Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/3orZrpYtwsfzdrDx4vRc6VTg064.roa
File:                     3orZrpYtwsfzdrDx4vRc6VTg064.roa (raw, json)
Hash identifier:          Vl6SVx7E2NBw4a5LhimvezOtn9nQvzSOJieJmgo4U5I=
Subject key identifier:   DE:8A:D9:AE:96:2D:C2:C7:F3:76:B0:F1:E2:F4:5C:E9:54:E0:D3:AE
Certificate issuer:       /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial:       0185725EB77B1C1432A1A61255CE326833DB
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/3orZrpYtwsfzdrDx4vRc6VTg064.roa
Signing time:             Mon 02 Jan 2023 12:04:48 +0000
ROA not before:           Mon 02 Jan 2023 12:04:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     8100
IP address blocks:        64.137.23.0/24 maxlen: 24
                          64.137.54.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 22 Feb 2023 20:47:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:5e:b7:7b:1c:14:32:a1:a6:12:55:ce:32:68:33:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
        Validity
            Not Before: Jan  2 12:04:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=de8ad9ae962dc2c7f376b0f1e2f45ce954e0d3ae
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:f4:7c:25:30:39:f4:ed:5c:71:0a:9a:8e:d5:
                    c7:b6:3d:57:a3:54:ef:0a:41:ad:ac:6e:1d:e8:47:
                    f5:eb:d6:5f:3f:f8:ff:d1:50:6c:92:fe:09:37:ef:
                    a7:17:98:2e:1a:67:0c:59:0a:a6:6a:82:65:46:72:
                    46:31:30:22:10:ce:3c:fc:c0:ee:53:1f:cf:b1:1b:
                    31:04:50:4b:3f:9b:25:b2:1c:11:08:05:23:47:c0:
                    37:e3:b4:e8:b0:1d:7e:e3:ff:e1:b2:f2:32:9b:2f:
                    43:d6:bc:55:96:19:6b:58:fa:fc:a0:19:25:a3:ba:
                    b8:7b:50:2c:6f:01:ef:f1:22:f0:fd:ae:b7:2c:21:
                    22:28:89:20:e1:2e:e1:37:01:d8:7c:9d:53:e7:0e:
                    56:2d:59:30:d2:b4:af:ee:4d:ab:35:8c:d0:60:6f:
                    71:a4:2f:8a:0f:89:eb:60:84:ec:3a:36:3d:bb:f2:
                    2b:20:a2:48:f9:0c:ef:b7:da:97:21:bb:40:62:1d:
                    bd:fe:85:19:4a:67:05:95:15:9d:3d:f4:39:d5:31:
                    53:ed:4a:19:ab:49:31:e0:7f:aa:46:3f:0a:28:0b:
                    66:c3:d8:f8:d8:50:16:54:c4:ba:e7:21:69:6d:4a:
                    da:61:92:ce:4c:b6:ef:d3:41:b4:fc:1c:35:48:2b:
                    dd:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:8A:D9:AE:96:2D:C2:C7:F3:76:B0:F1:E2:F4:5C:E9:54:E0:D3:AE
            X509v3 Authority Key Identifier:
                keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/3orZrpYtwsfzdrDx4vRc6VTg064.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  64.137.23.0/24
                  64.137.54.0/24

    Signature Algorithm: sha256WithRSAEncryption
         05:6b:86:90:d8:e1:64:c7:ee:14:df:02:e7:f1:ef:fb:1b:34:
         a0:d4:b3:3a:83:f1:05:61:e7:c0:46:89:df:43:03:db:1c:30:
         a1:42:d9:a0:36:8e:f3:c7:55:8c:82:b7:bb:25:70:98:7e:26:
         51:a6:ec:8a:42:7f:95:b4:26:23:e7:bf:ab:dc:40:76:87:7a:
         5f:5f:05:ca:17:e9:59:5e:6e:d7:b4:93:5e:5f:77:cc:65:b6:
         80:9d:25:17:0f:59:9c:f2:ab:83:db:63:f1:48:bc:d4:fe:77:
         73:56:10:9f:ca:3a:ec:61:b6:50:ea:e1:a5:36:f0:5e:39:01:
         b8:0f:78:4b:82:f3:f8:03:79:e8:68:2f:d5:88:90:21:b5:1e:
         66:44:21:34:02:02:48:81:d8:9a:ab:35:cb:65:40:51:99:cb:
         1a:41:2b:a8:04:3f:a8:a9:93:c9:a7:85:83:4a:19:6f:2e:fe:
         7f:47:b1:35:11:60:2f:dc:ec:8e:7d:64:a5:b7:de:46:72:9f:
         14:44:f5:30:df:ea:81:3c:ae:02:09:d5:11:5e:f0:a5:1f:c0:
         17:46:12:54:12:3a:43:86:ab:5b:66:4e:c3:d8:f6:27:6a:5d:
         c0:a2:e6:e1:1f:f3:c8:a2:a3:98:3e:d5:0b:0e:42:e8:e5:eb:
         ea:88:fa:23
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVyXrd7HBQyoaYSVc4yaDPbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjMwMTAyMTIwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZThhZDlhZTk2MmRjMmM3ZjM3NmIwZjFlMmY0NWNlOTU0ZTBkM2FlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj/R8JTA59O1ccQqajtXHtj1Xo1Tv
CkGtrG4d6Ef169ZfP/j/0VBskv4JN++nF5guGmcMWQqmaoJlRnJGMTAiEM48/MDu
Ux/PsRsxBFBLP5slshwRCAUjR8A347TosB1+4//hsvIymy9D1rxVlhlrWPr8oBkl
o7q4e1AsbwHv8SLw/a63LCEiKIkg4S7hNwHYfJ1T5w5WLVkw0rSv7k2rNYzQYG9x
pC+KD4nrYITsOjY9u/IrIKJI+Qzvt9qXIbtAYh29/oUZSmcFlRWdPfQ51TFT7UoZ
q0kx4H+qRj8KKAtmw9j42FAWVMS65yFpbUraYZLOTLbv00G0/Bw1SCvdhwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFN6K2a6WLcLH83aw8eL0XOlU4NOuMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvM29yWnJwWXR3c2Z6ZHJEeDR2UmM2VlRnMDY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAQIkXAwQA
QIk2MA0GCSqGSIb3DQEBCwUAA4IBAQAFa4aQ2OFkx+4U3wLn8e/7GzSg1LM6g/EF
YefARonfQwPbHDChQtmgNo7zx1WMgre7JXCYfiZRpuyKQn+VtCYj57+r3EB2h3pf
XwXKF+lZXm7XtJNeX3fMZbaAnSUXD1mc8quD22PxSLzU/ndzVhCfyjrsYbZQ6uGl
NvBeOQG4D3hLgvP4A3noaC/ViJAhtR5mRCE0AgJIgdiaqzXLZUBRmcsaQSuoBD+o
qZPJp4WDShlvLv5/R7E1EWAv3OyOfWSlt95Gcp8URPUw3+qBPK4CCdURXvClH8AX
RhJUEjpDhqtbZk7D2PYnal3AoubhH/PIoqOYPtULDkLo5evqiPoj
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:03 2024 by rpki-client on console-fra.rpki-client.org