Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/474889-6aaf-4c2e-8764-b400600f917a/1/m5t_oGjCWLpX0TuJebLX6_aZkE8.roa
File:                     m5t_oGjCWLpX0TuJebLX6_aZkE8.roa (raw, json)
Hash identifier:          bGqGFdA3CyczLcQGdR3crwXDrVPSvZL+Zs0YVTQ0gb8=
Subject key identifier:   9B:9B:7F:A0:68:C2:58:BA:57:D1:3B:89:79:B2:D7:EB:F6:99:90:4F
Certificate issuer:       /CN=859fca26d8c52bc165c8e05779fcfe43cc664c13
Certificate serial:       018964C0553A0D5C1FDFB9449E562FB7B2ED
Authority key identifier: 85:9F:CA:26:D8:C5:2B:C1:65:C8:E0:57:79:FC:FE:43:CC:66:4C:13
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hZ_KJtjFK8FlyOBXefz-Q8xmTBM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/56/474889-6aaf-4c2e-8764-b400600f917a/1/m5t_oGjCWLpX0TuJebLX6_aZkE8.roa
Signing time:             Mon 17 Jul 2023 16:47:53 +0000
ROA not before:           Mon 17 Jul 2023 16:47:53 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     62240
IP address blocks:        185.109.237.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:29:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:64:c0:55:3a:0d:5c:1f:df:b9:44:9e:56:2f:b7:b2:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=859fca26d8c52bc165c8e05779fcfe43cc664c13
        Validity
            Not Before: Jul 17 16:47:53 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9b9b7fa068c258ba57d13b8979b2d7ebf699904f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:d3:92:91:66:47:a6:bf:06:99:b3:de:06:8d:
                    f4:ec:cd:56:6f:68:2c:48:bf:ea:65:5f:d6:1e:23:
                    9a:72:bf:dc:60:99:d6:3d:38:d1:26:90:69:08:a4:
                    76:af:34:b3:7c:6c:f5:c2:94:40:75:9d:79:81:f3:
                    b6:9d:9b:a6:9c:64:9b:1d:c0:9c:7d:20:56:5c:7f:
                    03:50:00:02:c3:ed:10:eb:f7:c9:73:a2:6f:4c:5e:
                    2e:1d:92:ff:2e:96:3e:5e:dd:a1:ce:fc:ad:61:1b:
                    d9:e2:db:a9:8f:8a:50:7f:2d:5c:e3:86:d3:9a:88:
                    b8:cc:3b:e3:97:65:a3:9f:10:fc:4a:06:86:b5:23:
                    9e:65:e7:76:6c:17:d2:6b:cc:fa:05:89:cc:33:74:
                    d2:62:b3:c9:bd:7d:d3:05:8c:59:23:e1:fd:0d:eb:
                    9e:cc:3e:3d:87:0a:78:90:26:fe:3a:9f:02:3f:36:
                    16:f7:63:93:8c:b2:38:b4:98:3f:53:70:a0:38:34:
                    00:75:79:85:5f:56:0b:ea:8b:24:72:c6:c2:05:f0:
                    d4:17:29:c9:7f:31:a8:c1:ad:6a:86:1c:f6:64:92:
                    97:c6:b2:e2:8e:83:99:7e:45:e2:6b:70:50:63:5a:
                    64:b1:71:f2:a6:59:b2:f1:a0:aa:72:3d:86:15:10:
                    8b:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:9B:7F:A0:68:C2:58:BA:57:D1:3B:89:79:B2:D7:EB:F6:99:90:4F
            X509v3 Authority Key Identifier:
                keyid:85:9F:CA:26:D8:C5:2B:C1:65:C8:E0:57:79:FC:FE:43:CC:66:4C:13

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hZ_KJtjFK8FlyOBXefz-Q8xmTBM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/474889-6aaf-4c2e-8764-b400600f917a/1/m5t_oGjCWLpX0TuJebLX6_aZkE8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/56/474889-6aaf-4c2e-8764-b400600f917a/1/hZ_KJtjFK8FlyOBXefz-Q8xmTBM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.109.237.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5b:71:e7:ac:6b:ba:25:a4:39:e1:1e:9d:aa:2c:cb:7b:e3:e5:
         60:96:d7:e6:27:cb:eb:49:5c:f1:d0:80:e5:9c:69:a9:ea:61:
         48:8c:27:96:a6:f3:bc:25:14:ab:e5:9b:d4:d1:ac:d8:55:48:
         ae:72:e5:e4:c3:9e:e7:a2:0c:e2:91:f6:57:8e:e3:57:86:89:
         13:18:5f:23:e6:bf:21:98:e6:c5:3d:5d:19:20:dd:30:81:fb:
         25:f8:63:4f:0a:90:d5:7e:b1:d0:af:1a:5d:4c:3c:f9:cc:2d:
         a7:f4:4c:48:6f:ae:48:fb:16:bf:ae:ca:ac:46:52:9d:42:16:
         66:85:76:f6:15:c9:d1:cd:b3:05:3d:f9:d0:3d:ba:b5:ee:46:
         30:63:da:57:cb:7b:e6:db:a7:df:52:7a:f4:d0:f6:ad:d8:ed:
         ad:13:ed:a7:5b:53:fe:9c:37:ab:a4:ea:88:0f:d1:db:8c:07:
         16:b3:82:51:9d:3d:4d:f2:5f:92:36:94:4d:eb:bd:24:cd:36:
         3e:d0:dc:3f:0f:31:b7:e9:51:fa:f7:09:b0:61:57:2f:0d:4a:
         53:d0:85:c8:37:1f:e9:f5:8d:cd:12:5d:ab:02:6a:9f:af:a2:
         5d:79:07:0b:9c:88:90:0a:99:e0:c2:ac:0c:8f:8a:54:e8:e5:
         59:01:98:ff
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYlkwFU6DVwf37lEnlYvt7LtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1OWZjYTI2ZDhjNTJiYzE2NWM4ZTA1Nzc5ZmNmZTQzY2M2
NjRjMTMwHhcNMjMwNzE3MTY0NzUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjliN2ZhMDY4YzI1OGJhNTdkMTNiODk3OWIyZDdlYmY2OTk5MDRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6NOSkWZHpr8GmbPeBo307M1Wb2gs
SL/qZV/WHiOacr/cYJnWPTjRJpBpCKR2rzSzfGz1wpRAdZ15gfO2nZumnGSbHcCc
fSBWXH8DUAACw+0Q6/fJc6JvTF4uHZL/LpY+Xt2hzvytYRvZ4tupj4pQfy1c44bT
moi4zDvjl2WjnxD8SgaGtSOeZed2bBfSa8z6BYnMM3TSYrPJvX3TBYxZI+H9Deue
zD49hwp4kCb+Op8CPzYW92OTjLI4tJg/U3CgODQAdXmFX1YL6oskcsbCBfDUFynJ
fzGowa1qhhz2ZJKXxrLijoOZfkXia3BQY1pksXHyplmy8aCqcj2GFRCLZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJubf6Bowli6V9E7iXmy1+v2mZBPMB8GA1UdIwQY
MBaAFIWfyibYxSvBZcjgV3n8/kPMZkwTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFpfS0p0akZLOEZseU9CWGVmei1ROHhtVEJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni80NzQ4ODktNmFhZi00YzJlLTg3NjQt
YjQwMDYwMGY5MTdhLzEvbTV0X29HakNXTHBYMFR1SmViTFg2X2Faa0U4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni80NzQ4ODktNmFhZi00YzJlLTg3NjQtYjQwMDYwMGY5MTdh
LzEvaFpfS0p0akZLOEZseU9CWGVmei1ROHhtVEJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuW3tMA0G
CSqGSIb3DQEBCwUAA4IBAQBbceesa7olpDnhHp2qLMt74+VgltfmJ8vrSVzx0IDl
nGmp6mFIjCeWpvO8JRSr5ZvU0azYVUiucuXkw57nogzikfZXjuNXhokTGF8j5r8h
mObFPV0ZIN0wgfsl+GNPCpDVfrHQrxpdTDz5zC2n9ExIb65I+xa/rsqsRlKdQhZm
hXb2FcnRzbMFPfnQPbq17kYwY9pXy3vm26ffUnr00Pat2O2tE+2nW1P+nDerpOqI
D9HbjAcWs4JRnT1N8l+SNpRN670kzTY+0Nw/DzG36VH69wmwYVcvDUpT0IXINx/p
9Y3NEl2rAmqfr6JdeQcLnIiQCpngwqwMj4pU6OVZAZj/
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:27 2024 by rpki-client on console-ams.rpki-client.org