Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/5a7731-ef54-4501-86f4-98e9e2510bb6/1/ljt5Y7CxmjbXB5STIV2mKSDAkyY.roa
File:                     ljt5Y7CxmjbXB5STIV2mKSDAkyY.roa (raw, json)
Hash identifier:          nZ/Or0FbBHs027dCBjBqu/8pJzKuqCBa9F7YQ4iziXA=
Subject key identifier:   96:3B:79:63:B0:B1:9A:36:D7:07:94:93:21:5D:A6:29:20:C0:93:26
Certificate issuer:       /CN=505e2f2d5e7093ff8d4003a02b7d3e131ce70a12
Certificate serial:       01856CE5F69BB13B2156CF1AC56A43CD9C18
Authority key identifier: 50:5E:2F:2D:5E:70:93:FF:8D:40:03:A0:2B:7D:3E:13:1C:E7:0A:12
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UF4vLV5wk_-NQAOgK30-ExznChI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fd/5a7731-ef54-4501-86f4-98e9e2510bb6/1/ljt5Y7CxmjbXB5STIV2mKSDAkyY.roa
Signing time:             Sun 01 Jan 2023 10:34:48 +0000
ROA not before:           Sun 01 Jan 2023 10:34:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     31034
IP address blocks:        178.255.241.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 02:29:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:e5:f6:9b:b1:3b:21:56:cf:1a:c5:6a:43:cd:9c:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=505e2f2d5e7093ff8d4003a02b7d3e131ce70a12
        Validity
            Not Before: Jan  1 10:34:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=963b7963b0b19a36d7079493215da62920c09326
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:76:78:1a:8d:4b:5b:57:09:fd:35:ad:5b:18:
                    bd:06:af:0c:48:71:46:d7:1b:70:ce:94:a1:ad:29:
                    cc:51:fb:42:be:f3:7b:5b:a4:a0:46:b6:29:cb:64:
                    5d:a7:0a:98:44:67:ee:7e:26:3a:4d:34:f5:47:3c:
                    c2:09:04:00:75:90:7c:93:f9:65:ce:da:ae:ca:ec:
                    2b:0b:58:91:34:e5:a8:23:95:2d:b2:cd:c9:e3:c9:
                    ee:ad:d4:45:d2:10:0c:3f:79:2a:da:09:aa:1f:55:
                    10:71:12:d9:63:ab:04:b4:02:7b:f0:09:2a:29:e5:
                    70:4d:1a:79:8c:6e:91:86:71:d7:5d:21:03:9a:7b:
                    72:07:d5:fb:7e:56:ef:59:c3:cf:4c:38:60:df:09:
                    4b:14:88:91:16:0c:a3:90:ab:82:2c:20:53:7e:6d:
                    32:88:0c:92:ab:d0:b9:f0:e0:b4:71:55:a6:73:c3:
                    e0:2d:a3:09:d9:e7:8c:c0:e9:e7:56:95:85:48:e3:
                    95:93:5d:ab:fb:b6:4e:21:da:2f:1b:57:c9:50:91:
                    11:06:8c:9f:0b:9d:cd:76:77:5b:bd:ef:42:e7:21:
                    87:61:64:de:8a:57:11:e3:ef:e7:8c:eb:ed:aa:e6:
                    52:d2:0e:b4:1d:05:06:35:c4:f8:e5:c7:e3:a4:df:
                    a1:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:3B:79:63:B0:B1:9A:36:D7:07:94:93:21:5D:A6:29:20:C0:93:26
            X509v3 Authority Key Identifier:
                keyid:50:5E:2F:2D:5E:70:93:FF:8D:40:03:A0:2B:7D:3E:13:1C:E7:0A:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UF4vLV5wk_-NQAOgK30-ExznChI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/5a7731-ef54-4501-86f4-98e9e2510bb6/1/ljt5Y7CxmjbXB5STIV2mKSDAkyY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/5a7731-ef54-4501-86f4-98e9e2510bb6/1/UF4vLV5wk_-NQAOgK30-ExznChI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.255.241.0/24

    Signature Algorithm: sha256WithRSAEncryption
         71:11:5a:db:3f:84:b2:69:2c:8b:a9:48:b7:b2:ae:4c:b0:aa:
         1d:a2:81:8d:89:51:83:98:04:ed:8f:2e:31:2e:1d:dc:59:4c:
         3d:d2:6d:65:5a:cb:c2:bf:d9:12:ec:3a:36:a2:0e:52:a5:f7:
         d2:12:40:57:e7:25:49:62:aa:37:6c:f8:8b:9c:db:f5:6f:e3:
         c7:4c:4f:87:65:e3:98:1e:b1:b9:aa:45:27:cd:74:f0:2e:12:
         20:b6:37:63:e1:8d:69:f6:80:8b:3a:d8:dc:d9:bf:e8:af:eb:
         56:c3:35:0d:50:b4:6e:2c:1b:27:7c:38:7c:6d:7c:da:0d:c2:
         85:06:39:62:b7:49:88:43:14:39:71:4b:cd:8a:44:9b:86:38:
         40:4e:33:01:93:55:7c:f9:fc:37:4b:30:07:ad:8c:66:12:e9:
         73:e5:0e:f8:b8:a3:7a:e1:0a:ac:3f:07:85:fe:c8:22:f3:e9:
         79:c5:4f:76:c1:32:2e:bb:98:b2:42:1b:c6:f5:62:7b:a9:d7:
         53:4c:05:29:1d:e9:b4:8e:1b:cd:b1:67:ad:02:b0:b3:4a:7b:
         9e:53:b1:d3:fb:1b:ee:7a:40:aa:98:b6:f7:a0:59:a4:bf:35:
         a0:8f:63:8f:bc:20:50:08:92:58:61:16:6d:1d:56:4e:85:2c:
         f7:8f:ec:67
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVs5fabsTshVs8axWpDzZwYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwNWUyZjJkNWU3MDkzZmY4ZDQwMDNhMDJiN2QzZTEzMWNl
NzBhMTIwHhcNMjMwMTAxMTAzNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjNiNzk2M2IwYjE5YTM2ZDcwNzk0OTMyMTVkYTYyOTIwYzA5MzI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlnZ4Go1LW1cJ/TWtWxi9Bq8MSHFG
1xtwzpShrSnMUftCvvN7W6SgRrYpy2RdpwqYRGfufiY6TTT1RzzCCQQAdZB8k/ll
ztquyuwrC1iRNOWoI5Utss3J48nurdRF0hAMP3kq2gmqH1UQcRLZY6sEtAJ78Akq
KeVwTRp5jG6RhnHXXSEDmntyB9X7flbvWcPPTDhg3wlLFIiRFgyjkKuCLCBTfm0y
iAySq9C58OC0cVWmc8PgLaMJ2eeMwOnnVpWFSOOVk12r+7ZOIdovG1fJUJERBoyf
C53Ndndbve9C5yGHYWTeilcR4+/njOvtquZS0g60HQUGNcT45cfjpN+hKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJY7eWOwsZo21weUkyFdpikgwJMmMB8GA1UdIwQY
MBaAFFBeLy1ecJP/jUADoCt9PhMc5woSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUY0dkxWNXdrXy1OUUFPZ0szMC1FeHpuQ2hJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC81YTc3MzEtZWY1NC00NTAxLTg2ZjQt
OThlOWUyNTEwYmI2LzEvbGp0NVk3Q3htamJYQjVTVElWMm1LU0RBa3lZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC81YTc3MzEtZWY1NC00NTAxLTg2ZjQtOThlOWUyNTEwYmI2
LzEvVUY0dkxWNXdrXy1OUUFPZ0szMC1FeHpuQ2hJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsv/xMA0G
CSqGSIb3DQEBCwUAA4IBAQBxEVrbP4SyaSyLqUi3sq5MsKodooGNiVGDmATtjy4x
Lh3cWUw90m1lWsvCv9kS7Do2og5SpffSEkBX5yVJYqo3bPiLnNv1b+PHTE+HZeOY
HrG5qkUnzXTwLhIgtjdj4Y1p9oCLOtjc2b/or+tWwzUNULRuLBsnfDh8bXzaDcKF
Bjlit0mIQxQ5cUvNikSbhjhATjMBk1V8+fw3SzAHrYxmEulz5Q74uKN64QqsPweF
/sgi8+l5xU92wTIuu5iyQhvG9WJ7qddTTAUpHem0jhvNsWetArCzSnueU7HT+xvu
ekCqmLb3oFmkvzWgj2OPvCBQCJJYYRZtHVZOhSz3j+xn
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:21 2024 by rpki-client on console-ams.rpki-client.org