Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/woz4SuaaGMir50um3D9aesTVuoM.roa
File:                     woz4SuaaGMir50um3D9aesTVuoM.roa (raw, json)
Hash identifier:          1EA3gaA9ZvGH+h1+n1eFkpZcREZX093mdwGP7SaYT/M=
Subject key identifier:   C2:8C:F8:4A:E6:9A:18:C8:AB:E7:4B:A6:DC:3F:5A:7A:C4:D5:BA:83
Certificate issuer:       /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial:       018866CD35BA1EFACE035610236A52DB7DA7
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/woz4SuaaGMir50um3D9aesTVuoM.roa
Signing time:             Mon 29 May 2023 09:18:24 +0000
ROA not before:           Mon 29 May 2023 09:18:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     3507
IP address blocks:        64.137.33.0/24 maxlen: 24
                          64.137.47.0/24 maxlen: 24
                          64.137.51.0/24 maxlen: 24
                          64.137.55.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 31 May 2023 16:53:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:66:cd:35:ba:1e:fa:ce:03:56:10:23:6a:52:db:7d:a7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
        Validity
            Not Before: May 29 09:18:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c28cf84ae69a18c8abe74ba6dc3f5a7ac4d5ba83
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:fc:48:19:5a:39:68:07:02:c8:b7:c4:4e:93:
                    a7:39:1d:ed:68:34:7d:f4:aa:9c:29:6e:ab:f9:59:
                    a2:f7:61:88:be:86:75:53:c4:6e:76:13:64:c2:34:
                    9c:0b:b7:c4:d5:67:fe:fa:55:4d:07:ad:9a:8b:24:
                    03:fe:fa:5e:68:89:93:31:0c:18:8f:a4:cb:9b:cf:
                    38:dc:d5:03:61:f5:39:94:a7:a1:3f:d8:39:d3:77:
                    c6:39:92:50:9a:2d:01:99:e7:98:a4:8f:c2:0b:67:
                    c6:43:12:4d:ad:13:48:eb:03:23:6c:f4:b4:c7:2f:
                    c6:78:bb:47:fe:95:d5:68:cb:f2:6e:dd:49:85:95:
                    ac:fb:3e:1e:6f:4e:be:03:32:82:a3:67:1e:c7:97:
                    7d:ca:97:2c:cd:ac:46:4a:9e:bd:45:ad:07:c8:df:
                    22:ce:6c:c1:66:6e:a6:55:38:e2:51:db:08:2b:7a:
                    4b:e1:ac:74:95:70:81:54:e0:4e:4d:dd:57:ba:b5:
                    31:40:ea:46:44:88:c2:5f:f8:8c:5c:df:a5:2d:91:
                    63:c0:55:3c:95:fb:0e:ff:95:14:79:b3:41:ef:64:
                    c1:71:fd:95:34:08:16:89:18:a8:7a:0f:73:15:55:
                    5f:31:0c:85:ca:bb:55:e5:90:26:93:f1:a5:66:b6:
                    b2:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:8C:F8:4A:E6:9A:18:C8:AB:E7:4B:A6:DC:3F:5A:7A:C4:D5:BA:83
            X509v3 Authority Key Identifier:
                keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/woz4SuaaGMir50um3D9aesTVuoM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  64.137.33.0/24
                  64.137.47.0/24
                  64.137.51.0/24
                  64.137.55.0/24

    Signature Algorithm: sha256WithRSAEncryption
         22:9b:4e:7b:64:1d:06:bd:a9:e1:ca:37:08:a9:68:d7:6e:94:
         20:4f:75:99:4a:35:95:b2:66:01:5b:34:46:a4:d3:6d:09:de:
         19:28:77:27:d4:26:98:f2:9e:b2:84:72:50:bf:a1:3d:75:5b:
         46:51:68:ac:77:8c:af:17:13:b1:f0:b4:ad:4f:6c:46:b4:b2:
         37:43:66:4d:9d:e3:9a:83:8f:f7:ac:8d:11:ab:78:e5:bb:ab:
         5c:b7:6d:5b:ef:82:b0:2d:b0:48:59:dd:5f:0b:8b:0c:d8:23:
         94:d3:e3:1f:ac:ad:67:50:a0:b0:c9:bd:0f:72:0c:6c:f4:d8:
         e0:fa:69:a6:3d:cd:66:af:df:4e:db:14:15:45:b4:6b:1b:d8:
         be:14:2e:77:a1:f1:3e:c8:60:30:4e:f8:0c:80:8a:89:56:a0:
         ad:20:59:29:8c:de:3e:4f:a9:7b:b2:ed:d2:94:7a:45:3b:0c:
         e4:22:96:22:63:8f:2b:6b:61:ed:79:42:c7:56:a7:90:0e:6b:
         46:b4:77:29:68:b5:0d:2d:e9:42:eb:08:42:66:20:88:96:95:
         f6:a9:c5:04:76:c7:a8:dc:00:3a:49:87:d8:a6:8c:1b:4b:94:
         ec:f1:23:f1:53:ae:bd:56:73:dc:b2:20:4c:8e:ec:a0:a1:5a:
         60:b6:c1:33
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYhmzTW6HvrOA1YQI2pS232nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjMwNTI5MDkxODI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjhjZjg0YWU2OWExOGM4YWJlNzRiYTZkYzNmNWE3YWM0ZDViYTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqPxIGVo5aAcCyLfETpOnOR3taDR9
9KqcKW6r+Vmi92GIvoZ1U8RudhNkwjScC7fE1Wf++lVNB62aiyQD/vpeaImTMQwY
j6TLm8843NUDYfU5lKehP9g503fGOZJQmi0BmeeYpI/CC2fGQxJNrRNI6wMjbPS0
xy/GeLtH/pXVaMvybt1JhZWs+z4eb06+AzKCo2cex5d9ypcszaxGSp69Ra0HyN8i
zmzBZm6mVTjiUdsIK3pL4ax0lXCBVOBOTd1XurUxQOpGRIjCX/iMXN+lLZFjwFU8
lfsO/5UUebNB72TBcf2VNAgWiRioeg9zFVVfMQyFyrtV5ZAmk/GlZray6QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMKM+ErmmhjIq+dLptw/WnrE1bqDMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvd296NFN1YWFHTWlyNTB1bTNEOWFlc1RWdW9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAQIkhAwQA
QIkvAwQAQIkzAwQAQIk3MA0GCSqGSIb3DQEBCwUAA4IBAQAim057ZB0GvanhyjcI
qWjXbpQgT3WZSjWVsmYBWzRGpNNtCd4ZKHcn1CaY8p6yhHJQv6E9dVtGUWisd4yv
FxOx8LStT2xGtLI3Q2ZNneOag4/3rI0Rq3jlu6tct21b74KwLbBIWd1fC4sM2COU
0+MfrK1nUKCwyb0Pcgxs9Njg+mmmPc1mr99O2xQVRbRrG9i+FC53ofE+yGAwTvgM
gIqJVqCtIFkpjN4+T6l7su3SlHpFOwzkIpYiY48ra2HteULHVqeQDmtGtHcpaLUN
LelC6whCZiCIlpX2qcUEdseo3AA6SYfYpowbS5Ts8SPxU669VnPcsiBMjuygoVpg
tsEz
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:03 2024 by rpki-client on console-fra.rpki-client.org