Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/r5tZwD4_xyEbb2e9454s3kt48Xs.roa
File:                     r5tZwD4_xyEbb2e9454s3kt48Xs.roa (raw, json)
Hash identifier:          KHsWvqkTDVydhiHV2XTNlzVqhtENViKSQaGR/YfJmHI=
Subject key identifier:   AF:9B:59:C0:3E:3F:C7:21:1B:6F:67:BD:E3:9E:2C:DE:4B:78:F1:7B
Certificate issuer:       /CN=297c508d23b38315bbf45b726d22050a46127b8c
Certificate serial:       018A84DCFE5CF08D1A0352F83DDC6797A5DA
Authority key identifier: 29:7C:50:8D:23:B3:83:15:BB:F4:5B:72:6D:22:05:0A:46:12:7B:8C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KXxQjSOzgxW79FtybSIFCkYSe4w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/r5tZwD4_xyEbb2e9454s3kt48Xs.roa
Signing time:             Mon 11 Sep 2023 15:29:50 +0000
ROA not before:           Mon 11 Sep 2023 15:29:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     12629
IP address blocks:        62.244.112.0/22 maxlen: 22
                          185.19.48.0/22 maxlen: 22
                          62.244.119.0/24 maxlen: 24
                          62.244.84.0/22 maxlen: 22
                          62.244.88.0/23 maxlen: 23
                          62.244.86.0/23 maxlen: 23
                          62.244.96.0/22 maxlen: 22

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:84:dc:fe:5c:f0:8d:1a:03:52:f8:3d:dc:67:97:a5:da
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=297c508d23b38315bbf45b726d22050a46127b8c
        Validity
            Not Before: Sep 11 15:29:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=af9b59c03e3fc7211b6f67bde39e2cde4b78f17b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:31:3f:a7:68:eb:39:fc:b5:63:ff:38:4d:2a:
                    a5:f3:a3:43:ce:7b:68:3c:db:78:64:20:dd:34:92:
                    32:c9:26:da:35:86:c7:ba:9f:36:be:c8:67:ae:cd:
                    dd:cc:88:11:73:d4:25:23:2b:0e:18:e2:6d:7c:73:
                    5d:3e:92:58:0b:12:33:2d:40:f7:df:46:7e:d8:69:
                    80:66:80:0f:e8:0f:b9:b7:05:ab:d6:8d:eb:bd:ec:
                    52:fe:00:05:dc:06:71:e0:39:db:b8:ef:68:1e:8a:
                    a7:b1:45:49:b0:1d:4b:2b:6e:8a:b2:c2:e1:f3:27:
                    c7:d0:d2:0d:30:60:9a:d8:37:d8:1f:3a:fc:d8:fe:
                    51:0b:f6:06:53:f1:5e:d1:89:5e:a7:4a:21:2f:7d:
                    a6:10:d6:0f:e7:51:8b:06:f5:00:52:bd:46:60:9d:
                    20:c5:6f:9f:d3:d9:f4:c5:39:4d:c4:4a:fd:58:7b:
                    e1:ab:17:c3:11:8f:55:41:93:30:11:aa:97:7f:bd:
                    33:21:50:fa:8f:29:94:65:93:08:c2:3b:48:9d:7a:
                    4d:5a:e4:35:2c:32:8e:45:52:e6:13:d7:10:c5:b8:
                    c2:21:b5:fb:6a:cb:c5:c9:5a:a8:6f:70:60:4c:82:
                    a8:bf:62:fe:7a:6c:41:b6:d7:92:91:45:e3:e5:80:
                    bb:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:9B:59:C0:3E:3F:C7:21:1B:6F:67:BD:E3:9E:2C:DE:4B:78:F1:7B
            X509v3 Authority Key Identifier:
                keyid:29:7C:50:8D:23:B3:83:15:BB:F4:5B:72:6D:22:05:0A:46:12:7B:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KXxQjSOzgxW79FtybSIFCkYSe4w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/r5tZwD4_xyEbb2e9454s3kt48Xs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/KXxQjSOzgxW79FtybSIFCkYSe4w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.244.84.0-62.244.89.255
                  62.244.96.0/22
                  62.244.112.0/22
                  62.244.119.0/24
                  185.19.48.0/22

    Signature Algorithm: sha256WithRSAEncryption
         5e:ac:ff:44:52:35:ce:da:6d:60:cd:b5:d6:93:54:1d:5a:7e:
         6c:7f:77:08:fb:84:ff:0a:59:9b:38:12:85:09:c3:64:1b:9c:
         c3:69:d5:fd:30:4d:22:c5:c5:cc:81:09:74:cc:89:d0:e4:29:
         c8:dc:b7:6d:80:cb:0f:15:a7:8a:b4:a2:54:40:3e:20:9c:af:
         ee:01:fb:0e:96:ec:43:29:77:d9:cb:8f:22:17:e9:c6:3f:1e:
         45:0b:93:5e:49:01:ff:5f:89:08:10:e1:6b:b1:b7:a6:fd:74:
         a2:90:bd:f5:df:69:26:35:db:d0:f0:8e:46:b5:5c:4a:6e:6d:
         13:1f:47:c2:58:36:37:e3:01:bb:0a:e9:12:31:5c:a2:5f:b1:
         36:1b:a2:a4:81:a9:45:57:52:b2:b1:a6:fd:8f:53:fc:70:92:
         cc:3e:39:f0:4a:3d:ee:34:d1:e0:ed:79:8a:7c:b1:64:71:a6:
         36:0f:79:f8:c9:19:57:95:88:34:7e:25:08:cd:46:6b:75:7c:
         9b:1f:ee:85:24:f4:44:d6:cb:93:f2:a0:da:cd:3f:99:a7:0b:
         24:4b:16:0c:b4:37:7e:7e:f0:9b:0d:62:ef:9e:3d:5e:a0:58:
         bb:d2:cb:ee:b4:4d:61:43:66:3f:c5:86:7e:c0:9c:a7:bd:14:
         8b:ab:16:f4
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYqE3P5c8I0aA1L4Pdxnl6XaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5N2M1MDhkMjNiMzgzMTViYmY0NWI3MjZkMjIwNTBhNDYx
MjdiOGMwHhcNMjMwOTExMTUyOTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjliNTljMDNlM2ZjNzIxMWI2ZjY3YmRlMzllMmNkZTRiNzhmMTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyDE/p2jrOfy1Y/84TSql86NDznto
PNt4ZCDdNJIyySbaNYbHup82vshnrs3dzIgRc9QlIysOGOJtfHNdPpJYCxIzLUD3
30Z+2GmAZoAP6A+5twWr1o3rvexS/gAF3AZx4DnbuO9oHoqnsUVJsB1LK26KssLh
8yfH0NINMGCa2DfYHzr82P5RC/YGU/Fe0Ylep0ohL32mENYP51GLBvUAUr1GYJ0g
xW+f09n0xTlNxEr9WHvhqxfDEY9VQZMwEaqXf70zIVD6jymUZZMIwjtInXpNWuQ1
LDKORVLmE9cQxbjCIbX7asvFyVqob3BgTIKov2L+emxBtteSkUXj5YC7bQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFK+bWcA+P8chG29nveOeLN5LePF7MB8GA1UdIwQY
MBaAFCl8UI0js4MVu/Rbcm0iBQpGEnuMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1h4UWpTT3pneFc3OUZ0eWJTSUZDa1lTZTR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC84YWJlZWQtZjUzYi00Nzc2LWE4ZTIt
MzZlOWE3OWJkOTUwLzEvcjV0WndENF94eUViYjJlOTQ1NHMza3Q0OFhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC84YWJlZWQtZjUzYi00Nzc2LWE4ZTItMzZlOWE3OWJkOTUw
LzEvS1h4UWpTT3pneFc3OUZ0eWJTSUZDa1lTZTR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmMAwDBAI+9FQD
BAE+9FgDBAI+9GADBAI+9HADBAA+9HcDBAK5EzAwDQYJKoZIhvcNAQELBQADggEB
AF6s/0RSNc7abWDNtdaTVB1afmx/dwj7hP8KWZs4EoUJw2QbnMNp1f0wTSLFxcyB
CXTMidDkKcjct22Ayw8Vp4q0olRAPiCcr+4B+w6W7EMpd9nLjyIX6cY/HkULk15J
Af9fiQgQ4Wuxt6b9dKKQvfXfaSY129Dwjka1XEpubRMfR8JYNjfjAbsK6RIxXKJf
sTYboqSBqUVXUrKxpv2PU/xwksw+OfBKPe400eDteYp8sWRxpjYPefjJGVeViDR+
JQjNRmt1fJsf7oUk9ETWy5PyoNrNP5mnCyRLFgy0N35+8JsNYu+ePV6gWLvSy+60
TWFDZj/Fhn7AnKe9FIurFvQ=
-----END CERTIFICATE-----
Generated at Thu Nov 30 17:46:32 2023 by rpki-client on console-ams.rpki-client.org