Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/NlCkuU3B7eNPt4xU31nTOzDhwJ8.roa
File:                     NlCkuU3B7eNPt4xU31nTOzDhwJ8.roa (raw, json)
Hash identifier:          TRBOjUdkJElV9qRwFTc3U3cByEfkgCoCbKh9YY4QwpI=
Subject key identifier:   36:50:A4:B9:4D:C1:ED:E3:4F:B7:8C:54:DF:59:D3:3B:30:E1:C0:9F
Certificate issuer:       /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial:       0186B70EBA675CD9540688DCD374FEB0E131
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/NlCkuU3B7eNPt4xU31nTOzDhwJ8.roa
Signing time:             Mon 06 Mar 2023 13:14:00 +0000
ROA not before:           Mon 06 Mar 2023 13:14:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     50304
IP address blocks:        64.137.64.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Fri 21 Jul 2023 19:57:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:b7:0e:ba:67:5c:d9:54:06:88:dc:d3:74:fe:b0:e1:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
        Validity
            Not Before: Mar  6 13:14:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3650a4b94dc1ede34fb78c54df59d33b30e1c09f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:9b:cd:e8:fa:36:46:83:36:b8:01:6c:f5:fb:
                    8b:90:f0:38:2e:d9:6f:d8:b7:f6:37:47:61:50:38:
                    75:da:07:f1:93:d5:30:29:12:87:5e:3a:e4:00:ce:
                    dd:2c:03:17:11:a2:c9:b9:43:3e:f2:83:44:6a:fa:
                    12:8c:fa:eb:48:f5:b9:20:63:e7:91:d9:da:b0:93:
                    10:18:f2:f5:cd:a9:af:ab:c4:31:c4:c6:33:15:3b:
                    f0:48:81:e2:2c:ec:fc:84:4d:51:42:42:3e:70:5e:
                    4e:68:22:fb:dd:fd:4f:b4:78:b2:7d:ef:0a:60:6d:
                    e3:f1:9b:9f:2c:83:7a:d8:f1:06:28:7c:60:a8:a6:
                    74:1c:8e:0c:63:68:5b:0f:94:a5:e9:69:3d:b0:77:
                    51:57:db:83:7e:1e:5b:0c:2a:f1:b8:05:e1:b1:6a:
                    86:02:3c:22:35:b3:36:41:eb:44:d8:18:c4:dc:22:
                    06:eb:9e:b3:2c:51:e6:c6:68:f9:96:43:51:fd:da:
                    b0:97:42:ad:c8:fb:ab:9d:32:b6:3c:c9:04:e2:76:
                    20:85:7c:2c:0a:9c:a6:86:28:27:bc:9d:c9:cc:41:
                    de:5c:36:66:97:85:5c:1f:8e:54:7e:7e:1d:83:73:
                    ec:9b:af:dd:05:5d:6f:fb:fe:50:4c:6e:67:42:c8:
                    b8:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:50:A4:B9:4D:C1:ED:E3:4F:B7:8C:54:DF:59:D3:3B:30:E1:C0:9F
            X509v3 Authority Key Identifier:
                keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/NlCkuU3B7eNPt4xU31nTOzDhwJ8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  64.137.64.0/23

    Signature Algorithm: sha256WithRSAEncryption
         4c:cc:df:1b:ea:4c:fa:f8:2a:13:40:c5:a5:00:6e:02:fa:99:
         87:8d:4b:03:2b:07:29:23:b6:18:45:5a:82:f7:d9:87:e6:8b:
         d9:07:da:fd:e6:23:99:ae:17:32:d8:15:9a:47:0b:16:89:71:
         ed:f9:3f:ec:f9:39:4b:c5:52:48:df:92:c3:4d:8e:b5:f8:b3:
         33:1b:56:bf:a9:ca:de:48:81:9f:d0:e0:5f:74:84:d3:5b:d1:
         dc:14:28:e3:ca:5a:5e:92:a4:74:f2:54:fd:44:17:13:91:ae:
         bd:41:50:a4:e4:d1:50:93:f4:81:2d:a4:dd:f9:49:78:b4:0c:
         14:fc:41:48:eb:34:fb:77:c7:25:79:f4:c5:fb:22:d2:f4:5e:
         31:3c:ea:77:3a:60:2f:44:13:7d:c3:be:e6:d4:6f:7a:6d:3b:
         1f:5a:84:2f:03:16:e6:45:be:40:5e:59:ca:6e:12:dc:ab:de:
         c8:af:62:0b:a6:81:ae:78:a6:0d:78:14:f7:60:0e:36:b1:fc:
         84:03:ac:f9:02:e6:2b:35:03:82:18:dc:7f:65:9f:58:ff:84:
         e8:f4:b7:76:74:03:4d:14:db:00:ce:9a:32:f7:f0:f6:48:c8:
         f1:c8:68:f6:a0:fd:e6:0a:38:da:59:c3:f2:49:6e:2e:6d:1b:
         4a:de:2a:7b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYa3DrpnXNlUBojc03T+sOExMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjMwMzA2MTMxNDAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjUwYTRiOTRkYzFlZGUzNGZiNzhjNTRkZjU5ZDMzYjMwZTFjMDlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZvN6Po2RoM2uAFs9fuLkPA4Ltlv
2Lf2N0dhUDh12gfxk9UwKRKHXjrkAM7dLAMXEaLJuUM+8oNEavoSjPrrSPW5IGPn
kdnasJMQGPL1zamvq8QxxMYzFTvwSIHiLOz8hE1RQkI+cF5OaCL73f1PtHiyfe8K
YG3j8ZufLIN62PEGKHxgqKZ0HI4MY2hbD5Sl6Wk9sHdRV9uDfh5bDCrxuAXhsWqG
AjwiNbM2QetE2BjE3CIG656zLFHmxmj5lkNR/dqwl0KtyPurnTK2PMkE4nYghXws
CpymhignvJ3JzEHeXDZml4VcH45Ufn4dg3Psm6/dBV1v+/5QTG5nQsi4rQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDZQpLlNwe3jT7eMVN9Z0zsw4cCfMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvTmxDa3VVM0I3ZU5QdDR4VTMxblRPekRod0o4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBQIlAMA0G
CSqGSIb3DQEBCwUAA4IBAQBMzN8b6kz6+CoTQMWlAG4C+pmHjUsDKwcpI7YYRVqC
99mH5ovZB9r95iOZrhcy2BWaRwsWiXHt+T/s+TlLxVJI35LDTY61+LMzG1a/qcre
SIGf0OBfdITTW9HcFCjjylpekqR08lT9RBcTka69QVCk5NFQk/SBLaTd+Ul4tAwU
/EFI6zT7d8clefTF+yLS9F4xPOp3OmAvRBN9w77m1G96bTsfWoQvAxbmRb5AXlnK
bhLcq97Ir2ILpoGueKYNeBT3YA42sfyEA6z5AuYrNQOCGNx/ZZ9Y/4To9Ld2dANN
FNsAzpoy9/D2SMjxyGj2oP3mCjjaWcPySW4ubRtK3ip7
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:44 2024 by rpki-client on console-ams.rpki-client.org