Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/95f051-5e1d-4d36-a593-1a5eb50885ae/1/evxTRREiB3QS-4tvSir_A7ILfNc.roa
File:                     evxTRREiB3QS-4tvSir_A7ILfNc.roa (raw, json)
Hash identifier:          wdoeTlVdVMH4BiGgehntI51MCBr+Sl4cKfyZRAIatvU=
Subject key identifier:   7A:FC:53:45:11:22:07:74:12:FB:8B:6F:4A:2A:FF:03:B2:0B:7C:D7
Certificate issuer:       /CN=59c3cc99899373c85974f01c9cd7aa057ab97fab
Certificate serial:       01856F9DB312FEB71D80355EEE3110B6D6EC
Authority key identifier: 59:C3:CC:99:89:93:73:C8:59:74:F0:1C:9C:D7:AA:05:7A:B9:7F:AB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WcPMmYmTc8hZdPAcnNeqBXq5f6s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/47/95f051-5e1d-4d36-a593-1a5eb50885ae/1/evxTRREiB3QS-4tvSir_A7ILfNc.roa
Signing time:             Sun 01 Jan 2023 23:14:43 +0000
ROA not before:           Sun 01 Jan 2023 23:14:43 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     29503
IP address blocks:        217.146.32.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:34:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:9d:b3:12:fe:b7:1d:80:35:5e:ee:31:10:b6:d6:ec
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=59c3cc99899373c85974f01c9cd7aa057ab97fab
        Validity
            Not Before: Jan  1 23:14:43 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7afc53451122077412fb8b6f4a2aff03b20b7cd7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:17:8c:d5:89:28:ce:06:3c:a6:e9:2d:c3:c3:
                    cd:f1:3f:a2:ad:b7:e6:0c:7f:4a:e4:3e:7b:6f:70:
                    4b:16:f9:06:1e:76:05:80:c3:77:a1:f5:da:86:65:
                    b9:3e:ae:e1:09:57:75:ed:37:27:2c:e2:cb:e5:41:
                    46:32:d5:92:f6:f5:6b:cc:3a:eb:d4:26:1c:08:db:
                    47:2f:ac:7c:58:67:5c:65:c4:a0:b6:e5:84:18:6d:
                    b2:21:66:f9:48:2c:a5:a0:84:1c:7a:ab:54:2f:f0:
                    fb:08:c9:04:77:a9:99:f2:a0:6d:ab:3e:9e:71:28:
                    dd:77:05:42:51:7f:af:32:e2:11:c1:5b:67:5d:5b:
                    d1:18:f0:28:f0:dd:cf:63:c8:88:ec:4d:af:77:c3:
                    ee:02:ba:5d:d1:c6:19:9f:fc:b9:3a:d9:d1:0e:29:
                    a9:36:03:13:59:44:58:6f:df:3c:48:b5:00:fd:01:
                    e1:d7:49:5b:73:57:95:93:98:fc:9b:e9:8a:cd:6c:
                    be:df:34:88:83:02:97:70:f4:a3:04:e2:13:d6:c9:
                    e5:0b:7a:67:e6:25:4f:18:2f:fc:26:92:1e:9f:3c:
                    f0:85:08:96:37:bd:d5:0c:35:86:41:1b:30:6b:5e:
                    ac:8a:3e:d0:85:23:53:c4:54:11:f7:b2:6a:07:9a:
                    3b:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:FC:53:45:11:22:07:74:12:FB:8B:6F:4A:2A:FF:03:B2:0B:7C:D7
            X509v3 Authority Key Identifier:
                keyid:59:C3:CC:99:89:93:73:C8:59:74:F0:1C:9C:D7:AA:05:7A:B9:7F:AB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WcPMmYmTc8hZdPAcnNeqBXq5f6s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/95f051-5e1d-4d36-a593-1a5eb50885ae/1/evxTRREiB3QS-4tvSir_A7ILfNc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/47/95f051-5e1d-4d36-a593-1a5eb50885ae/1/WcPMmYmTc8hZdPAcnNeqBXq5f6s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  217.146.32.0/22

    Signature Algorithm: sha256WithRSAEncryption
         52:b7:ca:7c:fd:18:bd:f2:99:5c:cb:6f:9c:fa:b1:f8:8e:d5:
         e9:6d:4d:05:cd:91:26:87:9e:60:59:01:cc:f9:27:0d:6b:ab:
         2f:f9:97:bb:55:a2:dc:94:e9:b7:57:fe:62:a7:de:4e:e3:b5:
         f5:cb:b2:56:bc:3b:84:54:82:79:8a:f9:db:44:ab:f9:00:91:
         87:7a:b8:e8:dc:45:a3:55:e5:85:3c:76:46:f6:8f:81:7c:08:
         84:01:00:c9:a3:03:30:8e:f4:66:b5:50:b9:eb:d6:ef:ae:c2:
         f7:0c:af:d0:cd:ca:c3:bb:e8:3d:ae:91:f8:98:a7:e3:11:59:
         5c:d2:f8:13:45:fa:bb:54:a1:37:8f:d8:05:fa:b4:0d:b8:30:
         f7:bc:81:c2:35:db:eb:dd:a4:cc:78:18:7b:cf:b5:a1:8c:04:
         43:7c:ef:fc:13:34:86:64:e9:13:28:79:b2:f3:84:6b:c8:eb:
         05:69:df:a6:2e:61:2b:e3:4b:b4:58:c4:a5:3f:e8:e9:3b:8a:
         65:7d:e4:6e:59:8b:ed:b0:56:87:40:3a:61:fb:84:ff:1d:d0:
         db:8c:05:f9:6a:68:b3:c4:aa:f5:bf:2a:5a:d7:1c:0e:82:56:
         55:c1:ad:3b:6d:a2:64:7a:95:b8:2e:a9:4f:9f:06:f8:c5:a9:
         12:fe:bf:f4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvnbMS/rcdgDVe7jEQttbsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5YzNjYzk5ODk5MzczYzg1OTc0ZjAxYzljZDdhYTA1N2Fi
OTdmYWIwHhcNMjMwMTAxMjMxNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YWZjNTM0NTExMjIwNzc0MTJmYjhiNmY0YTJhZmYwM2IyMGI3Y2Q3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzheM1YkozgY8puktw8PN8T+irbfm
DH9K5D57b3BLFvkGHnYFgMN3ofXahmW5Pq7hCVd17TcnLOLL5UFGMtWS9vVrzDrr
1CYcCNtHL6x8WGdcZcSgtuWEGG2yIWb5SCyloIQceqtUL/D7CMkEd6mZ8qBtqz6e
cSjddwVCUX+vMuIRwVtnXVvRGPAo8N3PY8iI7E2vd8PuArpd0cYZn/y5OtnRDimp
NgMTWURYb988SLUA/QHh10lbc1eVk5j8m+mKzWy+3zSIgwKXcPSjBOIT1snlC3pn
5iVPGC/8JpIenzzwhQiWN73VDDWGQRswa16sij7QhSNTxFQR97JqB5o7tQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHr8U0URIgd0EvuLb0oq/wOyC3zXMB8GA1UdIwQY
MBaAFFnDzJmJk3PIWXTwHJzXqgV6uX+rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2NQTW1ZbVRjOGhaZFBBY25OZXFCWHE1ZjZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny85NWYwNTEtNWUxZC00ZDM2LWE1OTMt
MWE1ZWI1MDg4NWFlLzEvZXZ4VFJSRWlCM1FTLTR0dlNpcl9BN0lMZk5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny85NWYwNTEtNWUxZC00ZDM2LWE1OTMtMWE1ZWI1MDg4NWFl
LzEvV2NQTW1ZbVRjOGhaZFBBY25OZXFCWHE1ZjZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC2ZIgMA0G
CSqGSIb3DQEBCwUAA4IBAQBSt8p8/Ri98plcy2+c+rH4jtXpbU0FzZEmh55gWQHM
+ScNa6sv+Ze7VaLclOm3V/5ip95O47X1y7JWvDuEVIJ5ivnbRKv5AJGHerjo3EWj
VeWFPHZG9o+BfAiEAQDJowMwjvRmtVC569bvrsL3DK/QzcrDu+g9rpH4mKfjEVlc
0vgTRfq7VKE3j9gF+rQNuDD3vIHCNdvr3aTMeBh7z7WhjARDfO/8EzSGZOkTKHmy
84RryOsFad+mLmEr40u0WMSlP+jpO4plfeRuWYvtsFaHQDph+4T/HdDbjAX5amiz
xKr1vypa1xwOglZVwa07baJkepW4LqlPnwb4xakS/r/0
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:23 2024 by rpki-client on console-ams.rpki-client.org