Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/5725cc-ad70-46f8-bb62-cf9dc5baaa79/1/IS4pbUR_BzOJ2pKGBdTlePFl3t4.roa
File:                     IS4pbUR_BzOJ2pKGBdTlePFl3t4.roa (raw, json)
Hash identifier:          +8xuYqHjMkXv2ZLBglOspzYr7AH9mYhhAHY11WOYSbM=
Subject key identifier:   21:2E:29:6D:44:7F:07:33:89:DA:92:86:05:D4:E5:78:F1:65:DE:DE
Certificate issuer:       /CN=d07d7573aacae821c87d6d36431cfe4b2801ab41
Certificate serial:       01856B8116C7232B3B5D7A02191F1CF98483
Authority key identifier: D0:7D:75:73:AA:CA:E8:21:C8:7D:6D:36:43:1C:FE:4B:28:01:AB:41
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0H11c6rK6CHIfW02Qxz-SygBq0E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/5725cc-ad70-46f8-bb62-cf9dc5baaa79/1/IS4pbUR_BzOJ2pKGBdTlePFl3t4.roa
Signing time:             Sun 01 Jan 2023 04:05:00 +0000
ROA not before:           Sun 01 Jan 2023 04:05:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     41313
IP address blocks:        89.25.20.0/22 maxlen: 22
                          89.25.21.0/24 maxlen: 24
                          89.25.22.0/24 maxlen: 24
                          89.25.23.0/24 maxlen: 24
                          89.25.20.0/24 maxlen: 24
                          94.155.175.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:81:16:c7:23:2b:3b:5d:7a:02:19:1f:1c:f9:84:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d07d7573aacae821c87d6d36431cfe4b2801ab41
        Validity
            Not Before: Jan  1 04:05:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=212e296d447f073389da928605d4e578f165dede
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:45:07:52:23:06:fe:31:e1:f8:ad:fc:bd:2f:
                    30:fb:68:f0:94:1e:54:f3:3f:15:9a:fb:1f:3c:f9:
                    b9:e7:3b:21:25:e4:39:c2:be:9f:0f:44:59:ef:40:
                    39:5b:1e:c1:73:50:ed:99:3c:3a:95:98:06:51:8b:
                    18:7c:fe:db:3d:13:72:f6:13:9e:27:ee:ea:c7:ad:
                    ce:37:ee:af:5a:92:52:69:17:ad:96:f9:13:83:30:
                    3d:9a:8c:95:ee:63:fc:59:1b:fb:8f:85:ed:fb:63:
                    68:1c:41:1a:90:df:67:86:d1:b5:65:01:ab:f0:f9:
                    00:bb:43:d8:46:4a:ae:9d:2b:77:74:77:97:7c:4d:
                    7c:8f:d9:54:ff:7a:e4:4b:20:c0:06:42:f8:34:cf:
                    eb:51:55:04:aa:07:50:2c:75:f5:e5:66:1a:08:ff:
                    4c:9f:3f:66:00:d0:24:18:9c:da:93:a4:ff:4d:56:
                    6e:ac:5a:6e:14:65:7c:86:e0:38:53:3c:ed:5f:36:
                    66:3f:20:9b:8d:77:76:9d:32:7c:53:82:63:b7:4b:
                    41:ee:10:81:91:c4:6a:78:99:ce:70:7d:e8:1c:b1:
                    56:73:b6:9d:26:da:54:bf:ac:12:5e:0c:84:2a:a2:
                    59:c7:19:2b:85:03:44:62:b9:ad:1a:34:85:39:0c:
                    42:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                21:2E:29:6D:44:7F:07:33:89:DA:92:86:05:D4:E5:78:F1:65:DE:DE
            X509v3 Authority Key Identifier: 
                keyid:D0:7D:75:73:AA:CA:E8:21:C8:7D:6D:36:43:1C:FE:4B:28:01:AB:41

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0H11c6rK6CHIfW02Qxz-SygBq0E.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/5725cc-ad70-46f8-bb62-cf9dc5baaa79/1/IS4pbUR_BzOJ2pKGBdTlePFl3t4.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/5725cc-ad70-46f8-bb62-cf9dc5baaa79/1/0H11c6rK6CHIfW02Qxz-SygBq0E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.25.20.0/22
                  94.155.175.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5c:aa:12:4a:26:47:16:bb:94:94:85:70:18:09:98:fc:b1:42:
         a1:b5:4b:08:4c:79:65:1c:ec:72:00:f8:0a:ad:97:07:b3:f7:
         89:5a:44:3f:c8:d4:2d:ed:1f:fe:65:35:3d:64:74:2b:e0:71:
         2e:fd:87:b8:a0:4c:f7:4b:a0:94:7c:9a:28:f7:6b:6f:ab:25:
         59:d3:9b:42:6b:07:9d:76:af:e6:4d:e6:00:b7:1a:37:76:5f:
         5d:5b:0d:eb:f8:c4:41:09:53:e6:a3:aa:b1:94:c7:10:9b:47:
         e2:97:59:a1:b7:b0:c1:a7:f9:db:cc:4a:86:5d:12:36:ed:c6:
         8e:68:08:47:3c:93:65:67:89:b8:8f:fc:96:23:92:11:2f:41:
         51:56:32:bd:e5:ba:92:0f:bc:77:b7:3a:6f:c4:9a:82:29:d9:
         41:14:77:9a:87:d7:eb:c3:56:c9:d9:70:c6:de:99:c3:68:75:
         2f:be:78:61:c6:29:00:8d:a4:0b:c3:10:6a:b7:ee:2c:bf:5b:
         94:23:52:a6:b6:f0:d6:95:d1:98:38:92:cd:e7:8f:20:db:06:
         44:77:97:e8:58:cd:46:96:2a:f1:4b:10:87:f0:70:bf:f3:b0:
         14:92:6b:91:e1:d1:68:3b:c8:a0:28:a7:43:06:f3:e7:e3:8a:
         5b:94:61:d4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVrgRbHIys7XXoCGR8c+YSDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwN2Q3NTczYWFjYWU4MjFjODdkNmQzNjQzMWNmZTRiMjgw
MWFiNDEwHhcNMjMwMTAxMDQwNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTJlMjk2ZDQ0N2YwNzMzODlkYTkyODYwNWQ0ZTU3OGYxNjVkZWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx0UHUiMG/jHh+K38vS8w+2jwlB5U
8z8VmvsfPPm55zshJeQ5wr6fD0RZ70A5Wx7Bc1DtmTw6lZgGUYsYfP7bPRNy9hOe
J+7qx63ON+6vWpJSaRetlvkTgzA9moyV7mP8WRv7j4Xt+2NoHEEakN9nhtG1ZQGr
8PkAu0PYRkqunSt3dHeXfE18j9lU/3rkSyDABkL4NM/rUVUEqgdQLHX15WYaCP9M
nz9mANAkGJzak6T/TVZurFpuFGV8huA4UzztXzZmPyCbjXd2nTJ8U4Jjt0tB7hCB
kcRqeJnOcH3oHLFWc7adJtpUv6wSXgyEKqJZxxkrhQNEYrmtGjSFOQxCPQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCEuKW1EfwczidqShgXU5XjxZd7eMB8GA1UdIwQY
MBaAFNB9dXOqyughyH1tNkMc/ksoAatBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEgxMWM2cks2Q0hJZlcwMlF4ei1TeWdCcTBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi81NzI1Y2MtYWQ3MC00NmY4LWJiNjIt
Y2Y5ZGM1YmFhYTc5LzEvSVM0cGJVUl9Cek9KMnBLR0JkVGxlUEZsM3Q0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi81NzI1Y2MtYWQ3MC00NmY4LWJiNjItY2Y5ZGM1YmFhYTc5
LzEvMEgxMWM2cks2Q0hJZlcwMlF4ei1TeWdCcTBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCWRkUAwQA
XpuvMA0GCSqGSIb3DQEBCwUAA4IBAQBcqhJKJkcWu5SUhXAYCZj8sUKhtUsITHll
HOxyAPgKrZcHs/eJWkQ/yNQt7R/+ZTU9ZHQr4HEu/Ye4oEz3S6CUfJoo92tvqyVZ
05tCaweddq/mTeYAtxo3dl9dWw3r+MRBCVPmo6qxlMcQm0fil1mht7DBp/nbzEqG
XRI27caOaAhHPJNlZ4m4j/yWI5IRL0FRVjK95bqSD7x3tzpvxJqCKdlBFHeah9fr
w1bJ2XDG3pnDaHUvvnhhxikAjaQLwxBqt+4sv1uUI1KmtvDWldGYOJLN548g2wZE
d5foWM1GlirxSxCH8HC/87AUkmuR4dFoO8igKKdDBvPn44pblGHU
-----END CERTIFICATE-----
Generated at Tue Mar 14 19:55:50 2023 by rpki-client on console-ams.rpki-client.org