Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/5nglgY7bRooeCmhDqxmn3sWD0z4.roa
File:                     5nglgY7bRooeCmhDqxmn3sWD0z4.roa (raw, json)
Hash identifier:          0qas22Sjwu43X2nKdpCsSyRUPfuy04BmbVyBamn7f3o=
Subject key identifier:   E6:78:25:81:8E:DB:46:8A:1E:0A:68:43:AB:19:A7:DE:C5:83:D3:3E
Certificate issuer:       /CN=568fe35cc962633a2757af10a0e6e8ab6d01f4c9
Certificate serial:       018570027C88A522D2B649A289E3B10330AB
Authority key identifier: 56:8F:E3:5C:C9:62:63:3A:27:57:AF:10:A0:E6:E8:AB:6D:01:F4:C9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Vo_jXMliYzonV68QoOboq20B9Mk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/5nglgY7bRooeCmhDqxmn3sWD0z4.roa
Signing time:             Mon 02 Jan 2023 01:04:49 +0000
ROA not before:           Mon 02 Jan 2023 01:04:49 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     31674
IP address blocks:        212.133.164.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:31:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:02:7c:88:a5:22:d2:b6:49:a2:89:e3:b1:03:30:ab
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=568fe35cc962633a2757af10a0e6e8ab6d01f4c9
        Validity
            Not Before: Jan  2 01:04:49 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e67825818edb468a1e0a6843ab19a7dec583d33e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:f1:71:56:97:9a:6d:72:e7:56:ca:4c:df:f4:
                    41:c6:8c:aa:ac:40:f4:a5:b1:a0:ee:b8:6f:4a:36:
                    89:ef:53:06:2f:cd:bd:bc:7a:d8:35:83:77:ce:b5:
                    56:19:43:08:9d:c3:3f:ec:fc:6e:84:61:f7:50:06:
                    ab:db:82:d0:1a:24:f7:e6:c4:3b:e8:ed:ed:db:7d:
                    f6:83:72:6b:5d:e9:25:e3:5d:b1:83:6b:61:6e:5d:
                    00:fb:2a:8a:4e:64:1a:e2:99:b9:71:57:33:82:21:
                    a7:ef:7c:cc:76:2c:28:e4:d5:75:f3:90:41:7d:00:
                    f7:42:43:55:af:af:d1:73:21:98:93:b5:50:ac:68:
                    b4:3f:98:b3:eb:b3:a1:8d:0c:44:60:97:07:60:d9:
                    01:de:b3:fd:c6:1f:09:5f:6d:f7:86:68:a5:71:63:
                    a8:7d:71:97:46:85:96:3d:e4:4c:2a:c7:aa:8f:3b:
                    31:dc:a5:9a:8a:de:e3:7d:6a:27:ff:92:c3:85:c4:
                    3c:ef:a5:5f:f2:05:61:78:0e:34:b8:72:e7:56:97:
                    81:8f:44:26:c3:7a:d9:99:73:e8:ee:0d:ed:77:ec:
                    31:5e:39:b9:31:ae:ab:52:92:0f:9b:3a:e6:bf:ae:
                    ff:75:09:c0:67:06:a1:59:95:16:b9:f6:3c:85:44:
                    94:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:78:25:81:8E:DB:46:8A:1E:0A:68:43:AB:19:A7:DE:C5:83:D3:3E
            X509v3 Authority Key Identifier:
                keyid:56:8F:E3:5C:C9:62:63:3A:27:57:AF:10:A0:E6:E8:AB:6D:01:F4:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vo_jXMliYzonV68QoOboq20B9Mk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/5nglgY7bRooeCmhDqxmn3sWD0z4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/Vo_jXMliYzonV68QoOboq20B9Mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.133.164.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2f:31:dd:36:ee:98:57:0a:18:49:bb:7d:de:2e:b3:6e:8f:93:
         d9:42:6b:cc:c9:2b:52:ba:a3:51:26:4f:58:cc:13:68:65:f9:
         51:1b:7c:93:02:6c:85:43:bd:18:41:5b:87:2c:e7:fc:c6:03:
         79:86:4a:2d:cf:06:ba:b8:a5:08:78:c7:2c:39:12:c4:20:7f:
         02:b5:fd:d6:52:32:47:31:1c:36:2e:02:c0:e8:3d:43:6b:bc:
         9e:00:b0:13:e7:cc:95:0a:7f:56:ce:60:65:ba:4d:1a:b6:91:
         b1:b8:eb:a4:8e:2b:0a:e0:c0:21:60:f6:b1:36:46:e8:4a:ef:
         32:cd:be:ff:59:54:b4:33:68:a3:8c:c8:94:95:c5:b8:5d:df:
         c8:d2:ca:08:e8:bf:63:67:40:8f:c5:e8:60:1d:71:40:52:f2:
         2c:5c:0d:e7:d6:0f:91:51:b3:d0:39:a7:81:c5:d3:df:d6:e5:
         29:a9:0b:54:a7:1d:8f:a6:b5:47:2a:62:67:6f:f6:24:f7:81:
         eb:56:9a:3c:ba:77:cb:5b:4f:2e:a2:f4:5e:01:d8:54:66:3c:
         f5:0c:14:10:5a:59:41:6d:30:1f:f0:ad:98:ea:43:43:7a:61:
         0e:ee:0c:1d:57:34:6f:cf:eb:86:1c:8e:3c:d2:a1:4e:35:aa:
         b5:1b:9d:cb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwAnyIpSLStkmiieOxAzCrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2OGZlMzVjYzk2MjYzM2EyNzU3YWYxMGEwZTZlOGFiNmQw
MWY0YzkwHhcNMjMwMTAyMDEwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjc4MjU4MThlZGI0NjhhMWUwYTY4NDNhYjE5YTdkZWM1ODNkMzNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgfFxVpeabXLnVspM3/RBxoyqrED0
pbGg7rhvSjaJ71MGL829vHrYNYN3zrVWGUMIncM/7PxuhGH3UAar24LQGiT35sQ7
6O3t2332g3JrXekl412xg2thbl0A+yqKTmQa4pm5cVczgiGn73zMdiwo5NV185BB
fQD3QkNVr6/RcyGYk7VQrGi0P5iz67OhjQxEYJcHYNkB3rP9xh8JX233hmilcWOo
fXGXRoWWPeRMKseqjzsx3KWait7jfWon/5LDhcQ876Vf8gVheA40uHLnVpeBj0Qm
w3rZmXPo7g3td+wxXjm5Ma6rUpIPmzrmv67/dQnAZwahWZUWufY8hUSURQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOZ4JYGO20aKHgpoQ6sZp97Fg9M+MB8GA1UdIwQY
MBaAFFaP41zJYmM6J1evEKDm6KttAfTJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVm9falhNbGlZem9uVjY4UW9PYm9xMjBCOU1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC8zN2ViZTYtOGJmZS00YzFmLWExODMt
ODNkNjQ4Zjc5NzQ2LzEvNW5nbGdZN2JSb29lQ21oRHF4bW4zc1dEMHo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC8zN2ViZTYtOGJmZS00YzFmLWExODMtODNkNjQ4Zjc5NzQ2
LzEvVm9falhNbGlZem9uVjY4UW9PYm9xMjBCOU1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1IWkMA0G
CSqGSIb3DQEBCwUAA4IBAQAvMd027phXChhJu33eLrNuj5PZQmvMyStSuqNRJk9Y
zBNoZflRG3yTAmyFQ70YQVuHLOf8xgN5hkotzwa6uKUIeMcsORLEIH8Ctf3WUjJH
MRw2LgLA6D1Da7yeALAT58yVCn9WzmBluk0atpGxuOukjisK4MAhYPaxNkboSu8y
zb7/WVS0M2ijjMiUlcW4Xd/I0soI6L9jZ0CPxehgHXFAUvIsXA3n1g+RUbPQOaeB
xdPf1uUpqQtUpx2PprVHKmJnb/Yk94HrVpo8unfLW08uovReAdhUZjz1DBQQWllB
bTAf8K2Y6kNDemEO7gwdVzRvz+uGHI480qFONaq1G53L
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:37 2024 by rpki-client on console-ams.rpki-client.org