzUBWeQKJgCHMcZ7Zy+LmY0YykixGBz9HWpMxWlY04/ZV5lh539wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKDecSX/Y2uEoB/+Zzth+o78EyvCMB8GA1UdIwQY
MBaAFABf+cyJxmqKOl1zSg1lxh/chRi+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUZfNXpJbkdhb282WFhOS0RXWEdIOXlGR0w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9kNTNjNzgtMGQ1Yi00MjM3LTk5OTkt
MGUyZDY5N2IyN2UzLzEvb041eEpmOWphNFNnSF81bk8ySDZqdndUSzhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9kNTNjNzgtMGQ1Yi00MjM3LTk5OTktMGUyZDY5N2IyN2Uz
LzEvQUZfNXpJbkdhb282WFhOS0RXWEdIOXlGR0w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwn7EMA0E
AgACMAcDBQAqAykCMA0GCSqGSIb3DQEBCwUAA4IBAQB/SEPL4w9zp9g9cWnG96kE
acOyVdUD3FeCtrRrb1O78pvD0eXKa7uoDQsnd0JLnl/RohOQwW1E0e6eG8VAyoGC
EhBXCLalgQ5Xj/XghgAHFXt4Txp0IXBwKxve1tynh5EA4RbUG3OJ5VO49TAg42/7
f2a3LhuN3EqdjNXM43A4PO+Rm4xu5qpZuZFZFMAE8AFEivQ0j9GPhODMStRcftct
xCv8M24mq9EXgfw5eK2qncYrf6rwxZNPIANWEKl95t2x5O+PTRoyMAinboVAECnY
OujyS7qfWX95MS3+GHwGjdvmQyj83at0BfrzCj9TaJD2VumKcddZqfap2xOZkAY8
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:16 2024 by rpki-client on console-fra.rpki-client.org