Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/XAHGyYE3GDZC17wp3F5GbMNzkO0.roa
File:                     XAHGyYE3GDZC17wp3F5GbMNzkO0.roa (raw, json)
Hash identifier:          9ADrfqK7alsuEkZJQfzFuB+YF2wpg4Q4iQx7t4Xuqhc=
Subject key identifier:   5C:01:C6:C9:81:37:18:36:42:D7:BC:29:DC:5E:46:6C:C3:73:90:ED
Certificate issuer:       /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial:       0185725EB9C8630FD32D8D656C79875040C6
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/XAHGyYE3GDZC17wp3F5GbMNzkO0.roa
Signing time:             Mon 02 Jan 2023 12:04:48 +0000
ROA not before:           Mon 02 Jan 2023 12:04:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     17447
IP address blocks:        64.137.29.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 08 Mar 2023 14:55:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:5e:b9:c8:63:0f:d3:2d:8d:65:6c:79:87:50:40:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
        Validity
            Not Before: Jan  2 12:04:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5c01c6c98137183642d7bc29dc5e466cc37390ed
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:52:b8:25:f0:12:9d:2c:ed:49:b7:4b:23:7b:
                    bd:9e:29:41:64:07:25:8f:76:0b:c1:8a:43:2a:e1:
                    88:2d:5e:f6:70:8e:8c:ef:98:2f:9a:75:d3:c1:27:
                    33:4f:48:af:0b:8e:57:08:c6:87:9b:95:1f:b0:5c:
                    7a:9b:89:44:9c:5e:6e:6f:da:a6:a7:76:fa:23:75:
                    38:7f:36:c3:c5:ef:5b:b9:45:7e:8e:58:d8:18:31:
                    d2:be:9e:46:82:eb:2b:aa:6b:24:6f:92:48:50:e2:
                    39:ed:b5:db:71:65:c0:b5:70:88:73:bf:51:c6:fe:
                    2e:de:9d:55:09:bf:03:53:db:2a:d6:41:9e:0a:ce:
                    6b:0d:86:7d:7f:7a:2b:17:38:77:bc:74:e4:04:3b:
                    66:3b:30:b6:21:b0:58:e1:d5:16:82:59:5f:5d:b8:
                    2b:99:32:8e:52:e2:f9:3f:5e:e7:e1:cc:0e:95:18:
                    ca:4c:c8:72:5c:fc:4f:21:76:96:52:7c:ee:bd:61:
                    57:d9:dd:14:de:f8:2c:e8:8d:8b:fb:a5:95:47:4e:
                    65:6a:42:55:3b:73:98:dd:7e:05:f5:d7:b9:4c:58:
                    d5:3e:59:c4:c4:5b:71:ac:cb:87:6f:bd:3f:67:e0:
                    34:5b:c2:84:22:37:6a:6f:50:e7:68:dc:12:af:c2:
                    a0:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:01:C6:C9:81:37:18:36:42:D7:BC:29:DC:5E:46:6C:C3:73:90:ED
            X509v3 Authority Key Identifier:
                keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/XAHGyYE3GDZC17wp3F5GbMNzkO0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  64.137.29.0/24

    Signature Algorithm: sha256WithRSAEncryption
         56:92:6c:c7:98:d4:76:9a:6c:e2:f0:1d:b3:8e:7e:b9:96:aa:
         f8:6a:d4:b6:19:29:86:34:7e:08:1c:96:58:30:d1:59:a8:a8:
         ad:66:df:d9:7f:c7:4c:c0:18:22:fc:c0:e6:59:36:31:f0:0b:
         43:8d:30:fe:a8:6e:7e:97:f3:45:d1:5c:48:31:dd:b1:f3:90:
         42:27:bb:d5:ca:7f:a9:97:b4:8a:c4:d2:dc:f0:fb:de:79:15:
         da:6e:e8:05:1b:2a:9a:1a:93:fc:89:d0:b7:6c:9f:ac:48:53:
         bf:6c:02:d6:6c:e4:d3:05:dd:92:a9:93:25:9f:2c:b3:e4:61:
         df:de:04:08:90:02:18:0c:ae:b1:45:93:13:c8:a0:20:94:99:
         9b:99:41:d7:ac:81:87:4d:4c:b2:39:32:2e:99:dd:f3:5f:90:
         7f:35:db:2c:5c:3c:5c:88:a1:ae:fd:01:98:5b:d2:81:72:51:
         4a:75:14:a1:f0:2a:ad:e7:b1:db:dc:76:7f:18:95:db:2c:c2:
         e2:7c:d6:ba:e8:54:39:a2:3c:5e:c3:d6:e3:f1:43:d3:03:bc:
         2b:50:63:ba:48:c8:8f:7e:bc:bf:ec:18:a5:2e:3f:84:8d:b4:
         c3:8a:db:68:f9:83:e2:2c:05:42:c7:dd:c0:1b:28:a8:9c:41:
         79:a5:7a:30
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyXrnIYw/TLY1lbHmHUEDGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjMwMTAyMTIwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzAxYzZjOTgxMzcxODM2NDJkN2JjMjlkYzVlNDY2Y2MzNzM5MGVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAklK4JfASnSztSbdLI3u9nilBZAcl
j3YLwYpDKuGILV72cI6M75gvmnXTwSczT0ivC45XCMaHm5UfsFx6m4lEnF5ub9qm
p3b6I3U4fzbDxe9buUV+jljYGDHSvp5Ggusrqmskb5JIUOI57bXbcWXAtXCIc79R
xv4u3p1VCb8DU9sq1kGeCs5rDYZ9f3orFzh3vHTkBDtmOzC2IbBY4dUWgllfXbgr
mTKOUuL5P17n4cwOlRjKTMhyXPxPIXaWUnzuvWFX2d0U3vgs6I2L+6WVR05lakJV
O3OY3X4F9de5TFjVPlnExFtxrMuHb70/Z+A0W8KEIjdqb1DnaNwSr8Kg3wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFwBxsmBNxg2Qte8KdxeRmzDc5DtMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvWEFIR3lZRTNHRFpDMTd3cDNGNUdiTU56a08wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAQIkdMA0G
CSqGSIb3DQEBCwUAA4IBAQBWkmzHmNR2mmzi8B2zjn65lqr4atS2GSmGNH4IHJZY
MNFZqKitZt/Zf8dMwBgi/MDmWTYx8AtDjTD+qG5+l/NF0VxIMd2x85BCJ7vVyn+p
l7SKxNLc8PveeRXabugFGyqaGpP8idC3bJ+sSFO/bALWbOTTBd2SqZMlnyyz5GHf
3gQIkAIYDK6xRZMTyKAglJmbmUHXrIGHTUyyOTIumd3zX5B/NdssXDxciKGu/QGY
W9KBclFKdRSh8Cqt57Hb3HZ/GJXbLMLifNa66FQ5ojxew9bj8UPTA7wrUGO6SMiP
fry/7BilLj+EjbTDitto+YPiLAVCx93AGyionEF5pXow
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:03 2024 by rpki-client on console-fra.rpki-client.org