Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/Z22L8YNletSWJfKSYZ-51E7claY.roa
File:                     Z22L8YNletSWJfKSYZ-51E7claY.roa (raw, json)
Hash identifier:          l9TbKZ0kbPRmwUi3hcotFoM5hWegIZQR2P2sSqipzRA=
Subject key identifier:   67:6D:8B:F1:83:65:7A:D4:96:25:F2:92:61:9F:B9:D4:4E:DC:95:A6
Certificate issuer:       /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial:       0185CFA298369C4BE1203C07594E32923D6E
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/Z22L8YNletSWJfKSYZ-51E7claY.roa
Signing time:             Fri 20 Jan 2023 14:43:37 +0000
ROA not before:           Fri 20 Jan 2023 14:43:37 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     133944
IP address blocks:        216.173.87.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 03 Feb 2023 16:50:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:cf:a2:98:36:9c:4b:e1:20:3c:07:59:4e:32:92:3d:6e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
        Validity
            Not Before: Jan 20 14:43:37 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=676d8bf183657ad49625f292619fb9d44edc95a6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:2d:4b:f4:16:52:00:2c:57:11:dd:d1:a1:3b:
                    19:be:6e:84:b0:dc:06:d5:e5:b9:bb:28:96:f1:3d:
                    92:a1:7e:3b:fd:3a:fd:a2:24:2a:48:7f:e7:1c:54:
                    a1:32:47:46:c0:10:36:1f:98:93:38:f9:19:10:e0:
                    07:0a:de:de:2f:8d:be:17:66:ba:dd:56:4d:f9:64:
                    8c:86:03:bc:d2:30:b7:95:0d:5c:aa:55:c8:2e:14:
                    9c:20:f4:a1:60:1f:7f:61:a4:df:bc:7b:26:fc:05:
                    75:e4:81:0d:12:07:2c:f9:91:24:a5:45:db:30:e2:
                    3e:c0:f8:92:35:3e:58:ae:a2:83:1a:d3:ed:6d:fd:
                    3e:16:f3:8a:c0:f8:68:d7:c8:65:26:21:85:7e:9b:
                    58:78:cf:01:d4:e6:59:2f:a0:15:10:e0:32:00:09:
                    1c:0c:0f:75:00:6b:57:63:07:52:ad:2f:df:ad:87:
                    97:27:de:a2:4f:53:27:13:fa:43:1b:b8:f5:08:5c:
                    5a:1e:a8:a7:b3:e1:f3:8f:38:f9:6c:4e:ff:95:84:
                    93:31:fd:5b:be:0c:fd:ca:41:98:89:eb:4d:96:92:
                    7a:43:f4:3a:77:27:ed:9b:2f:31:77:ac:0a:3d:5b:
                    ab:cb:a7:11:59:4f:b6:06:44:3c:16:e2:5e:d7:85:
                    8c:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:6D:8B:F1:83:65:7A:D4:96:25:F2:92:61:9F:B9:D4:4E:DC:95:A6
            X509v3 Authority Key Identifier:
                keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/Z22L8YNletSWJfKSYZ-51E7claY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  216.173.87.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2e:4d:5a:a3:f5:e6:3d:3e:93:1f:97:39:f2:b4:52:4e:c2:62:
         e6:80:0f:bc:21:55:3e:11:ae:01:c7:ca:8c:5a:cf:96:e5:9c:
         df:9a:3d:a5:7d:c8:d0:fe:ce:75:a0:c6:76:d9:7e:c0:f8:34:
         20:09:5e:d3:3d:2b:15:fa:18:1f:d5:07:d0:83:4e:4a:d3:08:
         77:d5:af:59:27:d2:29:f7:28:40:98:8d:0b:6c:fe:c8:c1:bf:
         52:8b:d2:3d:fe:d2:94:f9:3f:5c:62:2d:89:7b:a5:13:7a:6c:
         bd:d5:5a:94:88:93:7c:1b:61:2b:58:f7:39:cb:2a:6e:d1:23:
         b4:1a:50:af:21:27:a4:1f:fd:38:7f:6f:5a:6e:3a:39:22:01:
         95:7b:29:41:50:c3:6d:40:43:2e:9e:b9:a7:ab:77:2d:89:cb:
         b6:2b:95:3c:60:88:5d:37:f2:6c:a1:06:7d:20:0c:45:b7:bc:
         e3:15:98:90:67:cd:23:2c:89:8c:72:68:fa:0a:fa:64:a1:95:
         66:3e:df:33:0c:e7:eb:73:10:cc:ee:c8:a9:14:ca:95:5a:a2:
         6d:37:e0:59:48:16:5b:9f:98:32:56:71:3a:ee:4d:e5:16:31:
         f7:5d:88:9c:53:a3:54:0a:85:88:f5:9a:19:a8:8a:71:af:bd:
         5e:85:91:19
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYXPopg2nEvhIDwHWU4ykj1uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjMwMTIwMTQ0MzM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzZkOGJmMTgzNjU3YWQ0OTYyNWYyOTI2MTlmYjlkNDRlZGM5NWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvS1L9BZSACxXEd3RoTsZvm6EsNwG
1eW5uyiW8T2SoX47/Tr9oiQqSH/nHFShMkdGwBA2H5iTOPkZEOAHCt7eL42+F2a6
3VZN+WSMhgO80jC3lQ1cqlXILhScIPShYB9/YaTfvHsm/AV15IENEgcs+ZEkpUXb
MOI+wPiSNT5YrqKDGtPtbf0+FvOKwPho18hlJiGFfptYeM8B1OZZL6AVEOAyAAkc
DA91AGtXYwdSrS/frYeXJ96iT1MnE/pDG7j1CFxaHqins+Hzjzj5bE7/lYSTMf1b
vgz9ykGYietNlpJ6Q/Q6dyftmy8xd6wKPVury6cRWU+2BkQ8FuJe14WMmwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGdti/GDZXrUliXykmGfudRO3JWmMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvWjIyTDhZTmxldFNXSmZLU1laLTUxRTdjbGFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2K1XMA0G
CSqGSIb3DQEBCwUAA4IBAQAuTVqj9eY9PpMflznytFJOwmLmgA+8IVU+Ea4Bx8qM
Ws+W5Zzfmj2lfcjQ/s51oMZ22X7A+DQgCV7TPSsV+hgf1QfQg05K0wh31a9ZJ9Ip
9yhAmI0LbP7Iwb9Si9I9/tKU+T9cYi2Je6UTemy91VqUiJN8G2ErWPc5yypu0SO0
GlCvISekH/04f29abjo5IgGVeylBUMNtQEMunrmnq3cticu2K5U8YIhdN/JsoQZ9
IAxFt7zjFZiQZ80jLImMcmj6CvpkoZVmPt8zDOfrcxDM7sipFMqVWqJtN+BZSBZb
n5gyVnE67k3lFjH3XYicU6NUCoWI9ZoZqIpxr71ehZEZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:45 2024 by rpki-client on console-ams.rpki-client.org