Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ac9c32-7dbc-4d6c-bc08-5d584fbc5d27/1/ew3DXkdsDD9bpt7YO_2E7JxxsL4.roa
File:                     ew3DXkdsDD9bpt7YO_2E7JxxsL4.roa (raw, json)
Hash identifier:          bRMrYUKbDvWwm2BgZ2sbyrDfqcy7FiHhDjlFMb6SVbE=
Subject key identifier:   7B:0D:C3:5E:47:6C:0C:3F:5B:A6:DE:D8:3B:FD:84:EC:9C:71:B0:BE
Certificate issuer:       /CN=ba9d30e6035be8b8386061f271481c707e04ce2b
Certificate serial:       0185735626977B8292460AC373BE3526CBB4
Authority key identifier: BA:9D:30:E6:03:5B:E8:B8:38:60:61:F2:71:48:1C:70:7E:04:CE:2B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/up0w5gNb6Lg4YGHycUgccH4Ezis.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/ac9c32-7dbc-4d6c-bc08-5d584fbc5d27/1/ew3DXkdsDD9bpt7YO_2E7JxxsL4.roa
Signing time:             Mon 02 Jan 2023 16:35:03 +0000
ROA not before:           Mon 02 Jan 2023 16:35:03 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     51703
IP address blocks:        213.153.172.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:30:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:73:56:26:97:7b:82:92:46:0a:c3:73:be:35:26:cb:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ba9d30e6035be8b8386061f271481c707e04ce2b
        Validity
            Not Before: Jan  2 16:35:03 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7b0dc35e476c0c3f5ba6ded83bfd84ec9c71b0be
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:b7:d0:26:2b:73:db:2c:e8:84:43:de:64:e1:
                    6d:ee:b9:02:8e:59:a4:cf:a7:43:8d:8a:a9:43:4d:
                    e7:e2:8c:83:8a:e9:42:73:7a:47:d2:4b:6a:13:be:
                    c2:41:37:5b:46:54:b8:e4:ae:06:02:e8:5d:9d:86:
                    b2:be:e6:33:f8:51:30:27:19:07:0a:7d:ff:2e:90:
                    da:45:27:3a:d1:eb:49:92:bf:b5:fd:47:c9:ea:fe:
                    a7:6a:a4:ee:1f:b9:4c:1a:42:51:81:2a:92:17:e8:
                    2b:53:e0:52:26:97:87:b1:0e:20:29:08:dd:5a:c9:
                    12:e8:9e:33:f5:24:3c:5d:2e:92:61:9a:c8:98:03:
                    f6:39:8b:3a:af:69:86:81:1c:42:11:2a:48:63:d5:
                    1a:c6:9b:a7:67:fe:64:c6:d8:a6:4e:2e:8a:54:07:
                    ef:ad:b3:d6:e5:04:3e:54:5a:f7:5c:df:32:db:01:
                    fc:90:56:40:e0:6c:71:fd:1b:6b:e3:96:08:98:8c:
                    87:13:e7:cb:f4:66:2f:a3:97:fe:a4:1e:8a:68:5b:
                    41:92:a0:09:01:16:e1:35:79:74:83:44:bb:47:a1:
                    0a:75:48:81:f0:35:5e:ac:d9:36:7b:41:4e:3c:93:
                    41:d3:46:be:b8:72:b9:d9:20:6a:b6:40:fa:7c:6a:
                    e6:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:0D:C3:5E:47:6C:0C:3F:5B:A6:DE:D8:3B:FD:84:EC:9C:71:B0:BE
            X509v3 Authority Key Identifier:
                keyid:BA:9D:30:E6:03:5B:E8:B8:38:60:61:F2:71:48:1C:70:7E:04:CE:2B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/up0w5gNb6Lg4YGHycUgccH4Ezis.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ac9c32-7dbc-4d6c-bc08-5d584fbc5d27/1/ew3DXkdsDD9bpt7YO_2E7JxxsL4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ac9c32-7dbc-4d6c-bc08-5d584fbc5d27/1/up0w5gNb6Lg4YGHycUgccH4Ezis.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.153.172.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7d:21:7f:8b:72:c5:f5:c7:f8:12:9d:d1:ac:96:ce:06:9c:2b:
         7b:56:ff:de:e8:71:ef:97:2f:f6:39:f1:5c:3c:6e:19:1f:de:
         c3:31:b0:1a:f0:78:79:af:7d:07:20:98:0e:da:47:d4:58:bb:
         18:c3:c8:85:42:c4:01:00:96:e2:78:a2:8c:b5:32:37:8c:b9:
         83:52:af:9f:9d:4c:b4:fd:95:43:09:12:b4:86:53:49:12:9d:
         43:2b:0a:fd:99:f0:a1:33:5f:a9:dd:98:ab:48:1c:64:9c:fd:
         3c:b9:8a:cb:22:64:4d:60:1a:da:8c:89:49:f5:b2:7e:04:af:
         47:af:ea:7e:33:e3:c5:e7:0c:a8:0f:89:95:7d:ac:c9:38:18:
         22:41:fa:c8:66:e6:03:46:c5:1a:19:f9:99:cc:81:0a:96:5c:
         3f:4a:de:be:9f:e0:3b:d2:cb:6e:fd:d9:ae:f7:39:12:90:38:
         1d:47:5a:c4:48:84:7a:b1:96:34:e1:6f:5e:e3:b5:b3:49:39:
         fb:c3:68:b7:c9:e2:88:e1:a0:8c:94:81:75:e1:c3:db:3d:84:
         7e:66:3d:5e:2c:3d:ba:78:25:c4:df:3b:b3:eb:2c:c2:71:c4:
         76:9e:41:a1:db:cc:67:f0:8f:18:16:44:66:4d:9c:c1:48:84:
         bb:d4:2e:ef
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzViaXe4KSRgrDc741Jsu0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhOWQzMGU2MDM1YmU4YjgzODYwNjFmMjcxNDgxYzcwN2Uw
NGNlMmIwHhcNMjMwMTAyMTYzNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjBkYzM1ZTQ3NmMwYzNmNWJhNmRlZDgzYmZkODRlYzljNzFiMGJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkrfQJitz2yzohEPeZOFt7rkCjlmk
z6dDjYqpQ03n4oyDiulCc3pH0ktqE77CQTdbRlS45K4GAuhdnYayvuYz+FEwJxkH
Cn3/LpDaRSc60etJkr+1/UfJ6v6naqTuH7lMGkJRgSqSF+grU+BSJpeHsQ4gKQjd
WskS6J4z9SQ8XS6SYZrImAP2OYs6r2mGgRxCESpIY9UaxpunZ/5kxtimTi6KVAfv
rbPW5QQ+VFr3XN8y2wH8kFZA4Gxx/Rtr45YImIyHE+fL9GYvo5f+pB6KaFtBkqAJ
ARbhNXl0g0S7R6EKdUiB8DVerNk2e0FOPJNB00a+uHK52SBqtkD6fGrmowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHsNw15HbAw/W6be2Dv9hOyccbC+MB8GA1UdIwQY
MBaAFLqdMOYDW+i4OGBh8nFIHHB+BM4rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXAwdzVnTmI2TGc0WUdIeWNVZ2NjSDRFemlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hYzljMzItN2RiYy00ZDZjLWJjMDgt
NWQ1ODRmYmM1ZDI3LzEvZXczRFhrZHNERDlicHQ3WU9fMkU3Snh4c0w0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hYzljMzItN2RiYy00ZDZjLWJjMDgtNWQ1ODRmYmM1ZDI3
LzEvdXAwdzVnTmI2TGc0WUdIeWNVZ2NjSDRFemlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1ZmsMA0G
CSqGSIb3DQEBCwUAA4IBAQB9IX+LcsX1x/gSndGsls4GnCt7Vv/e6HHvly/2OfFc
PG4ZH97DMbAa8Hh5r30HIJgO2kfUWLsYw8iFQsQBAJbieKKMtTI3jLmDUq+fnUy0
/ZVDCRK0hlNJEp1DKwr9mfChM1+p3ZirSBxknP08uYrLImRNYBrajIlJ9bJ+BK9H
r+p+M+PF5wyoD4mVfazJOBgiQfrIZuYDRsUaGfmZzIEKllw/St6+n+A70stu/dmu
9zkSkDgdR1rESIR6sZY04W9e47WzSTn7w2i3yeKI4aCMlIF14cPbPYR+Zj1eLD26
eCXE3zuz6yzCccR2nkGh28xn8I8YFkRmTZzBSIS71C7v
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:00 2024 by rpki-client on console-ams.rpki-client.org