Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/d8c58d-8d24-4280-91fd-48b1664d40d5/1/6XcGFN9CrDwPwmuyMueFlI44sGI.roa
File:                     6XcGFN9CrDwPwmuyMueFlI44sGI.roa (raw, json)
Hash identifier:          9ya10x1Jeomqmv8MB3vrKkC/ioEY8Nl69ajjo3ByB3M=
Subject key identifier:   E9:77:06:14:DF:42:AC:3C:0F:C2:6B:B2:32:E7:85:94:8E:38:B0:62
Certificate issuer:       /CN=37d27fc24443fcdd4b1b65cfc8078c4a14289f9e
Certificate serial:       01856D01C1195A2A3C30CD2CF6A96C780A25
Authority key identifier: 37:D2:7F:C2:44:43:FC:DD:4B:1B:65:CF:C8:07:8C:4A:14:28:9F:9E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/N9J_wkRD_N1LG2XPyAeMShQon54.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ff/d8c58d-8d24-4280-91fd-48b1664d40d5/1/6XcGFN9CrDwPwmuyMueFlI44sGI.roa
Signing time:             Sun 01 Jan 2023 11:05:09 +0000
ROA not before:           Sun 01 Jan 2023 11:05:09 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     203576
IP address blocks:        5.252.98.0/24 maxlen: 32
                          5.252.97.0/24 maxlen: 32
                          5.252.96.0/24 maxlen: 32
                          5.252.99.0/24 maxlen: 32

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:30:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:01:c1:19:5a:2a:3c:30:cd:2c:f6:a9:6c:78:0a:25
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=37d27fc24443fcdd4b1b65cfc8078c4a14289f9e
        Validity
            Not Before: Jan  1 11:05:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e9770614df42ac3c0fc26bb232e785948e38b062
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:80:40:03:1e:5a:c3:38:89:0e:7e:c2:83:70:
                    8f:62:96:c0:14:e0:93:79:7c:f6:fc:18:f4:fa:4b:
                    b4:a4:f1:3c:3c:07:88:37:ce:31:bc:71:86:85:8d:
                    39:a7:52:33:c2:35:f8:aa:2f:13:e9:fb:d1:cf:76:
                    85:ed:ec:66:7c:e0:31:a6:da:29:c0:8a:71:0a:bd:
                    8b:bf:69:aa:fd:c3:49:a0:40:0e:b7:b8:e0:00:d1:
                    62:e7:93:d2:d4:b6:76:76:88:bb:8c:cd:d7:19:4d:
                    1c:a8:fe:a1:87:ab:2f:a8:9f:fb:19:f2:8a:df:91:
                    a0:e8:56:4a:55:2b:30:b0:83:e6:5b:9e:14:90:84:
                    33:a6:18:3a:30:88:d6:62:f0:1c:c4:f9:b3:8f:be:
                    c0:e1:34:04:09:ba:dd:71:40:36:71:18:cf:12:16:
                    77:26:8a:c1:e9:e8:2a:01:4b:bf:ee:d9:46:9c:6a:
                    3b:b7:4b:b8:a0:c7:90:eb:99:fd:78:de:5c:b0:ba:
                    72:e4:1e:84:ad:b0:12:30:ee:53:84:19:52:19:97:
                    24:0a:0c:af:54:f3:31:83:0d:65:32:51:a3:ba:17:
                    cf:74:33:fb:b0:0f:1b:74:ae:20:61:d5:2c:eb:b2:
                    3e:e3:4a:95:cf:2f:43:34:f8:29:8d:45:b7:c7:83:
                    a8:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:77:06:14:DF:42:AC:3C:0F:C2:6B:B2:32:E7:85:94:8E:38:B0:62
            X509v3 Authority Key Identifier:
                keyid:37:D2:7F:C2:44:43:FC:DD:4B:1B:65:CF:C8:07:8C:4A:14:28:9F:9E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N9J_wkRD_N1LG2XPyAeMShQon54.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/d8c58d-8d24-4280-91fd-48b1664d40d5/1/6XcGFN9CrDwPwmuyMueFlI44sGI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/d8c58d-8d24-4280-91fd-48b1664d40d5/1/N9J_wkRD_N1LG2XPyAeMShQon54.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.252.96.0/22

    Signature Algorithm: sha256WithRSAEncryption
         06:10:2e:a3:99:8e:85:94:e4:ff:72:59:d6:6f:c4:6a:35:2d:
         fe:5d:eb:f9:60:a5:1b:37:7c:c4:4f:a4:b0:c9:17:59:2d:7e:
         d5:29:d1:45:17:fe:8a:32:8f:be:3e:01:f0:3c:77:40:8b:50:
         61:b0:d3:d1:d5:26:86:13:50:4c:fb:45:98:df:43:18:f4:41:
         06:5b:fa:99:2c:ff:6a:2e:c0:4b:b6:52:b3:85:f8:9f:82:ed:
         92:e5:ed:4b:e9:c6:54:da:af:01:fe:f6:db:32:a9:c4:03:bb:
         0f:58:40:95:cc:c6:e7:ee:85:b2:0c:e7:d6:4b:8b:1b:19:86:
         e3:8d:7a:0f:75:c9:30:91:92:00:2b:bd:58:db:2b:ba:13:2f:
         77:04:23:09:73:c1:82:60:fd:f9:72:8d:45:f9:a0:09:a5:68:
         3e:8b:6b:c7:96:06:dc:18:cc:28:49:aa:d7:f8:42:e7:34:14:
         e0:04:31:e9:9d:2f:aa:f2:3f:7b:5c:f8:38:03:93:6e:ee:45:
         74:e5:64:d1:22:84:97:51:96:94:a9:b2:6f:cd:8f:c9:b1:3e:
         28:e9:d1:81:5b:55:6f:47:4c:23:8d:d4:1b:3f:9b:f4:b0:af:
         b8:c5:5a:70:72:59:50:56:dd:b8:1a:a5:f2:5a:69:b0:ae:c9:
         23:7a:f5:bc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtAcEZWio8MM0s9qlseAolMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3ZDI3ZmMyNDQ0M2ZjZGQ0YjFiNjVjZmM4MDc4YzRhMTQy
ODlmOWUwHhcNMjMwMTAxMTEwNTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOTc3MDYxNGRmNDJhYzNjMGZjMjZiYjIzMmU3ODU5NDhlMzhiMDYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj4BAAx5awziJDn7Cg3CPYpbAFOCT
eXz2/Bj0+ku0pPE8PAeIN84xvHGGhY05p1IzwjX4qi8T6fvRz3aF7exmfOAxptop
wIpxCr2Lv2mq/cNJoEAOt7jgANFi55PS1LZ2doi7jM3XGU0cqP6hh6svqJ/7GfKK
35Gg6FZKVSswsIPmW54UkIQzphg6MIjWYvAcxPmzj77A4TQECbrdcUA2cRjPEhZ3
JorB6egqAUu/7tlGnGo7t0u4oMeQ65n9eN5csLpy5B6ErbASMO5ThBlSGZckCgyv
VPMxgw1lMlGjuhfPdDP7sA8bdK4gYdUs67I+40qVzy9DNPgpjUW3x4OoSwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOl3BhTfQqw8D8JrsjLnhZSOOLBiMB8GA1UdIwQY
MBaAFDfSf8JEQ/zdSxtlz8gHjEoUKJ+eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjlKX3drUkRfTjFMRzJYUHlBZU1TaFFvbjU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9kOGM1OGQtOGQyNC00MjgwLTkxZmQt
NDhiMTY2NGQ0MGQ1LzEvNlhjR0ZOOUNyRHdQd211eU11ZUZsSTQ0c0dJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9kOGM1OGQtOGQyNC00MjgwLTkxZmQtNDhiMTY2NGQ0MGQ1
LzEvTjlKX3drUkRfTjFMRzJYUHlBZU1TaFFvbjU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBfxgMA0G
CSqGSIb3DQEBCwUAA4IBAQAGEC6jmY6FlOT/clnWb8RqNS3+Xev5YKUbN3zET6Sw
yRdZLX7VKdFFF/6KMo++PgHwPHdAi1BhsNPR1SaGE1BM+0WY30MY9EEGW/qZLP9q
LsBLtlKzhfifgu2S5e1L6cZU2q8B/vbbMqnEA7sPWECVzMbn7oWyDOfWS4sbGYbj
jXoPdckwkZIAK71Y2yu6Ey93BCMJc8GCYP35co1F+aAJpWg+i2vHlgbcGMwoSarX
+ELnNBTgBDHpnS+q8j97XPg4A5Nu7kV05WTRIoSXUZaUqbJvzY/JsT4o6dGBW1Vv
R0wjjdQbP5v0sK+4xVpwcllQVt24GqXyWmmwrskjevW8
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:17 2024 by rpki-client on console-fra.rpki-client.org