Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/RbsHRPC82PEUhILkBViqoJyo0yo.roa
File:                     RbsHRPC82PEUhILkBViqoJyo0yo.roa (raw, json)
Hash identifier:          BO6G5u/V0l7hMiN0SXcX4yFz5+vwH7KMan3PMgFX+Ew=
Subject key identifier:   45:BB:07:44:F0:BC:D8:F1:14:84:82:E4:05:58:AA:A0:9C:A8:D3:2A
Certificate issuer:       /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial:       018CC794C7067C4898BB62475CD57D7AF808
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/RbsHRPC82PEUhILkBViqoJyo0yo.roa
Signing time:             Tue 02 Jan 2024 00:31:05 +0000
ROA not before:           Tue 02 Jan 2024 00:31:05 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     174
IP address blocks:        64.137.52.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Tue 23 Jan 2024 15:00:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c7:94:c7:06:7c:48:98:bb:62:47:5c:d5:7d:7a:f8:08
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
        Validity
            Not Before: Jan  2 00:31:05 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=45bb0744f0bcd8f1148482e40558aaa09ca8d32a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:4e:35:43:a8:50:e2:d1:2b:e0:35:9a:0a:7f:
                    6d:d1:64:72:7c:9e:d4:b8:4f:3e:c0:a5:1a:16:27:
                    2c:28:06:c8:d2:42:7b:a3:4b:4b:d8:eb:6f:12:06:
                    8d:7e:cd:03:18:c0:e0:ad:61:cc:d7:59:d9:af:35:
                    49:db:21:09:cd:af:89:ef:e5:1b:f1:6c:b2:26:e2:
                    78:6c:92:09:0f:0b:a9:5b:7f:c8:f0:43:e0:6c:1e:
                    51:cb:c3:d8:ea:c3:b9:46:b0:9d:95:08:87:0b:00:
                    d9:ab:8b:8d:91:b9:4b:22:f9:22:88:52:b5:92:39:
                    8a:75:3c:c5:7b:53:e0:f6:43:86:0c:ef:18:10:a4:
                    93:12:62:cc:b4:c1:ff:4d:4b:93:79:c3:68:b5:ad:
                    e0:58:c2:5a:8b:13:15:7a:a9:1b:17:e7:11:26:e5:
                    1f:4c:5c:4c:c4:28:90:62:b4:1b:a6:6c:4b:0e:3f:
                    12:21:4f:25:5d:cb:ce:35:f4:18:78:75:e5:29:d4:
                    86:98:b2:95:a9:69:3e:9b:63:46:b7:a0:d6:41:e8:
                    c4:c7:60:08:78:73:25:0f:f7:11:6c:01:ef:09:b9:
                    93:6d:fb:41:1f:b4:81:dc:05:61:24:6a:52:f9:4c:
                    e0:c8:84:ba:38:24:d7:43:4d:23:1d:60:18:4a:7b:
                    a9:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:BB:07:44:F0:BC:D8:F1:14:84:82:E4:05:58:AA:A0:9C:A8:D3:2A
            X509v3 Authority Key Identifier:
                keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/RbsHRPC82PEUhILkBViqoJyo0yo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  64.137.52.0/23

    Signature Algorithm: sha256WithRSAEncryption
         4e:40:01:08:d6:12:19:1a:dc:3e:08:ad:c1:04:be:2b:27:6e:
         fe:b6:30:ee:79:73:23:65:a2:a4:48:cf:06:a4:4f:6b:2e:39:
         68:06:5d:ca:19:a9:97:5b:fd:ba:8d:ad:5a:3d:bf:b9:50:40:
         0f:92:46:fc:b1:36:cb:86:b5:ca:b6:81:60:bb:b7:1b:e5:ef:
         8e:5b:82:4a:b6:40:fb:15:d1:b7:b4:c9:8a:2c:02:6e:2b:58:
         c5:aa:b3:b8:1a:9a:6b:f7:a1:ef:a0:73:64:0c:0d:aa:89:9b:
         34:0f:bf:28:5e:7c:fe:9f:d6:56:0b:9f:8a:b0:fd:62:23:8f:
         4f:af:77:28:de:55:d3:a5:0a:45:4d:89:4b:9c:0e:6e:fb:ca:
         47:98:42:60:16:da:c9:cc:b6:af:44:a7:26:a3:2f:0e:e0:5a:
         d2:59:ca:71:4f:18:52:c1:0d:42:90:89:d7:0f:1b:ac:39:22:
         f8:10:07:23:9a:a0:bd:dc:82:a0:70:35:32:c3:61:fb:36:9b:
         5c:93:01:ee:72:b4:08:c7:5b:2e:92:02:72:b9:ec:7f:42:b1:
         2d:58:4b:bb:57:1f:dd:b1:77:ff:5d:b7:2a:24:d9:6f:ee:b2:
         b1:a7:19:b7:1b:19:2a:45:6e:c6:c1:8c:68:3f:36:4b:88:36:
         86:75:9d:26
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlMcGfEiYu2JHXNV9evgIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjQwMTAyMDAzMTA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWJiMDc0NGYwYmNkOGYxMTQ4NDgyZTQwNTU4YWFhMDljYThkMzJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgk41Q6hQ4tEr4DWaCn9t0WRyfJ7U
uE8+wKUaFicsKAbI0kJ7o0tL2OtvEgaNfs0DGMDgrWHM11nZrzVJ2yEJza+J7+Ub
8WyyJuJ4bJIJDwupW3/I8EPgbB5Ry8PY6sO5RrCdlQiHCwDZq4uNkblLIvkiiFK1
kjmKdTzFe1Pg9kOGDO8YEKSTEmLMtMH/TUuTecNota3gWMJaixMVeqkbF+cRJuUf
TFxMxCiQYrQbpmxLDj8SIU8lXcvONfQYeHXlKdSGmLKVqWk+m2NGt6DWQejEx2AI
eHMlD/cRbAHvCbmTbftBH7SB3AVhJGpS+UzgyIS6OCTXQ00jHWAYSnupmQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEW7B0TwvNjxFISC5AVYqqCcqNMqMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvUmJzSFJQQzgyUEVVaElMa0JWaXFvSnlvMHlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBQIk0MA0G
CSqGSIb3DQEBCwUAA4IBAQBOQAEI1hIZGtw+CK3BBL4rJ27+tjDueXMjZaKkSM8G
pE9rLjloBl3KGamXW/26ja1aPb+5UEAPkkb8sTbLhrXKtoFgu7cb5e+OW4JKtkD7
FdG3tMmKLAJuK1jFqrO4Gppr96HvoHNkDA2qiZs0D78oXnz+n9ZWC5+KsP1iI49P
r3co3lXTpQpFTYlLnA5u+8pHmEJgFtrJzLavRKcmoy8O4FrSWcpxTxhSwQ1CkInX
DxusOSL4EAcjmqC93IKgcDUyw2H7NptckwHucrQIx1sukgJyuex/QrEtWEu7Vx/d
sXf/XbcqJNlv7rKxpxm3GxkqRW7GwYxoPzZLiDaGdZ0m
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:03 2024 by rpki-client on console-fra.rpki-client.org